Atomic Mail
Atomic Mail is an end-to-end encrypted email service operated by AtomicMail Systems OÜ, a company incorporated under Estonian law and headquartered in Tallinn, Estonia. The service was founded in 2024 by a team of cybersecurity professionals and privacy enthusiasts.
Atomic Mail employs client-side encryption using a proprietary protocol based on ECIES (Elliptic Curve Integrated Encryption Scheme) and AES-256, combined with a zero-access architecture in which the service provider cannot decrypt user data. Account recovery uses a BIP39-compliant seed phrase system rather than phone numbers or secondary email addresses, eliminating the need for personal data collection during registration.
The service is available via web browser and through native applications for iOS, Android, Windows, and macOS. Atomic Mail operates on a freemium model: a free tier includes core encryption features and unlimited storage with up to 10 email aliases, while the paid Atomic Mail Plus subscription provides additional tools including AI-powered email assistance.
As of December 2025, the service reported over 1 million registered accounts and approximately 150,000 monthly active users. The company currently has no external funding and is privately held, with revenue generated through its paid subscription tier.
Background and founding
AtomicMail Systems OÜ was established in 2024 in Tallinn, Estonia, by a group of technologists and privacy advocates with backgrounds in cybersecurity and software development.
The founding team's stated motivation was to create an email platform that combined strong encryption with an intuitive user experience, making privacy accessible to non-technical users. The project began development in 2024, initially as an alpha-stage product available to early testers.
Launch and early development
In 2025 Atomic Mail was publicly launched as a beta product. The launch announcement described it as a next-generation encrypted email platform designed to address concerns over digital privacy and cybersecurity threats. At launch, the service offered its web-based client with end-to-end encryption, zero-access architecture, email aliases, and the BIP39 seed phrase recovery system.
The launch received coverage from Yahoo Finance, which described the platform as combining encryption technology with user-friendly design, and TrendHunter, which noted its emphasis on making encryption accessible to a broader audience.
In the months following launch, the company released a mobile web version of the service, followed by standalone native applications for iOS, Android, Windows, and macOS. A public product roadmap for Q2–Q3 2025 was published, outlining planned features including dark mode, custom domain support, biometric login, Hide My Email functionality, and premium short aliases.
Growth and milestones
By December 2025 the company reported 1 million registered accounts and approximately 150,000 monthly active users. In its "2025 Wrapped" retrospective, the company characterized the year as a transition from early alpha to stable beta, citing improvements in reliability, speed, and feature completeness.
Key milestones in 2025 included the launch of the Atomic Mail Plus paid subscription tier, the introduction of an AI features suite, and the deployment of native applications across all major platforms. The company also made its first public conference appearance at the function1 Conference in Dubai.
Until September 2025, Atomic Mail was funded by initial investors and stakeholders. As of early 2026, no external venture capital funding rounds have been publicly disclosed.
Overview
Atomic Mail employs a multi-layered encryption architecture, described in a publicly available security whitepaper (Version 1.0, October 2024). The system uses client-side encryption processes and a zero-knowledge infrastructure for encrypted emails, meaning that encryption and decryption occur exclusively on user devices and Atomic Mail's servers cannot access message content or private keys.
Data in transit is protected using TLS 1.3. Data at rest on Atomic Mail's servers, including email metadata and attachments, is encrypted using AES-256.
Atomic Encryption protocol
Emails sent between Atomic Mail users are encrypted end-to-end using a proprietary protocol called "Atomic Encryption," based on the Elliptic Curve Integrated Encryption Scheme (ECIES). The process operates as follows:
When a sender composes an email, a random secret key is generated locally on their device. This key is used to encrypt the email content using AES-256. For each recipient, the secret key is then encrypted using the recipient's public key via ECIES (with public keys generated according to the Ethereum 0x standard). The fully encrypted email, along with the individually encrypted secret keys, is transmitted via SMTP. The recipient uses their private key to decrypt the secret key, which is then used to decrypt the email content.
Password-encrypted emails
For external recipients who do not use Atomic Mail, users can select "Password Encryption." The email content is encrypted locally on the sender's device using AES-256-CBC, with the encryption key derived from a user-set password processed through the scrypt key derivation function. The encrypted content is stored in Atomic Mail's Decryption Service, and the recipient receives a link via SMTP. Upon entering the shared password, the content is decrypted locally on the recipient's device. Senders can also set expiration dates and password hints.
Zero-access encryption
Atomic Mail operates under a zero-knowledge policy: the service stores only encrypted data and cannot access the contents of user emails, even if compelled by legal process. Decryption keys are not stored on Atomic Mail's servers; they reside exclusively on user devices.
Key management and account recovery
During registration, the following process occurs: the user sets a password, which is processed using scrypt to generate a cryptographic key. The user's BIP39-compliant seed phrase is encrypted using AES-256-CBC with this derived key. The password itself is hashed using SHA-256 before being stored. Neither the plaintext password nor the unencrypted seed phrase is ever transmitted to or stored on Atomic Mail's servers.
Upon login, the user's password is hashed and verified against the stored hash. If successful, the encrypted seed phrase is sent to the user's device and decrypted locally. The service also supports two-factor authentication (2FA) via one-time codes.
Attachment encryption
File attachments are encrypted using AES-256-CBC before being transmitted to Atomic Mail's servers.
Email aliases
All accounts include up to 10 free email aliases under the atomicmail.io domain. Aliases function as full-featured email addresses that can both send and receive messages with the same encryption capabilities as the primary address. The Atomic Mail Plus plan provides up to 15 aliases.
Premium short aliases (1–4 characters in length) are available as a paid feature, starting at $5/month.
Hide My Email
The Hide My Email feature, available to Atomic Mail Plus subscribers, allows users to generate unique, randomly created email addresses on demand for use with online services. These addresses are receive-only and can be disabled or deleted at any time. Users can create up to 150 Hide My Email addresses.
AI email tools
Atomic Mail Plus includes a suite of AI-powered tools: an email writing assistant and rewriter ("Help Me Write" and "Help Me Answer"), inbox summarization, grammar and tone correction, email translation, text-to-speech for listening to emails, voice-to-text for dictating emails, and an AI security assistant that scans drafts for sensitive content and recommends encryption.
The company states that its AI features cannot access end-to-end encrypted content and that user emails are not used to train AI models.
Spam and phishing protection
The platform includes AI-powered spam and phishing filtering. The company describes its filter as operating without scanning message content for advertising purposes.
Anonymous registration
Account creation requires only a display name and chosen username. No phone number, secondary email address, or other personally identifiable information is collected during sign-up.
Cross-platform availability
Atomic Mail is accessible via web browser and through standalone native applications for iOS, Android, Windows, and macOS. The apps support biometric login via fingerprint and facial recognition. Synchronization is maintained across all platforms.
Pricing
Atomic Mail operates on a freemium model. The free plan includes full email functionality, end-to-end encryption, zero-access encryption, unlimited storage, up to 10 email aliases, and an ad-free interface.
Atomic Mail Plus, the paid subscription tier, adds features including the full AI suite, Hide My Email (up to 150 addresses), 15 email aliases, premium support, and access to purchase short aliases. The company states that core security and privacy features will remain free indefinitely.
Payments are processed through Stripe, Google Pay, and Apple App Store in-app purchases. As of early 2026, the company has announced plans for forthcoming individual, team, and business/enterprise subscription plans with features including custom domain support, admin panels, and productivity tools such as calendar and calling integration.
Infrastructure and data centers
Atomic Mail's servers are located in Germany, within ISO 27001-certified data centers. The company is headquartered in Tallinn, Estonia. This infrastructure arrangement places user data under European Union privacy regulations, including the General Data Protection Regulation (GDPR).
Jurisdiction and data requests
As a company incorporated in Estonia, Atomic Mail operates under Estonian and European Union data protection law. According to its Terms of Service, Atomic Mail will only disclose user data in response to a valid court order issued by Estonian judicial authorities.
The company states that it does not collect personal data, does not perform user profiling, and will not cooperate with any voluntary surveillance programs. Due to its zero-access encryption model, Atomic Mail maintains that it is technically unable to access the contents of encrypted emails even if compelled by court order.
GDPR compliance
Atomic Mail is GDPR-compliant, allowing users to delete their accounts, export their data, and benefiting from the minimization of personal data collection. The security whitepaper and privacy policy are publicly available on the company's website.
Limitations and criticism
The service does not currently support IMAP, SMTP, or POP3 protocols for integration with third-party email clients. The company has stated plans to introduce these protocols in 2026, but no specific release date has been confirmed.
Atomic Mail does not support Pretty Good Privacy (PGP) encryption, limiting interoperability with users of other encrypted email services that rely on PGP.
The service does not yet offer post-quantum cryptography, a feature that competitor Tuta introduced via its TutaCrypt protocol in 2024 to protect against future threats from quantum computing.
User reviews on Trustpilot (rated 3.0 out of 5 based on 28 reviews as of early 2026) and app store listings have cited issues including email deliverability problems, occasional login difficulties, and the service being blocked or unrecognized by some third-party platforms during registration. These issues are consistent with the service's beta status. The company has been responsive to reviews, attributing some issues to VPN interference and temporary technical problems.
While the company claims regular third-party security audits, the results have not been publicly disclosed, making independent assessment of the platform's security posture more difficult compared to competitors that publish audit reports (such as Proton Mail's Securitum audit).
Custom domain support is not yet available, although it has been announced as a planned feature.
Comparison with other encrypted email providers
The following table compares key features of Atomic Mail with several of its primary competitors in the encrypted email market:
Feature |
Atomic Mail |
Proton Mail |
Tuta |
Gmail |
|---|---|---|---|---|
Founded |
2024 |
2013 |
2011 |
2004 |
Headquarters |
Tallinn, Estonia |
Geneva, Switzerland |
Hanover, Germany |
Mountain View, California, U.S. |
E2EE protocol |
ECIES + AES-256 |
RSA + AES-256 + PGP |
AES-256 + RSA-2048 / TutaCrypt |
TLS in transit; AES-256 at rest; CSE/S/MIME (Workspace only) |
Blockchain-level E2EE |
Yes (ECIES, BIP39) |
No |
No |
No |
Zero-access encryption |
Yes |
Yes |
Yes |
No |
Anonymous sign-up |
Yes (no phone/email) |
Partial (may require SMS) |
Yes (no phone/email) |
No (phone usually required) |
Ad-free |
Yes |
Yes |
Yes |
No (free tier); ad-free in Workspace |
No data tracking/mining |
Yes |
No IP logs by default |
Yes |
No (data used for product features) |
Phishing & scam protection |
Advanced AI filters |
Basic filters |
Basic filters |
Advanced ML/AI filters |
Account recovery |
BIP39 seed phrase |
Recovery phrase |
Recovery code |
Phone / recovery email |
Open source |
No (planned) |
Partial (clients open) |
Yes (GPLv3) |
No |
IMAP/SMTP support |
No (planned 2026) |
Yes (via Bridge) |
No |
Yes |
Free storage |
Unlimited |
1 GB |
1 GB |
15 GB (shared with Google account) |
Free aliases |
10 |
1 (+ hide-my-email) |
1 (personal plan) |
"+" tag aliases (same address) |
AI tools |
Yes (Plus plan) |
Yes (Scribe, paid) |
No |
Yes (Gemini; advanced features paid) |
PGP support |
No |
Yes |
No |
No native (third-party only) |
Custom domains |
Planned |
Yes (paid) |
Yes (paid) |
Yes (paid, via Workspace) |
Mobile apps |
iOS, Android |
iOS, Android |
iOS, Android, F-Droid |
iOS, Android |
Desktop apps |
Windows, macOS, Linux (planned) |
Windows, macOS, Linux |
Windows, macOS, Linux |
Web only (no native desktop app) |
Sources: Company websites, security documentation, and published feature lists. Information current as of early 2026.
Reception
Atomic Mail received press coverage at launch from Yahoo Finance, which described it as combining encryption with user-friendly design, and TrendHunter, which noted its focus on making encryption accessible to a wider audience.
Research.com published a review in February 2026, noting the platform's ECIES-based encryption protocol and privacy-first architecture, while observing that the service was still in an active development phase with formal subscription plans pending.
On the Apple App Store, the Atomic Mail app holds a rating of 4.3 out of 5 based on 110 ratings as of early 2026. On Trustpilot, the service has a score of 3.0 out of 5 based on 28 reviews, with positive feedback on encryption features, alias support, and the ad-free experience, alongside criticism of email deliverability and login issues.
On Slashdot, a user review described the service as having ease of use and end-to-end encryption as strengths, but noted the absence of dark mode (since added), lack of email whitelisting, and incompatibility with some third-party account services.
Industry tracker Tracxn listed Atomic Mail as ranking 43rd among 243 active competitors in the end-to-end encrypted email space as of early 2026, with Proton Mail, Egress, and Virtru identified as top competitors.
Future development
According to the company's published roadmap and public statements, planned features for 2026 and beyond include:
- Custom domain support for individuals and businesses
- IMAP/SMTP protocol support via an encryption bridge
- Team and business/enterprise subscription plans with admin panels
- Calendar and calling integration
- Expanded privacy-first productivity platform beyond email
- Potential future open-sourcing of parts of the platform
The company has described its long-term vision as extending Atomic Mail from a secure inbox into a broader, privacy-first productivity platform.
See also
- Comparison of mail servers
- Comparison of webmail providers
- Email encryption
- End-to-end encryption
- Proton Mail
- Tuta