With cyber threats on the rise, organisations are increasingly turning to secure communication solutions to safeguard their data. We compare two popular choices of secure email software, Zivver and Mailock.
In this review, we compare the secure email services offered by Zivver and Mailock by taking a look at their core features and benefits, including:
Outbound email security: Essential features you should be looking for when considering secure email solutions are encryption strength, authentication method, and email recall. Both solutions also offer additional features to boost the security of outbound comms.
User experience and integrations: When introducing a new solution within your organisation and to your customers, you want the process to remain as frictionless as possible. In this guide, we compare the integrations that both Zivver and Mailock offer, alongside the user experience for both senders and recipients.
Customer support and price: Receiving ongoing support for the solutions you implement can be an important factor for many businesses. We compare the customer support that Mailock and Zivver offer, while also looking at the pricing they set for both products.
Zivver | Mailock | |
Encryption | RSA 2048 | AES 256 |
Verification | Choice of SMS, access code, or email authentication. | Choice of SMS, Q&A, email authentication, and Unipass authentication. |
Secure file transfer | Send up to 5TB from O365 and Gmail. Recipients receive and download files as normal. | Send up to 10 attached files in line with classic email size limits. Recipients receive and download files as normal. |
Email recall | Fully revoke an email from a recipient’s inbox. | Fully revoke an email from a recipient’s inbox. |
Auditing | Data logging provides an in-depth view of email performance, including emails sent, opened, forwarded and more. | A comprehensive audit trail enables users to track sent emails, email open/unopens, previously set identity verification processes, and email revoke calls. |
Contextual correction | Pre-configured rules, powered by machine learning, to spot potential errors such as an incorrect recipient or attachment. | A pre-configured set of trigger words that prompt the user to send securely if found present within the email subject and/or body. |
Integrations | Offers an add-in for Microsoft Outlook and Chrome plugin for Gmail. | Offers an add-in for Microsoft Outlook and an integration with Unipass ID. |
Customer support | Online and pre-recorded demo video. Netherlands-based support. | 1-to-1 live demo and a 2-week free trial available. UK-based support. |
Pricing | Starting from £7.47 per user per month, billed on a yearly basis. | Free account available, paid licences starting from £9.30 per user, billed monthly. |
Zivver is a secure communication platform designed to protect sensitive data shared by email. Its primary focus is on providing a set of security tools to prevent data leaks caused by outbound emails.
Zivver's key features include message encryption, large file transfer, two-factor authentication, email retraction, and an activity dashboard with custom reports and analytics.
Administrators can use audit and communication logs to track user activity, gain insights, and report data incidents to authorities.
Zivver is based in Amsterdam, and is primarily focused on helping enterprises within the healthcare, legal, and government sectors.
Mailock, developed by Beyond Encryption, is a secure communication solution aimed at safeguarding outbound email communications.
Its core features of end-to-end encryption, recipient authentication, email revoke, a full audit trail, and bulk delivery capabilities make Mailock a strong contender for businesses of all sizes to protect their email comms and adhere to industry regulations.
Mailock places a strong focus on usability, ensuring users with different levels of digital knowledge can seamlessly integrate and use the software with existing email systems.
Based within the UK, Mailock has strong industry ties with the financial and legal sectors, while also catering to a range of other industries.
Zivver offers a range of tools within their solution to protect confidential emails:
Email messages and attachments should always be encrypted to prevent interception and other cyber threats.
Zivver uses RSA 2048 to encrypt messages and attachments. For every new user that creates a Zivver account, a new public/private key pair is generated.
The user’s public key is stored in the Zivver platform for later use to encrypt files and messages.
Recipients of Zivver messages must go through a two-factor authentication (2FA) process before they can access content they receive.
Zivver offers different types of recipient authentication, including:
Verification by access code - The sender creates and shares with the recipient a unique code which can be used to open Zivver messages.
This code can be created on an individual or organisational level.
Zivver recommends that this code is shared during a phone call or in-person correspondence and is not e-mailed, as this would allow malicious actors who have gained access to an inbox to retrieve secure messages.
Verification by SMS - If the sender knows the phone number of the recipient, they can choose to have an SMS code sent to their device.
The recipient must then input this code into a form to open their message. Unlike access code authentication, SMS codes are generated by Zivver and do not need to be created by the sender themselves.
Verification by email - Zivver sends an automatically generated access code by email, which the recipient can input to open their Zivver message.
This is generally considered to be the least secure method of authentication, as anyone who manages to gain access to the recipient’s inbox can use the code to open the secure message.
Zivver Verification - When sending to an individual who also has a Zivver account, the recipient is automatically allowed access to their message and does not have to pass a verification process.
Zivver offers a secure file transfer service, allowing large files containing sensitive data to be sent securely using an existing email client.
Zivver facilitates file sizes of up to 5TB, which can be attached to secure messages sent within Gmail, M365 or Outlook.
This may appeal to users who are currently inhibited by the file size offered by most email clients.
Zivver messages and attachments have the capability to be revoked after they have been sent to a recipient.
Revoking a message will directly remove it from the inboxes of all recipients, including those who have been added in the CC and BCC fields. For this to be used, the Zivver Office Plugin must be installed and used by the sender, with the secure mailing feature switched on.
An expiration period can also be applied to Zivver messages by which the recipient, or both the recipient and sender lose access to the emails after a set amount of time has passed. This feature helps users to comply with their organisation’s data retention policy.
Zivver utilises machine learning to help users catch potential errors.
This includes when a user is about to send a message to an incorrect recipient or has attached the wrong document to an outgoing email.
The system also scans emails for keywords that may suggest the content is sensitive or confidential in nature and recommends that the user sends the message securely.
This feature is only available to those on a Professional licence or higher. Plus, reviews from several users advise that this system is still very much a work-in-progress, with the content-checking capability reported to be quite sensitive.
“One limitation of this software is that it still struggles with certain aspects of natural language processing, such as understanding sarcasm, irony, and context-dependent language. This can sometimes lead to inaccurate or inappropriate responses, especially in more nuanced or complex conversations.’
— Capterra reviewer
Zivver provides a simple interface, allowing users to easily send and receive secure messages.
It also supports integrations with third-party platforms, allowing users to incorporate the solution into existing email clients such as Gmail and Microsoft Outlook.
Zivver users with a Professional licence can choose to embed the software with their existing workflows by downloading a dedicated Office plugin or Chrome extension, or simply by logging into their online portal.
Users can appoint administrators within the Zivver software, who have the ability to set up company-level branding and custom text on notification messages.
Those on an Ultimate licence can also turn on proof-of-delivery reports, notifying senders of the status of outbound messages and whether they have been opened or not.
When breaking down the product experience for paid users, we can see that Zivver has an average Capterra score of 4.1/5.
Many reviews emphasise Zivver’s ease of use and onboarding process. However, this simplicity comes with some rigidity in terms of customisation.
“Zivver is an out of the box solution, customisation therefore can be quite challenging.”
— Capterra reviewer
Zivver customers have also reported that they have had issues integrating with existing databases, such as those containing patient phone numbers, which can add friction when needing to authenticate recipients using SMS.
When considering the recipient experience, people who receive Zivver messages don’t need to make an account to read or reply to them. However, if they want to compose their own secure messages rather than replying to an existing email, they will need to set up an account.
Zivver provides its customers with comprehensive customer support, supplying them with training guides, documentation, and tutorials, as well as dedicated technical assistance.
Zivver has 3 licence types which are billed annually or on a 3-year term, with contracts for multiple licences over a 3-year period giving companies a 20% discount. The licence types are:
Start - for occasional users, with an equivalent monthly payment of £7.47 per user per month. Allows users access to their encryption, email revoke, recipient authentication and large file transfer features.
Professional - for regular users, with an equivalent monthly payment of £10.38 per user per month. Allows users to access everything in the Start licence, plus Outlook and Gmail integrations, machine learning, shared mailboxes, and custom notifications.
Ultimate - for enterprise users, with an equivalent monthly payment of £16.60 per user per month. Allows users to access everything in the Start and Professional licences, plus default message expiration, single sign-on, domain claiming, and proof of delivery features.
Mailock is a comprehensive industry solution that is utilised by companies of all sizes, from small businesses to large enterprises, to protect confidential communications with a range of security tools:
Mailock uses end-to-end AES 256 email encryption to secure messages and attachments sent through the system, with users able to attach up to 10 documents to their secure messages.
AES 256 encryption uses a 256-bit key and is one of the most secure levels of encryption available on the market, while also being an NSA standard for classified information.
Mailock messages are encrypted both in transit and at rest, with an advanced key management system ensuring that messages are unable to be decrypted by anyone except the intended recipient.
Mailock users can set authentication challenges, verifying their recipients, and ensuring that only the right people can access sensitive messages.
Mailock offers a range of authentication processes for users, including:
SMS - Mailock users can automatically generate a numeric code that is sent to the recipient's mobile device. This must be entered into the Mailock system in order for the recipient to access their secure message.
Q&A - Mailock users can ask their recipient a question that only they would know the answer to. When the recipient correctly enters the correct answer, they can read and reply to their secure message.
Unipass ID - For financial professionals and organisations that use Unipass, Mailock allows recipients to verify their identity using Unipass ID.
Identity challenges offer an extra level of protection against the threat of misdirected emails and unauthorised inbox access.
Auditing is a vital component of compliance in regulated industries.
Mailock is specifically designed with compliance in mind, providing a full audit trail which enables users to review the identity verification process set for messages, and who has opened, or failed to open, Mailock emails.
Mailock users can easily and immediately revoke any of the messages they have sent securely, blocking recipient access to emails sent in error and reducing the risk of a data breach.
Senders can also receive read notifications directly to their mailbox, allowing them to be aware of when their messages are opened by recipients and follow up at the right time.
The Mailock system comes with a preconfigured set of keywords, which, if found within a user’s outgoing message or subject line, will prompt the user to activate encryption and send their message securely.
These predefined words can be customised by administrators to align with the organisation's information security policy - a ‘clear box’ approach for companies that require a higher level of control over their security.
Mailock is consistently praised for its ease of use and simple implementation process.
The system is created to be usable by a variety of demographics and skill sets and is even suitable for those with a low level of technical ability.
"I gave it to one of our less technical members of staff. They worked with it well, gave it good feedback, and found it easy to use. That was a big winner for me.”
— Tony Cartwright, Operations Supervisor
Mailock prioritises the recipient experience, offering end users the ability to read and download attachments from secure emails without the need to register for a free account.
For those who want the ability to reply and send their own secure messages, Mailock offers a free licence with unlimited replies and 5 free sends a month (an email with multiple recipients counts as one send).
When it comes to integrations, Mailock integrates with Microsoft 365 using a dedicated Outlook add-in. For those in financial services, Mailock also allows financial professionals to verify their identity using their Unipass ID.
The Mailock read experience can be personalised by administrators. They can set up their company branding and this will be applied to all outbound Mailock messages.
Beyond Encryption has a UK-based support desk for all Mailock customers, receiving an average rating of 4.9/5.
All potential customers are offered a one-to-one demo with a member of the team, as well as a 2-week trial to see if the system is right for them.
“Sometimes when you get new systems and you’re trying to set them up, you think ‘Oh my god I wish I’d never bothered!’ But, once we’d had the demo with Carole and she told us how to set it up, it was a simple process.”
— Deb Owen, Administration Manager
Mailock has 3 licence types that are billed at a monthly rate. This cost reduces as the licence quantity scales. The 3 licence types are:
Free - for ‘once in a while’ sends. Allows users access to their encryption, Q&A email authentication, Outlook add-in, and read notification features.
Pro - for professionals and teams, starting at a monthly payment of £9.30 per user per month. Users have access to all the features in the Free licence, plus SMS and Unipass authentication challenges, company branding, trigger words, audit trails, and message recall.
Enterprise - for high volume protection, with variable pricing depending on the package needed. Users have access to all the features in the Pro and Free licence, plus advanced delivery analytics, API control and monitoring, a choice of on-premise or cloud deployment, and automated/bulk sending.
Find out more about Mailock pricing and plans.
When it comes to secure communication solutions, every business has different requirements to protect internal data and their customers’ personal information.
Both Zivver and Mailock are reliable options. Let’s summarise the key differences:
Zivver - Has larger file transfer size capabilities and offers machine learning business rules. However, these corrective measures are new and causing some friction with existing customers. Does not offer automation for enterprise email delivery.
Mailock - Has a significantly stronger encryption type, offers a unique integration with Unipass ID for financial services companies, offers bulk send capabilities and flexible monthly billing, with UK-based support and a dedicated demo and trial period.
How we reviewed: In comparing Zivver and Mailock, we conducted a detailed analysis focusing on key aspects of secure email services. Our review looked at their encryption standards, authentication methods, and email recall capabilities, crucial for outbound email security. We also evaluated the user experience, including ease of integration with existing systems and recipient handling. Finally, we assessed the customer support and pricing models of each provider. By exploring these elements, we aim to provide a clear, comprehensive comparison to help you choose the most suitable secure communication solution for your organisation. |
Sam Kendall, 07.06.24
Sabrina McClune, 07.06.24