Come next year, Yahoo Mail users can expect their messages to be vastly more secure.
On Thursday, Alex Stamos, a security researcher for Yahoo (YHOO) announced the company would develop an encrypted email system that will let users send messages to other Yahoo users, as well as Gmail users, that only the sender and recipient can read. This enhanced form of security will begin rolling out as an option for users in the fall.
Yahoo’s security measures follow on the heels of recent steps by Google (GOOG) to encrypt users’ email. According to The Wall Street Journal, Yahoo will rely on a kind of PGP encryption, which hasn’t been cracked. Previously, most email services stored data like user names and passwords, but PGP goes one step further by storing unique security keys on users’ actual devices.
Yahoo and Google offer the two most widely-used email services on the Web today, accounting for 600 million-plus users combined, according to ComScore. The news that both companies plan to encrypt email marks a significant effort to ramp up security after Edward Snowden leaked information from the National Security Agency last year revealing — among other eye-opening secrets — the vulnerabilities in tech companies’ data practices. Yahoo and Google’s so-called “end-to-end” encryption efforts will help protect users’ sensitive data from the prying eyes of hackers, the government, even the Webmail services themselves. Web companies are increasingly competing for users based on security and publicly bragging about their extra protections to gain an advantage, or at least keep those in place from defecting.
Google, in particular, isn’t stopping with email. On Wednesday, the company disclosed in a blog post that it is now taking into account whether Web sites use encrypted HTTPS connections, and that those that do could appear higher in Google search results.
“For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS,” wrote Zineb Ait Bahajji and Gary Illyes, both of whom are webmaster trends analysts for Google.
Regardless, the long-term message is abundantly clear: the more secure your site, the better your search ranking and the higher your chances of increased Internet traffic. Eventually, the webmaster and the web surfer wins.