All FnContact forms include the ability to enable PGP encryption to ensure end-to-end privacy and security.
PGP (Pretty Good Privacy) is a public key encryption system used to ensure data is transmitted securely and only accessible to it's intended recipient.
Enabling PGP for a contact form allows your users to be confident that their message will be transmitted securely and that only YOU will be able to read it. It also provides you with the assurance that no one intercepted the message, since each message is encrypted in the user's browser and decrypted in yours.
Our goal is to make PGP useful and accessible for everyone - without needing to understand or use the complicated underlying tools. We use the excellent KBPGP.js library for browser-based PGP key generation and encryption/decryption. All processing is handled locally in the browser, so no passphrases or unencrypted data is ever sent to us. Once a message is encrypted, no one can decrypt it except you.
In a nutshell, here is our process for implementing PGP for your contact form:
The most important aspect when using PGP is to keep your private key safe, secure and in your control. Since FnContact is a web application, we need to store your private key on our servers so that we can send it back to you when you login. However, because your private key is encrypted with a passphrase before being initially transmitted to us, we have no way to unlock it and therefore no way to decrypt your messages. Only you can decrypt your messages.
To see how we generate PGP key pairs in your browser, check out our PGP Key Pair Generator.
If you have questions, concerns or would like more information about our PGP implementation, please contact us.