p≡p for Android


This section covers the system requirements, feature list, installation and user guide of p≡p for Android.

System Requirements

  • Mobile phone or tablet with Android version 5.0 and higher

  • E-Mail account accessible through IMAP/SMTP

Feature list

The following features are available in p≡p for Android version 1.1.:

  • Encrypt/decrypt emails and their subjects

  • Store messages encrypted or unencrypted on the server (Untrusted or Trusted server)

  • Compatibility with OpenPGP (as a p≡p user you can communicate with users that use OpenPGP)

  • Passive Mode (public key only attached if the communication partner uses p≡p)

  • Automated, decentralized key management

  • Import Private Keys

  • p≡p Sync, automated synchronization of keys between all your devices using p≡p.

  • Reset

  • Extra Keys

Supported languages

The following languages are supported:

  • Catalan

  • Czech

  • Dutch

  • English

  • French

  • German

  • Slovak

  • Spanish

  • Turkish

User Guide

First steps in p≡p for Android


Before you install p≡p for Android, we strongly recommend to secure your device by all available means.

In order to use p≡p, you need to setup your email account. As soon as the email account is set-up, you can use p≡p without any additional configuration. It is not necessary to change any Android settings for p≡p to work.

At the first start the app will ask you to give some permissions:


Reading contacts permission is to autofilling contacts when writing emails. It’s optional and you can change it anytime. We are not collecting any contacts, everything stays on your device.


Download files permission is there to simply allows you to save attachments from emails to local storage. It’s optional and you can change it anytime.


Now, you will need to add your email account(s). In case you have a Google Account, select “Use OAuth 2.0 token”.


On the next screen you enter the detailed account settings. You should have this information from your email provider or administrator.

IMAP settings


SMTP settings


Account Settings

On this screen you can configure account specific settings, e.g. how frequently p≡p should poll messages from the server. For more information about the last option “p≡p - Trust server and store mails unprotected”, see Store messages securely.


Account Name

On the last screen you can set a name to the account (this is how the account will be displayed in your account list) and also enter your own name (displays on outgoing messages).


After you entered all your account settings, p≡p app will generate private keys. After this step you can immediately send and receive encrypted emails.

p≡p for Android users will now see the ‘Privacy Status icon displayed on top of opened messages. Clicking on the p≡p icon in the Privacy Status will provide additional information on the available trust level.


Sending Secure Emails

After a message from another p≡p user is received and you reply to that message, the Privacy Status on the top of the message is yellow. This means, that this message will be sent encrypted. Please note, that the very first message between two p≡p users will be sent unencrypted.



p≡p consider first part of email address till “”@”” as case sensitive. Domain part is not (F.e. holden@pep.digital is not the same as HOLDEN@pep.digital, however holden@pep.digital is consider to be the same as holden@PEP.DIGITAL).

The Handshake

For general information about the handshake, refer to Handshake.

To perform a Handshake, the Handshake dialog can be opened by clicking the Privacy Status icon. The following window appears:


You can change the language of the Trustwords after touching 3 dots in the top right corner. There is choice of 6 languages: Catalan, German, Spanish, French, Turkish and English.

After comparing the Trustwords with the communication partner through a separate channel, select “Confirm” if the Trustwords match otherwise “Reject” if the Trustwords didn’t match. After you confirmed the Trustwords, the Privacy Status changed to Green (Secure & Trusted).

This step is done once with each communication partner and any future communication remains Green (Secure & Trusted).


Sending a message to multiple people with different Privacy Statuses

When sending a message to more than one person, you simply add the recipients to the message. The Privacy Status bar at the top will show you, if the message will be sent encrypted or not. In the below example you can see that there are 3 recipients. Because only 1 recipient has p≡p or a compatible product installed, the message will be sent unencrypted.


Disable Protection

When the communication partner’s Privacy Status is Yellow (Secure) or Green (Secure & Trusted), the e-mail will automatically be sent encrypted when the user clicks ‘Send’. If the user would like to disable protection on a case by case basis, then the user can do so by long pressing the Privacy Status icon and select ‘Disable Protection’.


The Privacy Status as well as the rating for a communication partner will change from Yellow (Secure) or Green (Secure & Trusted) to Disabled and the message will be sent unencrypted when the user presses ‘Send’.


Sending BCC emails

Currently, p≡p sends messages unencrypted as soon as there is at least 1 recipient in BCC (even if keys of all recipients are available).

p≡p for Android Settings

This section covers all available options related to p≡p email encryption/decryption in p≡p for Android. These options can be opened by clicking the three dots on the top right while you are in a folder and then select “Settings” -> “Privacy”. Further, when an account is selected, there is additional privacy options on account level.


Settings - Global Settings

Global settings are used for all accounts in the app:



Passive mode

By default p≡p for Android attaches your public key to every outgoing email. When passive mode is enabled, p≡p doesn’t attach a public key to outgoing messages unless the communication partner uses p≡p. If you already have a public key from your communication partner, p≡p will encrypt your emails by default.

For more details see Passive Mode.

Unsecure reply warning

Defines if a warning message should be shown, when a formerly encrypted message is forwarded or replied to unsecure.

Reset (all accounts)

This will reset the privacy settings of all your accounts (e.g. revoke your existing key and create a new one).

If you want to do a reset for only one of your accounts, right click the account in the account list above and select “Reset”.

For more details see Reset.

p≡p Sync


Before you sync multiple devices with p≡p Sync, please make sure you have the latest version installed (p≡p for Outlook: 1.1.200, p≡p for Android: 1.1.200, p≡p for Thunderbrid: 1.1.006 Beta, p≡p for iOS: 1.1.207). The latest version of p≡p for iOS is still in review by Apple.

If p≡p Sync is enabled, p≡p will check if other devices are using the same email account and try to build or join a device group. p≡p Sync ensures that all messages can be decrypted on all devices.

For more details see p≡p Sync.

Protect message subject

When sending messages between p≡p users, the subject is always encrypted (in transport). However, when “Protect message subject” is disabled, p≡p will decrypt the subject of messages stored in the mailbox and save the subject unencrypted.

Further, when “Protected message subject” is disabled, the subject of messages sent to PGP users will not be encrypted at all.

For more details see Protect message subject.


If the user does not wish to use a key of a PGP communication partner anymore, then the user can enter the fingerprint of the key and add it to the blacklist. Please note this affects only PGP contacts, p≡p users won’t be affected by this blacklist.

Hide timezone

If enabled, the UTC timezone will be used instead of the timezone of your location in the mail headers.

Account Settings - Privacy

Account settings can be configured for each account individually:

p≡p privacy protection

Defines if p≡p privacy protection is enabled for the selected account or not. For more details see Enable p≡p privacy protection.

Store messages securely

Store server side e-mails protected (encrypted with own private key). When you disable this feature, p≡p will trust the server and keep all your emails stored on the server unencrypted.


This will reset the privacy settings of the current account (e.g. revoke your existing key and create a new one).

For more details see Reset.

PGP Key Import


In case your device is member of a device group, please proceed with the following steps before starting the key import:

  1. Disable p≡p Sync on all devices of the group before starting the import process.

  2. Import the key on ALL devices.

  3. Switch on p≡p Sync after the manual key import worked on all devices.

  • Go to Settings

  • Select the account for which you want to import the key

  • Select Privacy

  • Select PGP Key import from filesystem

  • Select the key you want to import and follow the instructions on the screen

The key is then set as default key. However, p≡p still manages keys automatically, thus, the key might change in the future (e.g., when doing a reset). Please be aware that you can import only “.asc” files.


After the import p≡p will use your key to encrypt and decrypt messages. Please be aware that p≡p automates the key management and your key may change (e.g. after a reset, when joining a device group or when a key expires). Even if p≡p starts using another key, old keys will always be kept to ensure that all messages can be decrypted.

If you already have a PGP Key that you wish to use, you can do though by importing the key into p≡p.

In case your device is a member of the device group, you’ll need to disable p≡p Sync on every device connected to the same device group before you can import the private key.

After the import p≡p will use your key to encrypt and decrypt messages. Please be aware that p≡p automates the key management and your key may change (e.g. after a reset, when joining a device group or when a key expires). Even if p≡p starts using another key, old keys will always be kept to ensure that all messages can be decrypted.

Please be aware that you can import only “.asc” files.

First you need to load your private key to the local file system of your phone. Refer to the manual of your phone manufacturer on how to do this. Then, follow the steps below:

Use a passphrase for new keys

By default p≡p does not use a passphrase for new keys. If you want to use a passphrase for new keys enable “Use a passphrase for new keys”. Once enabled, p≡p will ask for a passphrase when new keys are generated. If you want to create new keys straight away, go to the p≡p Account settings and “Reset All Identities”.