End-To-End Encryption

By Ryan Oldenburg on

Pushbullet now supports end-to-end encryption for Notification Mirroring, Universal copy & paste, and SMS. This has been a popular request for quite a while now so we’re really happy to be adding support for it.

Using Pushbullet to see your notifications and texts on your computer is extremely convenient. In order to enable this, however, Pushbullet needs to forward some of your personal data between devices.

We know how important keeping this information private is, which is why we’ve alway used secure connections (https) like Gmail and Amazon. Secure connections do have a shortcoming for us though, the data is still visible to Pushbullet. To help you protect your privacy and ensure that nobody but you can read your data, we’ve added support for end-to-end encryption.

End-to-end encryption means your data is encrypted before it leaves your device, and isn’t decrypted until it is received by another of your devices. This means we at Pushbullet only forward encrypted data. By setting up end-to-end encryption, you can be confident that your data is only readable when it’s shown to you.

The best part of all of this is that protecting your privacy doesn’t mean giving up features. Everything you love about Pushbullet still works great even with end-to-end encryption set up!

Awesome, I’ve been waiting for this! How do I set it up?

Setting up end-to-end encryption is easy. All you need to do is pick a password and enter it on each device. We use this password to derive a key that’s used to encrypt your data. Your password isn’t stored and it’s important that we don’t know what it is, so you’ll need to do this manually for each device you have.

To enter your password, go to the Settings screen of each of our apps. The new setting is labeled End-to-end encryption.

Quick note: Today, end-to-end encryption is supported in our Android v16.5.4+, Chrome v264+, and Windows desktop app v360+. iOS is support is ready for our next update submission and Mac will be coming as soon as possible. Opera, Safari, and Firefox will be submitted shortly, after confirming things are working great in Chrome.

Sounds great! Can I get some technical details?

Data is encrypted using AES-256 with GCM authentication. The password you enter is not stored and is used to derive an encryption key using PBKDF2.

We use symmetric encryption and your key isn’t sent to the server (there isn’t any server involvement at all).

We hope you’re excited to set up end-to-end encryption. Let us know what you think in the comments below!