, , , , , , , , , , , , ,

A few days ago Readdle launched a new eMail client – Spark – which (once more) promises to make eMails “much faster and enjoyable”.

Uncontested they put a lot of love and effort into their new application. But before you download it and start to type in your login data, let’s have a second thought. As we will see the use of (not only) this app is not completely unquestionable…

What is this Cassandra about?

One fact a lot of users are not aware of is that these applications copy your account information to their servers – and if your eMail provider doesn’t offer OAuth, this will be your eMail login and password!

Why do they do that? Because they want to compete against other eMail clients and be able to send you notifications about new messages in your inbox (in view of productivity this is counterproductive anyhow).* And in contrast to Apple or Google they can only find out about these if they log into your account.

Another fact is that application development and server maintenance costs (a lot of) money. And since these apps are offered for free, ask yourself: What is the business case behind all of this? Big data comes to mind…

Why should I care?

Of course the app makers assure that they work with the most advanced and secure solutions to protect your login data. Readdle even claims to store these credentials on Amazon AWS (but at the latest if they want to use them they have to transfer them to their own server again).

But even assumed your passwords are safe – maybe it is just against your employer’s policy to hand out the login data of your company eMail account to third parties!

Now about the business case. If you spend money on the one hand and do not charge users for your software and services on the other, you have to think about alternative sources of capital (or your company will not last very long). This market law even applies in the Ukraine (Readdle) or Russia (my.com).

What Google does with Gmail is to parse (read) your eMails to a) display fitting ads and b) complement your personality profile (to display even more fitting ads later). As we all (should) know Google is making good money with advertising.
So connect the dots: These app makers will be able to read your eMail…


If you like the advanced features of third party eMail clients but do not like to share your login data, take a look at “Dispatch: Email meets GTD”. They guarantee they “do not store your credentials anywhere else besides in the secure keychain of your device” in their Privacy Policy. So the statement “No push notifications for emails (no plans for it)” in the app description is not a shortcoming, in view of security it’s a good thing!


App Store Dispatch on the App Store

* In a recent blog post Readdle stated this could be disabled in a future version.

More Info regarding privacy on the named apps:
Spark: https://readdle.com/blog/2015/06/how-we-handle-your-account-information-in-spark/
myMail: http://www.reddit.com/r/Android/comments/210mce/update_mymail_has_responded_regarding_the/
Mailbox (german): http://www.iphone-ticker.de/wir-bleiben-skeptisch-dropbox-tocher-mailbox-spricht-deutsch-69755/