The sole reason phishing is still so prevalent today is that anyone can email you.
Unsolicited email is a giant security hole that is the root cause of something like 90% of hacks. It’s similar in nature to the single policy that enabled 9/11: pilots were instructed to allow anyone who threatened into the plane’s cockpit. We didn’t conceive of what danger that could cause. By closing this hole (not TSA) we have made it significantly harder to pull off another 9/11.
Anyone can email you, and anyone can run a phishing kit.
Locke’s Secure Inbox solves this problem by creating anonymous email addresses that get locked to receiving email from only the first domain that initiates the conversation. This remarkably simple mechanism establishes a 1-on-1 relationship with each anonymous Secure Inbox you create, thereby stopping anyone else from contacting you there.
Locke forwards emails from the correct domain to your real email, while stopping everything else. Locke’s Secure Inbox works through a remarkably simple and powerful mechanism:
- Create Anonymous Aliases: For every online service, you generate a new, unique, and anonymous email address—a Secure Inbox.
- The Automatic “Lock”: The moment that new address receives its first message, Locke automatically “locks” it to the domain of the sender (e.g., shipping-updates@amazon.com).
- A Secure Channel is Formed: This establishes a permanent 1-on-1 relationship. From that point on, the alias will only accept emails from that specific domain. Any phishing attempt from another domain is automatically blocked, never reaching you.
- Seamless Forwarding: All legitimate emails from the correct domain are instantly forwarded to your real inbox. You don’t have to change your habits or check multiple accounts.
This proactive defense stops phishing before it even starts. Even if an alias is exposed in a data breach, it’s useless to attackers because they can’t email you from their malicious domains.
Post-Quantum Secure Encryption
Security shouldn’t just protect you today. Locke is built on a foundation of post-quantum secure, end-to-end encryption. All of your emails are encrypted by HPKE (Hybrid Public Key Encryption) using the Hybrid X25519/Kyber768 algorithm and encrypt everything with the XChaCha20 AEAD.
How Can I Use Locke’s Secure Inboxes?
Secure Inbox is completely free to use inside Locke ID with one anonymous email address. If you want to take full advantage of our service, we recommend you upgrade to pro for unlimited Secure Inboxes to give your digital identity a clean slate.