What Is the Purpose of the Fingerprint?

Thanks for the email. I do have a question. What is the purpose of the fingerprint? Thanks!

It’s useful as an additional layer of security for people who want to cross-check it.

When you use the Secure Compose option and you enter someone’s email, you can hover over it to see their fingerprints. You can then get them on a phone to confirm that the fingerprint you see is the same as the fingerprint they see in their settings. With this, you can 100% verify that it will be encrypted for the right key.

Another way to confirm this is to send them an encrypted email containing non-sensitive data without cross-checking, then call them to confirm they can open it. If they can, that means it was encrypted for the right key, and you can follow with the real message.

Finally, when you enter someone’s email in the Secure Compose window, it will appear in green if FlowCrypt verifies the ownership of your keys for that email address. Therefore, you don’t really have to verify the fingerprints when writing to someone, unless you want to be extra paranoid.