Those "message centers" aren't just about security, they're also about compliance. For example, insurance companies need to be HIPAA-compliant which requires that they can only send health-related info to other HIPAA-compliant systems, which means signing a BAA (a contract) with those other systems. There's no way to do that with email (your insurance company can't sign a contract with every potential email host in the world, and they don't even know where the email will ultimately end up after they send it) so practically speaking, they're not legally allowed to send any health info via email.

It's extremely difficult to accurately identify which emails have health info and which ones don't (even something like a person's name or IP address could count depending on the context) so they just default to sending everything through their message center. No amount of email security could change that.

To have secure email I think html /css should be dropped from email support and the inbox should work on an invite only basis. Basically you should pre-authorize the senders just like you add someone as friend on a social network.

I called my bank for some info recently. They can't email it to me, but they _can_ send it through postal mail. Should be arriving any time next week.

I'm sure there's a sum of compliance reasons why this is not allowed, but it doesn't make any sense at all.

Those secure messaging platforms make it damned near impossible to make a backup. I've seen medical clinics delete messages that would have bad for them in court.

As such, I tell anyone who sends me one to fuck off and send a real email.

My bank does a PUSH notification that is "Please log into the app to read an important message", which is usually just my monthly statement or whatever.

And then also sends an e-mail, which sometimes I confuse and think is ANOTHER message, and log in again....

It has a "Download this message as a PDF" button, which just takes you to a web-browser wrapper....

> I'm all for email being more secure, to the point that organizations (banks, governments, insurance companies) stop creating walled-email alternatives

This will literally never happen. Email doesn't support the features that those messaging platforms need to have, such as recalling messages.

The security layers are also only on the sender part, not on the receiver part, which banks care a lot more about.

I love hearing that I received a "secure message", with no further detail. Straight to trash -- I don't read "secure messages". My inbox is probably more secure.