Can I use my GPG Suite key in PGPony?

Yes. In GPG Keychain, right-click your key → Export → check "Include secret key in exported file" → save as .asc. Open the file on your iPhone or Android device (AirDrop or any cloud transfer) and PGPony will offer to import it. Same fingerprint, same key, same identity on both devices.

Is GPG Suite still free?

GPG Keychain (key management) and the underlying GnuPG engine remain free. GPG Mail — the Apple Mail integration — requires a paid Support Plan after a 30-day trial. The Support Plan costs roughly €24 per year as of writing.

Does PGPony replace GPG Suite?

No, and it's not trying to. PGPony is the mobile companion. GPG Suite stays on the Mac with Apple Mail integration and macOS Services. They share the same key format and the same standards.

Will my keys sync automatically between Mac and iPhone?

Not by default — and that's intentional. Automatic key sync requires a server in the path. PGPony uses iCloud Keychain on iOS (Apple's end-to-end encrypted store) so keys generated on iPhone can appear on iPad. To go between Mac (GPG Suite) and iPhone (PGPony), you export and import once. Five minutes, lifetime of use.

What about YubiKey / smartcard support on iPhone?

GPG Suite supports YubiKey on macOS via the standard GnuPG smartcard interface. PGPony does not yet support hardware tokens on mobile — that's the headline feature of the planned v6.0 release. Until then, mobile workflows use software-only keys.

Does PGPony support OpenPGP v6 the same way GnuPG 2.4 does?

PGPony handles v6 (RFC 9580) keys for import, decryption, and signature verification today. v6 generation and encrypting to v6 recipients are planned for v6.0. GnuPG 2.4 has similar staged v6 support and is the desktop reference.

I encrypt files with GPG Suite. Can PGPony decrypt them?

Yes. PGP files are PGP files. Anything GPG Suite encrypts — text, binary, attachments — PGPony decrypts identically as long as the recipient key is on the phone. The reverse is also true: encrypt on the phone, decrypt on the Mac.

// pgpony vs gpg_suite

PGPony vs GPG Suite.

GPG Suite is the de facto OpenPGP toolkit on macOS — GPG Keychain for key management, GPG Mail for Apple Mail integration, GPGServices for system-wide encrypt/decrypt. PGPony is the same idea for iOS and Android. They aren\'t competitors; they\'re a pair. Use both with the same key.

// the short version

Use both. GPG Suite stays on your Mac for desktop encryption, Apple Mail integration, and YubiKey support. PGPony goes on your phone for everywhere else. Export your key once from GPG Keychain, import into PGPony, and the same identity follows you.

At a glance.

	PGPony	GPG Suite
Platform	iOS 17.6+, Android 8.0+	macOS only
Price	Free	GPG Keychain free; GPG Mail requires Support Plan (~€24/yr) after 30-day trial
License	Proprietary, audited open crypto libraries	Mixed: GnuPG (GPL), GPG Mail (commercial)
Key generation	Ed25519 + Curve25519 (default), RSA	Ed25519, RSA, ECC
OpenPGP v4 (RFC 4880)	Full	Full
OpenPGP v6 (RFC 9580)	Import, decrypt, verify (gen in v6.0)	Staged support via GnuPG 2.4+
Apple Mail integration	No (uses Share Sheet)	Yes (GPG Mail plugin)
System-wide encrypt/decrypt	Share Sheet on iOS, Intent on Android	macOS Services menu (anywhere)
YubiKey / smartcard	Planned for v6.0	Yes
Biometric unlock	Face ID / Touch ID / fingerprint	macOS keychain prompt only
QR code key exchange	Yes	No
WKD lookup	Yes	Yes
Best for	Phone use, on-the-go, cross-platform identity	Desktop email encryption on a Mac

Honest tradeoffs.

Where GPG Suite wins

Apple Mail integration is best-in-class. GPG Mail hooks directly into Mail.app — inline encrypted-message rendering, recipient key suggestions, signing as you compose. Nothing on mobile (yet) matches this depth of native mail-client tie-in.
System-wide services. Right-click anywhere in macOS → Services → Encrypt Selection. Works in TextEdit, Notes, browser address bars, any text field. iOS and Android have Share Sheet / Intent equivalents but they\'re not as ambient.
Hardware tokens. YubiKey, Nitrokey, OpenPGP smartcards — all supported through the standard GnuPG smartcard interface. Mobile lacks this until PGPony v6.0 ships.
Power-user tooling. GPG Keychain exposes every detail of a key — subkey expiration, signing chains, key edit ceremonies. PGPony surfaces the 80% that matters; the other 20% lives on the Mac.
The reference for interop. GnuPG is what every other PGP app is tested against. If something works in GnuPG, it works.

Where PGPony wins

You can take it with you. GPG Suite is your desk. PGPony is your pocket. Decrypt an email at the bus stop, sign a release on the road, verify a fingerprint at a conference. macOS doesn\'t come on the train.
Free, with no Support Plan upsell. GPG Mail\'s shift to a paid Support Plan in 2018 caught a lot of users off-guard. PGPony is free with no IAPs, no subscriptions, no "Pro" tier.
Biometric unlock. Face ID before opening the app, with an optional second prompt per decryption. macOS\'s keychain prompt works but feels less seamless than tap-and-go on a phone.
QR code key exchange. Hand someone your public key by scanning a QR — useful at meetups, when sharing with non-PGP users, when fingerprints are too tedious. No equivalent in GPG Suite.
Modern defaults. Generate a key in PGPony and you get Ed25519 + Curve25519 by default. GPG Suite still defaults to RSA-2048 or RSA-4096 in some flows, though Ed25519 is available.
Android too. If your team is mixed iPhone/Android, PGPony covers both. GPG Suite covers neither.

Using them together.

The real workflow most users land on: GPG Suite on the Mac, PGPony on the phone, same key on both. Here\'s the five-minute setup.

In GPG Keychain on your Mac, right-click your key → Export. Check "Include secret key in exported file". Save as mykey.asc.
Transfer the file to your phone. AirDrop works on iOS; on Android, Files app over a cable or any cloud sync. Treat the file like a password — delete the intermediate copy after.
Open the file on your phone. iOS / Android will offer to open it with PGPony. Confirm import.
PGPony will prompt for the passphrase that protects the private key. Enter it. The key is now in PGPony with the same fingerprint, same UIDs, same subkeys.
You can now encrypt on either device and decrypt on the other. Sign on the Mac, verify on the phone. Same identity, two interfaces.

From this point, public-key exchange continues however you do it normally: WKD lookup, keys.openpgp.org, fingerprint verification in person, QR scan (only PGPony does this). Both apps speak the same standard, so any new recipient key works in both immediately.

The technical bits.

Both apps implement OpenPGP — GPG Suite via GnuPG 2.4+, PGPony via Bouncy Castle on Android and a Swift implementation on iOS that\'s been validated against the GnuPG reference for interop on Ed25519, Curve25519, RSA, and DSA keys.

On the modern algorithms — Ed25519 signing, Curve25519 encryption, AEAD-OCB sealing — both produce bit-identical output to GnuPG 2.4+. PGPony has been round-tripped extensively with GnuPG\'s test vectors during development.

OpenPGP v6 (RFC 9580, 2024) is the standard\'s modernization. PGPony imports v6 keys, decrypts messages encrypted to v6 recipients, and verifies v6 signatures. v6 key generation and encrypting to v6 recipients are the headline features of PGPony v6.0, alongside hardware-token support. GnuPG 2.4 has similar staged v6 support today.

The verdict.

Choose GPG Suite if You\'re primarily on a Mac and want Apple Mail integration. Pay for the GPG Mail Support Plan if Mail.app is your main email client. If you only need GPG Keychain (key management) without Mail integration, it\'s still free.
Choose PGPony if You need PGP on a phone. Period. There is no GPG Suite for iOS or Android.
Use both if You have a Mac and a phone. This is what most PGP users actually do. Export your key from GPG Keychain once, import to PGPony once, then forget about app boundaries and just use your key.

Try PGPony

Free. No accounts. No tracking. Works with everything that speaks OpenPGP.

Download on the App Store

Get it on Google Play