End-to-end encryption in web browser is not possible. Protonmail, Hushmail etc. are subject to Javascript backdoors.
Still, I trust Protonmail's reputation and transparency.
Besides the web issue, the same critique I have in the FAQ on WhatsApp applies to Protonmail. You have to trust the public key that Protonmail gives you for the recipient, and so it can easily position itself as a MITM. That, unless you check key fingerprints against the recipient's. But if you have to do this, it is no longer an easy process.
Again: I'd much rather trust Protonmail than installing unknown software. If Protonmail ever compromises their core principles, they won't survive.
Yet, you would expect the recipient to sign up with Protonmail? I think that a recipient is more likely to install an app than create an account online somewhere.
For the average phone user, you're probably right. For a security conscious user, I don't think so.
He knows that he can easily delete it as soon as he is done using it.
If you've installed malware, it's safe to assume it's still there after you try to delete it. That's why I don't like installing unknown software outside a controlled environment (such as a VM or spare laptop). I've setup my spare laptop to wipe and reinstall it in minutes, and I use this when dealing with untrusted Forkcoin wallets. I can't do that on my phone, and even spare phones are less easy to properly wipe and use again.
Guessing 3 out of 10,000 is like 1 out of 3333, and that's harder than guessing a sequence of 11 flips of a coin. It's good enough for a bank apparently.
The difference is that a bank also requires a piece of hardware to go with the PIN. If the Lookup ID is public, that's like handing out your bank card to random strangers to try their luck.
I could have made the PIN 6 digits long
The problem is still the same: there will be a 3 in a million chance for someone to find the private key I sent. That's an unacceptable risk.
Apple and Google do not allow this for mobile apps. They also don't allow cheating (i.e. charging off the app and then using some kind of coupons). But if they will eventually add a feature to pay for in-app purchase by crypto, then you will be able to.
I've
never used Google's app payment system, and I never will. Again, I guess I'm not the average user here, but I refuse to pay for small pieces of software on a small screen when I have complete open source operating systems with loads of software at my disposal free of charge.