Data & Email Encryption

Data & Email Encryption

Email Fraud is Becoming Commonplace

We frequently hear about new email scams that are committed to gain access to private information, falsify transactions, steal identities and otherwise perpetuate fraudulent activities.  Even so, we are increasingly tied to our electronic devices to maintain constant communication with people and businesses we know and in some cases we don’t.  We continue to use online email applications to shop, transact business and to communicate with one another.

Many of us are familiar with the term phishing, where fraudsters send emails in an attempt to coax us into providing confidential information such as passwords and account information.  Clever fraudsters can intercept email and glean information that is intended to be kept confidential.  Very clever fraudsters can even access a person’s email account and send actual communications from that account using business and personal contact lists associated with the account.

Without protection, we run the risk of experiencing an email compromise when we least expect it.  Digital certificates can easily and cost-effectively be used to protect email communications from compromise!

Email Signing & Encryption Offers a Variety of Benefits

The term “secure email” can be interpreted in different ways based on how you may wish to secure your email communications.  Depending on the type of certificate used to secure your email, you can achieve a variety of benefits:

  • Ensure the integrity of communications at rest and in transit
  • Confirm to a recipient that the email is definitely from a known sender or email address
  • Lock the contents of a message to prevent tampering during transit

Selecting a Certificate for Securing Your Email

Here are some guidelines that you can use when selecting a certificate for securing your email:

Digital Signing

Digital Signing

Emails can be digitally signed so that the recipient can confirm the identity of the sender.  This can be done in two different ways:

  • If you want the recipients of your emails to know that you as a person signed the email, then you will need to use an identity-based certificate to sign your emails.  Identity-based certificates validate the person who is named in the certificate.
  • If you want the recipients of your emails to know that your email came from a validated email account, then you can use an S/MIME certificate.   S/MIME certificates only validate the email address that is named in the certificate.

Email signing requires a certificate that contains a signing attribute.  When you select a certificate for securing email by using digital signing, IdenTrust will only offer you certificates that contain the signing attribute.

 Learn more about How To digitally sign email communications.

Non-Repudiation

Non-Repudiation

Non-repudiation means that when something is signed using an identity-based credential, that signature is legally-binding and cannot be repudiated or refuted.  Email signing, when non-repudiation is needed, requires an identity-based certificate that contains a non-repudiation attribute.  When you select a certificate for signing email using identity-based certificates that provide non-repudiation, IdenTrust will only offer you certificates that contain the non-repudiation attribute.

Encrypted Email

Encryption

If you have the public key for a recipient, you can also encrypt the contents of the email sent to that individual. 

Likewise, if you would like others to send you encrypted emails, you will need to share your public key with them before they can send you an encrypted email. 

Email encryption requires a certificate that contains an encryption attribute.  When you select a certificate for securing email through encryption, IdenTrust will only offer you certificates that contain the signing attribute.

Learn more about how to encrypt email communications.

Compatible Email Clients

IdenTrust digital certificates integrate seamlessly with a variety of email products including: 

  • Microsoft® Outlook 
  • Microsoft® Outlook for Mac
  • Mozilla® Thunderbird
  • Lotus Notes® Mail
  • Apple® Mail

Learn more about how to use IdenTrust digital certificates with your email client.

Choosing a Certificate for Securing your Email

IdenTrust offers a variety of identity-based certificates that support email signing and encryption.  Your application will help to determine the best certificate option for you.

  • Use a low cost TrustID® S/MIME certificate if only email address validation is required by the recipients of your email communications.  This certificate type does not confirm the certificate holder’s identity; rather, it confirms that individual has access to and control over the email address/account that is associated with the approved certificate. 
  • Use a TrustID® Personal or a TrustID Business certificate when public trust is required.
  • Use a DoD ECA certificate when working with the Department of Defense (DoD).
  • Use an IdenTrust Global Common (IGC) certificate for all other applications requiring a government trusted certificate for secure email.

Deployment Options

IdenTrust offers a self-service model that allows you to purchase certificates via our secure website.  Alternately, IdenTrust offers various products and services to support an enterprise-wide, certificate-based security solution.  To learn more about IdenTrust email signing and encryption solutions, please contact us at [email protected] or call us at 1 (866) 763-3346.