Home>Email Encryption Solutions and Applications

Email Encryption Solutions and Applications

Email leaks and fraud have become a global and increasingly serious security issue, and there are a variety of solutions on the market, but they are not satisfactory.

One security specialist said, “To catch up with modern threats - network boundary blur and device untrusted, we need to focus less on defending systems and more on defending the data itself.” This is also the fundamental point of our solution: In addition to traditional email system security protection measures, we should focus more on protecting the email content itself.

How to protect email content? Every email is encrypted in the whole journey. All emails are encrypted into ciphertext before being sent out and being transmitted to the receiver’s mail server in ciphertext. The email content in ciphertext is stored in both side email servers. Only in this way can the email be guaranteed not be afraid of being leaked!

How to encrypt email? NIST SP 800-177 “Trustworthy Email” - Security Recommendation 5-4: Do not use OpenPGP for message confidentiality. Instead, use S/MIME with a certificate that is signed by a known CA. Security Recommendation 4-11: Use S/MIME signatures for assuring message authenticity and integrity. Security Consideration 7-2: Enterprises should establish a cryptographic key management system (CKMS) for keys associated with protecting email sessions with end users. The UK government website – Securing government email guidance: You should only use message-based encryption like PGP or S/MIME occasionally for transfer of sensitive information as it’s inefficient and provides a poor user experience.

MeSince®, a free email client that uses S/MIME standard to encrypt and digitally sign email, supports cross-platform (Windows, Android, and iOS). MeSince installs and configures the S/MIME encrypting certificate and signing certificate (Identity Certificate) automatically, encrypts and digitally signs every email automatically and timestamps every outgoing email automatically, assures the message authenticity and integrity. Anyone can send encrypted email as usual, it is a non-inductive encryption solution, zero knowledge about encryption. It can meet all the needs of individual users and organization users for the security of emails.

MeSince® is not only an email client, but also with its support system and CA certificate system, MeSince has solved the headachy S/MIME’s inefficient and poor user experience problem completely. MeSince, lets every email be encrypted automatically to eliminate email leak. MeSince, lets every email has an identity automatically to eliminate email fraud. MeSince perfectly make the email encryption become easy to use, no cost, automated, end-to-end, so it is not only for email encryption, it can be used in many scenarios for message encryption applications. There are:

  • 1.Government email encryption solution
  • 2.E-government system notification email encryption solution
  • 3.Enterprise email encryption solution
  • 4.The email encryption application in mobile financial payment system
  • 5.The email encryption application for public to protect privacy
  • 1.Government Email Encryption Solution

    Government email must be secure, this is indisputable. Both the government agency and the contractor of the government email system will do their utmost to ensure the security of the mail system. However, email security incidents are still emerging, and there have been many "email gate" security incidents. This make the industry think about the problem - how to protect the email? and what is the most effective solution?

    To ensure the security and confidentiality of government email, the content of the email itself must be encrypted. Encrypt each government email to ensure the confidential, add a digital signature to every outgoing email to ensure the credibility, prevent counterfeiting, and add a timestamp to every outgoing email to ensure the time of sending email is credible.

    Government agencies simply deprecate the current used email client software and use MeSince® to achieve full encryption, end-to-end encryption and fully automatic encryption, as well as fully automatic digital signature and timestamp. At the same time, we recommend that government agencies deploy their own cryptographic key management system (KM) to fully control their encryption keys to meet the high security requirements of government email security.

    Using MeSince for end-to-end email encryption will enable government agencies to truly implement mobile working, which not only meets the urgent needs of mobile working, but also meets the high security requirements for government email.

    As shown in the following figure, in order to ensure that the encryption key is highly secure and controllable, the government agency only needs to connect the plug-and-play KM device to the intranet. All staff’s computers and mobile devices must be able to connect to KM device to get the encrypting certificate private key. After successfully obtaining the encrypting certificate, the email encryption can be used normally. Remote office staff must be able to connect to KM device via VPN. KM devices cannot access the Internet and are limited to employee computers and mobile devices access in intranet to ensure the device and private key security. Of course, government agencies can also build their own CA without using the MeSince default CA.

    In other words, MeSince encryption solution allows government agencies to achieve complete and autonomous control of confidential emails by simply managing and controlling the encryption key even the application environment is untrustworthy.

    For more detail of this solution, please contact us.

  • 2.E-government System Notification Email Encryption Solution

    Now most countries government agencies are making every effort to implement all government services online, and the application result notification is either going to the city hall to take paper documents or sending an email to notify the results and related electronic documents. Some simply linked to social APP to send notification messages to citizens. The biggest security issue for these solutions is to send a message containing citizen's confidential information in plain text, revealing the private information, and giving the network attacker an opportunity to bring immeasurable property damage or personal safety threats.

    The most reliable solution is to send the encrypted email to the citizens for the government affairs results information and release the government notices, including personal social insurance information, utility payment information, traffic violation notices and various types of government information, to fully implement government information delivery is paperless and encrypted, to enhances the digital service security and credibility.

    How does the government system send encrypted emails? MeSince® provides the API for e-government system, free of charge, that e-government system can retrieve the public key of the recipient's encrypting certificate, then e-government system can automatically encrypt and send various government notification information email and various public service information emails to the citizen securely.

    And MeSince® API also provides an interface for checking if a user’s email is using MeSince, if it is not used, the API will return NO, then e-government system shall send an unencrypted email to the user to inform the user how to download and install MeSince® to receive the encrypted email, then the system can send the encrypted email to citizen.

    MeSince APP is completely free. It supports Windows, Android and iOS. Citizen can decrypt the e-government system delivered encrypted email in just a few minutes by downloading and installing the MeSince APP, ensuring the security of government information.

    As shown in the following figure, MeSince maintains a global public key certificate database (CerDB). The innovation technology enables the MeSince API to provide government agencies with the encrypting certificate public key for all email addresses, ensuring that the e-government system can seamlessly send encrypted notification emails to all citizens.

    For more detail of this solution, please contact us.

  • 3.Enterprise Email Encryption Solution

    In recent years, email attacks against enterprises have increased, and many large companies have suffered heavy losses. Therefore, enterprise email security is also an urgent problem to be solved. Now, many enterprise email systems have been migrated to the cloud and directly use cloud service providers' cloud email service. How to ensure that email content in cloud email server will not be illegally used and compliance is an urgent problem to be solved, and employees mobile working and use own device and other related issues are a big challenge to enterprise email security.

    We believe that the most effective email security protection is to protect the content of the email itself, whether it is using a self-built email system or a cloud email service. To ensure the security and confidentiality of enterprise email, the content of the mail itself must be encrypted. Encrypt every outgoing email to ensure the confidential, add a digital signature and timestamp to every outgoing email to ensure the credibility, prevent fraud email, and ensure that the time of sending email is credible.

    Enterprise simply deprecate the current used email client software and use MeSince® to achieve full encryption, end-to-end encryption and fully automatic encryption, as well as fully automatic digital signature and timestamp. At the same time, we recommend that enterprise deploy their own cryptographic key management system (KM) to fully control their encryption keys to meet the high security requirements of email security.

    Using MeSince for end-to-end email encryption will enable enterprise to truly implement mobile working, which not only meets the urgent needs of mobile working, but also meets the high security requirements for enterprise email.

    As shown in the following figure, in order to ensure that the encryption key is highly secure and controllable, enterprise only needs to connect the plug-and-play KM device to the intranet. All staff’s computers and mobile devices must be able to connect to KM device to get the encrypting certificate private key. After successfully obtaining the encrypting certificate, the email encryption can be used normally. Remote office staff must be able to connect to KM device via VPN. KM devices cannot access the Internet and are limited to employee computers and mobile devices access in intranet to ensure the device and private key security. Of course, enterprise can also build their own CA without using the MeSince default CA.

    In other words, MeSince encryption solution allows enterprise to achieve complete and autonomous control of confidential emails by simply managing and controlling the encryption key even the application environment is untrustworthy.

    For more detail of this solution, please contact us.

  • 4.The Email Encryption Application in Mobile Financial Payment System

    At present, mobile payment is a popular public service in the financial field, but its security issues are constantly emerging, and security threats are becoming increasingly serious. Mainly reflected in two aspects: First, mobile payment authentication relies on SMS verification code; Second, various financial bills and reset account password hyperlink are sent by plain text email.

    For the first security issue, the SMS verification code can be intercepted by the pseudo base station or intercepted by malware on the mobile phone, this suffered a loss of money. SMS verification code has changed from the out-of-band authentication method in PC Internet era to the in-band authentication method in mobile Internet era. In this way, SMS verification completely loses the technical foundation that can be used as an authentication method! NIST SP 800-63B “Digital Identity Guidelines” – “out-of-band authentication using the PSTN (SMS or voice) is deprecated, and is being considered for removal in the future editions of this guideline”

    For the second security issue, it is obvious that the financial bill or statement contains many sensitive and confidential information, and the use of plaintext email is very easy to be illegally stolen and the bank user suffers property damage, which not only hurts the user but also causes the reputation of the financial institution suffers an irreparable loss. Therefore, some banks have used plain text email to inform users to log in to the bank's official website for safe viewing. Some banks use the social network to send important bill. These are a compromise method.

    A better solution is to send verification code through encrypted email instead of SMS; retrieve account passwords or reset account passwords by encrypted email; send financial bill and statement to users via encrypted emails with digital signature to help users effectively identify fraudulent emails; and provide online customer service by encrypted email.

    How to send encrypted email? The financial system could call the MeSince® API to obtain the public key of the user's encryption certificate, then the system can automatically encrypt and send the financial bill and statement, notification information and various public service information in encrypted emails to the users, thereby ensuring the security of the user's confidential information.

    And MeSince® API also provides an interface for checking if a user’s email is using MeSince, if it is not used, the API will return NO, then financial system shall send an unencrypted email to the user to inform the user how to download and install MeSince® to receive the encrypted email, then the system can send the encrypted email to users.

    MeSince APP is completely free. It supports Windows, Android and iOS. Bank users can decrypt the bank system delivered encrypted email in just a few minutes by downloading and installing the MeSince APP, ensuring the security of bank information.

    As shown in the following figure, MeSince maintains a global public key certificate database (CerDB). The innovation technology enables the MeSince API to provide financial institution with the encrypting certificate public key for all email addresses, ensuring that the financial system can seamlessly send encrypted notification emails to all users.

    For more detail of this solution, please contact us.

  • 5.The Email Encryption Application for Public to Protect Privacy

    At present, the mobile Internet has been widely used, and the security problems that follow have become more and more serious. The most prominent security problems are two aspects: First, all personal confidential information is almost in a “streaking” state, and the use of big data generated by individual in an uncontrolled manner has brought about the big problem of personal privacy information protection. Second, various important emails from government agencies, financial institutions, public service organizations, enterprises and individuals are all “streaking”.

    According to statistics, there are 3.7 billion email users worldwide, and 269 billion emails are sent every day. They are basically plain text postcards, which are very easy to be intercepted illegally, thus revealing a large amount of personal privacy information and organization confidential information, leading to various network security incidents, frequent and causing loss of property, and even endangering people's health and safety.

    MeSince®, completely free, automatically encrypts all information without any usage threshold. If the user encrypts every email using MeSince, the user no longer has to remember N passwords. Just remember the email account password and the encryption certificate password. Other passwords and all confidential information can be encrypted and saved in user’s mailbox.

    MeSince®, the first email client globally that encrypt every outgoing email automatically as default, provides a technology tool to protect the private information conveniently. We recommend all Internet users to use MeSince® to send and archive confidential information to protect privacy information from being stolen. MeSince®, the first email client globally that digitally sign and timestamp every outgoing email automatically as default, provides a technology tool to prevent email fraud. We recommend all Internet users use MeSince® to send all email with digital signature to show email real identity, ensuring that your emails are not impersonated and very easy to identify fake identity emails and fraudulent emails.

    We call on all Internet users say "NO" to plain text email and send every email with encryption. we call on all Internet users say "NO" to non-identity email and send every email with digital signature. we call for a rethinking of the pros and the cons in convenience and privacy loss the Internet brings us, and a return to the original intention of the Internet – a decentralized and secure Internet.

    Let us take an immediate action now, beginning from encrypting and signing every email, to effectively protect personal and organizational confidential information, and collaborate with continuous efforts to enhance the global Internet security for a better Internet and a better world.

    Send an encrypted email to him/her now. Only he/she can read it.
    Send an encrypted voice message to him/her now. Only he/she can listen it.