The GINA initial password of the generated key that is required in the standard process is either
 

•directly provided to the recipient via SMS to the mobile phone number to be indicated in the subject line of the email, either directly at sending or once the recipient opens the email.
 

•given to the sender via email to be forwarded to the recipient via a secondary communication channel – SMS (see Figure 2) or telephone (provided that the integrated SMS interface has not been configured).
 

Figure 2: Screenshot of sending an SMS

 

The GINA account remains persistent. It can thus be permanently used for additional emails to this recipient.

 

If the GINA account exists for the recipient, the entire email of the sender is encrypted with the AES256 key of the GINA account of the recipient and packed into an HTML container. Active contents, such as JavaScript, will not be included here for security reasons.

The HTML container is now attached to a carrier email which is automatically signed by the sender via the appliance. In addition to the actual email in the HTML attachment, this email contains brief information for the recipient regarding the handling of this technology (Figure 2a).

 

Figure 2a: Screenshot of the resulting carrier email

 

The carrier email thus ensures the complete delivery of the actual email in the attachment, which then falls into the scope of responsibility of the recipient (Figure 2a). With the exception of the GINA account, no data remains on the appliance.
 

c) Step 3: Recipient – Login and one-time registration

The recipient opens the HTML attachment (local), whereupon they can already select the desired language (Figure 3).

 

Figure 3: Screenshot of the HTML secure email attachment

 

The GINA interface then opens and prompts the input of the (initial) password (Figure 3a).

 

Figure 3a: Screenshot of the GINA user login

 

This one-time registration (Figure 3b) for the system is only required on the first time it is opened. Here, the GINA user chooses their own password. Depending on the safety setting, a security question and answer are additionally defined in order to enable the independent password reset by the GINA user without any hotline being required for this (!) This security question can be defined by the GINA user themselves or selected from the list of security questions provided by the operator. If the initial password has already been sent via SMS, the corresponding input field in the registration process is already pre-filled. The password criteria, the display of the optional input fields as well as, if applicable, the terms and conditions, are defined by the operator of the SEPPmail Secure E-Mail Gateway.

 

The number of fields to be filled in in the registration process depends largely on the password reset procedure defined by the operator of the SEPPmail Secure E-Mail Gateway (see also Self-Service Password Management (SSPM))!

 

Figure 3b: Screenshot of the first GINA registration
 

After successful registration, the GINA user is taken to the reading area (Read Email) of the actual email.