The SEPPmail Secure E-Mail Gateway uses a technology for spontaneous communication, the GINA technology.
By means of this technology, it is guaranteed that emails which are to be encrypted can also be encrypted if the communication partner does not have any standard technologies available to them.
For reading the emails encrypted by means of this technology, the communication partner only requires Internet access, the means for receiving emails* and a web browser.
There are no additional requirements to the user's infrastructure.
* If a separate email client is used to receive emails, it must be able to handle file attachments, especially in HTML format.
See also our explanatory video for the GINA technology.
GINA offers substantial advantages for the secure email communication with any partner compared to other solutions available in the market:
encryption |
"Normal" Secure Web Mail |
Self- extracting archive |
Special Client |
|
|
Recipient only needs standard components (email client/browser/Internet) |
û |
ü |
û |
û |
ü
|
Change of password possible |
û |
ü |
û |
û |
|
Secure reply possible |
û |
ü |
û |
ü |
|
The email is delivered immediately and completely |
ü |
û |
ü |
ü |
|
The corporate identity can be individually adapted |
ü |
ü |
û |
û |
|
The recipient may store their public key |
û |
ü |
û |
û |
|
The recipient may set their desired password in advance |
ü |
ü |
û |
û |
|
The appliance does not include any user data |
ü |
û |
û |
û |
|
Phishing resistant |
û |
û |
ü |
ü |
|
Resistant against brute force attacks |
û |
ü |
û |
ü |
|
"Email as registered letter"; read confirmation possible |
û |
ü |
û |
û |
|
Password self service |
û |
ü |
û |
û |
|
Two-factor authentication |
û |
û |
û |
û |
|
Queue-less operation (no data loss in the event of a failure) |
û |
û |
û |
û |
a) Step 1: Sender – Creating the email
The sender writes an email in their standard email client and classifies it as confidential. Several options are available for doing this (Figure 1):
•Selecting "confidential" in the email client on-board resources (1)
•Using a keyword which is defined across the entire company (2)
By default, this keyword is [confidential]. This method is available on all email clients and is often also used for system users, i.e. the automated control.
•Via the free of charge SEPPmail Microsoft Outlook Add-In (3).
Here, the user can choose between
a)"Encrypt"
Initiates the encryption using the most suitable technology for the recipient (see also Encryption Hierarchy).
b)"Encryption with read confirmation"
Enforces the GINA technology in connection with the read confirmation request on the client side. This triggers a read confirmation which cannot be suppressed by the recipient. This procedure can be compared to a registered letter with return receipt.
Figure 1: Screenshot for Outlook with Encrypt button and Confidential tag
Thereafter, the email is sent as usual.
The email marked this way reaches the SEPPmail Secure E-Mail Gateway. It evaluates the set marks and carries out the actions initiated by it.
If, due to missing key material or a mandatory read confirmation, GINA is used, the process is as follows:
If not already available, a GINA account or auxiliary account is created for the relevant recipient email address – depending on the procedure – whereby an individual, password-protected AES256 key is generated and saved for the recipient email address.
The further steps differ depending on the chosen GINA procedure:
4.Authentication request to identity provider (IDP)
The authentication request to an external identity provider (4.) is probably the most convenient solution for the recipient.
