Digital signatures build up trust in digital communications. A signature proves that the email sender is the true origin of an mail and that the email has not been manipulated during transfer.
Digital Signatures in the Corporate World
By using a centralized secure email gateway, email signatures are easily and automatically added to each mail which leaves the company whilst incoming mail signatures are validated. The complete signing task takes place directly on the gateway and employees are informed should a mail arrive with an invalid signature or modified content. The processing of signatures is controlled centrally by easily configurable policies. It is possible for example to remove valid signatures from emails. And the complete email can simply be blocked if its signature is not valid.
The private key is used for signing.
The public key is used for validation.
Non-Repudiation – Proving who sent it!
An email signature gives emails a binding character as it is almost impossible for the true sender to deny that they are the source of a specific email. In addition, the time the message was sent and any changes to the content can all be proven at a later point in time. Digital signatures make a statement that has been sent in an email non-repudiable.
Alternative internal integrity checking
PDF signing integrated into Z1 SecureMail Gateway for inbound PDF fraud protection and simple verification with common PDF readers (e.g. Adobe Reader).
Protection from Phishing Attack & Email Manipulation
Phishing emails are fraudulent emails which are designed to trick the recipient into divulging sensitive information such as password or account details. Usually they are distributed with false sender details which are selected to abuse the trust the recipient has in the selected sender. Spear phishing is a more perfidious method which directly targets employees within an organization. Other types of email fraud attempt to intercept emails and to modify the content to the advantage of the criminal. Z1 SecureMail Gateway automates and executes the validation of incoming email signatures and provides the recipient with a warning should the email show signs of manipulation or be a potential phishing attack. The chance of being the victim of a phishing attack is significantly reduced when email signatures are used across the board and together with partners and clients.
Advanced Electronic Signature using Qualified Certificates
From a legal point of view, advanced signatures which are based upon qualified signatures are the same as signing a document by hand. For this reason, qualified signatures are only applied to documents. Digital email signatures are analogue to an envelope seal. Z1 SecureMail Gateway can automatically and centrally sign emails. Both digital email signatures as well as qualified signatures in attachments can be verified in inbound emails.