Blog

The InterNetX Blog provides you with news and background information on innovations concerning domains, servers, SSL and other industry-related topics.

Secure email communication? Here’s how!

Encrypted data transmission will become the online standard in the future. We explain how much further we have to go and which solutions are available.


This is how secure email communication works

90% of all websites now use TLS/SSL encryption. By and large, however, secure email communication still poses many problems. Modern email encryption is based on asymmetric cryptology. This entails a pair of keys – one for encoding and the other for decoding – to prevent unauthorized access. One of the most well-known standards for this type of encryption is the S/MIME certificate.



Secure email communication for everyone

Electronic mail is generally sent in plain text, making it a comparatively easy target for attacks of all kinds. This can be especially critical if sensitive data like login details or business agreements are sent via email.

Already in 2016, the German Fraunhofer Institute for Secure Information Technology, in cooperation with the German telecommunications company Deutsche Telekom, set up the “Volksverschlüsselung” (encryption for the people) solution for end users. The initiative was launched because encryption certificates were hardly used in everyday life, despite the availability of numerous simple solutions. The aim of such initiatives is to establish current encryption technology among the general population, to provide information about the most commonly used certificates and improve the usability of the relevant technology. The idea is that each user should be able to encrypt their messages using the simplest of tools.

How secure are Verified Mark Certificates?

Verified Mark Certificates (VMC) offer manifold advantages, including the display of the company’s validated logo next to the email address. VMCs verify the identity of the company and increase the security of the communication. This boosts customer trust in the brand company. The opening rate of emails is increased by up to 10%, according to the Verizon Media Study (2021), thereby also increasing the conversion rate. Trademark holders therefore have a lot to gain by using VMCs for their email communication.

Brand protection, higher CTR, increased open rates and enhanced email security. Isn't this enough for your business to adopt BIMI and implement a VMC? It's time for your business to run BIMI with a VMC.

In order to verify emails using VMC, certain requirements must be met:

  • The logo must be registered as a word or image trademark at one of the authorized trademark offices.
  • Another verification step includes personal identification, notarized certification or validation via a video call for the company and the contact person.
  • The emails must have SPF, DKIM and DMARC implemented.
    • An SPF record determines via which IP address(es) an email is sent from a domain.
    • DKIM ensures that the email has not been manipulated.
    • DMARC checks how emails that do not fulfill these (SPF or DKIM) requirements are handled.

S/MIME and PGP – a comparison of two standards

Two predominant standards for email encryption have become established over the years, namely S/MIME and PGP. But which of these is the more secure option?
S/MIME (Secure/Multipurpose Internet Mail Extensions) and PGP (Pretty Good Privacy) fundamentally follow the same objective, namely the secure encryption of data. Both can be used to securely encrypt emails – but there are a few differences.

Implementation

  • For PGP encryption, both sides must respectively load the private key of the other party in their email client manually.
  • In contrast, S/MIME automatically sends the relevant private key after a signed email has been sent once. This greatly reduces the effort required for secure data exchange.

Software

  • PGP requires the installation of additional software, which usually must be bought. Another consideration is that PGP is not available for all devices.
  • S/MIME, on the other hand, can be used without any additional software.  S/MIMEs are issued by official CAs that are directly classified as trusted in all clients.

It is important to note that S/MIME and PGP are not compatible with each other. For example, a recipient with an OpenPGP certificate cannot read encrypted S/MIME emails and vice versa.

Our recommendation: Use S/MIME encryption for secure email communication.

More about our S/MIME certificates

Secure email communication – what to watch out for?

We’ve put together a few basic tips to help you receive and send emails securely, even without implementing measures like the “Volksverschlüsselung”.

1. Careful with HTML codes

HTML formats in emails often pose risks. Malware can easily be hidden in embedded code such as formatted text or images.

The basic rule is: Never execute active content in emails. Especially when the message comes from an unknown sender. You should also find out whether the email program you use automatically displays HTML content and whether this function can be disabled.

2. Stay up to date

Cyber criminals are always active and on the lookout for new attack gateways. Old systems that no longer meet the latest security standards  give them an easy ride.

The takeaway: It is absolutely essential to install new updates immediately! Whether updates for your operating system, the browser, add-ons or other programs, security warnings should always be taken seriously. You should also regularly check whether your virus scanner is up to date.

How can S/MIME certificates guarantee secure email communication?

In addition to following the advice given above, you should also employ S/MIME certificates to make absolutely sure that your emails are not intercepted or read by any third parties. A great advantage of using Secure/Multipurpose Internet Mail Extensions (S/MIME) as the standard encryption for emails is that it is already supported in many mail programs and smart phones.

S/MIME certificates can be easily acquired. InterNetX offers S/MIME certificates from established providers and can help you find the perfect solution for your project or requirement. S/MIME certificates can be ordered and managed efficiently in AutoDNS.

Order S/MIME certificates today

The technical and legal requirements of the GDPR regarding the use of email in companies are often unclear. We explain how to send secure emails in conformance with the GDPR in our e-paper, available for download here: Emails in business.