Home>Email encryption and digital signature services

Email encryption and digital signature services

MeSign Cloud Email Encryption and Digital Signature Service is based on MeSign automatic email encryption and digital signature service for all email users, email client developers, email security gateway vendors, email security service vendors, email service providers and all kinds of business systems to realize automatic email encryption and digital signature, allow email users to enjoy the basic email encryption and digital signature services for free, and make it convenient for email security-related vendors and business systems call our cloud email service API to realize automatic email encryption and automatic decryption functions, and jointly protect the security of emails to meet the compliance requirements of all email users.

MeSign cloud email encryption and digital signature services have free email encryption services, as well as charged services based on the number of encryption and decryption times, and the cost is much lower than the purchase of related systems. Currently, the following four services are provided:

1. Free email encryption service

All email users can download MeSign email client software for free, and after setting up their email account, they will get an email encrypting certificate and signing certificate for free, then users can automatically encrypt every email for free to ensure the security of the email.

To implement S/MIME email encryption, you need to:

  • Step 1 Download and install email client software
  • Step 2 Setup your email account
  • Step 3 Buy ($) the email certificates from a CA
  • Step 4 Waiting for CA issuing certificate
  • Step 5 Collect and configure certificate
  • Step 6 The email receiver also must have email certificate
  • Step 7 Exchange the public key with the receiver
  • Step 8 Send the encrypted email

Now, if you choose MeSign Free Edition, you just need to:

  • Step 1 Download and install email client software – MeSign APP
  • Step 2 Setup your email account
  •  
  •  
  • (MeSign APP do the 3-4-5-6-7)
  •  
  •  
  • Step 8 Send the encrypted email

2. Free public key retrieval service

Any email security vendor, email client software vendor, and business systems can call the E-mail API for free to obtain the public key of the encryption certificate of all emails, so that business systems can send encrypted email to users after obtaining the public key of the users to ensure the security of confidential information sent by the business system. And email client software vendors can easily implement automatic email encryption like MeSign email client software, without the need for users to exchange public key in advance manually. This service relies on the MeSign Cloud Public Key Exchange System, this system has the public keys for all email addresses in the world and it is a free service.

3. Email certificate service

Users can call the E-mail API to automatically obtain email certificates and can also choose to apply for a MeSign trusted email certificate or publicly trusted email certificate. The user needs to call the E-mail API to complete the email control validation. After completing the validation, user can get the email certificate bound to the validated email address. This certificate is an email certificate that only validates the email control, we call it as V1 certificate, only the email address is displayed in the certificate subject.

4. Email encryption and decryption service

The user system (such as the email gateway system) generates the email encryption key ("email key") for the email to be encrypted and calls the E-mail API to submit the email key to the cloud email encryption service system through the https post, the system uses the recipient and sender’s public key to encrypt the email key and return it to the user system. After the user system receives the encrypted email key, it uses digital envelope technology to assemble the encrypted email to send it to all recipients and sender.

When the mail gateway system receives the encrypted email, it calls the E-mail API to submit the encrypted email key to the cloud email decryption system through the https post, and the cloud system decrypts the email key with the private keys of the recipient's and sender's encryption certificates, then return it to the mail gateway system through the https channel, the gateway system can decrypt the encrypted email and perform other security checks on the cleartext email. After passing the check, the encrypted email or decrypted email can be released according to the user's needs. This service completely solves the problem that the current mail gateway does not support email encryption and decryption. Mail gateway users only need to upgrade the software to realize the security check of encrypted email. It is also very suitable for Web email service providers to provide Web email encryption and decryption services.

Please note: The cloud email encryption service does not require users to submit email content, thus protecting the privacy of users' email content. However, users need to have the ability to program S/MIME email encryption. If users do not know how to generate email key and do not know how to generate digital envelopes, they can purchase the MeSign Email Encryption and Decryption Gateway for local deployment, and the gateway is responsible for calling E-Mail API performs the email encryption and decryption services. Users still need to purchase the E-mail API service, but do not need to program to realize the email encryption and decryption.