Secure messaging

Process Secure Messaging

1. The sender writes an eMail online and sends it over a secure SSL-connection to the secure messaging server.
2. The recipient is notified through a normal eMail that a secure message is waiting for delivery on the secure server. The recipient is invited to download the message through a link.
3. The sender provides the recipient with a message unlock code. The code is required in order to access the pending message. If the recipient has already been in contact with the sender through secure messaging server and has registered, this step is not required.
4. The secure message and confidential documents such as contracts, business plans, resumes or loan documents can then be accessed with the message unlock code and downloaded.
   

MUC (Message Unlock Code)

A MUC is a message password and protects a message sent to a new communication partner from being seen by erroneous recipients and is used to initiate trust. If a message is sent to a new recipient, the system generates a random MUC. The sender communicates the MUC to the recipient by using another communication channel than email, e.g. personally, by phone or SMS for security reasons (Out-of-band). With the MUC the recipient gets access to the secure message and confidential documents and can download them. If the recipient has already been in contact with the sender through secure messaging and is enrolled, a MUC is no longer required.

Trust management

Secure Messaging relies on the method of the dynamic personal web of trust. This method synthesizes the authentication approach of web of trust, known from PGP, with the advantages of hierarchical structures, known from centralized PKI systems. Those combined with certificates provide high quality of electronic identities. This approach focuses on the user and allows for immediate and personal bootstrapping of trust, respectively revocation.