Be updated, subscribe to the OpenKM news

email signature with a digital certificate

Written by Ana Canteli on August 21, 2020

Currently, the horizon of online administration has broadened and deepened more than anyone could have predicted. This has been possible thanks to the introduction - more or less friendly - of a multitude of companies and citizens in the telematic relationship with public administrations and other private organizations. But have you ever received an email from a known person or organization that was not theirs later? Spam, phishing or spoofing techniques are becoming more and more elaborate, to increase their reach and thus multiply their options for success in blocking emails, illegally obtaining data or spoofing identities. Therefore, signing emails with a digital certificate gives us a series of advantages aimed at protecting our communications.

What is a digital certificate

The digital signature certificate is a system provided by a certificate authority that links - through the public key infrastructure - the identity of the signer with the content they send. The public key infrastructure (PKI) is made up of a private key and a public key, which allows signing documents - with the private key - and verifying the signature - with the public key.

Through the digital signature certificate, we can be sure that the person signing is who they say they are and it also serves to confirm that the content of the message has not been altered during delivery.

In this way, when we interact with an organization, through a web page, for example, it communicates with the certificate authority of the digital certificate to verify its validity. Thus, we can also use it with guarantees, to digitally sign documents.

Features and benefits of the signing certificate

The digital signature certificate helps to ensure the privacy and security of the parties that communicate through the use of email. In fact, creating a more secure and reliable environment for communications via email is the main role of the digital certificate.

To use a signing certificate, you only need an email address, an email client (Microsoft Outlook, Mozilla thunderbird, among others), and a valid digital signature certificate.

The use of the digital certificate contributes to obtaining the following benefits:

• Authenticity: the e-mail signature with a digital certificate confirms the identity of the signer. This protects against potential phishing attempts.
• Integrity: the digital certificate is proof that the content of the email has not been altered without the knowledge of the parties.
• Non-repudiation: By attaching the digital signature to the e-mail, it is more difficult for the author to disassociate themself from the authorship or approval of the documents that bear their signature. Doing so would also challenge other digitally signed documents.

The use of digital signatures with an e-certificate helps to protect your identity from fraudulent uses while providing coverage to your brand reputation since the code signing provide legal security to the information they contain and to all the documentation in general protected by digital certificates. This means that the trust of your users or clients is not only maintained but also improves.

Electronic mails that come from certified email addresses are rarely considered spam by the servers that receive them. Not for nothing are companies that program their email servers to reject emails that do not have digital signatures as an antimalware measure.

Why use a digital certificate?

Apart from the benefits and advantages mentioned so far, the use of electronic signature with a digital certificate can be an option that helps us in our relationships with other entities, whether they are voluntary - as private companies can - or mandatory - such as public administrations.

Many public entities use electronic signatures with a digital certificate for more and more activities: tax management, transaction verification, ratification of official communications. In the health sector, the use of digital signature certificate streamlines treatment processing and improves the efficiency of administrative processes, while improving data privacy.

In the private sector, emails signed with a digital certificate are used to streamline processes in all areas of the production chain, promote the paperless office and accommodate the online management of highly regulated sectors, to make them more accessible. International Organization for Standardization promotes standards to promote its use.

The OpenKM document management system, which can be used as an email archive, has the possibility of implementing the digital certificate so that electronically signed emails can be sent and received. The system can be customized to apply business processes (notification, indexing, automatic categorization), develop e-discovery activities, audits, etc. Even use the search engine to find this type of communication, based on a multitude of criteria, including attachments. If you are interested, do not hesitate to request a personalized online demo.