xorkeesign mail extension provides an easy way for users to digitally sign their mails from within their mail application. As this uses the xorkee infrastructure for rendering the signature, it takes very little additional software or user action. The users can quickly get used to the habit of signing every mail they send without breaking their flow of thought.
The same extension also helps the users to verify the mails received from others. Again this follows a natural flow without disturbing the user’s work rhythm. The results of such verification are also displayed from within their native mail interfaces with additional cues whenever a signed mail fails the verification to alert the users about any malicious activity targeted at them.
Signing your mail becomes just as easy
Currently there is no credible solution to secure this massive and critical business communication infrastructure. Barring spam filters of questionable efficacy and virus scanners, the email infrastructure has been left to its own fragile defences leading to substantial losses to the financial industry globally.
What started as artless, hit or miss techniques that powered the early Nigerian '419' scams have matured into highly sophisticated devices that can fool the most alert among us.
The increased use of emerging AI techniques has made matters worse so much so that 58.2% of emails sent in 2023 had no purpose other than stealing the credentials of the recipient as a first step to a long running extraction scheme.
The standards like DKIM, DMARC and BIMI have not protected the individual sender identity but offered only a domain level protection. Soon email will have to be treated as wholly unreliable and abandoned by the business world as a communication medium.
Is there a solution?
Digital signatures are known to be the most fool-proof way of authenticating the identity of a mail sender and the integrity of the mail sent. In the past, several attempts have been made at securing the email infrastructure using digital signatures. The S/MIME protocol for signing was standardized and used in a few mail clients. But given the breadth of email usage, the coverage was inadequate and the practice mostly died down over a period. The success the community has had with SSL and SSL certificates, Firewalls, Web Application Firewalls, virus scanners and the like to protect the World Wide Web was not seen in the email domain.
xorkeesign employs an innovative model to digitally sign mails that can be verified in a mail-client agnostic manner. Instead of attempting to treat the mail as a comprehensive MIME structure, xorkeesign picks individual components like mail body and each of the attachments and signs them separately. This gives substantial flexibility to the senders as well as recipients. What is more, xorkeesign even lets the recipients save each of the attachments or the mail body as a standard digitally signed document. The document can then be used as an authentic message even outside the email domain. This way, the extension bridges the email and web infrastructure that makes for a most complete platform for e-business.
Mail is not only signed by the sender, but also by his organization The mail extension's beneficial features do not stop here. Leveraging the 'Entity' model pioneered in xorkeesign’s document signing interfaces, it enables the mail senders to not only sign the mail but also get it signed or countersigned by their organization as well. This further provides for the organization to include relevant attributes of the mail sender in the signed mail. This makes up for a serious shortfall in the traditional digital certificates - which is that the attributes of a certificate subject are limited by what the x.509 standard provides. Many times, a certificate is unable to describe a subject completely - subject's educational qualifications, marital status or even the gender cannot be included in a CA issued digital certificate. But when an organization certifies relevant attributes of a mail sender like his designation or other role he carries in the organization, it makes for a genuinely trustworthy communication, particularly in sight unseen e-business situations.
Entity or no entity, xorkeesign helps the users to digitally sign their mails with raw public keys created and stored in their mobile phones. This makes the solution accessible to everyone with a smart phone. As the keys are associated with a user-readable name called ‘xorkee handle’, users won’t have any difficulty in recognizing their correspondents.
xorkeesign extensions can be downloaded and used by anyone for verifying the received mail entirely free of cost. Digitally signing mails require a modest monthly subscription to xorkeesign. However both signing and verification are offered free of cost on trial basis till March 31st 2024.
xorkeesign email extension is your way to a winning e-business model!
xorkeesign email extension is available in the following platforms: