What is an S/MIME email certificate?
S/MIME stands for Secure/Multipurpose Internet Mail Extensions. It is a universal web standard used to encrypt MIME data (also known as emails). It was developed by RSA Data Security, but has been adopted by the IETF (Internet Engineering Task Force) as a valid standard in email security.
How does the security work?
S/MIME follows a procedure based on asymmetric encryption (also called PKI / Public Key Infrastructure), which relies on encryption, authentication and integrity through a digital signature.
1. when you send an e-mail, it is encrypted with the recipient’s public key.
2. when the email arrives in the recipient’s inbox, it is decrypted with the private key.
Why should you encrypt your e-mails?The four main benefits are:
1. reduced likelihood of interception or intrusion while the email is being transmitted from your account to the recipient.
2. authentication for the recipient, as your signature is attached to each email, so there is less opportunity for email spoofing and phishing attacks.
3. email content privacy, which prevents BEC (Business Email Compromise) fraud as attackers cannot access and read your email content.
4. regulatory compliance: S/MIME is necessary if you want to comply with the email standards of various industries, such as the General Data Protection Regulation (DSGVO) or the Payment Card Industry (PCI) standards.
How do you encrypt e-mails?
S/MIME is supported by most major email clients. To encrypt emails, both the recipient and the sender must have S/MIME certificates installed in order to be able to encrypt and decrypt each other’s mails.
This is how encryption works with an S/MIME certificate:
1. the first time you send an email to someone, attach your digital signature as part of an unencrypted email.
2. once the recipient (who must also use S/MIME) has received your digital signature, they can reply to you with an encrypted email
3. if he also attaches his digital signature (which most email clients do automatically), you can reply with an encrypted email
4. you can now exchange encrypted e-mails with this recipient.
S/MIME certificates are supported by all modern email clients, e.g. Outlook (Windows, iOS and Android), Apple Mail, iPhone IOS Mail, Mozilla Thunderbird, Gmail, etc.
As with SSL certificates, S/MIME certificates also have a validity period – we recommend choosing a term of 3 years.
Full range of affordable S/MIME certificates
SSLPOINT offers S/MIME certificates from all leading Certificate Authorities:
Secure your e-mails today with an S/MIME certificate from Certum, GlobalSign or DigiCert