🥇 What is an S/MIME certificate? - SSLPOINT

What is an S/MIME certificate?

What is an S/MIME email certificate?

S/MIME stands for Secure/Multipurpose Internet Mail Extensions. It is a universal web standard used to encrypt MIME data (also known as emails). It was developed by RSA Data Security, but has been adopted by the IETF (Internet Engineering Task Force) as a valid standard in email security.

S/MIME certificates are client certificates based on asymmetric encryption and use two different keys: one private and one public, which are based on each other.

How does the security work?

S/MIME follows a procedure based on asymmetric encryption (also called PKI / Public Key Infrastructure), which relies on encryption, authentication and integrity through a digital signature.

With S/MIME, your e-mails are digitally signed and, if necessary, encrypted so that only the legitimate recipient of the e-mail can read your message and they know that the e-mail is from you (and not from someone pretending to be you). As the email travels from you to the recipient, the encryption maintains the integrity of the email so that no unauthorised third party can access, intercept or tamper with the data in any way.
Günstige S/MIME E-Mail Zertifikate

Asymmetric encryption

1. when you send an e-mail, it is encrypted with the recipient’s public key.
2. when the email arrives in the recipient’s inbox, it is decrypted with the private key.

This two-key encryption means that the email cannot be intercepted at any point because it remains encrypted from start to finish. This process is called signing.

Why should you encrypt your e-mails?

The four main benefits are:
1. reduced likelihood of interception or intrusion while the email is being transmitted from your account to the recipient.
2. authentication for the recipient, as your signature is attached to each email, so there is less opportunity for email spoofing and phishing attacks.
3. email content privacy, which prevents BEC (Business Email Compromise) fraud as attackers cannot access and read your email content.
4. regulatory compliance: S/MIME is necessary if you want to comply with the email standards of various industries, such as the General Data Protection Regulation (DSGVO) or the Payment Card Industry (PCI) standards.

How do you encrypt e-mails?

S/MIME is supported by most major email clients. To encrypt emails, both the recipient and the sender must have S/MIME certificates installed in order to be able to encrypt and decrypt each other’s mails.

This is how encryption works with an S/MIME certificate:

1. the first time you send an email to someone, attach your digital signature as part of an unencrypted email.
2. once the recipient (who must also use S/MIME) has received your digital signature, they can reply to you with an encrypted email
3. if he also attaches his digital signature (which most email clients do automatically), you can reply with an encrypted email
4. you can now exchange encrypted e-mails with this recipient.
S/MIME certificates are supported by all modern email clients, e.g. Outlook (Windows, iOS and Android), Apple Mail, iPhone IOS Mail, Mozilla Thunderbird, Gmail, etc.
As with SSL certificates, S/MIME certificates also have a validity period – we recommend choosing a term of 3 years.

Full range of affordable S/MIME certificates

SSLPOINT offers S/MIME certificates from all leading Certificate Authorities:
Secure your e-mails today with an S/MIME certificate from Certum, GlobalSign or DigiCert