Flexible Identity Authentication Controls and Access

In today’s digital era, organizations encounter the task of maintaining a balance between secure communications and accessibility. Email is crucial in business processes, serving as a vital means of communications for employees, regardless of their location or device, whether they are in the office or working remotely. This includes internal staff, as well as customers, partners, vendors, and others. However, the different security policies and technology skills among users can sometimes create unexpected obstacles.

product screen shot of Echoworx Email Encryption login with OpenID connector - using a Pretend Company Logo

To address the authentication challenges of encrypted email access, organizations need a flexible policy that balances security and user-friendliness for both internal and external users. A one-size-fits-all approach is insufficient.

Ideally, users should have easy access to their encrypted emails while maintaining security. This means using multiple authentication options instead of just one. Different situations may require different levels of authentication, and a flexible approach can find the right balance between security and usability.

Opening Encrypted Email with Echoworx

With nine different ways to authenticate users, Echoworx enables security without sacrificing usability or negatively impacting business processes.

Portal Authentication (also known as Pull Delivery)

  • Social Login using OAuth

    Echoworx offers a growing list of social connectors, including Office 365, Google, Salesforce, Facebook, LinkedIn, among others to authorize access to secure emails. Your customers simply log in using their existing social network credentials.

  • OpenID Connect

    If you maintain a customer database supporting OpenID for authentication, you can enable customers to log into Echoworx using their existing credentials. This enhancement streamlines and secures the login experience, eliminating a common source of frustration.

  • SSO (Single Sign-On)

    Leverage your existing web portal to access encrypted email using our Single Sign On API (SSO). With SSO, your customers log in to your portal, using their existing password, and click on a ‘Secure Mail’ button authenticating and granting them access to their encrypted mail.

  • 2FA (Two-Factor Authentication)

    Two-Factor Authentication requires your recipients to first log in to their account, and additionally verify their identity using a secondary code (through Authenticator App, or SMS) before gaining access to their secure messages.

  • Fast Passwordless Access with Passkeys

    Utilize existing passwordless safeguards, like fingerprint scanners and biometric measures, to validate and permit access to secure messages. Passkeys provide an advanced layer of authentication, while offering a seamless user experience.

  • Sender-Set Password for Secure Rapid One-Offs

    The employee, sender, sets a password and simply clicks ‘send.’ The receiving person enters the password to gain instant access to their secure message and all accompanying attachments, with full save and reply functions. The sender can also include an optional hint.

  • Out of Band

    This method allows users to send an encrypted message with a one-time, per-message password that the sender communicates out-of-band (via phone, in-person or snail mail).

  • No Authentication

    Allows people outside your organization to send sensitive information securely inbound to you, without having to register an account. You simply provide a link (via email or website) that directs customers to a secure message-portal.

  • SMS Application or Sender Enabled

    When your organization enables SMS for authentication, the recipient receives a message pickup notification by email. Following the link, they are presented with an option to have a verification code sent to their mobile phone via SMS which then grants access to the message and/or attached document.

PDF & Attachment Authentication (also known as Push Delivery)

  • Sender Set

    Messages are encrypted with a password set by the sender at the time of sending. The user then receives a notification to login to the portal and must enter the password set by sender, which can be shared out-of-band or be a known value between the two parties.

  • User Managed

    Using Echoworx’ self-provisioning portal, external users can self-register, set and manage their own password to access encrypted emails. Additionally, they can set language and delivery preferences.

  • We invite you to schedule a demo with our seasoned product experts and witness, in real-time, the innovation that sets our email encryption service apart.

    Don’t just keep up with the ever-evolving cybersecurity landscape; master it with us.

Rated 5 out of 5

Reduced the time required to onboard customers

“Our onboarding process went from 5 days to now just 5 minutes and we reduced our document handling costs by 90% to 95%.”

— Implementation Lead in the Finance Industry