Encryption Delivery Methods with Echoworx

Key Features

1. Recipients receive a single registration message to sign up and set their password.
2. Optional out-of-band verification code available during registration.
3. Supports full OAuth access for Microsoft 365, Gmail, Hotmail, Facebook, LinkedIn, Salesforce, and more.
4. OpenID Connect enables recipients to log into the portal using existing credentials, if your business supports OpenID for authentication.
5. SSO Web Services integration allows auto-login through your existing business portal.
6. No-Authentication Mode provides access to messages via a direct link, bypassing login requirements. Ideal for tracking message activity or securing inbound replies.
7. Sender-Set Password feature allows senders to share a passphrase (with an optional hint) via the M365 Outlook Add-On, enabling access without registration.
8. SMS Verification Codes let senders securely authenticate recipients by sending a verification code directly to their mobile device via the M365 Outlook Add-On.
9. Passwordless Access with Passkeys leverages biometric authentication (like fingerprint scanners) for seamless secure access using PINs or biometric autofill.

Additional Benefits

• Flexible delivery options, accessible on any device.
• Customizable branding for webpages, encrypted messages, and notifications.
• Supports 28 languages.
• Encrypted message storage at-rest in the Echoworx cloud.
• Allows local message saving in formats like Outlook and Encrypted PDF.
• Includes secure reply functionality and read receipts.
• Offers full message audit and recall capabilities for senders and administrators.
• Standard retention periods of 30, 60, or 90 days, with extended options upon request.

Technical Notes

•  Recipients access messages online and should save them locally for permanent retention.

Learn more on the key features of each delivery method →

Key Features

1. Self-Registration Mode: Recipients can set their own password via a one-time prompt for quick and easy access.
2. Password Management Mode: Recipients can recover existing PDF passwords, set new ones, or update security details through a self-service link included in every message.
3. Sender-Set Password Mode: Senders can create a shared passphrase (with an optional hint) at the time of sending via Gmail or Microsoft 365 Outlook Add-On. Recipients can use this passphrase, shared out-of-band, to access the message without registration.
4. Seamless Viewing: Encrypted PDFs and Office documents can be viewed directly within Outlook for Web and Gmail clients.

Additional Benefits

• Flexible delivery to any device, anywhere in the world.
• Customizable branding options for webpages, encrypted messages, and notifications.
• Support for 28 languages.
• Direct delivery of encrypted PDFs to recipients' inboxes.
• Secure at-rest encryption for all messages.
• Offline access to encrypted messages.
• Sender or recipient-set password options.
• Secure reply functionality, with the ability for recipients to receive a secure copy.
• Compatible with any standard PDF viewer on any device.

Technical Notes

• Push Encryption delivers emails instantly to recipients, ensuring immediate access. Note: Emails cannot be recalled once delivered.

Get our delivery methods tech brief →

Key Features

1. Encrypt PDF, Microsoft Office, and ZIP attachments natively.
2. Maintain original file names and properties with native encryption.
3. View encrypted PDFs and Office documents directly in Outlook for Web and Gmail.
4. Bundle other attachment types into encrypted PDF or ZIP formats.
5. Enable self-registration for recipient-managed passwords.
6. Set shared secret passphrases for additional security.
7. Customize branded message headers and footers, including password management links or passphrase hints.

Additional Benefits

• Access secure documents anywhere, on any device.
• Keep message body in clear text—only attachments are encrypted.
• Support multiple encrypted attachments in their original formats.
• Available in 28 languages.
• Deliver encrypted files directly to the recipient’s inbox.
• Ensure encrypted attachments remain secure at rest.
• Provide flexible password options for senders and recipients.
• Enable offline access to secure documents.

Technical Notes

• For ZIP files with AES 256-bit encryption, we recommend compatible software such as WinZip, Secure ZIP, WinRAR, or 7-Zip.
• Push encryption delivers emails directly to recipients’ inboxes and cannot be recalled.

Learn more about our delivery methods →

Key Features

1. On-the-Fly TLS Verification: TLS connections are validated instantly during message delivery.
2. Allow List Configuration: Restrict messaging to specific TLS-enabled domains.
3. Block List Creation: Exclude certain TLS domains from message delivery.
4. Seamless Alternative Delivery: For domains not eligible for TLS, messages are automatically delivered via secure alternatives like Web Portal or Secure PDF, ensuring uninterrupted protection.

Additional Benefits

• Simplified Sending: The platform automatically selects the optimal encryption method, whether TLS or another secure option.
• Transparent Delivery: Recipients receive messages seamlessly with no changes to their behavior.
• Customizable Branding: Add branded headers and footers to align with your organization’s identity.
• Optimized for B2B: Ideal for environments where both parties use TLS.

Technical Notes

• Messages delivered via TLS are not encrypted at-rest in the recipient’s mailbox.
• Secure replies are sent outside the Echoworx platform, relying on TLS for transmission.

Key Features

1. Seamless Certificate Access: Recipients can access certificates through external lookups in various LDAP directories.
2. Direct Certificate Upload: Recipients can upload their x509 certificate or PGP public key via the user-friendly web portal.
3. Self-Signed Certificates: Recipients can generate self-signed S/MIME certificates directly through the web portal.
4. Digital Signing: Outbound messages are digitally signed with a sender-linked key, either uploaded or generated. If unavailable, an enterprise-level key (e.g., domain-wide) is used as a fallback.
5. Integrated S/MIME Support: Echoworx integrates with DigiCert and SwissSign for real-time retrieval and generation of trusted S/MIME credentials.
6. Real-Time PGP Key Creation: Automatically generate PGP public/private key pairs for senders as needed. Recipients of PGP-encrypted emails receive the sender’s public key as an attachment.
7. Inbound Message Decryption: Decrypt S/MIME and PGP-encrypted messages using private keys securely stored on the Echoworx platform.

Additional Benefits

• Smooth Migration: Import all employee certificates and key pairs to streamline transitions.
• Automated Key Generation: Automatically create and manage new keys as needed.
• Effortless User Experience: Recipients don’t need to change their behavior or workflows.
• Custom Branding: Add branded footers and headers to decrypted inbound messages.
• Global Secure Delivery: Deliver encrypted emails to any recipient with a retrievable key, anywhere in the world.
• Cloud Migration Support: Consolidate all certificate-based email activity under one secure communication platform with full PGP and S/MIME cloud migration support.
  

Technical Notes

• Configure additional rules in your gateway to route encrypted messages to Echoworx for decryption and certificate extraction.

Get started with Echoworx →