Retail companies have a large number of emails need to be processed every day. These emails almost involve many confidential information of customers and partners, but they are all cleartext emails, which are very easy to be illegally stolen and tampered with. This is an email security problem that must be resolved as soon as possible.
To ensure the security and confidentiality of the email, the content of the email itself must be encrypted. To ensure the credibility of the email without being counterfeited, every outgoing email must be digitally signed. To ensure the time of the sent email is credible, every outgoing email must be timestamped.
Retail companies simply change the current email client to MeSign APP to achieve full encryption, end-to-end encryption and fully automatic encryption, as well as fully automatic digital signature and timestamp. If retail companies think it is not practical to change their email client, then they can deploy MeSign Mail Gateway to encrypt every outgoing email without changing email client.
And we recommend that retail companies can deploy their own cryptographic key management system (KM) to fully control their encryption keys to meet the high security requirements of email security.
Using MeSign for end-to-end email encryption will enable retail companies to truly implement mobile working, which not only meets the urgent needs of mobile working, but also meets the high security requirements for email.
As shown in the following diagram on the left, in order to ensure that the encryption key is highly secure and controllable, retail companies only needs to connect the plug-and-play KM device to the intranet. All staff’s computers and mobile devices must be able to connect to KM device to get the encrypting certificate private key. After successfully obtaining the encrypting certificate, the email encryption can be used normally. KM devices cannot access the Internet and are limited to employee computers and mobile devices access in intranet to ensure the device and private key security. Retail companies can also build their own CA to issue certificate for its users instead of using the MeSign default CA. MeSign provide a plug-and-play CA device that just need to connect to internal network, MeSign APP will get the signing certificate and encryption certificate from this in-house CA system, not from MeSign default CA.
In other words, MeSign encryption solution allows retail companies to achieve complete and autonomous control of confidential emails by simply managing and controlling the encryption key and/or issue the certificate by itself even the application environment is untrustworthy.
Real estate companies have a large number of paper documents and forms to process every day, such as purchase contracts, rental contracts, brokerage agents, property management, procurement contracts, and the internal documents signing. They have begun to shift to paperless, but the problem is how to ensure that these electronic documents are really issued by real estate company, have not been impersonated or tampered. At present, the only feasible technical solution is to digitally sign all real estate document in PDF with timestamp and send them to users using encryption.
MeSign not only has digital signature automation solution that can help the PDF documents generated by the internal real estate systems to achieve a trusted digital signature with one click, but also has email signature and encryption automation solution to help the real estate systems to send the signed PDF document by encrypted email to users, and completely make the electronic files with reliable digital signature without counterfeiting and make the delivery of electronic files more secure.
As shown in the above diagram on the right, the user handles the real estate businesses on the real estate company system and fills in forms online. After completing the forms, the user can sign by hand on the business system or use the corporate USB Key certificate to submit to the real estate management system. After processing is completed, the insurance system calls the cloud MeSign eSigning Service system or locally calls the MeSign e-Signature System to sign the PDF file with Adobe trusted certificate. For services that do not require the user to fill in the form (such as proof of property, statement, announcement or notice), the PDF file generated on the real estate system can be directly called the MeSign eSigning Service to complete the PDF signature.
It is recommended to encrypt all important retail documents. System just need to call MeSign public key certificate database (CerDB) to obtain the user's encryption certificate to encrypt the PDF file, the user can seamlessly view the encrypted PDF file using Adobe Reader. The retail management system sends encrypted emails to users using the user's encryption certificate, ensuring the secure and reliable delivery of various user confidential documents. Users only need to use MeSign APP to decrypt and read the documents.
This solution has four advantages to ensure that all important retail documents are trusted paperless and encrypted in delivery: