Community
Think of any high volume, system generated paper document that you currently print and deliver by mail and chances are you’re already working towards converting each one to electronic delivery.
But what about security, confidentiality and non-manipulation? How do you ensure trust and compliance with your new process?
Our special blog series is going to look at every aspect of document security and how you can deliver secure eDocuments with confidence.
Opening the envelope vs. opening the email
Let’s start with traditional mail. A piece of paper sitting in your post box is hardly secure, it can be removed read, changed and replaced without your knowledge - it follows that any level of security associated with an electronic document already makes it a better option. However post does have one thing going for it – you have to physically go to each post box to collect mail.
Unlike post boxes, websites (and the now standard customer portal) are publically accessible, so the security requirements immediately become more stringent. Registration and multiple levels of authentication become necessary, but also cause usability and liability issues.
So, you have ease and convenience on one hand vs. barriers and a (good) dollop of effort on the other. What’s the middle ground? Email of course. In a nutshell, an email address is an online version of a post box but with the benefits of cool tech that can be layered on top to make it far more secure than its paper counterpart.
9 Reasons why you should consider sending documents via email
Security and its role in eDocument delivery
I trust you now agree that sending documents to the inbox is a good idea. The next step is to explore all the security aspects of electronic document delivery in detail. Because it’s a big theme we’ll look at each aspect on its own over the next few weeks, including:
Understanding Encryption/cryptography
Banks use 128 bit encryption to protect communications on Internet Banking. We believe electronic document delivery encryption levels from 128 bit and above are sufficient. Let me explain why and how it all works:
Some quick terminology to help you:
Different encryption schemes
There are two basic types of encryption schemes: Symmetric-key and Asymmetric-key (also called public-key encryption)
Symmetric algorithms - uses the same key to encrypt and decrypt the message
Asymmetric algorithms - uses a different cryptographic key to encrypt and decrypt the message
However, sticking to Symmetric algorithms is advisable because it takes away the requirement for complicated key exchanges. For PKI encryption the consumer has to “have something” (e.g. a private PKI Key) rather than for symmetric encryption where they just have to “know something” (e.g. a type of password).
Key strength
In cryptography, size does matter. The larger the key, the harder it is to crack a block of encrypted data. Typical key strengths are:
A password is converted into a key length appropriate to the chosen algorithm.
A brute-force attack consists of systematically checking all possible keys until the correct key is found. The resources required for a brute-force attack grow exponentially with increasing key size. However the key combinations depend on the length of the password that generated the key. Hence the longer the password the harder it is to crack.
Maybe this is why hackers don’t generally attack the actual encryption; instead they try to “guess” the correct password... in our next post in this email security series we will detail how password strength works in conjunction with encryption.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Nkiru Uwaje Chief Operating Officer at Mansa
12 September
Alexander Boehm Chief Executive Officer at PayRate42
Hugo Chamberlain COO at smartKYC
Carlo R.W. De Meijer Owner and Economist at MIFSA
11 September
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.