Email, ClientAuth, and Document Signing Certificates for Resellers

SSL.com’s reseller program now offers volume discounts on our Email, ClientAuth, and Document Signing Certificates. With these versatile business certificates, you can offer all of the following benefits to your customers:

All of these capabilities are backed by public trust in our audited authentication procedures and SSL.com‘s root certificates, which are included in all major operating system and browser root certificate stores (Microsoft, Apple, Google, and Mozilla). With our reseller program, you can easily leverage our years of experience and expertise to provide this same level of trust for your own customers. And, unlike some other CAs, SSL.com does not charge extra to provide all three of these important features in one certificate.

Secure Email

Despite advances in email security over the years, even in 2019 it’s all too easy for an attacker to send email messages that appear to be from a friend, relative, or well-known business. Phishing is a form of email-based fraud in which attackers attempt to gain sensitive information such as login credentials and credit card numbers by posing as a known, trustworthy entity. A phishing email typically includes a link that leads to a falsified information form and/or some form of malware that the recipient would be much better-off not clicking. According to Verizon’s 2018 Data Breach Investigations Report, 13% of breaches in the most recent year studied involved phishing. Even though most people (78%) will go an entire year without clicking on a phishing link, that leaves the unfortunate implication that 22% will click at least one. In any given phishing campaign, an average of 4% of users will click the link. Your company’s employees (or even your customers) might be among them – if they aren’t protected by SSL.com certificates.

SSL.com‘s Email, ClientAuth, and Document Signing certificates work in two important ways to prevent phishing attacks and secure email while in transit:

  • Digital signatures.
    • A digital signature provides proof that the sender of an email message is who they purport to be, and that the information in the email has not been altered in transit. If an email message is not trustworthy, the recipient’s client software will sound the alarm with a strongly-worded error message, preventing naive or careless users from opening and reading it in the first place.
    • Digitally-signed email ensures non-repudiation. That is, if a person sends a digitally-signed email, it is difficult for them to deny that they sent it (in a court of law if necessary).
  • Encrypted email. SSL.com‘s client certificates offer you and your customers’ email messages the same kind of strong asymmetric cryptography used to protect communications on the World Wide Web. Without possession of a recipient’s private key, potential attackers will be unable to decipher information encoded with their public key.

A recent report by the Radicati Group states that the number of emails sent and received each day worldwide is expected to reach over 246 billion by the end of 2019, with an average of 126 messages sent and received for each business user.  SSL.com‘s email certificates can help you secure this important and vulnerable business communications channel.

For more detailed information what S/MIME is and how it works, please see our article on Sending Secure Email with S/MIME.

According to the United States Federal Bureau of Investigation, global law enforcement received reports of 17,642 victims of business email compromise (or B.E.C.) scams totaling more than $2.3 billion in losses between October 2013 and February 2016. The FBI states that the criminals in these cases “go to great lengths to spoof company e-mail or use social engineering to assume the identity of the CEO, a company attorney, or trusted vendor. They research employees who manage money and use language specific to the company they are targeting, then they request a wire fraud transfer using dollar amounts that lend legitimacy.” Deploying digitally-signed email throughout your organization is a great way to avoid falling victim to these kinds of scams.

Client Authentication

Every employee username and password is a potential route for an outside attacker to gain unauthorized access to a company’s data and IT infrastructure. Remember the phishing attacks we discussed above? That’s one way to steal them. Another type of social engineering attack, known as pretexting, is when an attacker creates a convincing narrative that fools the victim into revealing login credentials or other desired information. Imagine an employee of a large corporation getting a phone call from a person claiming to be from the company’s IT or Human Resources department, asking for their login credentials for the company’s VPN to solve a fabricated “problem” with their email account or employee benefits.

Poor password hygiene by employees is another major factor contributing to credential theft. These ill-advised practices include:

  • Weak passwords. Can you type “123456” or “qwerty,” or find out the name of an employee’s dog? A determined attacker can do those things too, or even employ automated brute-force attacks with lists of common and/or stolen passwords.
  • Password re-use. Are you certain that any given employee isn’t continuing to use the same password at work as their one that was previously stolen in the latest high-profile (or low- or no-profile) e-commerce website breach?
  • Post-it® Notes. Feeling safe because you started requiring strong passwords with at least 12 characters, including upper- and lower-case letters, digits, and special characters, and forcing employees to make up a new one every month? Now they can’t remember them without writing them down!

The simple fact is that solely relying on usernames and passwords for security is not and will never be sufficient protection. SSL.com‘s business certificates can give you an extra layer of authentication, and they are not subject to phishing attacks, poor password management, or malware such as keystroke loggers. Without the correct certificate installed on their computer, a person simply cannot access a website or other service that has been configured to require it.

Document Signing

Much like S/MIME email, digitally-signed documents offer non-repudiation for electronic files such as Microsoft Word and Adobe PDF documents. Furthermore, a digitally-signed contract or other legal document is just as legally binding as a paper contract signed in ink. The Electronic Signatures in Global and National Commerce Act (2000) indicates that a contract or signature “may not be denied legal effect, validity, or enforceability solely because it is in electronic form.” SSL.com‘s business certificates allow your customers to digitally sign documents easily with their name and organizational information, an essential tool for doing business in the twenty-first century.

Reseller Program

SSL.com’s reseller program gives you all the tools you need to offer these world-class capabilities to your customers easily, while increasing your own bottom line through volume discounts. Resellers can even use our SSL Web Services (SWS) API to automate processes like ordering, validation and rekeying through custom scripts, or extract information to help you examine and manage your account!

For more information on our business certificates and reseller program, please do not hesitate to contact us at support@ssl.com. And, as always, thanks for choosing SSL.com, where we believe a safer Internet is a better Internet!