ING Canada chooses identity-based encryption for e-mail

ING Canada is rolling out a secure e-mail system that uses identity-based encryption to send secure e-mail to independent insurance brokers and other business partners.

The advantage of identity-based encryption is that partners don’t need special software installed on their computers to read e-mail from ING, explained Minaz Sarangi, vice-president of architecture at ING Canada in Toronto. That’s because the product ING chose, Voltage SecureMail from Voltage Security Inc., of Palo Alto, Calif., has a zero-download mechanism that lets users decrypt their mail by connecting to a remote server.

Identity-based encryption is supplanting the traditional approach to public-key encryption, said Wasim Ahmad, vice-president of marketing at Voltage Security, because it’s less cumbersome.

Public-key encryption uses both a public and a private key. Before two people can exchange messages encrypted this way, both must have created public keys and made them available to the other party. Each party also has a private key, known to nobody else, that is used to decrypt encrypted using the public key.

With identity-based encryption, the public key can be generated from a known string of text such as the recipient’s e-mail address, so no keys need to be exchanged before two people can communicate securely.

When someone at ING sends e-mail to a business partner using SecureMail, Sarangi said, the partner will open the e-mail and be connected to a server that will require the partner to identify and authenticate him- or herself. It will then generate the private key and open the encrypted message in a browser window. The recipient will have the option then of storing the decrypted message. 

The encrypted e-mail arrives along with other e-mail and works with any e-mail client software, Ahmad said. 

Partners will also be able to send encrypted e-mail to contacts within ING using SecureMail.

Voltage also offers a plug-in for Microsoft Outlook that SecureMail users can install to avoid communicating with a remote server and having their decrypted e-mail displayed in a Web browser.

Sarangi said ING’s Canadian IT team, which is taking the lead on e-mail encryption for all of ING Americas, looked at several options and narrowed them down to three leading secure e-mail products. ING chose SecureMail because of the convenience for end users and ease of support, he said.

“The technology is the easiest to maintain,” he said. “The total cost of ownership in our case over five years was the lowest.”

ING Canada started implementing SecureMail in December and hopes to finish by April. The company has about 6,600 employees coast to coast, and while it will start by equipping only a couple of thousand of those with SecureMail, the installation will be configured to support up to 7,000 people eventually, he said.

The Canadian implementation will be a pilot for other ING operations in North and South America, he added. 

ING deals with about 16,000 people who work outside the company in independent insurance brokerages. SecureMail will be used for encrypted communication with those outside partners, Sarangi says. Internal e-mail is already encrypted.

Voltage grew out of the work of co-founder Dan Boneh, a computer science professor at Stanford University, and Matt Franklin of the University of California, who together invented the identity-based encryption technology Voltage uses. Boneh and three of his students co-founded Voltage in 2002. Adi Shamir, one of the inventors of the original RSA public-key cryptography system, first proposed the idea in 1984.

Comment: [email protected]

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Grant Buckler
Grant Buckler
Freelance journalist specializing in information technology, telecommunications, energy & clean tech. Theatre-lover & trainee hobby farmer.

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.