ZMAIL does not change how you use email.
ZMAIL does not change how you receive email, your email address or email software. ZMAIL is an email interface -- you continue to use your own ISP, email provider, and webmail service, including AOL, Yahoo!, Hotmail and Gmail. You use any email address and any email software that you want.
ZMAIL works using technologies already built into your browser and email agent, on Windows, Mac OSX, or Linux. ZMAIL is compatible with 99.9% of all browsers, email agents, ISPs and webmail services.
How do I decrypt and read ZMAIL?
You receive ZMAIL at your current email address, using your current software, such as Outlook, or webmail. You can either log in directly using the ZMAIL you received, or you copy and paste the ZMAIL into our web interface after you log in. You can decrypt and export all ZMAIL messages that you receive, including attachments, to Outlook and other email agents. Works with Windows, Mac OSX, Linux.
Can I securely store documents using ZMAIL?
Yes. You can use ZMAIL both for secure data transport as well as for secure data storage. Each ZMAIL message is an encrypted container that can store any type of data, right at your PC. Works with all Media including removable (e.g., USB Drives) and over a network. You can automatically share an encrypted container with one or more persons -- just add them to the recipient's list (To:).
How about the recipients of my ZMAIL?
Your recipients do not have to be pre-enrolled and can decrypt your ZMAIL without cost, with a BASIC account. Your recipients will be authenticated, so that you know your messages are received by the right party. Your recipients can also verify that the message was sent from your mailbox address. If you have a PREMIUM account, recipients can verify your identity and the authenticity of your email by clicking on the PREMIUM Seal.
How can ZMAIL protect against spam, spoofing and phishing emails?
Spam and phishing emails are hard to filter because they spoof various parts of email headers and body, and come in the name of people or organizations you trust, your friends and business contacts. ZMAIL prevents this 100% -- if a ZMAIL comes from the email address <friend@isp.com> you know that it did come from that address, with the original subject, date, body and attachment. With its unique login technology, ZMAIL prevents spoofing and pharming of web sites, protecting the web site zsentry.com. There are several mechanisms in place, as well, to prevent any ZMAIL user from abusing the system and sending ZMAIL spam, including our zero-tolerance spam policy.
How about virus in emails?
Because you only receive emails from
verified senders, ZMAIL prevents the use of spoofing to send a virus
as if the file came from a friend or someone you trust. You can open attachments in confidence.
See also ZMAIL Spoofing, Phishing, Pharming and Spam FAQ
How are my login data and keys protected? Do you have a username and password list somewhere?
No, we don't have any username, usercode or password list anywhere, even though each user logs in using their own ZSENTRY Usercode and a ZSENTRY Password. We don't have your login data or keys. They are not stored online or anywhere else. We do not store your data or personal information in your computer either. You are the only holder of the login data (your ZSENTRY Usercode and your ZSENTRY Password) that grants access to your ZMAIL account and allows your emails to be encrypted or decrypted. ZSENTRY technology helps here in two ways. ZSENTRY not only strengthens your password, by requiring its use together with the unpredictable ZSENTRY Usercode, but also allows your login data keys literally to not exist until you log in again. Unless you login, no one can decrypt your encrypted data except if they are able to try all key combinations. The number of all possible key combinations can easily be so large as to prevent any such attack. There is no target to be attacked, which means no risk.
What if I forget my ZSENTRY Usercode / Return Code / Password?
Read the ZSENTRY Credential Reset & Recovery Help.
Secure Delivery & Storage
ZMAIL secures all your messages, without ever pre-enrolling recipients even for the first message. ZMAIL also secures and positively verifies the delivery of your email to the correct recipient; with ZMAIL PREMIUM you can even know when and where your email was displayed for reading. ZMAIL securely manages the encryption and authentication keys for each email address you use, senders and recipients, so that you can always be assured of secure delivery when sending or replying to email. You can also use ZMAIL for secure data storage.
Encrypts Attachments
Send any file. The file is compressed, encrypted, authenticated and sent together with the email message. The recipient receives the file as an attachment, in the same format encoding that you sent it. The recipient may download the file or read it directly.
Surely all this requires Java!? ActiveX? Download??
No, ZMAIL works using technologies built right into the browser and current email agents. You don't need Java, ActiveX controls, cookies, JavaScript, or any custom plugins at all (JavaScript and cookies are recommended for improved usability; ActiveX controls may be used for added functionality if already present in your system). There's no download, no installation process, no additional security risk. ZMAIL works with any platform and Operating System. ZMAIL is a zero-footprint webtop application.
This is all made possible by ZSENTRY's technology that encrypts, decrypts, signs, timestamps, sends and tracks your email, authenticates you and your recipients, provides key management for you and your recipients, prevents spoofing and phishing, and issues use reports -- all without login data storage or key storage. Standards-based and proven algorithms are used for encryption, decryption and authentication.
What is NOT done by ZMAIL?
ZMAIL does not store usernames, passwords, login data, or user keys. There is no key escrow -- your keys are not known by us.
ZMAIL: verified online identity.
ZMAIL solves the problem of authenticating the email addresses of senders and recipients, a basic need for secure communications. In order to further induce trust, ZMAIL identifies messages sent by PREMIUM users with the PREMIUM Seal (see above).
Hiding behind a fake email identity is easy to do when sending conventional email. It is the source of all spoofing and phishing email and most of spam. ZMAIL 100% prevents fake email identities.
ZMAIL: online security.
ZMAIL secures all your messages, even the first message to a new recipient, without ever pre-enrolling recipients. ZMAIL also manages the encryption and authentication keys for each email address you use, with automatic key expiration and roll-over, and protects your login data and keys by not storing them online or anywhere else.
Why can't I just use SSL to protect my email?
Email is a message not between one client and one server but between your client and another client, with possibly several independent servers, routers, caches, buffers, content analysers, traffic analysers, monitors and storage devices in-between, including humans. SSL cannot protect your email message from client to client. Your email message needs to be protected end-to-end, so that no one can eavesdrop, tamper, fake, spoof, or even automatically scan and index information from it.
How about using PKI and biometrics to protect my email?
We hear more and more about data compromise at secure servers, even when the servers are off the Internet. These problems do not disappear with two-factor authentication, SSL, PKI, biometrics or other conventional technology options for user access control. Hackers, crackers, virus, software faults, internal attacks and faulty business practices will always be a fact of life and, as a result, security threats, leaks and loss of privacy will constantly plague user access control solutions based on password lists, access control databases, shared secrets and any stored data, even if encrypted.
Biometrics also introduce the need for a back-door, in case the biometric fails, which depends on stored data that can be accessed by that back-door. With ZMAIL, your most critical data (login data and keys) are not stored online or anywhere else; all other data is encrypted with your keys... that are not at risk anywhere. Any security breach at ZMAIL servers would only reveal gibberish data, without any meaning, with no available key allowing the data to be decrypted.
ZMAIL Spoofing, Phishing, Pharming and Spam FAQ
The contents of this entire site and domains zsentry.com are © Copyright, NMA Inc., 2006. All rights reserved, worldwide. Titles and product names are trademarks of NMA, Inc., including NMA, ZSENTRY, Return Code and ZMAIL. Patent pending.