Contents

Secure Email Messages

The Secure E-mail Messages feature supports encryption and signatures for incoming queued email messages. If the workgroup to which you belong is properly configured in Interaction Administrator, your workgroup’s mailbox can process a secure email message and route it to you for reply. Or an Interaction Attendant mailbox can be configured to receive and route secure email messages.

E-mail messages can be made secure by these methods:

Encryption: This provides confidentiality by preventing anyone from reading the email message while it is in transit.
Cryptographic Signature: This prevents anyone from modifying the contents of the email message while it is in transit. An email signature can also provide authentication of the sender of a message and verify they are who they say they are.

Note: These methods can be used independently. You could receive a signed, but not encrypted email message. Or you could receive an encrypted but not signed email message. Or you could have a signed email message that provides for the integrity of the message by preventing anyone from altering it in transit, but does not authenticate the sender.

The Secure E-mail Message feature does not:

Enable you to send an encrypted or signed response to a secure email message.
Enable you to listen to an encrypted email message in Interaction Mobile Office. However, you can listen to a signed email message.
Work with monitored mailboxes set up in Interaction Administrator.
Provide any email tools that can be used to customize the handling of secure email messages.

Overview of Secure E-mail Messages

An email message is primarily routed over the Internet using the Simple Mail Transfer Protocol (SMTP) and is formatted using the Multipurpose Internet Mail Extensions (MIME). An extension of MIME, known as Secure/Multi-part Internet Mail Extensions (S/MIME), enables MIME data to be sent and received securely.

S/MIME primarily provides two methods related to the security of email messages: digital signatures and encryption. Digital signatures and encryption are achieved through the use of the public key infrastructure (PKI) and digital certificates.

Note: Your CIC administrator uses Interaction Administrator to configure the secure email feature. The CIC administrator also sets up and stores the appropriate email certificates and private keys used to decrypt encrypted messages, verify digital signatures, and establish secure email provider connections.

Support for S/MIME by Customer Interaction Center enables an encrypted and/or signed email message to be sent to the email address associated with a workgroup’s email queue or an Attendant mailbox. The message is retrieved from the email server by the CIC server, and is decrypted by the CIC server only if the workgroup is allowed to receive encrypted messages and has the certificate with the private key required for decrypting the message. After the email message is decrypted, it is routed to your My Interactions queue, or any other queue you are monitoring, where you can open and read the message, just like any other email message. For more information, see Working with E-mail.

In a typical scenario, one of your customers obtains a digital certificate for your workgroup’s email address. The customer uses that digital certificate to send an email containing confidential information such as an account number to the workgroup’s email address. The customer may or may not use a digital certificate to sign the email message. The email message is decrypted by CIC and, if present, any digital signature is validated. The email message is routed to an available agent in your workgroup. Interaction icons indicate whether the message was successfully decrypted and if it was signed. Other information about the digital signature may appear in the email message.

Secure E-mail Interaction Icons

The icons for secure email interactions identify whether the interaction was generated by a message that was encrypted or signed and whether it was successfully decrypted.

Icon	Description
	Content of the email message was successfully decrypted.
	Content of the email message was encrypted but decryption failed. This could be due to one of these reasons: Decryption was contrary to a Customer Interaction Center policy. For example, the workgroup to which this email message was sent is not configured to receive encrypted email message. The private key is not installed. The encryption algorithm used in this email message is not supported by Customer Interaction Center.
	Digital signature was verified.
	A digital signature is present, but Customer Interaction Center experienced one of the following problems: The signer’s certificate is not trusted. The email message was modified in transit. The "From" address in the email header does not match the digital signature.

These icons appear in the Email Editor. If your Interaction Desktop does not contain this view, these icons appear as buttons on the E-mail Window for Incoming Messages. After you open a secure email message in the CIC client, you can: