Secure Messaging

Learning Center

Back to top

Search Results

Data Encryption

DeliverySlip secure messages are encrypted at-rest stored in the database server and in the file system (file attachments). While in transit messages are exchanged over an encrypted channel using TLS 1.2 encryption provided by HTTP over SSL. All the encrypt/decrypt operations are implemented in the application server layer (i.e., the system does not depend on security features provided by database engines or operating system.). Enterprise customers can use their own SSL certificate and configure encryption to meet their needs.

The encryption at-rest is implemented with the patented Interchangeable Crypto Engine, which is an extensible wrapping encryption library that supports multiple encryption algorithms. This allows for a very flexible and extensible way of protecting the customer data at-rest on the platform server. The server only needs to invoke methods declared in the API to Encrypt/Decrypt content ‘at-rest’ as needed.

The default encryption module, used in this pluggable architecture is based on symmetric-key encryption technology using Microsoft’s .NET Framework AES algorithm (AesCryptoServiceProvider class).

Data at-rest in this configuration is encrypted using 256 bit keys generated for each customer. This single-key is used by the system to encrypt and decrypt content to and from the storage location (database / file system). The keys can be generated from a private seed file for each service. The seed files and keys are stored on the application server.

DeliverySlip secure servers are hosted in regional data jurisdictions to comply with customer’s compliance and audit requirements. This includes North America (Canada & US), Europe (UK) and Australia. For more information on data jurisdiction options please use the Contact Us option in the bottom of the menu on the left-hand side.

Last Updated October 1 2017.