Envilope: Encryption and Security for the World’s First Blockchain Postal Service
Envilope is a virtual envelope using blockchain technology in which users can lock emails, digital files, or secure messages containing text, images, audio, video – anything that can be sent online. It gives users privacy and control over electronic communications, including who views it, when and where. Only the intended recipient can open an Envilope, and only after accepting the sender’s terms and conditions.
If a user ever has a reason to suspect a breach or wishes to subsequently prevent previously granted access, he or she can instantly delete the content, regardless of how many times it has been shared or forwarded and fully restore deleted content at a later date. The sender is in total control of their information from end-to-end.
The Envilope system offers HIPAA-compliant forced TLS email delivery, object level 2 Factor Authentication (2FA), sharded and encrypted GDPR-compliant storage in known geographical locations, decentralized peer to-peer communications, a file distribution mechanism that encrypts files offline with asymmetric encryption, a private cloud solution where documents never need to leave the building, IP address lockdown, unusual activity monitoring, hardware authentication, and more.
In this case study, we will explore how Envilope is developing some of the most advanced encryption methods and security features available to strengthen the privacy, security and control of online communications.
Envilope servers are located with top-rated Internet service providers (ISPs) in various locations. With ever-increasing personal and organizational concerns around data privacy and security, the company expanded its server reach to include alternative locations to safeguard users’ data, not only from a technical standpoint but from a legal perspective.
Data centers, in countries such as Iceland, are implementing some of the most progressive data-privacy laws worldwide. Envilope is in the process of establishing a presence there that will allow these extra privacy and security benefits to be available to its users.
Rather than sending an Envilope in a conventional SaaS, app-to-app manner, the Envilope is generated as an offline file that users can then choose to distribute in whatever format they prefer – memory stick, social media, email, etc. and it can only be opened by the intended recipient(s) via an authenticated Envilope app when the .nve file is dragged onto it. The .nve file has no discernible payload other than an encrypted string that acts as an identifier of a specific Envilope when opened by the app. This string is also hashed to further protect against tampering while in transit. It is also possible to enforce offline opening so that any sensitive information can only be opened when the receiving device is offline. The .nve file is essentially the public key to the private key that is held/generated within the Envilope system, accessible only once the user is authenticated.
The Envilope file distribution mechanism encrypts files offline with asymmetric encryption, offers 2 Factor Authentication (2FA), and secures the file further by providing multi-signature capabilities. In addition to the multi-layered security, users have control over the geographical location of their files, the ability to view who their files are shared with, and the power to freeze or void access to their files with the click of a button, utilizing blockchain technology to enhance existing security features.
The system is able to generate Envilopes that require multiple signatures to open them. The system can create an Envilope for an audience of multiple people, and only when each recipient authenticates and opens their Envilope will the document be opened for everyone.
User-defined object level 2 Factor Authentication
Envilope is implementing functionality whereby users can assign 2FA to any ‘object’ within the Envilope system. For example, a user could upload a file and set a rule that it can only ever be opened if an authorized recipient receives a PIN code via SMS, that they then have to enter before they can open any Envilope containing that document. This 2FA can be applied to any object within the system: uploaded files, Envilopes, recipients, .nve files. The sender could set rules that specify Envilopes always require 2FA, that specific recipients always require 2FA, and so on. The 2FA can be set as a PIN code delivered via SMS, or email, or both.
User-defined IP address access
Envilope users will have the option to define one or more IP addresses from which they can log onto Envilope. Any activity or attempted use of the system from a different IP address will be blocked and the Envilope user alerted, with the option of allowing this activity and automatically adding the new IP address to their list, or blocking this activity immediately.
Unusual logon alerting
With this feature turned on, Envilope will record usage metrics regarding devices used, browser type and version, IP address, etc., and can be set to automatically alert users as to unusual logons and usage, allowing them to instantly confirm and allow, or reject such activity.
Envilope will continue to implement enhanced authentication functionality by using established third-party hardware authentication devices.
Using own email servers
Envilope can route any Envilope email delivery through an organization’s existing email servers. This allows Envilope to utilize and be integrated into the existing security setup of an organization.
Envilope is currently developing a Decentralized Peer to Peer (P2P) system, the Envilope P2P (eP2P). This will allow P2P communications including chat, document transfer, video, and voice directly between sender and recipient with no third party in between. All communications will be secure and encrypted end-to-end.
Touch ID & Emerging Biometrics
The system can create Envilopes that can only be opened by Touch ID and the company is planning to incorporate emerging biometric technologies into the platform.
When using Envilope via web, desktop, or app, access is via the Envilope API (Application Programming Interface), which runs on the Envilope servers, over HTTPS. HyperText Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between the browser and the website to which it is connected. The ‘S’ at the end of HTTPS stands for ‘Secure’. This means all communications between the browser and the Envilope website, Envilope app, or the Envilope desktop version are encrypted.
Once an HTTPS secure connection is made between, for example, the browser and the API, all transmitted data is encrypted. Usernames and passwords, files uploaded and downloaded, any data coming back (such as a list of inbox activity), sent items, etc. are all encrypted because only HTTPS connections are allowed to the API.
Transport Layer Security (TLS) helps solve for the issue of insecure plain text email transmissions by offering encryption technology for messages while it is “in transit” from one secure email server to another. TLS helps prevent eavesdropping on email as it is carried between email servers that have enabled TLS protections for email. TLS is required between all the servers that handle the message, including hops between internal and external servers.
Envilope gives users the option to only deliver Envilopes to email servers that have the highest level of email security enabled, known as Transport Layer Security. Since not all email servers are configured or able to accept TLS connections, this feature is called Forced TLS.
When a message is sent using the Forced TLS connection, if the TLS handshake cannot be established, or if the target server is not configured to accept only Forced TLS connections, Envilope will prevent delivery of the Envilope and notify the sender that intervention is required regarding the recipient’s email server.
Private Cloud Deployment
Envilope also accommodates organizations that choose not to upload documents to a hosted service. If an organization chooses to keep documents within its own Private Cloud, Envilope can still be utilized and deployed via the Public Cloud to ship, track, and control content.
To allow an organization to host its own documents, Envilope Mailbox is installed on the Private Cloud within the bounds of the Corporate Network. Envilope Mailbox processes documents for shipment and also serves the pages of the document as requested by the recipient.
The actual native document doesn’t have to leave the building, although there is an option to allow the recipient to download the native document if the sender so chooses.
Envilope offers a blockchain-based Distributed File Sharding & Compliance solution. The system forces encryption of all content in transit and at rest and provides a mechanism for sharding files and encrypting the resulting shards, which can then be stored in user designated geographical territories. All touchpoints are fully audited and are recorded on the Ethereum blockchain.
In the wake of numerous high-profile privacy and security breaches as well as increased regulatory oversight over privacy compliance, there is an intense global need to send confidential information online that provides the sender complete control. By incorporating the safety and security measures above, Envilope is able to provide that privacy and control with the first fully blockchain-based postal service.