How No.1 BC: Mail works

Pre-encryption

Closed group communication

No.1 BC: Mail communication is possible only between people, who have active No.1 BC card and installed No.1 BC: Mail application. To communicate securely, users should exchange their public keys.

Why exchange public keys
Why exchange public keys

By sending your public key you authorize other users to send you encrypted emails. People, who do not have your public key will not be able to send you emails via No.1 BC: Mail.

Find Key Requests option under menu icon.

To send a new request select Request Key button

Enter recipient’s address and send your key request

Sending public key
Sending public key

Initial launch of the application generated a pair of asymmetric RSA-2048 keys on-card. Public key is sent to other users to encrypt emails. Public keys may be sent to as many users as you need, also, public key may be accepted from as many users as you need. Private key (used only for decryption) always stays locked on-card and is never copied outside of the card. Each No.1 BC: Mail user has own unique private key which is always kept secret and protected with PIN.

Sending public key
Receiving requests

Latest received requests will appear on top of the list under Incoming tab. Red asterisks * will also alert about new key requests.

Receiving requests
Accept request

When you open incoming request, it will show 3 options. Reject option will delete request. Select Accept to communicate securely with this person.

Accept request
Storing public keys

If receiver opts to Accept key request the System saves received public key to database and sends out own public key in return. As a result both users have public keys of each other.

Storing public keys
Storing public keys
Last step

As a final step of key exchange process request initiator also receives the public key as a confirmation that another user agreed to communicate securely.

Last step
To be short...

In No.1 BC: Mail public key exchange looks something like this:

public key exchange
public key exchange

Encrypt mail

Ultimate security

No.1 BC: Mail uses hybrid encryption method to encrypt mails. Every time for email encryption the System generates random symmetric-256 key and encrypts mail message. Asymmetric public key (RSA-2048) which was obtained previously on key request stage will encrypt a random message key. See details below.

Send encrypted mail
Send encrypted mail

Write the message, which you would like to encrypt and send. You will be requested to enter your PIN. By entering PIN you confirm your ownership of No.1 BC card and initiate a chain of encryption processes.

Enter PIN

When PIN is confirmed the System generates one-time random symmetric key, which will encrypt only the mail you just wrote.

Enter PIN
Random one-time key

Each new email will have a new random symmetric key. It eliminates any attempt to read emails if someone tried to compromise encryption.

Random one-time key
Encrypting mail

The System uses random encryption key, processes data and returns encrypted mail.

Encrypting mail
Public keys

System searches public key repository for the key, which is associated with the person, who is going to receive the mail.

Public keys
Encrypting random symmetric key
Encrypting random symmetric key
Encrypting random symmetric key

One-time message encryption key is locked (encrypted) with the mail receiver’s public RSA key. Only matching private key can unlock the package.

Sent package

Both mail and mail encryption key are sent as encrypted piece of data.

Sent package

Decrypt mail

Only intended receiver

Architecture of No.1 BC: Mail is designed the way so only intended user may read the mail which was addressed to that user. No one else can gain access to decryption process or read the message.

Newly arrived email

Latest emails are always displayed on top. Select the mail you would like to read in your inbox.

Newly arrived email

It shows some abracadabra “as is” until you decrypt the message

Newly arrived email

Select Decrypt from available mail options

Newly arrived email

System will request to enter PIN from No.1 BC card

Newly arrived email
Arrived package of encrypted data

To confirm that you are truly intended receiver of the mail, you need to access decryption functions of the private key which is locked on-card.

Arrived package of encrypted data
Enter PIN

Private RSA key is generated on-card and is never copied outside of the card or elsewhere. When you enter your PIN the card uses private key, launches decryption functions and unlocks required one-time message key

Private RSA key
Private RSA key
Private RSA key
Released message key

Unlocked (decrypted) symmetric key is used to decrypt the actual message, which is then translated on-screen as plain text.

Released message key
Released message key
Core No.1 BC: Mail features

This chain of complex data transformation ensures that the message written on one end will be read only by intended receiver on the other end.

Core No.1 BC: Mail features
  1. Private key locked on-card is used only for decryption
  2. To launch private key decryption user needs to enter PIN. 3 wrong attempts to guess PIN number locks the card and erases all data.

Real digital privacy

No.1 BC: Mail makes mail interception useless and keeps private information private. Not only does it use strong encryption aglorithms, but also eliminates unauthorized access to encryption and decryption processes by requesting to enter PIN.

electronic mails

electronic mails

ultimate protection

ultimate protection

No.1 BC your emails

Talk to one of our sales partners. They will help to set everything up and will guide you through subscription process. They will also give you all instructions how to use it and when to renew subscription.