The Web Encryption Extension

Have you ever missed an "Encrypt this message" button while using an online application?

You don't have to.

The Web Encryption Extension will provide the encrypt button for every web application that takes user input.

The basic idea behind this software is to help people use encryption who are not very tech-savvy. You may know that encryption is important, but you may also be shy of plunging into such complex matters. The Web Encryption Extension reduces this complexity, so that you can use encryption securely. Any online software that has no encryption button can be extended to provide an easy to use mechanism to encrypt your text input. You will not have to install any additional software on your own computer, because the encryption is done with the standard tool GPG on the server for you.

Obviously, web mail is one of the applications where the encrypt button has been missing in the past. Even security aware users were unable to protect their messages because there was no encrypt button. Fortunately, this has become a thing of the past.

The Web Encryption Extension (WEE) has been released under a GPL license to make sure that as many web applications as possible can use it to provide easy accesible encryption to their users.

WEE-Mail
Secure Webmail For Your Business

Based on the Web Encryption Extension I have developed a comprehensive online solution for businesses that need a way to reliably encrypt documents attached to an email that is both easy to use and secure. In an increasingly mobile world businesses are looking for a reliable way to ensure confidentiality when they exchange sensitive information with their clients and customers.

With WEE-Mail I can offer businesses a complete online service to organize confidential communication with their clients based on a flat monthly fee.

Encrypt Files In The Cloud

ownCloud has been around for a while, offering a file-sharing solution to users who want to control their data in the cloud. With the new version of the Web Encryption Extension ownCloud users can take a great step forward by locking files in the cloud using the standard encryption tool GPG with the push of a button.

Protecting your files with your own secret (not the ownCloud admininistrator's) now is an additional feature when the standard ownCloud installation has been extended with the Web Encryption Extension. For more details read this article and notify your ownCloud administrator of the download here.

You can also check out the Web Encryption Extension with this demo site.

Reinforce Your Database With WEE

When customers purchase goods or services, when they make a reservation or booking, when asking for professional advice, they often provide personal and sensitive information that ends up in a database, eventually. And customers have every right to expect that their information remains confidential, even if it's stored in a business database.

Unfortunately, more often than not information in a database is protected only with the database access password, which is often stored on the server, sometimes in clear text. But sensitive information in a database can now be protected much better when WEE is used to selectively encrypt special database fields. Because the information stored in encrypted database fields can only be recovered by persons who enter a password that will not be stored on the server. Some information in the database is practically unreadable unless someone needs to use it and manually decrypts the database field because he has the necessary secret key.

Again, by using WEE the complexity is reduced considerably, so that encrypting selected database fields is possible with the push of a button.

How can you encrypt your customer's financial records in a database?

Here's the solution: Use a database management program like PHPMyAdmin (with the WEE extension), select the field you need to encrypt by its name from a menu, select the public key and press the encrypt button, the protected information is ready to be stored in the database. Yes, it's that easy to protect database fields.

Have a look at this demo database. You can login as user "demo" with the password "secret". The demonstration key is protected with the passphrase "secret". You will need this information, when you try to decrypt a protected database field using the WEE extension.

When you select the table "customers" in the demo database, you will see that certain fields are already encrypted. Press the "edit" button and all necessary buttons for encryption, decryption, signature creation and verification will appear below the top menu. In the left hand corner there is a selection menu to pick the name of the database field you wish to modify. Please note, that in the current demo version the confidential information is visible in a text field only, it cannot be used to replace the encrypted text as it is meant for-your-eyes-only. This can be changed in the configuration, if required.

WEE For Open Source Web Mail

Do you want to see how WEE works in open source Webmail?

Here is a demonstration of the popular webmail application ROUNDCUBE that has the encrypt button. Log in and see for yourself how encryption works in a program that doesn't have encryption by default.

You can use the two demonstration keys in the demo with the passphrases "secret" or "verysecure" to decrypt messages.

Roundcube is not the only webmail client that can be upgraded with encryption.

Of course, there are many more applications where the encrypt button should be:

  • in contact forms
  • forums
  • business applications (CRM, CMS)
  • online shop applications
  • and anywhere a user enters confidential information into a web application.

The Contact Form

Many websites offer contact forms that send messages to a business. Why not encrypt the message before sending? In doing so, the contact form becomes the safe channel between the customer and the business. Confidentiality is a must for many businesses today, so why don't they offer it to their customers as a standard?

With the Web Encryption Extension this is no problem at all. Any contact form can be turned into a safe channel with the web encryption extension. See a demonstration here .

You can download the Web Encryption Extension here.

As you can see it's really easy to enhance any existing form on your website with the encryption feature. But if you are just about starting the contact form on your website I have bundled all you need in a free download to help you make your website look great and work securely.

A WordPress Plugin For Your Website

Are your using WordPress for your business website?

Our Encrypted Contact plugin is the most secure way to offer secure messages to your website users and it even enables the website owner to read (i.e. to decrypt) protected messages online by using the admin panel of WordPress. Our solution is totally device independent. Neither the website user nor the owner has to install anything on his computer, smartphone or tablet, except a browser, to use the plugin securely.

If the website user decides to archive the messages on his server, the plugin allows anyone who can use the WordPress admin panel to decrypt protected messages inside the WordPress admin panel online using any device with a browser. Certain spam protection measures can be activated inside the admin panel. too.

Please bear in mind that the page you'll place your contact form needs to be used via https to protect your user's messages on their way to the server. You can download the latest version directly from our download section.

If you need a hand, don't hesitate to contact us.