1
Bank of Hawaii Protecting Confidential Email Email is commonly used to transmit confidential information such as operational data, legal documents, or financial information. By default emails are sent unencrypted and travel through a number of intermediate systems before reaching their final destination making it relatively easy for others to intercept and read. Confidential emails need to be secured from the eyes of unauthorized users. This is accomplished through a process called email encryption which secures the email content from clear view and relies on an authentication process to retrieve the original email. Bank of Hawaii s email encryption service makes accessing encrypted email simple and easy to use. The following guide will walk you through step by step procedures on accessing encrypted emails that you receive from Bank of Hawaii. Please take a few minutes to familiarize yourself with our email encryption process to minimize any unexpected issues that you may encounter when accessing encrypted emails from Bank of Hawaii. What's in this User Guide Accessing Encrypted Emails Special Case: Distribution List Email Address Handling Stored Authentication Process Replying or Forwarding Encrypted Emails Sending Encrypted Emails Supported Email Clients Email Encryption Support 2
Accessing Encrypted Emails For the purposes of this example, Yahoo mail is being used to illustrate Bank of Hawaii s encrypted email message retrieval process. 1. Open the encrypted email notification coming from the sender of the email. Note: The word Confidential be will displayed at the end of the encrypted email subject line. 2. Open the email attachment called message_zdm.html. 3
3. When the message_zdm.html attachment is opened, click on the Read Message button to authenticate yourself. 4. Depending on your email service you may receive several security Warning messages. Accept the various prompts to continue processing. 4
5. For First Time Users Only: You will need to set a password. Fill out the information on the following form and click Continue. Note: Your password must be at least 8 characters in length including one NUMERIC and one CAPITAL LETTER. The recovery question is used to change your password if you forget it in the future. 6. The email will now be displayed. 5
7. Going forward, you will just be prompted to enter your password when opening Bank of Hawaii encrypted emails. Just enter your password and click Sign In. If you forget your password, click on the Forgot your password or need to change it? link shown below and complete step 8. 8. To change your password, enter the new password twice along with the answer to your recovery question that you entered during the initial selection of your password. 6
Special Case: Distribution list passwords must be shared amongst all distribution list members Example 1: 1. An encrypted email is sent to a distribution list email address traders@auction.com. 2. Mary@auction.com, John@auction.com, and Peter@auction.com are all members of the distribution list and receive a copy of the encrypted email. 3. The first person that attempts to open this encrypted email will be prompted to select a password for the distribution list traders@auction.com. 4. The selected password is a one time setup for traders@auction.com and must be shared with all members of the distribution list. 5. The shared password must be used when the encrypted email is opened by any member of the distribution list. Example 2: 1. Mary@auction.com and Peter@auction.com both receive an encrypted email from Bank of Hawaii that is addressed to their individual email addresses. 2. Both Mary and Peter will be prompted to select their own personal password for their email addresses. 3. Both Mary and Peter will be prompted to enter their individual encrypted email password when opening encrypted email addressed directly to them. * The email address displayed on the password entry prompt determines which password needs to be entered. 7
Stored Authentication Process The password authentication process uses a stored signature process that requires recipients of encrypted emails to only have to authenticate once every 4 hours. This feature allows recipients of multiple encrypted emails to open them up consecutively without having to repeat the authentication process for each encrypted message. Replying or Forwarding Encrypted Emails Like a typical phone conversation, email conversations go through a series of Reply messages before conversation about a given topic is complete. With encrypted emails, it is important that any reply messages to the original encrypted message are also encrypted to maintain the integrity of the confidential email. With Bank of Hawaii s email encryption service, all encrypted email that are replied to or forwarded automatically encrypted. Sending Encrypted Email to Bank of Hawaii If you wish to send an email to a Bank of Hawaii staff member containing confidential information and would like to encrypt it, please contact your Bank of Hawaii representative and request for a blank encrypted email. Once received, you can reply to the encrypted email and send any attachments that you would like to send along with it and be assured that it is secured. Supported Email Clients Retrieving Bank of Hawaii s encrypted emails has been certified to operate properly with email clients that support any of the following most common HTML viewers: Internet Explorer Version 6 or 7, Firefox 2.x, or Safari. Email Encryption Support If you are having trouble retrieving encrypted emails from Bank of Hawaii, please contact our Bank of Hawaii Channel E-Services Team at 1-888-643-3888 and press options 8, 6 to connect to an E-Services representative. For Guam customers, please contact us at 1-877-5532424 and press options 8, 6. 8