echo ''

Virtru Security Insights

Join 10,000+ Security Professionals Who Receive Our Content Every Month

Recall an Email: How Encryption Makes it Easy

September 1, 2016

Most email recall tools are pretty limited. For example, there’s a built-in feature to recall an email in Outlook, but it only works if both parties are using Microsoft Exchange and the recipient hasn’t opened the first message. Even then, the user can disable the feature, preventing anyone from recalling emails sent to them. Google also provides a tool to recall Gmail sent email, but it doesn’t technically recall emails. The feature actually delays sending by a selected cancellation period. The sender can stop the message, but only if they click “Undo” before the email is actually sent.

Virtru is different: it allows you to recall emails even after they’ve been read — no matter what email provider the recipient uses. It’s just one of the ways Virtru Pro gives you control of your email, using encryption key management.

How Does Virtru Recall an Email?

When you send encrypted email with Virtru, your encryption-enabled email client generates a key, and uses it to encrypt the message and any attachments. The encrypted message is then sent to the recipient, just like any other email. The key is sent to Virtru’s secure key server through an encrypted connection. No third-party, (including Virtru) ever has access to your content.

When the recipient clicks to open the email, their client contacts Virtru’s server, which verifies their identity, then shares the key through their Virtru app or (if they don’t have Virtru installed) the Secure Reader.

Virtru’s encryption key management server is what lets our users recall an email. Clicking the “Revoke Message” button tells Virtru’s server to hold onto the key. When the recipient tries to view the message, their computer will be unable to retrieve the key, and they’ll see a message informing them that the message has been revoked. The recipient still has the encrypted message in their inbox, but without the key, they can’t read the text or attachments.

This feature works to recall an email in Outlook, Gmail and other popular services — even if the recipient has previously read the message. Virtru Pro users can also to set time limits, revoking access after a set period of time — anything from one minute to multiple years. See how easy it is in this brief demo:

Virtru Can Do Much More Than Encrypt and Recall Emails

Virtru’s encryption key management also enables our read receipt feature. Because the recipient has to request the key to open the message, Virtru (and the sender) know who has opened the message. If you rescind a message before it’s opened, the read receipt serves as proof that the message hasn’t been read, exempting you from HIPAA breach notification and similar notification rules. Virtru can also disable forwarding, preventing sensitive messages from being shared by restricting the key to the original recipients.

Virtru users can also protect a PDF with a watermark, securing sensitive documents. The attached PDF is watermarked with the recipient’s email address (dis-incentivizing leaks) and encrypted. The recipient can only open it using Virtru’s secure reader, and cannot download it. This feature can be combined with disabling forwarding and other features to add additional protection.

Check out our Virtru Encryption as a Service technology page to learn more about how Virtru keeps email secure and confidential.