"E-Postbrief" - as secure and binding as a letter

On initial registration, users must only once identify themselves through the Postident process - i.e., by presenting their ID card or passport. A precondition for using the portal is that the user's principal residence is in Germany, that he/she has an Internet-enabled PC and a mobile phone in the German network. In order to protect minors, only persons over 18 years of age are allowed to become "E-Postbrief" users, as the "E-Postbrief" can be used, for example, to sign contracts via the Internet. On login to the "E-Postbrief" portal users enter their user name and personal password.

Separate channels

A transaction number (HandyTAN) - similar to online banking - must also be entered when an "E-Postbrief" item is sent. The big difference to the normal TAN process is: The HandyTAN is only created in the exact moment when it is needed and then sent directly to the user's cell phone. The essential feature of the combination of identifiers user name and personal password plus HandyTAN is that they must be entered via separate channels; only this ensures that the process provides sufficient prima facie evidence in legal terms and therefore unequivocal proof of identity.

Every "E-Postbrief" item has an electronic signature of Deutsche Post which enables an integrity check of the data contained in it. Deutsche Post, as a trustworthy third party, confirms with this to the recipient that the message has indeed been sent by the sender specified and that the content has not been changed. 

Companies and public authorities are connected to the system of "E-Postbrief" via a secure gateway. The business customer gateway always requests that the company and the Deutsche Post system authenticate and authorize themselves vis-à-vis each other in order to ensure the identity of both parties as well as the receipt and sending of "E-Postbrief" items at any time.

Protection of confidential information

All "E-Postbrief" items are encrypted on their electronic communication paths between sender and recipient. The "E-Postbrief" items are also stored on the portal in an encrypted form. In addition, every user can add a personal encryption. A user-specific certificate must be requested on the portal, which is issued by the Signtrust Trust Center of Deutsche Post.

The private key is only accessible to the user. For the hybrid option of "E-Postbrief", the data to be printed is sent to the printer interface in an encrypted form. All systems of the "E-Postbrief" run in an ISO 27001 certified data center based on the 'IT Basic Security' as defined by the German Federal Office for Information Security (BSI). This ensures the highest possible level of technical as well as physical security.