Wouter van Schaik, Business Owner of the API Store
SecuMailer – an innovative service offering secure GDPR compliant e‑mail – won the Security and Identity Challenge. At this first KPN API Store challenge, which was held on the 18th of April in Amsterdam, 7 startups pitched their API products to our jury.

Test the Secure E-mail API

Seven potential partners presented their innovative solutions to current challenges in digitalization. After an intense jury deliberation, SecuMailer was chosen as the winner. “SecuMailer had a great pitch and a clear proposition”, says Anuschka Diderich, Platform lead at KPN Open Innovation Hub. “It solves urgent e-mail encryption problems and it is offered via an API for direct integration. Their product is a good fit with the KPN API Store. We are eager to make their Secure E-mail API available via our API Store as soon as possible.”

GDPR dictates encryption of e-mails

E-mail is one of the most effective instruments for marketing and 1-on-1 customer communication. When the e-mail systems of both sender and recipient support encryption, e-mails are secure and cannot be intercepted by third parties. “The problem, however, is that 2 to 3% of recipient’s e-mail systems does not support encryption”, says Piet Hendrikx, co-owner of Secumail.

As long as this is the case, GDPR law doesn’t allow companies to send personal data (such as financial and other sensitive data) by e-mail. This means that companies have to use a roundabout way to deliver sensitive information to customers – for instance with redirects to user portals or sharing external links – making user experience less than ideal. If companies would know which of their customers use e-mail that supports encryption, they would be able to send them personal e-mails, making life a lot easier for both sides.

SecuMailer makes e-mail compliant with GDPR

SecuMailer's Secure E-mail allows companies to send their customers GDPR compliant e-mails with personal data. Secure E-mail has end-to-end encryption from sender to recipient and works via a representational state transfer (REST) API.

Users don’t notice the API in their workflow; it works silently between e-mail systems. The small percentage of recipients that use e-mail that does not support encryption, are either automatically blocked by the sender to avoid a potential breach of the GDPR, or are required to undergo a two-factor authentication check to reach the information.

Looking forward

Security and identity are becoming increasingly important topics for companies worldwide. This is why we want to continue broadening the portfolio of the KPN API Store for these categories. We will keep looking for new, promising, innovative, efficient, flexible, customer-friendly and sustainable security and identity APIs to add to the KPN API Store.

The Security and Identity Challenge was a great success for us and there will surely be more API challenges to come soon. Keep an eye on our events page, or sign up for our newsletter.

Photo impression