Email marketing with security in mind

Email is one of the main communication channels in today’s business world. It is often used to pass very sensitive information with no real security concerns. We’re relying on modern encryption protocols to ensure that our messages cannot be tampered with while travelling through the internet, but we forget the points where those protocols can be bypassed.

While designing our email marketing tool, we realised our tool could be used as an attack vector for malicious hackers. By using the wrong approach, we could inadvertently expose the metadata of your correspondence, or worse, the contents of your emails.

A convenient way to automatically equip your messages with marketing banners and analytics is to proxy all your outgoing messages through our mail servers, inspect the contents and insert marketing elements, then forward them to your email provider’s servers. The input on the user end would have to be minimal and analytics could work on a per-message basis.

However, that convenience comes at a big cost; a huge attack surface potentially allowing the attacker to access emails forwarded through our service, not to mention the great amount of trust required of you to give us all your emails.

Instead we chose a different path. We generate signatures from our professional templates and equip them with tracking elements. The control of inserting the signatures into your emails remains yours, meaning that at no point in the process does our code reach your messages. Our analytics lose some information at the cost of privacy, but with clever data aggregation, we are still able to provide our customers with meaningful insight into the performance of their marketing campaigns and behaviour of their mail recipients.

With AdSigner we have transferred conventional emails from the most common business communication tool to a unique marketing channel that allows unlimited possibilities for day-to-day advertising. But we did not do this at any cost, especially not at the cost of data security.