Secure Messages

With SEFOS, you and your organization can send sensitive information and personal data digitally in a simple and secure way while complying with the GDPR. Send secure messages from applications like Microsoft Outlook and Teams or from SEFOS webservice

SEFOS streamlines processes and replace faxes and letters with bidirectional digital communication where the recipient has the opportunity to respond to the message regardless of whether they are registered to the service or not.

All messages are protected with strong encryption

All messages sent via SEFOS are encrypted by SEFOS, outside Microsoft's control, with unique keys according to the AES256 standard. This makes it possible to use SEFOS together with Microsoft products without Schrems II or similar laws and rulings enabling outside organizations accessing the information.

Users are identified with strong authentication

With SEFOS, users can be identified with different types of identification methods. Everything from BankID, Freja eID and SITHS card, to SMS, email, and password.

Send secure messages to different types of recipients

With SEFOS, users can send messages to two types of recipients. Either as a registered SEFOS users or a recipient without connection to the service. All types of recipients can reply to a message to create bidirectional communication.

Registered SEFOS user

A recipient who is registered to SEFOS can be addressed without the need for the sender to know which ID method the recipient is using. You also do not need to set any attributes, such as social security number or similar.

Instead, what you decide is which Level Of Assurance (LOA) the recipient must fulfill in order to receive the information. This is also connected to the e-mail address of the user. For example, if you select LOA 3, this means that the recipient needs to use one of the ID methods that meet this level of assurance, to open the message. If a user who only uses a password to log in to SEFOS, receives a LOA3 message, the user will be requested to change its login method to open the message.

Recipient, not registered to SEFOS

If you choose to send a message to a recipient who is not registered to a SEFOS node, instead you will be asked to select the identification method for the recipient.

Depending on the level of assurance (LOA) you ask for the recipient to provide, you will be able to select different ID-methods. For the highest level, LOA3, a e-identification or equivalent or an organizational ID such as a SITHS card or similar will be required. But you can also choose a lower level of assurance and address recipients via two-factor authentication through e-mail and SMS-verification.

Use SEFOS with applications such as Microsoft Outlook and Teams

Thanks to sensitive information and data being separated from Microsoft and handled outside the applications, we can benefit from Outlook and Teams while ensuring that regulations such as GDPR are met. The sensitive information is transported encrypted between the SEFOS nodes that different users are connected to and handled completely outside Microsoft's control.

If your organization does not use Microsoft applications, it is possible to use SEFOS as a separate web service alt. integrate the technology into another application.

SEFOS is offered either as a service or as an own installation

To be able to use SEFOS, your organization first need to be connected to a what is called SEFOS-node.All nodes can communicate with each other and together they create a SEFOS network. As an organization, you can either be connected to a shared node, or have your own dedicated node.. You can also choose whether the node is to be installeras i er egen IT-miljö eller konsumeras as a service.

SEFOS is offered as a service and can via our Swedish service provider ensure that all data handled via our SEFOS nodes stays within Sweden. We can thus also fulfill several certifications such as ISO 9001, 14001, 22301 & 27001.

Profile messages sent to recipients without connection to SEFOS

With a dedicated SEFOS-node you get the opportunity to also customize messages that are being sent to recipients who are not registered to SEFOS.

You can add your own logo, use your own domain address and link any agreements you have with various eID providers to these messages. A dedicated node is for you if you wish to further customize these messages and create greater trust when addressing a recipient who is not connected to SEFOS.