The SendSafely Serverless Email Gateway for FinTech

Additional Info

Company size (employees)10 to 49
Headquarters RegionNorth America
Type of solutionCloud/SaaS


FinTech companies utilizing third party service platforms like Zendesk and Salesforce face a very specific risk: inadvertently receiving (and storing) insecure email attachments containing sensitive customer data in an external vendor system. Unfortunately, the scenario is all too familiar. Automated processes (such as identity verification) break down and out of frustration customers resort to emailing attachments containing highly confidential personal or financial data to the service desk. By default, these attachments are unencrypted, unclassified and end up being stored indefinitely, viewable by both company agents and the third party platform provider. From a security and regulatory compliance perspective, this presents a high-risk scenario.

The SendSafely Serverless Email Gateway (SEG) protects FinTech companies from their customer’s lack of security awareness by seamlessly intercepting and encrypting inbound email attachments destined for the service desk. Security is enforced without the need to aggravate account holders by rejecting insecure submissions or relying on manual agent intervention or redaction which is inconsistent and error-prone. No changes are required to existing service desk processes or workflows, allowing agents to focus on serving customers without worrying about secure file exchange.

With the SEG, attachments are encrypted end-to-end, meaning only designated company agents can view the files, not SendSafely, nor the third party platform provider. In addition to automatic end-to-end encryption, further benefits include access control policies limiting who can view attachments, file expiration settings for automated file destruction and logging of all agent views and downloads for audit support.

The SendSafely SEG significantly reduces the security risk of non-compliant data storage and potential exposure from a third party platform data breach.

A video overview can be found here:

How we are different

(1) In high volume FinTech service desks, both agent and customer workflows have been relentlessly fine tuned for maximum efficiency and customer delight. Customer experience is a top priority and competitive advantage. The SEG shields FinTech service desks from inadvertently collecting and storing unencrypted customer PII submitted via insecure email attachments without disrupting these optimized workflows. Sophisticated data protection occurs automatically and seamlessly behind the scenes, bringing third party platforms and procedures into compliance with minimal fuss.
(2) SendSafely’s core differentiator is our true end-to-end encryption, operating in a zero-knowledge, secure by default state. Our split-key methodology ensures only your company agents have the keys necessary to decrypt shared files. Neither SendSafely nor the service desk platform staff have access to the uploaded files.
(3) By integrating into third party platforms, the SendSafely SEG is a cost effective way to protect reputation, safeguard customer data and meet regulatory and compliance requirements without expensive upgrade or replacement to systems. Our platform is cloud based and is hosted in Amazon Web Services (AWS), meaning no hosting of on-premise infrastructure. The serverless architecture means that the SEG relies entirely on managed services eliminating the need to maintain any infrastructure or virtual machines. This allows the SEG to be deployed quickly and scale infinitely with very little administrative overhead.