Features > Challenge

Recipient authentication for secure email

Make sure sensitive emails open only for the intended recipient. Add recipient identity challenges to reduce wrong recipient risk, without creating unnecessary friction.

Get started for free
Mailock authentication pane
Paragon Logo
Aegon Logo 2023
Royal London logo
Origo logo
Equiniti EQ Logo
abrdn-logo-horiz-white-svg

Inbox delivery to the right people

Mailock encrypts every sensitive message.

Recipient authentication adds an extra layer of control by requiring a recipient identity challenge before the encrypted content can be opened, helping reduce wrong recipient access.

Recipient access logs

Step-by-step

How it works

1. Compose

Send a secure email from Outlook or the Mailock web app, adding attachments if needed.

Mailock secure email screen showing email secure

2. Encrypt

Mailock encrypts the email and attachments. You can send with encryption-only, or add a recipient identity challenge for extra control.

Mailock email notification

3. Challenge and access

If a challenge is applied, the recipient must complete it before they can open the encrypted message. If they can't pass the check, access is blocked.

Mailock recipient challenge and read
Mailock secure email screen showing email secure
Mailock email notification
Mailock recipient challenge and read

Security & Compliance

Stronger access control for sensitive email

Recipient authentication controls who can open encrypted messages using recipient identity challenges. This extra access step helps reduce unauthorised disclosure risk and support expectations from regulators including the ICO and the FCA around protecting sensitive communications.

Man using his laptop to secure message with Mailock encryption
SMS verification

SMS verification

Mailock can send a one-time code to your recipient’s mobile number, which they enter to open the encrypted email.
Question and answer

Question and answer

When you don't have a mobile number, set a custom question only the recipient should know. They have five attempts.
Unipass ID challenge

Unipass ID challenge

Mailock can authenticate financial professionals using Unipass ID, reducing friction in inter-industry communication.
Email verification

Email verification

A one-time code can be sent to the recipient’s email address as a lightweight access check.
ID document challenge

ID document challenge (enterprise)

For higher-risk workflows, you can initiate an ID document and facial liveness check.
API and CRM integrations (enterprise)

API and CRM integrations (enterprise)

Integrate with enterprise systems to streamline recipient authentication at scale.
Capterra badge
Software advice badge
GetApp badge

Deployment & fit

Built to fit your processes

Sending a secure email with Mailock Pro

Pro

For professionals and teams

Add recipient identity challenges to day-to-day secure email, without changing how you communicate.

Find out more
IT manager reviewing secure email access controls

Enterprise

For high-volume contact

Apply recipient authentication consistently across teams and workflows, including integrated delivery through the Mailock Secure Email Gateway.

Find out more
Secure email delivery settings for high-volume sending

Automated

For scaled digital delivery

Deliver customer communications at scale with automated secure email delivery, with recipient challenges built into the access experience when required.

Find out more
250K+
Users
2.1K+
Companies
1.6M+
Recipients
Business team looking at laptop and smiling around boardroom table

Plans & pricing

View plans

Take a look at our plans to address your communications security challenges.

Find out more

Questions?

FAQs

What is recipient authentication in Mailock?

Recipient authentication is an access control for encrypted emails. It uses multi-factor authentication and recipient identity challenges so only the intended recipient can open the secure message.

Is recipient authentication always used with encryption?

Yes. Authentication is the step that controls access to the encrypted message. Some organisations use encryption-only delivery for lower-risk messages, and add recipient challenges when they need stronger controls.

Can we apply recipient challenges consistently across teams?

Yes. Many organisations use policy-based rules and security alerts to make sure the right checks are applied consistently, especially when multiple teams send sensitive communications.

Content Feed

Related media

8 min read
man sending secure email in office from laptop
Data Compliance
19 03 26

Building a Business Case for Secure Email: Risk, Cost-to-Serve, & Trust

Build a business case for secure email that links risk reduction, lower cost-to-serve, and stronger customer trust, with practical measures for regulated teams.

More...
7 min read
Man doing a face ID check
Data Compliance
09 03 26

Vouching Standards Show Where UK Digital ID Is Really Heading

New UK vouching guidance shows how digital identity is shifting towards controlled, reusable evidence. Here’s what that means for digital ID, step-up checks,...

More...
11 min read
Woman made a mistake in the office
Cybersecurity
26 02 26

Human Error and Outbound Email Security: Risks & Solutions

Human error email security: why mistakes happen, what they cost, and practical steps to reduce mistakenly sent data with training, process, and safeguards.

More...