Secure e-mail communication

An unencrypted e-mail is like a postcard: unauthorised persons can also read it while it is being transmitted and the sender or the content of the message can be modified. This guide will show you how you can protect yourself when sending e-mails to Helaba as a client or business partner.

Encrypting and signing e-mails - why is it important?


Quite simply because it ensures that only the sender and recipient of an e-mail can read the message. A digital signature guarantees the authenticity of the sender and the content for you as the recipient.

Helaba provides you with several options for secure e-mail communication:

Options for secure e-mail communication with Helaba

1. Encryption using PGP or S/MIME

If your company supports PGP or S/MIME encryption, we need either a PGP key or an S/MIME certificate from you or your domain.

You can transmit this information to us in the following way:

  • Start the registration process (see section 2 "Encrypted communication using the Secure E-Mail Webinterface") by asking a Helaba employee to send you a confidential e-mail. You will then receive an e-mail from Krypto-gateway-administrator@helaba.de. If you use S/MIME, please reply to this e-mail with a signed e-mail. If you use PGP, please send the key as a file attachment.

    Your key or certificate will then be automatically stored in our Secure E-Mail system, and future e-mail communication with any Helaba sender will be encrypted if the sender marks it as "confidential". The original e-mail from the sender that was used to initiate the registration process will now be sent to you directly.

  • If you already have a personal certificate or your personal key, please proceed as follows:

    Send us the certificate or the PGP key in an e-mail. If you use S/MIME, simply send a signed e-mail and if you use PGP, please send the key as a file attachment. Your key will then be automatically stored in our Secure E-Mail system and associated with your e-mail address. Subsequently, all e-mails from Helaba marked as confidential will be sent to you in an encrypted format.

  • You can also upload your S/MIME certificate or your PGP key into our system through the Secure E-Mail Webinterface if you are registered on https://secure-mail.helaba.de. The registration process is described in section 2.

If your company has a domain certificate and we do not already have it, please send it in an unencrypted zip file to scrmlhlbd.

If you would like to send encrypted e-mails to Helaba yourself, you either need the certificate or the key of the recipient at Helaba or, alternatively, our domain certificate.

The certificates or keys of specific Helaba e-mail addresses can be obtained on the Secure E-Mail Webinterface at https://secure-mail.helaba.de.

2. Encrypted communication using the Secure E-Mail Webinterface


If your company does not support either of the two encryption methods mentioned above, you can communicate securely with Helaba using our Secure E-Mail Webinterface. In order to do this, you only need to be registered.

The registration process is initiated when your contact person at Helaba sends you a confidential e-mail. You will then receive an e-mail from "Krypto-gateway-administrator@helaba.de" containing further information about the registration process.

You can now log in on the Secure E-Mail Webinterface at https://secure-mail.helaba.de. Your contact person at Helaba will have received the initial password and can give it you over the phone.

On the Secure E-Mail Webinterface, you will be able to read or reply to e-mails or download them to your computer. You can also change your Secure E-Mail password or upload your certificate or key here.


Secure Mail Webinterface 

Ensure your e-mail communication with us is safe - in order to register please get in touch with your contact person at Helaba.

log-in

FAQs on secure e-mail communication with Helaba

  • 10.03.2021

    Despite requesting one, I have not received a new initial password. What should I do?

    Show more
  • 10.03.2021

    How can I obtain the latest key of my communication partner at Helaba?

    Show more
  • 10.03.2021

    I cannot register on the Secure E-Mail Webinterface. Who can I turn to for help?

    Show more
  • 10.03.2021

    I have forgotten my password. What should I do?

    Show more
  • 10.03.2021

    What can I do if my certificate is not accepted on the Secure E-Mail Webmail Interface?

    Show more

We, the Landesbank Hessen-Thüringen Girozentrale (Helaba), use cookies that are absolutely necessary to provide you with our website. No additional cookies will be set for the duration of your visit to this website if you close the banner by clicking on "Decline". If you give your consent, we will use additional cookies to process information about your use of our website for the purposes of statistics (such as measuring reach) and marketing (such as displaying personalized content).

Your consent is voluntary and not necessary for the use of the website. By clicking on "Settings", you can individually determine in detail which cookies we may use based on your consent.

Data protection | Imprint

You can also consent to all additional cookies at the same time by clicking on "Accept".

You can revoke your consent at any time via the "shield icon" in the toolbar on each page or change your cookie settings there.

Cookies

When you visit our website, Helaba makes use of required and optional cookies. Cookies are small text files that are stored on your computer and saved by your browser. Their purpose is to make our range of services more user-friendly, for example so that you do not have to re-confirm an automatically generated disclaimer more than once. Cookies that we use are so-called “session cookies” because they are automatically reset at the end of your visit to our website.

Further information on the use of cookies on helaba.com can be found at Data protection.

cookie [publisher]purposestorage period / Follow-up processingthird country transfer
disclaimer_disclosureRequirements [helaba]necessary: Verification when accessing certain (sub) areas of the websitesessionno
disclaimer_residenceGermany [helaba]necessary: Verification when accessing certain (sub) areas of the websitesessionno
hideCookieNotice [helaba]necessary: Saves that the cookie or data protection notice will not be requested every time you visit.30 daysno
WSESSIONID [helaba]necessary: Standard cookie to use with PHP session data.sessionno

The sole purpose of using analytical services on our website is to optimise the online information we provide. Data collected in this way, such as IP address, date or time of the request, contents of the page accessed or the browser used do not enable any users to be directly identified. Analysis by Helaba of a user’s data is not intended to identify any individuals or conduct any profiling, in order to, for instance, send online advertising to visitors of our website.

You  find more information on statistics cookies here: Data protection

cookie [publisher]purposestorage period / Follow-up processingthird country transfer
_et_coid [etracker]statistic: cookie detection2 years / Evaluation to improve the user experience of our websiteno
allowLoadExternRessources [helaba]statistic: Saves the user decision that external components may be loaded automatically.30 days / Evaluation to improve the user experience of our websiteno
allowTracking [helaba]statistic: Saves the user decision that visitor behavior may be tracked.30 days / Evaluation to improve the user experience of our websiteno
BT_ctst [etracker]statistic: Is used to detect whether cookies are activated in the visitor's browser or not.session / Evaluation to improve the user experience of our websiteno
BT_pdc [etracker]statistic: Contains Base64-coded visitor history data (is customer, newsletter recipient, visitor ID, displayed smart messages) for personalization.2 years / Evaluation to improve the user experience of our websiteno
BT_sdc [etracker]statistic: Contains Base64-encoded data of the current visitor session (referrer, number of pages, number of seconds since the beginning of the session), which is used for personalization purposes.session / Evaluation to improve the user experience of our websiteno
isSdEnabled [etracker]statistic: Detection of whether the visitor's scroll depth is measured.1 hour / Evaluation to improve the user experience of our websiteno

On our website, we use a so-called re-targeting technology provided by The UK Trade Desk Ltd., 10th Floor, 1 Bartholomew Close, London EC1A 7BL, United Kingdom. With this technology, cookies (so-called third-party cookies) are stored on your hard drive when you visit our website. These cookies are either permanent or temporary cookies that are automatically deleted after a certain period of time has elapsed.

You find more information on marketing cookies here: Data protection

cookie [publisher]purposestorage period / Follow-up processingthird country transfer
EDAAT [.adsrvr.org]Marketing: Stores a temporary security token for EDAA sign-out pages such as http://www. youronlinechoices. com/1 hour / evaluation for the playout of banners for marketing purposesyes / United Kingdom
TDCPM [.adsrvr.org]Marketing: Matching IDs to avoid redundant calls.365 days / evaluation for the playout of banners for marketing purposesyes/ United Kingdom
TDID [.adsrvr.org]Marketing: recognition of web profiles over time on different websites.365 days / evaluation for the playout of banners for marketing purposesyes / United Kingdom
TTDOptOut [.adsrvr.org]Marketing: Stores the decision to opt out of re-targeting.5 years / evaluation for the playout of banners for marketing purposesyes / United Kingdom
TTDOptOutOfDataSale [.adsrvr.org]Marketing: Stores the decision against selling data to third parties.5 years / evaluation for the playout of banners for marketing purposesyes / United Kingdom
No choice made so far
Partial selection made
Agreed to all cookies