What Is an Outlook Digital Signature (Digital ID)? A 90-Second Overview

What Is an Outlook Digital Signature (Digital ID)? A 90-Second Overview

1 Star2 Stars3 Stars4 Stars5 Stars (13 votes, average: 5.00 out of 5)

Digital signatures add your verified digital identity to outgoing emails so recipients will know they’re legitimate. Here’s a quick rundown of what Outlook digital certificates are, what they do, and where to find them.

Outlook digital signatures are a great way to verify that the emails you receive in the Outlook mail browser are authentic and really came from the true sender. This is important considering that Oberlo reports that Outlook is the third most popular email client globally.

In this article, we’ll quickly cover what Outlook digital signatures are, what they help you achieve, and why they’re integral to creating trustworthy emails.

What Is an Outlook Digital Signature? A Look at Outlook Digital IDs

An Outlook digital signature is a digital identity verifier that displays in recipients’ inbound emails when they use the Outlook email client. This is why it’s sometimes called an Outlook digital ID. This string of data combines two important cryptographic functions (hashing and encryption) to prove your message is authentic and hasn’t been altered since it was digitally signed.

(Note: An Outlook digital signature/digital ID isn’t the same thing as an email signature. An email signature is what you add to the end of outbound emails that typically includes your name, title, company banner, and contact info.)

We won’t get into the technical side of what a digital signature is in general or how it works here — you can read more about that in our digital signature article. But it’s important to note that to display an Outlook digital signature, you need to use an email digital signature certificate. This is a small data file that ties your organization’s validated information to whatever you’re signing (e.g., an email, software app, document, etc.).

What Using an Outlook Digital Signature Helps You Do

Using an email signing certificate to add your Outlook digital signature to outbound emails is important regardless of which side of the email you sit on:

  • Email senders: This cryptographic tool gives you a way to prove email authenticity (i.e., they came from you) and data integrity (i.e., that no one has modified it since it was signed). This helps to protect your organization’s reputation and improves email engagement rates. They also offer non-repudiation by proving that you, and no one else, could have sent the email.
  • Email recipients: This digital signature provides assurance that a message you receive is legitimate because the sender’s identity and email’s integrity have been verified. This tool builds trust and helps you feel more confident engaging with the email and the email sender’s organization as a whole.

What It Looks Like When You Receive a Digitally Signed Email

To explore this topic, let’s slip into the shoes of a customer who receives one of your digitally signed emails to see what they see in Outlook:

Outlook digital signature graphic: A screenshot of an inbox that shows a ribbon indicating that an email is digitally signed.
Image caption: A screenshot of what your recipient sees in their Outlook inbox.

Now, let’s take a look at what you see when you look at the email itself:

Outlook digital signature graphic: A screenshot of an email with a ribbon and text indicating that the specific message is digitally signed.
Image caption: A screenshot that showcases what it looks like when you receive a digitally signed email.

See the ribbon icon and “Signed By” message? That means that the Outlook email is digitally signed. But there’s more to it than that. If you click on the icon, you’ll see more info that confirms the identity of the email’s sender and signer (who are the same person):

Image caption: This screenshot shows that the email’s digital signature is valid and displays the email address of the sender, which is the same as the signer.

But how do you know this information is true and hasn’t been modified? You’ll click the View Details button to look deeper:

A screenshot of the Message Security Properties window that shows information about who signed the email and when
Image caption: A screenshot that shows information relating to the Outlook digital signature.

The screenshot above shows the email was digitally signed by the same email address using public key encryption and a SHA-256 hashing algorithm at a specific time and day. If you click View Details, you can see information about the signature itself:

A screenshot of the Outlook digital signature information (who signed it, when, and using which hash and signature algorithms)
Image caption: This screenshot shows additional information, including which certificate authority (CA) issued the certificate.

When you click View Certificate, this will succinctly state the certificate’s intended use and verify its validity period (shown below). This is important because if the certificate expired or was revoked, it would display a warning message.

Outlook digital signature graphic: A screenshot of the View Certificate screen
Image caption: This window displays the certificate’s purpose and validity dates.

If you switch to the Details tab at the top of the window, you can look under the hood to see more technical information about the digital certificate’s sender, cryptographic functions, and identifying information:

A screenshot that shows the email signer's certificate Subject details and the email address the certificate was issued to.
Image caption: This window displays more in-depth information relating to the certificate.

Final Thoughts on Outlook Digital Signatures (Digital IDs)

Outlook digital signatures are important to email signers and recipients alike. Adding a digital ID to your outbound messages serves as a way to prove your emails are authentic and legitimate so users feel more comfortable opening or responding to them and clicking on links.

Without using an Outlook digital ID, how can recipients know your messages weren’t sent by bad guys who want to exploit your good name? You can’t. So before your company sends more emails to customers, you should consider getting an email signing certificate to add verifiable identity to your messages.

About the author

Casey is a writer and editor with a background in journalism, marketing, PR and communications. She has written about cyber security and information technology for several industry publications, including InfoSec Insights, Hashed Out, Experfy, HackerNoon, and Cybercrime Magazine.