Security certificates use public key infrastructure (PKI) to encrypt data. When an email is sent, the sender’s email client uses the recipient's public key to encrypt the message. Only the recipient’s private key can decrypt this message, ensuring that the email content remains confidential during transmission.