Striata welcomes DMARC, a new standard for email authenticationPublished on 12 Mar 2012
Striata, a leading provider and innovator of email bill presentment and payment solutions has welcomed the introduction of DMARC – Domain-based Message Authentication, Reporting, and Conformance – a standard for email authentication.
Recently, 15 industry leading companies, which include Google, Facebook, Microsoft, Yahoo, PayPal launched DMARC – a new standard for email authentication which enables organisations to safeguard their domains from phishing.
“We support all initiatives that provide authentication in the email space. The DMARC process builds on the implementation of Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) and authenticates the origin of the email domain. The new standard goes further by providing a reporting framework for each email sender on whether fraudulent emails are attempting to spoof their domain. This provides the necessary basis for ISPs to understand the difference between legitimate and fraudulent emails. Ultimately, this will also increase consumer trust in email as a continuing reputable medium for communications,” explains Michael Wright, CEO at Striata.
Phishing attacks have at times worn down the public’s trust in email with 1 in 370 emails identified as a phishing email (an increase of 0.06 percentage points since December 2011). The financial services industry has been targeted by increasingly sophisticated phishing attacks over the past few years. DMARC will help these companies authenticate emails from their domain to the receiving ISPs. They will be notified of any instances where their domain is used in emails that aren’t authenticated and were subsequently blocked as a result. This will result in fewer fraudulent emails making it into consumers’ inboxes and therefore more trust in email as a communication medium.
Wright says: “Striata has always employed authentication techniques for secure document delivery, using DKIM and SPF to verify the origin of emails on behalf of our clients as well as offering digital signatures. DMARC now also allows for global visibility on the misuse of a domain names and for domain owners to have full control over the use of their domains. We will be implementing DMARC on all customer accounts over the next couple of months.”
“Including DMARC in our email authentication process, in addition to our other security processes and procedures will enable us to offer the highest level of security and trust to both our clients and their customers,” concludes Wright.