<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=62700&amp;fmt=gif">
ValiMail
Valimail’s Email Authentication as a Service ™ gives you full control and visibility of your email services.

TOP STORIES

  1. The FBI Makes DMARC Enforcement Part of Law Enforcement
  2. Why it's so easy to fool White House officials with fake emails
  3. Why SPF Alone Will Not Protect You

ValiMail
Valimail’s Email Authentication as a Service ™ gives you full control and visibility of your email services.

TOP STORIES

  1. The FBI Makes DMARC Enforcement Part of Law Enforcement
  2. Why it's so easy to fool White House officials with fake emails
  3. Why SPF Alone Will Not Protect You

Valimail’s Email Authentication as a Service ™ gives you full control and visibility of your email services.

Banks Adopt Email Authentication, But There’s More to Do

Banks take security seriously. Photo by Jason Baker/Flickr.
Banks take security seriously. Photo by Jason Baker/Flickr.

The march toward universal email authentication continues.

The five largest banks in the U.S. have adopted the DMARC email authentication standard, but there’s still much more to be done, according to a news release from the Global Cyber Alliance, a cybersecurity nonprofit founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police, and the Center for Internet Security.

According to the GCA, only 11 of the top 50 U.S. banks and 9 of the top 50 European banks have deployed DMARC and set it to block fraudulent emails or mark them as spam.

The GCA notes that another 32 of these top banks have set up DMARC, but are not seeing any benefit from it because they have not set their authentication policies to reject or quarantine emails that don’t pass muster (p=reject or p=quarantine, in DMARC’s terms).

In other words, 51 percent of the top U.S. and European banks have published DMARC policies — but of those who have policies, only 37 percent are actually seeing the antispam and antiphishing benefits DMARC provides.

Out of the 50 fastest-growing independent banks in the U.S. none — zero — are using DMARC.

GCA notes that DMARC is now supported by more than 85 percent of consumer email accounts.

“DMARC is proven, and it is free,” said Philip Reitinger, the president and CEO of the GCA, adding that it delivers a “significant” return on investment. “If a customer can’t trust your email correspondence, they will be looking elsewhere rather quickly.”

As the GCA notes, DMARC is an open standard, and configuring it is theoretically as simple as publishing a DNS TXT record (for organizations that have already implemented two supporting standards known as DKIM and SPF). However, the relatively high rate of banks who are using DMARC but not seeing any benefit from it — 67 percent — suggests that implementation is a bit trickier than many people expect.

Indeed, that failure rate corresponds almost exactly with what ValiMail found in our recent survey of DMARC usage among a large sampling of corporations and government organizations. What we discovered is that about 70 percent of organizations fail to get DMARC to a reject or quarantine setting — and that ratio is roughly the same for the largest enterprises as it is for small and medium-size businesses.

The complexities of the various authentication standards combined with the need to maintain email at a high level of availability makes many organizations nervous about moving from a testing phase to enforcement.

ValiMail applauds the use of DMARC by these top European and American banks. We’re proud to be part of the momentum towards authenticating the world’s email. If you want to see if your company is protecting itself and customers against phishing by authenticating email you can use our free, instant domain checker. We’re committed to seeing global adoption and enforcement of DMARC, and we’re here to help.

ValiMail
Valimail’s Email Authentication as a Service ™ gives you full control and visibility of your email services.
The ValiMail Blog: Return to Sender

The ValiMail Blog: Return to Sender

Everything you ever wanted to know (but were afraid to ask) about email authentication DMARC, SPF, DKIM, and how they can stop fraud and phishing.