eView: The Current State of E-mail Authentication
Spam, phishing and other forms of fraudulent e-mail are ever-increasing threats to the safety of consumers and the reputations of the brands upon which they rely. According to a variety of sources, as much as 80 percent of e-mail claiming to be from leading brands, banks and ISPs is actually spoofed.
Organizations in all parts of today's e-mail ecosystem have been exploring the use of e-mail authentication — a collection of various technical measures for verifying the authenticity of e-mail senders — to improve the integrity of e-mail and foil the bad guys.
But authentication hasn't yet been widely adopted, mostly due to two factors:
1. too few marketers understand the risks of unauthenticated e-mail; and
2. even fewer marketers demand that their vendors and service providers make authentication simple and cheap to implement.
Organizations that made early investments in authentication are now realizing the benefits of protecting their brands and enhancing their deliverability. To those early adopters, it may seem like tremendous progress to hear that a recent survey found that more than 50 percent of e-mail, by volume, is authenticated in some fashion.
However, that seemingly high number belies an important reality: The top 50 percent represents a relative handful of major corporations who are engaged in the most vigorous and forward-thinking e-mail marketing activities. In contrast, the bottom 50 percent represents everybody else. Put another way, the vast majority of companies remain vulnerable to massive reputation damage from spoofing, phishing and "brandjacking," with harms that can be costly and difficult to reverse.
For e-mail senders, the immediate value of using authentication is that receiving systems verify the legitimacy of each message's claimed source. If the authenticity is verified, the e-mail is quickly and reliably delivered to the recipient's inbox, while a forgery is either rejected or subjected to further scrutiny.
Authentication on the outbound is only one piece of the puzzle, however. Receivers also are beginning to look for authentication and use the presence of authentication as a positive element when assessing the reputation of the sender and making choices about how, or whether, to deliver an e-mail message.
Mainstream e-mail marketers need help from their service providers and e-mail technology vendors in this ecosystem. Until authentication is an effortless feature — instead of a burden with an unclear ROI — efforts to improve the trustworthiness and reliability of the e-mail ecosystem will face significant challenges.
For any company that depends upon how it's perceived by its customers (is there any business that doesn't?), the decision to implement authentication isn't a difficult one at a conceptual level. Only when all of the players in the e-mail ecosystem fully understand its importance and can implement it easily will we see the kind of widespread adoption necessary to stop the bad guys and protect the brands that we know and rely upon.
When marketers realize the game-changing benefits that authentication can bring and demand their vendors and providers make authentication easy, everyone who sends or receives e-mail will be better off.