How Does DMARC Help?
DMARC is an email security standard that helps prevent spoofing and spamming of emails. It works by comparing the contents of the email message with a database of known names, addresses, and other attributes. If the attributes match, then the system performs a challenge-response algorithm that verifies the identity of the sender.
DMARC is a privacy protection measure implemented by some of the world’s biggest internet companies to help protect sensitive information, including credential data. It works by encrypting all data between a customer and merchant, protecting it against theft or destruction while still allowing the customer to review their own records. By implementing this privacy protection measure, ecommerce sites and businesses have a better chance of receiving packages from prospective customers that are clearer about their privacy rights. Email is the leading method for personal communication in the world. It is also a crucial method for businesses to communicate with customers, suppliers, and independent research organizations.
DMARC has made it easy for businesses to build trust with consumers by implementing encryption into their mail transmission.
This provides businesses with the ability to hold their consumers responsible for the content of their email communications. The goal of DMARC is simple: provide factually accurate information to users when they attempt to access email services from third-party services. The system is designed to prevent fraudulent activity, unauthorized access to private information, and spoofing on merchant accounts.
Today, consumers trust more than ever the security of their email and other online communications services; therefore, email providers must protect themselves against spoofing scams as well as other threats to Information Security. For this article, ISPs are defined as Internet Service Provider that also offers consumer email services and Mailbox Providers (MPs) are companies that provide web-based consumer email services such as Gmail, Outlook.com, etc. Email security has become an increasingly important issue as more and more users are engaging in commercial and intimate networks. DMARC has been included in the Efficient Commerce Platform (ECP) standard since 2008 and is widely deployed by leading companies such as Amazon, eBay, and Paypal; as well as public sector bodies such as the UK's National Health Service, which has mandated ECP as part of its internal email security policy.
DMARC is a global set of voluntary standards for information security and authentication. Over the past 10 years, the standards have been implemented or adopted in 156 countries, under different legal systems, and in environments ranging from private companies to organizations such as universities. In many countries, DMARC has had a huge impact on the marketplace as it lowers costs for consumers, businesses, and governments by providing a single secure method for authenticating multiple identities. Our work highlights that DMARC has opened new doors for innovation in security, while also inspiring new approaches to existing security solutions.
The following are some insights and observations derived from our investigation:
- Global DMARC coverage is well past “escape velocity” but its country adoption is uneven.
- Countries with large local ISPs tend to have worse DMARC coverage. Conversely, countries with large global MPs generally have much better DMARC coverage.
- Japan & Germany are surprisingly far behind in DMARC coverage, but adoption by just 1-2 local ISPs could quickly get them to 70%+ coverage.
- Though country coverage is important to track, companies within the same country may see large variances in the coverage of their customers.
DMARC coverage also varies by company
The numbers speak volumes. DMARC is a significant system in the financial world. A successful trait of this system is that it is constantly evolving, constantly improving upon itself. By continually refining its own technology, DMARC continuously improves the level of protection offered by email protection worldwide. The good news is that as more companies start using DMARC systems, the good news for consumers gets even better. We have seen increasing use of the technology over time, particularly among industries that have a high sensitivity to fraud or poor consumer experiences.
A recent study found that DMARC coverage had grown from 19% in 2008 We had an interesting conversation with one customer recently who wanted to know if our company had DMARC coverage on their mailbox. With increasing spam and phishing attacks, contacting companies to report spam or suspicious activities can be a tedious task. Nevertheless, it is vital for individuals who purchase or sell products online to report any suspicious activity immediately. An individual can report possible scams or illegal sales to customer services through “Report Spam” on competitor websites or via spam dot report available on any merchant website. The implication is that each company should perform a quick DMARC coverage test (Emailauth.io) to understand how many of their consumers are covered by DMARC.
Published by Ariya Rathi