SOURCE: Authentication and Online Trust Alliance

January 31, 2008 09:17 ET

Leading Companies & Non-Profits Realize the Benefits of Brand and Consumer Protection Through Email Authentication

Adoption Reaches Tipping Point; Authentication and Online Trust Alliance Issues Call for Compliance

SEATTLE, WA--(Marketwire - January 31, 2008) - Today, the Authentication and Online Trust Alliance (AOTA) announced that adoption of email and domain authentication has reached its tipping point, exceeding 50 percent in several key metrics. AOTA research highlights the top Fortune 500 and Internet retailers who have realized the business value of protecting consumers and their brands from forged email and phishing ploys through adoption of Sender ID (SIDF) and DomainKeys Identified Mail (DKIM), the leading standards of authentication.

Spam, phishing and other forms of fraudulent email are ever-increasing threats to the safety of consumers and brands. Up to 80 percent of email from leading brands, banks and ISPs is spoofed. After a five-month review of over 100 million emails from Fortune 500 brands, AOTA reports over 50 percent of legitimate email sent worldwide on a daily basis from over 15 million domain holders is authenticated. Those compliant brands are seeing significant benefits including brand protection and enhanced deliverability. Brands that have not authenticated are at a competitive disadvantage and are unnecessarily exposed to spam and phishing attacks from cybercriminals.

AOTA has issued a call for compliance of all consumer-facing e-commerce and online financial services sites to adopt one or more forms of outbound email authentication for their top-level corporate domain within the next six months. While many companies have adopted authentication for their marketing sub domains, they need to focus on consumer and brand protection.(1) Also, all ISPs should implement inbound authentication verification, in addition to existing messaging hygiene solutions, to maximize consumer and brand protection within the next six months. This commitment by the entire Internet ecosystem is required to preserve trust and confidence in e-commerce.

AOTA reports that adoption has exceeded 50 percent in the following key industries:

--  51 percent of the Fortune 500's consumer-facing brands
--  52 percent of the Fortune 500's consumer-facing financial service
--  54 percent of the Internet Retailer Top 300 brands

The Fortune 500 leaders represent top brands spanning many industries, including financial organizations BB&T, Charles Schwab Corp, MetLife, Nationwide Mutual Insurance, Progressive Corp and Wells Fargo; consumer brands Amazon, BlockBuster, Home Depot, Nordstrom, OfficeMax, Target and Walt Disney; and technology leaders Dell, eBay, IBM and Microsoft. The report is available at

"Email Authentication has now surpassed the tipping point, and we are encouraged with improvements in all key areas of measurement," said Craig Spiezle, chairman of AOTA and director of Internet Security and Privacy at Microsoft Corporation. "The latest adoption data and industry collaboration is a testament to how these organizations are stepping up to protect their brands and consumers. AOTA is calling on all brand owners to implement domain level authentication within the next six months."

The industry has shown strong collaboration as organizations have formed a united front committed to fighting online abuse. Epsilon, Habeas, Goodmail Systems, JupiterResearch, Lyris, Microsoft, MX Logic and Return Path offered invaluable contribution and support in the creation of AOTA's groundbreaking authentication report.

Supporting Quotes from the Industry:

"Email authentication is a necessary component to solidifying the future viability of email as well as strengthening consumer trust in the online channel," said David Daniels, vice president and research director at JupiterResearch. "Companies that adopt at their corporate and marketing levels will have a competitive advantage."

"We are continually working hard and diligently to protect our customers from online fraud," said Erik Johnson, senior vice president of secure email services at Bank of America. "We feel it's important to constantly keep raising the bar to provide secure services to our customers and business partners. Email authentication is a part of our overall strategy which includes working with law enforcement and businesses outside our organization to help drive higher security standards across the industry."

"We take the phishing problem very seriously as we know it can impact our customers as well as the entire online community," said Rajiv Jain, senior vice president and chief technology officer of AG Interactive, a division of American Greetings. "Implementing email and domain authentication is one of the key protection tactics against email attacks. By adopting the leading forms of authentication, coupled with other email strategies, we take one more step closer to our ultimate goal of eliminating online abuse within the eCard industry."

(1)According to past reports from the Direct Marketing Association (DMA) and Email Sender and Provider Coalition (ESPC), upwards of 85 percent of email marketing from the Fortune 500 consumer brands is authenticated.

About The Authentication and Online Trust Alliance (AOTA):

Founded in October 2004, the mission of AOTA is to foster the elimination of email and Internet fraud, abuse and data intrusions, thereby enhancing online trust, confidence and online protection of businesses and consumers. The goals include but are not limited to facilitating best practices, data sharing, the deployment and implementation of authentication, identity and reputation solutions as well as domain defense strategies. By providing the ecosystem prescriptive and actionable advice in a vendor-neutral environment, AOTA aims to increase digital inclusion and Internet usage worldwide by promoting the benefits of Internet safety to users of all ages and demographics. AOTA represents over one million business and 500 million users worldwide, with members in Canada, Denmark, Germany, Romania, Singapore and the United States. AOTA is a 501c6 IRS-approved non-profit, incorporated as a Washington State non-profit corporation. AOTA is governed by a Board and Steering Committee including the Bank of America, BoxSentry, Datran Media, Epsilon, Goodmail Systems, Habeas, Iconix, Internet Identity, IronPort (a division of Cisco Systems), Microsoft Corporation, MX Logic, Return Path and Symantec Corporation.

Contact Information

  • Media Contact:
    Carla Vicens
    blast! PR for the AOTA
    (919) 833-9975 x10
    Email Contact