Secure Email Delivery Combats Identity Theft and Offers Brand Protection
[New York, June 2004] Electronic Billing specialist, Garin Toren, says secure email delivery is one way in which companies can ensure that email communication to customers/ partners is trusted.
In a report published recently by Gartner (May 2004), technology-driven fraud using digital channels, such as email and the web, is now the fastest growing form of consumer theft in the United States.
According to Garin Toren, COO of Striata Inc., the marked increase in phishing has caused a great deal of uncertainty and anxiety amongst recipients of electronic communication. (‘Phishing’ involves a recipient receiving an e-mail requesting them to update their customer details. When they click on the provided link, they are routed to a ‘spoofed’ web site where they are requested to submit their confidential information in order to update their records. The perpetrators capture this information for later use in fraudulent activities.) Toren says organizations need to protect their brand, business and customers from the potentially devastating effects of identity theft and related fraudulent activity. To do this they must revise their communication strategies to remove high risk practices.
Identity theft is forcing changes in the way organizations communicate with their customers. Without applying smart measures, certain functionality such as web links, the provision of personal details and downloads, are seen as high risk and must be avoided. Once a customer has fallen prey to a fraudulent email or website that they believed to be from a genuine service provider, the trust between the two parties is indelibly damaged, says Toren.
One way in which organizations can ensure that their electronic communication is trusted, is by incorporating digital signatures into their email process. By digitally signing an email, the service provider is able to assure the customer of the authenticity of the sender and provide notification if the email has been changed from the original.
According to Toren, This eliminates the risk of an email being spoofed by someone masquerading as a trusted service provider, as well as the risk of an email being tampered with in-transit.
A secure email delivery process can allow integration with both standard and advanced based digital certificates, as well as via hardware security modules (HSMs) such as nCiphers nShield and Thales eSecuritys WebSentry. This means that users of secure email billing processes are able to stamp their authenticity onto their outbound communication. For organizations that require the utmost security to protect their brand, business and customers, hardware-based digital certificate products are critical considerations. We believe that digitally signed e-mails will become the norm for business-to-business and business-to-consumer e-mail communication. Already in Europe, all invoices sent by electronic means will only be accepted by member states, provided that the authenticity of the origin and integrity of the contents are guaranteed by means of an advanced electronic signature based on a qualified certificate and created by a secure-signature-creation device. “However,” says Toren, realizing the value of digital certificates will require education of e-mail users in order to capitalize on the security benefits. Users will need to be aware of what a certificate ensures, and how to know if a certificate is invalid. They will also need to know what a certificate does not do. Customers need to be educated as to the assurances, new technologies such as digital certificates, can provide. ” Over and above digital signatures, secure email delivery software has further advantages for parties concerned about fraud. Security can include a username and password layer that requires the recipient to authenticate themselves before accessing the email bill / document or other confidential information. By highlighting the benefits and advantages of these measures, companies can educate their customers on the importance of digitally certified and encrypted email, encouraging them to only trust communication that includes one or both of these security elements. By integrating this type of security layer into a secure email document / bill distribution process, one can assist users to protect of their intellectual property, authenticate and secure their email communication, whilst also ensuring the integrity and privacy of customer information. says Toren. Confident about this technology, Toren comments, Solutions such as this can assist both companies and customers to protect themselves and to continue to benefit from the ubiquity and convenience of email communication. To view a digitally signed e-mail, send a blank e-mail to firstname.lastname@example.org and one will be sent back to you. Click on the red seal on the upper right hand side of the e-mail to view the sender certificate.
Striata Inc. is an application software developer and service provider focused on enabling secure electronic communication. The Striata Application Platform provides highly flexible, robust and scalable products deployable across multiple operating systems. Striatas solutions are applicable to organizations that view efficient communication with customers and stakeholders as a vital component of their success.
Striata specializes in the secure delivery of Bills, Statements, Invoices and Payslips via secure e-mail.
Striata has been a provider of software and services in the electronic messaging arena since 1999 and have offices in New York, London, Sydney and Johannesburg and partners in Dublin, Frankfurt, Atlanta, Washington DC, Honolulu and Cape Town. Visit www.striata.com