Consumer Security

Yahoo, AOL Certified E-Mail – Boon for Internet Security?

AOL and Yahoo are planning to launch a certified e-mail program in the coming months in conjunction with partner company Goodmail Systems. They announced their intentions last Fall, but the recent news that some marketers would be able to pay premium rates to bypass recipients’ spam filters has raised hackles throughout the tech industry.

The two Web giants are positioning the service as an additional perk for trusted marketers that want to ensure their e-mails reach their intended recipients.

Conversely, many marketers fear the program will usher in a new paradigm — one in which Internet service providers (ISPs) and other firms that control the Web will start to charge entrance fees. At the very least, marketing campaign costs are expected to rise.

Security Issues

Lost in the hubbub is the issue of security and what this program may mean not only to marketers attempting to reach customers via e-mail, but also to consumers.

Those on the receiving end of e-mail campaigns are fed up with spam and, more worrisome, the near constant threat that cyber criminals might fraudulently gain access to their financial data.

Some marketers and providers of online services support the idea of an e-mail fee plan, because they view it as a move closer to an industry-accepted reputation management program.

Reputation management refers to third-party verification — either in the private or public sector — that a marketer engages in best practices. Those best practices have not been established yet, though — that is, they are not yet collectively agreed upon.

“This announcement represents the most significant example yet of an ISP embracing reputation management services,” said Dave Lewis, vice president of market development for StrongMail Systems and co-chair of theE-Mail Service Provider Coalition (ESPC) committee responsible for the evaluation of reputation systems.

Reputation Management

It is a significant step, because just getting the industry to agree on the identification of security standards for e-mail marketers was tough, Lewis told the E-Commerce Times. “We had a heck of a tussle over that — just wait until the industry starts to address reputation authentication.”

There are two e-mail identification standards, which take different approaches to the problem of verifying that an e-mail was sent from a legitimate source. One, SenderID, examines the Internet protocol address associated with the e-mail and checks on whether that particular IP address is authorized to send e-mail on behalf of a specific domain. In other words, it secures the path by which the e-mail is sent.

The other approach, DomainKeys identified mail, or DKIM, goes further and secures the message. The technology requires that both a public and private key is issued and the two are then compared to make sure no modifications have been made. Promulgated by Cisco and Yahoo, this system is expected to be available this year.

The two different approaches appear to be perfectly complementary, compared to the haphazard attempts by the industry to solve the issue of verifying a sender’s reputation.

AOL was the first to address the reputation issue, according to Lewis, by developing a “white list” of marketers that were required to maintain complaints below a certain level. It worked as it intended, Lewis said, but could not stop the flood of phishing and other online spoofs.

“What I see AOL trying to do now is outsource a program that has been expensive for it to maintain,” he conjectured. “It also is attempting to monetize the relationship with senders, which I view as a business decision.”

Too Lazy

Not all marketers oppose the proposed e-mail fee program. A little rigor needs to be introduced into the system, said Rick Segel of Rick Segel & Associates, which counts among its clients.

Anything that enhances security, or even the perception of security, is a good thing, said Segel, who authored the upcoming book, Online Business Solutions … The Essentials.

“Maybe I think this because I have been doing database marketing for a long time now, but what has happened with e-mail marketing is that too many people have gotten lazy precisely because it is so cheap to use,” he told the E-Commerce Times. “There are virtually no costs involved, so they do not take the time to pinpoint their users and tailor the message that they should receive.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

E-Commerce Times Channels