By Paul Wilson, Product – Risk Based Authentication, AppGate
With nearly 300 billion emails being sent every day in 2019, the use of email by both individuals and businesses shows no sign of slowing down. In fact, in light of recent governmental lockdowns causing more people to work from home, there will arguably be more emails sent now than ever before. For most organisations, it is the primary way in which they communicate with their customers so the need for email to remain a trusted method of communication is crucial.
But it is not just the enterprise world that is taking advantage of the cost-effectiveness and easy to use nature of emails. It is understandable that fraudsters are increasingly tapping into these benefits with 49 per cent of businesses reporting that fraudulent emails the one cybersecurity breach that caused the most disruption to their organisation.
For businesses, particularly those within the financial service industry, it is absolutely paramount that their customers maintain a level of trust in their provider’s email communication. This is especially true as we see an increase in call centres closing down due to COVID-19 and email becoming a vital form of communication for the foreseeable future for many organisations. To truly protect themselves against cybercriminals and ensure their trustworthy reputations are kept intact, financial institutions must ensure they have the correct tools in place.
The price to pay when trust is lost
When it comes to people’s personal and financial details that are at risk of being compromised there is very little room for forgiveness. Once a customer has experienced fraudulent activity, it is not just a matter of having to rebuild their trust. The likelihood is, they’ll move on to another provider.
For the larger banks, this can be a setback but it is unlikely they’ll suffer in the long term. However, for the increasing number of challenger banks such as Monzo and Starling, who face acquiring costs of US$ 349 (£268) for new banking customers, it is not just short term reputational damage they have to battle. The cost of losing a customer can be a matter of make or break for them.
What’s more, the likelihood of suffering an attack is high and continuing to rise. The number of phishing emails has risen by 25 per cent in the last year alone, according to the AppGate’s latest Fraud Beat Report. Unlike other forms of fraudulent attacks, phishing attacks are easily masked through the use of mimicking official bank email addresses. This makes it almost impossible for the customer to even notice if they are receiving questionable emails.
For challenger banks, who are in phases dedicated to fast growth and customer acquisition, having a trustworthy email system is not simply a nice to have. It is an absolute necessity if they are going to successfully hit their targets, maintain their existing customer base and retain new customers.
To add further difficulty into the mix, the majority of security solutions require a high level of technical knowledge. For larger organisations, this is easily solved by onboarding a specific security team. But for challenger banks, who often have small teams and very tight budgets, this is a luxury few possess. Challenger banks need solutions that are not only simple and efficient but one that fits around their fast-paced operations.
This is where authenticity policies and reporting protocols, such as Domain-based Message Authentication Reporting and Conformance (DMARC), can come into play. By hosting an approved list of domains, DMARC works by allowing email service providers to quickly cross-check the lists and block spoofing email attacks. For challenger banks, once they publish their details on the DMARC Domain Name System (DNS), they establish a strong foundational layer of protection for their customers.
It is through the use of two reporting methods that DMARC can work to block spoofing emails. The first method, known as Sender Policy Framework (SPF) reports, checks if the incoming mail is from a domain that is authorised by that domain’s administrators. The second report, called DomainKeys Identified Mail (DKIM) reports, checks that the email, and any attachments in it, have not been altered in any way during delivery. If an email fails either of these tests, the sender’s DMARC policy will notify the receiver of the emails to either monitor the unauthenticated email, separate it or reject it.
With the use of real-time threat visibility and analytics platform, this protection can be taken a step further. These platforms connect to the DMARC DNS data, enabling them to not only show where malicious emails come from but then assist in preventing the malicious emails reaching customers. By capitalising on these platforms, challenger banks can quickly close down spoofing sites and disable additional attacks. In addition, as more security features are added over time, the threat visibility and analytics platforms can also assess their effectiveness. Having this additional layer of insights and ability allows challenger banks to simultaneously ensure trust in email communications whilst not affecting the customer experience.
Start as you mean to go on
For challenger banks, trustworthy email communications are not simply the difference between a good and a bad day in the office. It is the lifeblood of their survival. Having effective security measures in place to protect their customers is vital. For challenger banks to really provide that added value of faultless security protection for themselves and their customers, a combined approach of security solutions such as DMARC and an analytic platform is a necessity.