June 4, 2009, 12:00 AM

After citing retailers for poor e-mail security, group issues principles

The Online Trust Alliance, a group that promotes measures to prevent Internet crime and that recently cited major retailers for failing to authenticate e-mail, has issued draft principles for securing e-mail marketing messages and e-commerce sites.

The Online Trust Alliance, a group that promotes measures to prevent Internet crime and that recently cited major retailers for failing to authenticate e-mail, has issued draft principles for securing e-mail marketing messages and e-commerce sites.

The Alliance issued a report in April that said nearly half of the 300 largest online retailers identified by Internet Retailer had not adopted e-mail authentication policies, a void that it says is “leaving brands, domains and most importantly consumers exposed to security and privacy threats. Top brands failing include Sears, Victoria’s Secret, Gap and Nordstrom.”

The retailers’ record on e-mail security was not as bad as other groups`, however. The Alliance noted a lack of e-mail authentication at 56% of the top federal government web sites, including WhiteHouse.gov, Senate.gov, FBI.gov and the Department of Homeland Security’s DHS.gov.

The Alliance is a not-for-profit organization governed by a group of retailers, e-mail service providers, Internet technology companies, banks and government agencies, including Microsoft Corp., the Federal Trade Commission, Bank of America, and greetings card retailer American Greetings Corp.

“Many of the organizations and businesses that have failed to use some form of these e-mail authentication standards, including SPF/Sender ID and DomainKeys Identified Email, have become victims of forged e-mail and online exploits,” the Alliance says. “E-mail authentication has been widely heralded as a best practice to help curb deceptive e-mail and phishing exploits, which are some of the leading tactics for identity theft.”

“It is incomprehensible that in this period of escalating online scams and diminishing consumer confidence these agencies and businesses continue to sit on the sidelines,” says Craig Spiezle, chairman and founder of the Alliance. “Best practices not only need to be adopted by business, but also by governmental agencies. “

The draft principles, which cover security of web site infrastructure, mobile devices and personal consumer identities, are available on the organization’s web site at https://www.otalliance.org/docs/OTA_Draft_Principles_5_20.pdf

The Alliance will accept comments on the draft principles until June 17. Comments can be e-mailed to staff@otalliance.org.

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Bryan Gudmundson / E-Commerce

Which incentives are best at saving the sale?

It’s not necessarily the most valuable incentive that converts the best, a case study shows. ...

FPO

Heather Smith / E-Commerce

Taking advantage of the sharper marketing tools from Pinterest

Pinterest’s revamped private messaging system gives retailers more options for directly connecting with influential and ...

Advertisement