To combat phishing, Google and Yahoo have decided to implement new email authentication requirements. Companies must comply with these measures very quickly, as they will come into effect in thefirst quarter of 2024.
Docoon, a leading French publisher in the development of digital trust services, capable of delivering transactional messages, critical alerts and feeds, certified messages, and managing communication campaigns across all distribution channels, is obviously deeply concerned by these new protection measures. How have we responded, and what are we doing to secure the email communication we provide on behalf of our customers?
1. Combating phishing: a strategic challenge
319.6 billion emails in circulation every day in 2021, estimated to reach 376.4 billion by 2025... Confirmation of registration, orders, purchases or payments, deliveries or appointments... EMAIL is the essential medium for business communication. It is also the preferred medium for distributing administrative documents such as invoices, contracts, and statements, which require flawless deliverability.
Its proper "delivery" and deliverability therefore play an essential role in the image of reliability and efficiency that all companies wish to convey to their recipients.
While email remains the preferred communication channel for internet users and businesses alike, cybercriminals are taking advantage of this and increasing the number of phishing attacks that impersonate brands and productivity suites from Microsoft and Google.
What exactly does the word "phishing" mean? Cybercrime, which has been on the rise in recent years, often takes the form of fraudulent emails or "phishing." Phishing is a form of fraud in which cybercriminals attempt to deceive internet users by posing as a trusted contact or service in order to trick them into clicking on a fraudulent link, disclosing sensitive information, installing a virus, or transferring funds. This "hook" often takes the form of an EMAIL.
According to a study by consulting firm Statista, in January 2023, phishing was the most common form of cyberattack in France, affecting around 75% of companies.
To combat this scourge, companies and ISPs (Google, Yahoo, Hotmail, Apple, etc.) are regularly implementing new measures and solutions to make sender identification as secure as possible. Starting in February 2024, Google, and soon Yahoo and Apple, will implement new authentication requirements for EMAILS.
They will enable enhanced authentication to limit phishing and send all suspicious emails to junk mail. If companies do not implement them quickly, they may also block or send important emails to spam.
It is therefore imperative for companies that use EMAIL to send transactional messages, alerts, and even marketing messages to meet the new requirements in order to maximize the deliverability of their EMAILS.
Companies that are not equipped with the appropriate authentication tools may therefore experience major disruptions in communications with their customers.
2. Docoon anticipates new authentication requirements
Docoon positions itself as the specialist in sensitive and transactional data flows. We are committed to ensuring the delivery of all messages by maximizing their deliverability, thanks in particular to the monitoring of our platform, but also through technical monitoring of all best practices in terms of security, confidentiality, and deliverability.
Docoon anticipated the issue and had already implemented the required email authentication standards. As a result, our customers experienced no disruption to their email communications.
We have therefore implemented the SPF (Sender Policy Framework) standard, which prevents spoofing by authorizing a list of IP addresses to send emails for each domain/client, as well as the DKIM (Domain Key Identified Mail) standard, which also prevents spoofing by signing emails sent with a private key, with the client company adding our public key to its domain.
Always looking ahead, Docoon will also be rolling out a future requirement from Google and Yahoo in the coming days: "One-click unsubscribe," which involves making it mandatory to include a link in the header of emails that allows users to unsubscribe with a single click.
Docoon's proactive approach underscores our commitment to the security, confidentiality, and deliverability of our customers' email communications. By complying with best practices and continuously adapting its platform to changes in authentication standards, Docoon guarantees the fluidity and efficiency of email exchanges, even in the face of growing threats from cybercrime.
The new requirements imposed by Google and Yahoo certainly represent a technical challenge for companies, but they also provide an opportunity to improve the security and reliability of their communications. By adopting these measures, companies can not only protect their customers from harmful emails, but also strengthen their own defenses against email-related threats. These requirements should be seen as a catalyst for improving security practices throughout the organization.
Docoon is positioned as a key partner for companies seeking to navigate an increasingly complex digital environment, offering solutions that not only meet current requirements but also anticipate future developments in cybersecurity. By choosing Docoon, companies are securing a partner committed to securing their email communications, which are essential to the success of their activities in today's digital world.
Is the deliverability of your emails an important and sensitive issue for your company? Don't hesitate to contact us— you've come to the right place.
