Johannesburg, 12 Aug 2003
In response to the increased public concern around online banking security, Striata has implemented an additional security feature on its batch e-mail marketing application. This security feature enables digital signing of outbound e-mail campaigns, confirming to the recipient that the e-mail originated from the sender and has not been altered in transit.
Says Michael Wright, CEO of Striata: "The convenience of the Internet comes with new risks that are increasingly being highlighted in the media. Personal identity theft, masquerading as a trusted service provider and accessing private information are all examples of Internet-based criminal activity that can lead to personal or commercial loss. The use of digital certificates mitigates some of this risk by authenticating the sender of an e-mail."
Striata has enabled this security feature on its e-mail engine, enabling organisations using the system to obtain a digital certificate and to certify outgoing e-mails. Digital certificates can be obtained from a certificate-issuing authority such as Thawte or Verisign.
Says Wright: "A company's first step is to ensure that all bulk outbound marketing, operational or e-billing notifications sent by e-mail are digitally signed. This mitigates the risk of someone posing as the organisation, and making fraudulent requests or obtaining information from your customers."
Wright claims that the next step is to consider which business units are conducting critical business, and should therefore be authenticated as representatives of the organisation when communicating by e-mail. E-mails sent directly from personal e-mail software will require a digital certificate solely associated with that originating e-mail address. Therefore, an e-mail sent from an account manager to a client can be digitally signed, but would require that account manager to have his or her own certificate.
Wright maintains the introduction of digital certificates will require a re-education of e-mail users in order to capitalise on the security benefits. Users will need to be aware of what a certificate ensures, and how to know if a certificate is invalid. They will also need to know what a certificate does not guarantee.
Says Wright: "Digitally signed e-mails will become the norm for business-to-business and business-to-consumer e-mail communication. The potential for identity fraud on electronic channels is a real risk, and digital certificates can be seen as another layer of security in the battle against Internet fraud."
Share