BITS and eCert Issue Paper on Securing Email by Deploying Sender Authentication

FOR IMMEDIATE RELEASE

Washington, D.C. and San Francisco, CA - June 9, 2009 - BITS and eCert, Inc. today released a paper entitled Email Sender Authentication Deployment, covering two standards-based protocols, Domain Keys Identified Mail (DKIM) and Sender Policy Framework (SPF). The paper serves as a guide for financial services companies implementing leading-edge email sender authentication protocols and builds upon the BITS Email Security Toolkit (April 2007).

As financial institutions continuously improve the security of email, authentication protocols such as DKIM and SPF can heighten customer confidence and reduce the threat of phishing. This paper should help BITS member institutions, the financial services industry, and all organizations concerned with email spoofing to leverage best practices around standards-based email sender authentication protocols, stated Ken Schaeffler, Senior Vice President and Information Security Director at Comerica Bank, and Chairman of the BITS Security Steering Committee.

The paper was developed by members of the BITS Security Steering Committee and other BITS member companies, in partnership with eCert, Inc. eCert applied the knowledge and practical expertise it gained through its work with the financial services and ISP communities to draft the document, and provided ongoing assistance during member companies' collaboration on the paper. eCert and BITS are helping major financial institutions and email providers by creating fundamental solutions that improve security and trust, stated Erik Johnson, Senior Vice President, Bank of America and a principal contributor. Their expertise is invaluable in helping the industry advance e-mail authentication standards and practices.

The paper discusses critical success factors for sender authentication deployment, offers project planning and execution resources, and addresses practical implementation issues associated with the DKIM and SPF protocols.

Please click here for the publication.

The Financial Services Roundtable represents 100 of the largest integrated financial services companies providing banking, insurance, and investment products and services to the American consumer. Member companies participate through the Chief Executive Officer and other senior executives nominated by the CEO. Roundtable member companies provide fuel for America's economic engine, accounting directly for $85.2 trillion in managed assets, $980 billion in revenue, and 2.3 million jobs. BITS is the technology division of the Roundtable, leveraging intellectual capital to address emerging issues at the intersection of financial services, operations and technology. BITS focuses on strategic issues where industry cooperation serves the public good, such as critical infrastructure protection, fraud prevention, and the safety of financial services.

About eCert

eCert ensures trust in, and reduces fraud against, critical email traffic. eCert is a trusted intermediary that accredits domains that send email and certifies their traffic to defend against email fraud ("phishing") and enhance delivery. eCert does this by enabling standards for receivers to identify certified traffic and block phish before it reaches customer inboxes. eCert also provides traffic statistics and data on phishing attacks from major ISPs and other receivers. eCert was founded as a collaboration between large financial service companies and major ISPs to improve security against email phishing. The eCert collaboration offers participating companies the opportunity to take a leadership position, with major financial and Internet service industry leaders, in addressing the problem of phishing and security for their customers.

PRESS CONTACTS:

Katy Lim
changepr@gmail.com

Larry Baird
larry(at)ecertsystems.com