Sign in
  • Home
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Support
Request phishing analysis
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Get started for free
  • Support
  • Sign in
Check to see if you’re protected
☰
Check to see if you’re protected
Share this article
Related posts
  • Blog
    Research: Only 22 of the top 100 retailers are protected by DMARC
  • Blog
    DMARC authentication gets you the deliverability you deserve
  • Blog
    How vulnerable are U.S. election operations to email spoofing?
Valimail blog

Banks Adopt Email Authentication, But There’s More to Do

Author: Valimail
vault with open door
Banks take security seriously. Photo by Jason Baker/Flickr.

The march toward universal email authentication continues.

The five largest banks in the U.S. have adopted the DMARC email authentication standard, but there’s still much more to be done, according to a news release from the Global Cyber Alliance, a cybersecurity nonprofit founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police, and the Center for Internet Security.

According to the GCA, only 11 of the top 50 U.S. banks and 9 of the top 50 European banks have deployed DMARC and set it to block fraudulent emails or mark them as spam.

The GCA notes that another 32 of these top banks have set up DMARC, but are not seeing any benefit from it because they have not set their authentication policies to reject or quarantine emails that don’t pass muster (p=reject or p=quarantine, in DMARC’s terms).

In other words, 51 percent of the top U.S. and European banks have published DMARC policies — but of those who have policies, only 37 percent are actually seeing the antispam and antiphishing benefits DMARC provides.

Out of the 50 fastest-growing independent banks in the U.S. none — zero — are using DMARC.

GCA notes that DMARC is now supported by more than 85 percent of consumer email accounts.

“DMARC is proven, and it is free,” said Philip Reitinger, the president and CEO of the GCA, adding that it delivers a “significant” return on investment. “If a customer can’t trust your email correspondence, they will be looking elsewhere rather quickly.”

As the GCA notes, DMARC is an open standard, and configuring it is theoretically as simple as publishing a DNS TXT record (for organizations that have already implemented two supporting standards known as DKIM and SPF). However, the relatively high rate of banks who are using DMARC but not seeing any benefit from it — 67 percent — suggests that implementation is a bit trickier than many people expect.

Indeed, that failure rate corresponds almost exactly with what Valimail found in our recent survey of DMARC usage among a large sampling of corporations and government organizations. What we discovered is that about 70 percent of organizations fail to get DMARC to a reject or quarantine setting — and that ratio is roughly the same for the largest enterprises as it is for small and medium-size businesses.

The complexities of the various authentication standards combined with the need to maintain email at a high level of availability makes many organizations nervous about moving from a testing phase to enforcement.

Valimail applauds the use of DMARC by these top European and American banks. We’re proud to be part of the momentum towards authenticating the world’s email. If you want to see if your company is protecting itself and customers against phishing by authenticating email you can use our free, instant domain checker. We’re committed to seeing global adoption and enforcement of DMARC, and we’re here to help.

Back to blog
Published April 3, 2017
  • DMARC
  • security
  • SPF
Author: Valimail
Valimail is the global leader in zero-trust email security. The company’s full line of cloud-native solutions authenticate sender identity to stop phishing, protect brands, and ensure compliance; they are used by organizations ranging from neighborhood shops to some of the world's largest organizations, including Uber, Splunk, Yelp, Fannie Mae, Mercedes Benz USA, and the U.S. Federal Aviation Administration. Valimail is the fastest growing DMARC solution, with the most domains at DMARC enforcement, and is the premier DMARC partner for Microsoft 365 environments. For more information visit www.valimail.com.
Resources
Top retailers remain vulnerable to email brand spoofing
Learn more
Email security with Microsoft and Valimail
Learn more
Election email security
Learn more
Email fraud landscape, Summer 2020
Learn more
Preparing for BIMI: A Marketer’s Guide
Learn more
Latest news
Trump’s refusal to concede the election is creating an opening for cy...
Learn more
2020 General Election Results to Directly Impact Tech Industry
Learn more
Why Email Is Still an Election Day Disinformation Risk
Learn more
US elections are still vulnerable to email spoofing
Learn more
Security Gaps Persist, Report Warns, After U.S. Blames Iran In Election Sch...
Learn more
Press releases
Valimail Triples Customer Base, Becomes Top Global DMARC Provider in 2020
Learn more
Valimail: 2020 election infrastructure still vulnerable to email hackers
Learn more
Valimail Announces Selection by ASG for Anti-Phishing and BEC Protection
Learn more
Valimail DMARC Monitor and Valimail Enforce Now Available in the Microsoft ...
Learn more
Valimail Research Finds More Than 1 Million Domains Using Crucial Email Aut...
Learn more
Follow us
Contact us

P: 888.354.6179
E: info@valimail.com

Headquarters

180 Montgomery Street
20th Floor
San Francisco, CA 94104

Valimail Mountain Office

1550 Larimer Street
Suite 271
Denver, CO 80202

Request a full phishing analysis
© Valimail
  • Terms of use
  • Privacy Policy
  • Do not sell my personal information
  • Website terms of use
  • Phishing Analysis
  • Domain Checker
  • Products
  • Enforce
  • DMARC Monitor
  • Instant SPF
  • Amplify
  • Solutions
  • Anti-phishing
  • Brand protection
  • Compliance
  • Government
  • Marketing
  • Microsoft
  • Shadow IT
  • About
  • News + awards
  • Partners
  • Team
  • Careers
  • Industry leadership
  • Customer support
  • Learn
  • Resources
  • Blog
  • Customers