Six years ago, in an effort to protect their customers, PayPal came up with a brilliant idea that turned out to be an effective solution against fraudulent email senders and domain spoofers. The company enlisted the help of industry behemoths like Google, Apple, eBay, Microsoft, Yahoo, and others, and together, they created an open Internet method called the Domain-based Message Authentication, Reporting & Conformance specification, also known as DMARC.
DMARC’s goal is to put a stop to false emails sent by hackers claiming to be from companies such as PayPal and eBay. When the specification was published in 2012, PayPal had high hopes for it, but little did they know that it would go on to actually exceed their expectations. DMARC proved to be a massive success – the method drastically reduced the percentage of attacks after only a year. The great thing about DMARC is that any email service provider can make use of the specification to enable this type of protection for all of its users.
Because of its proven value, the security standard is now being used all across the industry, with recent additions that include Facebook, LinkedIn, Twitter, seven major U.S. financial institutions, and various international government agencies.
With DMARC gaining plenty of traction in the worldwide web, we are ushering in a world that will have much less fraudulent emails. It’s interesting to see giant companies like PayPal, Google, Apple, and Microsoft working together to come up with effective solutions that will benefit everyone in the long run. While hackers and other people with devious intentions constantly find ways to bypass security and exploit vulnerabilities, it’s collaborative efforts such as the one that gave birth to DMARC that give us all some hope. Hopefully the creation of DMARC will serve as a starting point, a blueprint for many future innovations that will help make the Internet a safer place.