Entrust Datacard, a provider of trusted identity and secure issuance technology solutions, has announced its contribution to the first issuance of a Verified Mark Certificate (VMC). JPMorgan Chase received the first VMC certificate as observed in the global public certificate transparency (CT) logs.
Developed in collaboration with the Authindicators Working Group, the vendor-neutral VMC solution allows enterprises additional branding opportunities to communicate a trademarked brand logo to compatible email clients for display on customer emails.
Email is a critical form of communication between enterprises and their customers. For the typical customer, it can be challenging to recognise important messages from, for example, their bank or financial institution, that are mixed with a flood of marketing pitches, newsletters, spam, personal emails, phishing scams and outright fraud.
Entrust Datacard is the first certification authority (CA) to issue a VMC. Using VMCs, organisations can provide customers the company’s logo mark in a secure position in the accessed email message. Sending verified emails will provide increased brand control and logo visibility for organisations that support VMCs.
“Our VMC solution allows organisations to take control of their brands and introduce a higher level of customer experience by inserting their familiar logos into emails in a standardised way,” said Chris Bailey, vice president of strategy and operations at Entrust Datacard.
“Email is the dominant form of customer communication, yet customer phishing and spoofing attempts are at an all-time high,” said Armen Najarian, CMO of email security company Agari, an Authindicators Working Group member. “Pairing domain-based message authentication, reporting and conformance (DMARC) and VMCs is a winning combination for organisations to deliver improved customer interactions through the inbox.”
How VMCs work
VMCs build upon the secure verification techniques of Extended Validation (EV) web server certificates, which are governed by the CA/Browser Forum. The issuing Certificate Authority verifies an organisation’s registered trademarks and confirms their registration and ownership. The CA adds the confirmed information to the VMC, and then records it in the Certificate Transparency (CT) logs for public disclosure.
The VMC is signed cryptographically with a trusted root, so that mail applications can rely on the information inside the certificate. Once this process is complete, the CA sends the VMC to the organization for its use.
The VMC works alongside an organization’s Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol and Brand Indicators for Message Identification (BIMI) standards. Adding BIMI instructions to the DNS record allows an organization’s logo to be displayed on email communications that originate from that domain. DMARC provides strong authentication and guidance for preventing spoofed messages.
Entrust Datacard’s VMC issuance with JPMorgan Chase and Co. is piloting the next phase in the development of BIMI standards, a broad industry effort to enable email inboxes to display logos beside authenticated email, securely and at scale.
Like this item? Get our Weekly Update newsletter. Subscribe today