Tuesday, June 29, 2004

VeriSign introduces e-mail, antiphishing services

Great News:New services from Internet infrastructure company VeriSign Inc. will help businesses fight unsolicited commercial ("spam") e-mail, computer viruses and a form of online fraud known as "phishing"

The company on Monday unveiled VeriSign Email Security Service, a managed e-mail service that intercepts, scans and filters e-mail traffic before passing it to customer e-mail servers. A separate program, called the Anti-Phishing Solution, helps companies detect and combat scams that target their customers, VeriSign said.

The new services will help organizations preserve the usefulness of e-mail communications and fight modern-day scourges like spam e-mail that are lowering worker productivity, said Chad Kinzelberg, a VeriSign vice president. VeriSign will use its high-end networking infrastructure and reputation as the largest certificate authority and manager of two of the Internet's Domain Name Service root servers to attract customers who want relief from spam and viruses, but demand "100 percent uptime"

To use the service, VeriSign customers will modify the mail exchange (or "MX") record for their e-mail domain to point to VeriSign's Email Security Service servers. MX records tell other e-mail servers using the SMTP (Simple Mail Transfer Protocol) what server to deliver e-mail to for that domain.

The new VeriSign Anti-Phishing Solution service takes a similar approach, with VeriSign repackaging data, expertise and technology already used in other services.

Phishing scams are online crimes that use spam e-mail to direct Internet users to Web sites resembling legitimate e-commerce sites, but are actually controlled by thieves. The sites ask users for sensitive information such as a password, social security number, bank account or credit card number, often under the guise of updating account information.

The Email Security Service is free for the first 30 days. After that, the service will cost between US$1 and $3 per user per month. Prices for the Anti-Phishing Solution vary depending on the consulting and technology services the customer selects, Kinzelberg said.

Both new services are available on July 12

VeriSign is working with Microsoft and plans to support the Sender ID specification that Microsoft submitted to the Internet Engineering Task Force last week. Sender ID combines Microsoft's Caller ID specification with Sender Policy Framework, a similar standard created by Meng Weng Wong, co-founder and chief technology officer at Pobox.com, an e-mail forwarding service.

VeriSign will also make its Verified Domains List freely accessible to antispam software and service providers in an effort to foster email authentication adoption and spam's eventual elimination, the company said Monday.

"We're in an arms race with spammers," Kinzelberg said. "It's a game of one-upmanship that's difficult to win. Once we know who's sending e-mail, it gets a lot easier."

No comments: