How does email verification fight fraud when cyber security is so complex and an email address is so simple?
An email address is a digital fingerprint, revealing signals about the person behind it. This reveal gives systems valuable data and time to make decisions and take action. As we shift further to connecting online rather than face to face, the opportunities for online fraud increase.
Learn form this blog how email verification can detect fraud. (It's an overview, not a technical read. If you'd like full detail about the data points checked by email verification service, and a deeper dive into our fraud detection, including our unique Email Hippo Trust Score, please head off here to our tech docs.)
For general information and fraud detection, a focus on disposable email addresses and a five point 'to-do' list for businesses that might be just starting to notice online fraud - read on.
We can be our own fraud case study.
Email Hippo is in a relatively high fraud target sector, as we supply software services online. We sit alongside travel, ticketing, clothing and computer goods as a top fraud target. By using email verification in our sign-up process we have reduced instances of fraud by over 90% since 2016.
Payment gateway security systems often detect fraud after it has happened. Sometimes it can take weeks to detect fraud. Validating email addresses before a transaction takes place gives businesses a cost-effective opportunity to be more nimble and have more control.
How does email verification help fight fraud?
- The API never sleeps, it checks every email address entered onto a system in milliseconds
- Results trigger rule-based actions; for example, blocking every email address that contains gibberish
- The need for manual reviews reduces, allowing security time to be spent differently
- Rules can be set around any of the verification checks, for example, blocking emails from certain domains or service providers
- Email verification enables organisations to build their own rules and blocklists, by spotting patterns of sign-ups and email addresses connected to fraud.
- Email verification is a cost effective way to detect fraud and save time
Let's focus on disposable email addresses
What are disposable email addresses. If you trade online, should you care about them?
A disposable, or temporary email address is usable for a limited amount of time. It might be valid for a days, weeks or just minutes. Some service providers are more private than others. The most widely used disposable email services receive emails in public inboxes that are less secure than standard email service provider inboxes. When policies exist they tend to be explicit about mailboxes having zero privacy. If you send an email to a disposable email address it’s more than likely visible to many people.
Disposable email address use is edging towards 'normal'. You'll see trusted consumer advice services like ‘Which’ in the UK advising people to use disposable emails to avoid spam and fraud attacks. In fact, the use of disposable email addresses has grown by 69% in the last twelve months*
Disposable emails were created for hackers and developers. Now they are also used by people who just want to keep their real inboxes free from whatever they perceive as spam. In a recent survey** 71% of people who used a disposable email address in a sign-up transaction said they did it because they didn’t want to receive marketing communication.
Reasons for using a disposable email address are;
- Staying anonymous online (for good or bad reasons)
- Testing software system processes
- An alternative inbox to prevent receiving spam and fraud attacks in 'real' personal inboxes
Email verification identifies disposable emails so that organisations can:
- Choose whether to communicate with people who use disposable email addresses
- Protect themselves from fraud
- Maintain accurate data
- Build relationships with real people
- Improve deliverability rates
- Choose whether to provide free assets, (like report downloads, product trials or vouchers) to people they won’t be able to contact afterwards
Deal with disposables; a to-do list
1. Validate your email data to find disposable email addresses. Even checking a sample will give you an idea of whether you have a data problem.
2. Think about what the impact of disposable emails is in terms of administration or lost time. If you send a quote to a disposable email address do your sales team waste time trying to reach a person who isn't there?
3. Check your delivery data to see if contacts with the lowest engagement rates signed up with disposable email addresses.
4. Examine your email marketing results. Is your deliverability rate falling? Are your email campaigns reach fewer real inboxes?
5. If your customers are using disposable email addresses, try to earn their trust to improve sign-ups with real emails. Maybe your privacy messages need work to improve transparency?
As the trend towards guarding personal data grows, and more people turn to concealment technology to protect their ‘real’ inboxes, email verification will continue to play a key part in detecting fraud and connecting businesses with people who show genuine interest and engagement.
If you've got questions or you'd like to chat about the challenges your business is facing please get in touch. We're here to help. email@example.com.
Email Hippo disposable email address proprietary data 2018/19
** Allies Computing 2019