JPMorgan Chase has begun using a digital watermark to protect customers from phishing attacks
- This is an excerpt from a story delivered exclusively to Business Insider Intelligence Banking subscribers.
- To receive the full story plus other insights each morning, click here.
JPMorgan Chase has become the first institution to roll out the Verified Mark Certificate, a digital logo the bank can use to watermark emails it sends to its customers to assure them the message has come from an official source, the company announced.
The technology has been co-developed by Entrust Datacard, a provider of digital verification solutions, and the Brand Indicators for Message Verification's (BIMI) Authindicators Working Group, which develops standards for the broader initiative and counts Google, Comcast, and LinkedIn among its members.
The tool could primarily help combat phishing attacks, which deploy fraudulent emails that mimic those of a legitimate sender to get consumers to reveal personal data. And as an added security benefit, digital logos created with VMC technology are difficult to forge. The logo may also make it easier for customers to spot JPMorgan Chase's emails in crowded inboxes and boost brand awareness by displaying the bank's logo prominently alongside the VMC.
Phishing is a potent method of attack, and it disproportionately affects financial services companies, possibly because of their reliance on emails for customer communication. Banks and other financial institutions are affected by an estimated 12,000 unique bank phishing email campaigns each month, according to Agari.
Furthermore, when phishing sites target institutions to exploit consumers, financial institutions are the most commonly selected category, targeted in 29% of cases in 2018, per data from PhishLabs. When consumers are affected by such phishing attacks, there can be lasting negative effects for the financial institution: Customers could lose faith in the bank and take their business elsewhere or become less responsive to future legitimate communications, making it harder to communicate with customers or upsell them to different financial services.
And beyond customer communications, tools like VMC could also help minimize phishing threats to the internal communications of financial institutions. If JPMorgan uses VMC for messages to employees as well as emails to customers, it could help address "spear phishing" within banks, which involves fraudsters posing as trusted employees to steal money or data from the individual or organization.
However, measures like this VMC only go so far, and need to be paired with consumer and employee education campaigns, given that human behavior and scam awareness remains a weak link in banks' security measures.
Interested in getting the full story? Here are two ways to get access:
- Subscribe to a Premium pass to Business Insider Intelligence and gain immediate access to the Banking Briefing, plus more than 250 other expertly researched reports. As an added bonus, you'll also gain access to all future reports and daily newsletters to ensure you stay ahead of the curve and benefit personally and professionally. >> Learn More Now
- Current subscribers can read the full briefing here.