Didyou know

Email Authentication determines the age of an email address and associates that email with demographic data provided by a person online, such as information on social networking sites and from other public and private data sources.

It has been an ongoing issue that consumers can get free emails easily and quickly. The challenge was to find a way to authenticate that the email is really associated with the profile data a consumer has presented to you.

So how can you really authenticate an email address like johndoe@hotmail.com? Sure you can perform an email verification which will confirm the user has access to that account, but how can you determine if the email really represents the person at your website?

Up to now the only way to do this would be to conduct your own research using online resources such as social networks to try and find where the email is in use, and to see who is using it.

There are now services that provide the ability to lookup emails across a number of sources. This can include public data sources, private data sources like utility companies that have an email address on file, email domain providers like Yahoo! and Gmail, as well as social networking sites like Facebook, MySpace and others.

Compiling this data from multiple sources, email authentication services offer insight into the profile of the person who owns the email as well as the age and status of the email account. These services can identify characteristics of an email address that make it suspicious, such as if the email was just created earlier today or if the demographic information associated with the email address is inconsistent with other information the customer provided.


subscribe to newsletter



email Authenticationtechnique overview

Email authentication is the process of searching public and private data sources, as well as social network data, to determine the age and association of an email with demographic data provided by a person online. Key considerations when implementing or buying this functionality include:

  • It works internationally.
  • No data or limited data doesn't equal fraud. Not everyone has their emails out on the web, so you won't get hits on everyone.
  • Not all responses are real time responses.
  • Depending on the service, email authentication lookups may be submitted manually, in batch processing or automatically via an API.
  • The coverage and type of detail a vendor can supply for an email lookup will vary and depend on their data sources. Vendors directly connected to major email domains are likely to have broad coverage whereas vendors utilizing data from private sources and social networks are likely to have more detailed data, but it may not be available for as many email addresses. Vendors may have each of these data sources offering broad coverage but a high level of detail on a smaller percentage.

How does it work?

Email authentication vendors compile data from multiple sources. This can include public data sources, private data sources, email providers and social networks. Private data sources may include utility, cable, telecom and other service providers that have name and email information on file for their customers. Email authentication services may also receive data from premium email providers like AOL and free email providers such as Hotmail, Yahoo!, Gmail and others. These data sources may provide information such as when the email address was created, if it is active, and possibly the date of birth and gender provided by the consumer when they created the email. Data from social networking sites may provide more demographic detail as well as a picture and the number of social media connections or friends, depending on the service provider's data sources and partnerships.


How do you use the results?

Depending on the service an email authentication vendor may offer a risk score or recommendation based on the email address, they may provide all the detailed information associated with the email address that is available, or they may provide both. Merchants may use this risk score as an additional signal to help determine whether or not to review a transaction.

Services providing all of the detail information for an email authentication lookup can be very useful for manual review. An email that was recently created or is associated with social network and demographic information that is inconsistent with the customer profile is a signal of increased risk. Alternatively, an email address that is active, has been existence for a long time, has an active social media presence and connections, or is associated with demographic data that matches the customer profile are indications of decreased risk.


  • Introduction to eIdentity Authentication and Verification

    Establishes a baseline understanding of the components that make up a consumer identity when transacting or making application from an online or telephone channel.

  • Introduction to Ecommerce Fraud Fundamentals.

    Provides participants foundation level knowledge about the theories, best practices and terminology surrounding electronic payment fraud. Presented in a standard format covering the history of eCommerce Fraud, consumer fraud, merchant fraud, fraudster motivation, fraud trends, identity verification and phishing.

  • Ecommerce Fraud Moving from Tools to Solutions.

    This session covers what constitutes a fraud solution and categorizes the many types of third party fraud tools. The course outlines the common terminology of fraud solutions and describes the capabilities needed to implement a fraud solution.