PRESS RELEASE

German Banks lead worldwide efforts in protecting online users
80% adopt Extended Validation SSL certificates, but lag in fighting deceptive email

Wiesbaden, Germany - September 14, 2009 – The Online Trust Alliance (OTA) and eco the German Internet Business Association released joint research on German efforts to protect consumer’s data and privacy at the 7th Annual German Anti-Spam Summit.  Highlighting the data was the adoption by the German banking community of Extended Validation Certificates, (EV SSL).  As a leading trust indicator, adoption soared to over 80% up from only 24% twelve months earlier.

EV SSL certificates are one of twelve OTA Online Principles, which are designed to help protect consumers and assure the long-term vitality of ecommerce.  The Principles stipulate that upon the expiration of existing Secure Sockets Layer (SSL) certificates, ecommerce and banking sites MUST upgrade to EV SSL.   The Principles are designed to help address consumer anxiety resulting from identity theft, forged email and questionable data sharing practices.  Collectively they underscore the need for business accountability, data stewardship and practices to improve consumer choice and protection of their data. 

“With the onslaught of deceptive email and online crime, it is incumbent for all business to adopt these Principles to not only help protect their consumers but their digital brand and stockholders”, said Craig Spiezle, executive director of OTA.   “Left unchecked we risk a consumer trust meltdown.  Businesses who adopt will win consumer trust and realize a competitive advantage.”

“It is encouraging to see our efforts are paying off.  These issues are world-wide in scope and require collaboration and data sharing by all stakeholders,” said Harald A. Summa, eco CEO.  “Eco joins OTA in supporting these principles and helping businesses protect their online assets.” 

A total of 996 EV SSL certificates have been issued to 509 unique German companies.  Leading German brands include Audi, Deutsche Postbank AG, Lufthansa and Volkswagen.  By establishing stricter issuing criteria, EV SSL certificates are designed to help restore confidence among users that a website operator is a legally established business.  EV SSLs communicate their presence by providing a green identifier in a browser’s address bar and are now supported by nearly every browser. [i] OTA Principles https://otalliance.org/resources/principles.html.

“VeriSign is a proponent of OTA’s recommendations to help educate and protect the identity of e-consumers,” said Tim Callan, vice president of product marketing at VeriSign. “Due to the ever-increasing threat landscape and advanced phishing attempts occurring today, it is paramount that businesses deploy security solutions like EV SSL certificates to ensure the integrity of their customers’ assets.”

While progress has been made on the web side, German business lags other countries in adoption of email authentication.  OTA research revealed that only 19% of the top German businesses have adopted either SPF/Sender ID or DomainKeys Identified Mail (DKIM).[i]  Conversely adoption of the Fortune 100 is at 55% and the top ecommerce sites exceeding 90%.  OTA along with eco, other industry organizations and government agencies have called for the adoption of email authentication to help curb deceptive and malicious email, often laden with malware and links to phishing sites.  Recognizing the critical importance of email authentication, the OTA Principles stipulate all consumer facing brands and companies MUST implement one or more of the leading email authentication protocols. 

The Principles and online trust score card will be presented at the upcoming Online Trust Summit on October 29th in Philadelphia, coinciding with the 40th Anniversary of the Internet.  Speakers are from leading interactive brands including Bank of America, eHarmony, Federal Trade Commission, Memolink, Inc., Microsoft, Publishers Clearing House, TRUSTe, Visa and the US Postal Service.  Registration info:  https://otalliance.org/events/Phila09.html

Data & Methodology. 

• Full Data Report by Banking Site  More>

• Percentage of top 100 German banks who offer online banking. Analysis completed by OTA and eco the week of Sept 7, 2009.  Data sources: http://www.bankenverband.de/pic/artikelpic/072009/top100-2008.pdf.

• OTA Principles https://otalliance.org/resources/principles.html.

• Data analysis completed by testing domain of listed companies, supported in part by VeriSign.  Data reflects all EV Certificates found, independent of the issuing Certificate Authority.  https://otalliance.org/news/releases/2008EVUpdate.html.

• Methodology: Analysis of public DNS records and sampling over 250 million emails sent between August 15 and Sept 8, 2009 and received by one of more of the following MTAs, McAfee, IronPort, Cisco and or Microsoft Corporation.  https://otalliance.org/resources/authentication/index.html.

About The Online Trust Alliance (OTA) https://otalliance.org/
The mission of OTA is to create a trusted global online ecosystem and foster the elimination of email and Internet fraud, abuse and cybercrime; thereby enhancing trust, confidence, and the protection of businesses and consumers. Through its member companies and organization affiliates, OTA represents over one million businesses and 500 million users worldwide with regional chapters in Asia Pacific, Canada and Europe. OTA is a 501c6 IRS-approved non-profit, governed by a Board and Steering Committee including Bank of America, BoxSentry, Datran Media, Epsilon, Goodmail Systems, Iconix, Internet Identity, Intersections Inc, IronPort (a division of Cisco Systems), MarkMonitor, Message Systems, Microsoft Corporation, McAfee, Publishers Clearing House, Return Path, Secunia, Symantec Corporation and VeriSign.   

 For media-related inquiries or for no-charge press registration, contact:

Liz Shambaugh
Online Trust Alliance
Lizs@otalliance.org
425-785-7234