All organizations that rely on email as a primary form of communication have faced a significant shift as Google, Yahoo, and Apple imposed stringent email authentication requirements, mandating the adoption of Domain-based Message Authentication, Reporting, and Conformance (DMARC) policies for bulk senders, with Microsoft set to follow suit. With these giants controlling a substantial portion of the email ecosystem, these policies will have far-reaching implications across industries, particularly for those relying on email as a communication, marketing, and sales channel.
The good news is that three-quarters of e-commerce retailers have adopted DMARC, aligning with these new standards to ensure their communications remain effective and secure. However, the remaining 25% who have not complied now face a ticking time bomb that could impact their ability to communicate with customers and potentially profoundly alter their operations.
As Google and Yahoo have already started temporarily rejecting non-compliant email traffic, diminishing senders’ ability to reach customers and communicate effectively over email. Non-compliant retailers currently using email as a marketing and communications tool could have their daily operations halted, if they haven’t already. Not only do they risk having their messages marked as junk or rejected outright, but they also could face hurdles when using email as a communication method due to past junk and spam classifications.
As email continues to play an important role as a key communication tool, complying with these requirements will prove necessary for retailers to secure communications, maintain web traffic, and protect revenue.
How do email authentication tools, like DMARC, help e-commerce retailers?
Email authentication tools, like DMARC, SPF and DKIM, ensure that emails are sent from legitimate sources, verifying that an email originates from the domain it claims to represent and securing the integrity of email communications, while significantly reducing the risk of phishing attacks.
With four billion daily email users, the stakes are high. This is especially the case when email remains a key tool of business and marketing communications, with 316.6 billion emails sent and received worldwide daily in 2024 – a number expected to climb to 392.5 billion in 2026.
For retailers, and notably online retailers, the stakes are particularly high; email is not just a tool for communication but a central component of marketing strategies and customer engagement. Even anecdotally, the importance of these emails as a communication channel can’t be overstated, it seems every retailer has at least one weekly newsletter or ‘item update’ to subscribe to, alerting customers to sales, new products, company updates, and more. In not complying with email authentication requirements, retailers are risking messages essential to keeping their customers ‘in the loop’ getting lost, as well as a downturn in the reach and effectiveness of email marketing campaigns.
Consequences of non-compliance
A failure to implement DMARC effectively also leaves retailer domains open to cyber attacks, as spoofing and phishing emails can enter employee inboxes unchecked. If this leads to a cyber attack, the damage extends beyond immediate operational disruptions; it further erodes customer trust and can significantly impact future revenue. Customers expect their data to be secure, and any breach can have long-lasting negative effects on a retailer's reputation and financial health.
Non-compliant retailers risk significant damage to their customer relationships and brand reputation as trust is broken down due to poor communication. If customers don't hear from a particular retailer, it gives competitors the chance to increase their influence. Additionally, if loyal customers find out that they have missed out on important offers, it may cause alienation and a loss of footfall. Ultimately, failing to nudge customers and communicate effectively with them towards sales, and offers will result in a very real impact on revenue, profits, and the bottom line.
There’s still time for non-compliant retailers
It’s worth pointing out that it’s not all doom and gloom for e-commerce retailers at this point – there is still time to get on track.
Google and Yahoo introduced their email authentication regulations as a gradual rollout through the first half of this year, granting businesses a large window to implement email authentication tools correctly. Although, it’s worth noting the email giants are becoming increasingly strict with non-compliant traffic – in other words, the sooner DMARC is implemented, the better.
The future of email authentication in the e-commerce industry
For retailers, adapting to email authentication requirements is not merely an operational adjustment but a necessary strategic move. In a competitive e-commerce marketplace, finding ways to ensure the security and integrity of communications is essential.
Retailers need to fully embrace new changes and adjust with them, leveraging the tools and technologies available to maintain the trust of their customers and the effectiveness of their marketing efforts. Those who have already adopted email authentication tools to comply are on the right track; improving their overall security posture while also solidifying their customer engagement strategies and relationships.
We've featured the best online cybersecurity course.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro