Outlook.com ups its security bid with support for DMARC and Extended Validation Certificates

Outlook.com ups its security bid with support for DMARC and Extended Validation Certificates

Today Microsoft announced two key security updates to its new email product that should protect its users from attack, and boost the profile of its new webmail initiative.

Microsoft has laid a large bet on the future relevancy of email with its new Outlook.com product, a webmail client that TNW has found to be a vast improvement over its predecessor, the now hapless Hotmail.

All Hotmail users will eventually be shunted to Outlook.com, but for the next few months the service will linger in a twilight zone of dead, but still walking.


Outlook.com now supports Domain-based Message Authentication, Reporting and Conformance, or DMARC. Building off of the work of former email authentication standards, DMARC is the next generation in anti-phishing technology that protects users by warning them when a sending address might not be legitimate.

And if it appears to be from your bank, and isn’t, that knowledge could be key.

Microsoft promises that its users will be helped by the system “making it easier to visually identify mail from senders as legitimate, and helps keep spam and phishing messages from ever reaching [their] inbox.” Senders that support DMARC will be marked as such, giving users extra surety that a certain email is clean.

Microsoft has been part of the DMARC group since its inception, and cited the work of Gmail, Facebook, and PayPal as key to its progress.

Extended Validation Certificates

Compromised SSL certificates are a tricksome, and vicious way of confusing individuals out of their information and, potentially, funds.

Extended Validation Certificate, or ‘EV,’ are a stronger form of certificate, that can help users ensure that the site they are on in is in fact on the up and up, and not masquerading as the real thing.

According to Microsoft, “EV certificates are deeply vetted by the Certificate Authority, providing significant assurance that you can trust the sites that use them.” By supporting EV, Microsoft is helping its users stay safe online. And as, we suspect, a great majority of phishing attacks begin in email, having Outlook.com take up the technology could be useful indeed.

In short, these updates will help users stay safe, and will likely prevent a host of phishing attacks from becoming successful attempts.

Enough to move Gmail users over? No, but every step that Outlook.com makes to its platform that betters its product is another step back into email relevancy for Microsoft.

Top Image Credit: Alec Perkins

Read next: The London-based "unhotel" startup onefinestay opens the doors to 100+ homes in NYC