Email just for YOU – CSA Summit 2019

AGENDA

• CSA Developments
• How Interactive Email can improve User Experience
• Implementing schema.org – Why It’s Worth the Effort
• Brand Identity, Domain Alignment and Cats, and What They Have in Common
• Enhance your email experience with customer feedback
• Email Address Internationalization (EAI) in mail systems and its emerging security threats
• Doichain – A Blockchain-Based Approach to Double Opt-In
• How the Next Generation of Consumer Email is Becoming a Reality

CSA Developments 2019

For marketing and email communication, personalization will result in increasing customer engagement, which is important for deep customer relationships and will result in a higher spend. Julia Janssen-Holldiek believes that this is possible in email by offering individual choices within standardized frameworks. Standards ease communication between senders and receivers and make email more productive.

The CSA’s work on email standards in 2018

Janssen-Holldiek explained that the motto of the 2019 CSA Summit, “Email Just For You”, represents the importance of this desired individuality, but also of quality standards. She presented the CSA’s work on email standards in 2018, under the banner of the CSA’s newly-expanded mission “We create and enable quality standards and promote new technologies for commercial emailing”, divided according to the alliance’s four strategic goals:

1. Establish quality standards

In 2018, the CSA criteria were updated – in particular, changes were made in the requirements for consent declarations in order to comply with the EU’s General Data Protection Regulation (GDPR), which came into effect on 25 May. The Legal Notice was integrated as a full text. Being able to deactivate redirect links in order to prevent phishing attacks, and disallowing WHOIS privacy services were further changes to the CSA criteria.

2. Promote new technologies

The promotion of new technologies is a new addition to the CSA goals. It is seen as important because it is very important in a changing technical environment. The CSA provides recommendations for new technologies which are not (yet) part of the criteria, but which support best practices. When the technologies mature, they can then be integrated into the criteria. The RFC 8058: 1-Click Unsubscribe procedure therefore gained support from the CSA in 2018, as did the Form-Sub header, designed to prevent mail bomb attacks.

The alliance also began a pilot project for a domain whitelist, for which the structure and prerequisites were defined. A further activity in the area of new technologies was a meeting of the eco Competence Groups Email and Blockchain to look into some initial approaches to applications that combine email and blockchain, one of which, Doichain, was also presented at the CSA Summit 2019.

3. Ensure compliance with quality standards

The fundamental goal of the CSA is to protect certified senders, and to offer a quality promise for receiving partners. One new activity to support quality standards is the generation of daily spamtrap reports, sent out to certified senders, using data gained from a range of different sources. Julia Janssen-Holldiek provided a graphic example of the general downward trend of spamtrap hits for an individual Certified Sender from the point of certification until 6 months after certification. Feedback from certified senders has been that the reports are very helpful. The report includes a spamtrap hit score with a color coding: red = above the average for all certified senders, and is a clear indication that a sender should take action.

The CSA also provides a great deal of content in the form of free downloads to help senders deal with issues of quality control when they are talking to their customers. There is also a comprehensive list of FAQs available on the CSA website.

Janssen-Holldiek also presented the eco Complaints Office, which deals with complaints regarding illegal content on the Internet (not only email). She started with a few non-CSA related statistics on their work in the realm of combatting child sexual abuse material, and statistics from the previous year from the eco Complaints Office Annual Report 2018. She also presented a few CSA-related statistics, showing that reprimands for CSA senders decreased in 2018 – her inference is that senders implemented a range of best practices in order to prepare for the GDPR, raising the overall quality of their processes and mailings.

4. Enable quality standards

The overall aim of the CSA in this strategic goal is to provide added value for senders, which is achieved through a range of activities. In particular, the CSA wants to provide added value in deliverability, education, promotion, and access to a large network. On the one hand, there has been increased press activity on the European level, developing a broader European footprint in the media. The aim is not only to communicate to certified senders, but also to their customers – so that the customers are more aware of the quality standards of the CSA. Furthermore, CSA and eco members can also contribute article and interviews to www.dotmagazine.online, the eco Association English-language magazine. The CSA was also on location at several international conferences during the year, promoting the service.

Julia Janssen-Holldiek then brought Jordi van Rijn from Emailvendorselection.com on stage to present his platform for email service provision. As van Rijn explained, the best things in life come from annoyance and irritation, and so it was with the inception of Emailvendorselection.com. The idea came about as a result of his consultancy work helping brands to find the right email service provider for their needs. The platform is therefore a place for people to find information on the different ESPs, to support them in making a choice. The new version is already online, but more features will be implemented in 2020. It includes a range of services and content, and especially lists CSA-certified senders with their certification. There were 13,500 visitors to the CSA section alone last year. He sees it as a good place to get information to potential clients. He also offers the opportunity to create unique content onsite, and offers training in blogging and writing for those who would like support.

Partner network and new CSA senders

Other CSA partners, apart from eco – Association of the Internet Industry, which founded the CSA together with the German Direct Marketing Association (DDV), official partners also include the BVDW and DMVÖ, and, since 2018, the French public-private partnership Signal Spam, of which the CSA is now also a board member.

The CSA currently has 115 certified senders and over 50 mailbox providers and technology partners (e.g. spam-filter providers). In 2018, there were 310 requests for certification, up 24% from 2017. Of those 310, only 23 signed the offer, and and were really motivated to go through the process of certification – there are several reasons for this gap: some are not ready yet; some are not technically qualified, because they do not own the IP; and some are brands (which the CSA sends on to certified senders). Of those 23, only 10 made it through the certification process, as a result of quality issues. Janssen-Holldiek points out that this is not a bad result for the CSA, as the alliance is part of an association and is not commercially driven.

The message from these results is twofold, according to Julia Janssen-Holldiek: The CSA has raised the awareness of quality standards, which in itself already has an impact on the market; and secondly, the CSA quality standards were not negatively impacted by growth in interest in certification.

How Interactive Email can improve User Experience

Types of interactions

Robbins divided the different types of interactions into three categories: “Fleeting interactions”, which are only true for as long as an action takes place (e.g. hover, focus, or active – for as long as the mouse button is held down); “lasting interactions” – more defined, intentional actions from the user (including checkbox that can be clicked on and off, a series of radio buttons where only one can be selected – by selecting a second one, the first one becomes unselected again – and a singular radio button, which cannot be unchecked once checked); and “submit” (forms within the email).

A new feature in terms of interactive email which he mentioned is AMP4email, from the Google AMP (Accelerated Mobile Pages) Project, which offers a new way of putting interactions into email. Rather than putting interactions into the HTML, it uses a separate MIME type, the AMP MIME type. It is an open project, so other companies and brands are also encouraged to start using it. At the launch in March 2019, it was announced that it will work in Gmail, Yahoo, Outlook.com, and Mail.ru. The form submit in AMP keeps the user in the email and does not redirect to a website, unlike an HTML form submit. AMP allows dynamic content, and can pull live data into the email interaction. Built from an accessibility-first point of view, AMP4email is still new, but very promising, according to Robbins. He admitted, however, that he had no live examples to share in his presentation.

Support for interactive email

In terms of support for interactive email, Mark Robbins clarified that “basic interaction” is supported by approx. 55% of the email client market, while “advanced interaction” – which offers a few more options and is easier to code, but for which there is no support for web mails – is supported by approx. 47% of the market. “Form submit” enjoys particularly good support, in around 82% of the market. Currently, AMP is currently supported by around 35% of email clients, although it is still being rolled out, and is not yet in mobile apps. However, Robbins pointed out that combining interactive HTML and AMP also gives a market share or around 80%.

Marc Robbins explained that in creating interactive email, the default remains the static version. If support is detected, then the email will be enhanced to show interactive code. If AMP MIME type is not supported or the user has switched it off, it also reverts back to the the next MIME type, probably HTML MIME type – which may still be interactive.

Why interactive email?

Mark Robbins went on to explain that while traditional email has the goal of getting the user onto a website in order to start conversion, with interactive email, the goal is simply to get the user to open the email – pulling the conversion process into the inbox rather than having it on a landing page. Sometimes interactive email can cover the complete process, and sometimes it is just used to initiate the interaction, to get the customer invested in the content in some way, so that when they subsequently click through to the website they are already more engaged and more likely to convert.

He went on to give a range of examples which illustrated some of the other benefits of interactive email. The first of these was a simple example of a photo gallery in an email, where the user can scroll through or click on a color selection button to see the image of choice. This has the advantage of not needing to scroll down though a long series of images in an email. Arrows to scroll through the images is an example of an “advanced interaction”, whereas the selection buttons are a “basic interaction”.

Next, he mentioned the possibility of creating a topic filter. Robbins explained that senders sometimes do not have enough data about the recipient to send targeted emails. If a sender does not have personalized information, they can send a long email containing a broader range of information and products. In an interactive email the user can then set the filter for e.g. topic, price range, etc. It is then possible to detect what the user has clicked on, enabling the sender to create a follow-up campaign that is more targeted.

A questionnaire could also be built, in order to create filters for targeted communication: simply asking the recipient, “What are you interested in?” The response buttons and the submit functionality are then directly in the inbox, rather than requiring the user to click through to an online survey.

Furthermore, in a traditional static “hotspots campaign” email designed as a birthday or Christmas surprise with offers hidden behind gift boxes, the user is required to click through to website to discover the hidden prize or gift, then go back to the email, click through again for the next offer, and so on. In interactive emails, it is possible to create hotspots which reveal these products directly in the email, avoiding the need to click back and forth.

He went on to explain that it is important to use design conventions that users recognized, so that they understand how to interact. This is new technology, which users are not yet used to seeing in their inbox. Therefore, recognizable link buttons, gallery selection buttons, scroll buttons, etc. are useful to encourage interaction. Hotspots are less common, but it is possible to add an explanation on how to interact with them, and they can also be designed to pulse, for example, to draw the users’ attention.

Interactive email also offers the possibility for “Contact Me buttons.” For example, in an email on available rental properties, the recipient could set the button for those properties that are of interest, and then at the bottom simply click on “submit”. The agencies or representatives responsible for those particular properties would then be informed and can get in touch with the potential customer.

Finally, Robbins spoke about the advantages of interactive features for the topic “rate & review”. Instead of asking the user: “Would you like to write a review?”, this offers the opportunity to ask: “What do you think?”. Feedback is direct and easy without leaving the inbox (e.g. clicking on a thumbs up or thumbs down symbol). Robbins explained that in their experience reviews perform very well in interactive email: in their own split testing, there was a 55% increase in reviews left compared to static email.

Interactive design tips

Mark Robbins closed with a few basic pieces of advice for designing interactive emails.

1. Use common design patterns – e.g. color buttons, arrows for scrolling, etc., that users are already used to.
2. Match functionality on your website, because your users are already familiar with your website
3. Think about what’s best done in the email, what on the website. Email is about starting engagement, building curiosity, but some interactions will be better suited to being carried out on the website itself.

Finally, he illustrated the real power and potential of interactive email by revealing that his entire set of slides during his talk had been presented in an email, in Apple Mail.

Implementing schema.org – Why It’s Worth the Effort

The smart inbox

She explained that with schema.org they are trying to build a “smart inbox” – a digital assistant to help manage emails. Before a machine can assist with an email, it needs to understand what an email is about. The computer can try to interpret what email is about – machine learning has already made some progress in this area, but according to Junghans there is a better way: Letting the email tell us what the purpose is. Junghans commented that brands in particular should be interested in doing this, because the sender is then 100% in control of how the email is interpreted by different machines or smart inboxes.

An email can be explicitly labeled as a “shipping email”, or “delivery email”, etc., which is something that the digital assistant can understand. The explicit information is added using schema.org. Schema.org comprises already agreed upon semantic vocabulary, which adds an extra layer of meaning to text, so that computers know what it’s about. It also incorporates GoodRelations vocabulary for e-commerce, so the use case for shopping emails is clear. Schema.org supports a hybrid approach in that the schema is hidden in the email, so that users can still read the traditional email if they want to, but they can also let their digital assistant do it for them.

Junghans pointed out, however, that schema.org does not take the place of proper authentication. It is still necessary to verify the sender through checking SPF, DKIM, DMARC, etc.

Annotating emails with schema.org

Dr. Conny Junghans explained that only a minimum of annotations is required. With the example of an order confirmation, the annotations include the schema.org/Order entity, a unique order number, and the delivery state (of which the following were given as possibilities: OrderProcessing, OrderInTransit, OrderDelivered, OrderCancelled, OrderPickupAvailable, OrderPaymentDue, OrderProblem, and OrderReturned).

Of these, the order number most important, because this allows the smart inbox to do “grouping”, to allow all emails relating to this order to be brought together or grouped, and the current state displayed clearly in the inbox.

Junghans went on to say that this approach is good for customer experience, because it gives the customer all the information they need in one place. She explained that customers are often not really aware of which part of the shopping process they are in, evidenced by the fact that they confuse the function of the feedback review opportunities they are given (e.g. reviewing email experience vs. reviewing the product).

While the focus for the presentation was specifically on shopping emails, the functionality can be broadened out for other purposes as well.

Magnus Eén then took the stage, and told the story of Westwing’s experience of implementing schema.org.

He explained that email is still the major revenue-bringing foundation for Westwing. Westwing started implementing after the CSA Summit 2018, Magnus having been inspired by presentations and conversations regarding schema.org. He had decided that it would not be too hard to implement, because most required information is already within the email. Westwing have not yet taken schema.org live, but Eén strongly recommended that senders should spend the time on implementing it because he is convinced it does bring value. There is a trend to make email more useful, and this is a part of that.

Challenges with implementing schema.org

1. Cons

The first disadvantage that Magnus Eén mentioned was tracking. Westwing is data- driven, and there is the potential with voice assistants and smart inboxes that customers may not physically open emails anymore, which would mean that the sender can no longer track whether information has been consumed. This would have an impact on segmentation, because that action is considered engagement, and if people no longer interact with email in the traditional way, the interaction might not be seen and metrics may be lost.

A second disadvantage he mentioned is display control: The sender is no longer in control of what is being displayed to the customers. Smart inboxes might extract the information and use it differently from the way the brand created it. This could mean lost opportunities for the brand to provide other content or offers and develop new engagements.

Eén also mentioned spam filters, and the idea that content matters to many filters. Adding hidden elements may trigger spam filters, so it is important to monitor deliverability while rolling it out, to see how it goes. He explained that it is still not clear who is supporting schema.org.

2. Pros

Although display control may be lost, Magnus Eén pointed out that a major advantage is that the sender is in control of the message, because it is specified rather than a bot attempting to interpret it, so there is no guesswork involved.

Furthermore, the schema.org annotation highlights key purpose of an email, meaning that the relevance is better for customer and therefore for brands. He commented that a user spends on average 11 seconds reading an email – so the message needs to be clear.

Schema.org also builds trust, according to Eén. Users are not aware of what is part of the inbox, and who is responsible for what. Therefore, the transparency of the message leads to increased trust.

Finally, he is convinced that it will drive higher engagement, even though he has no figures yet to back up his prediction. He mentioned a few added functionalities that it will enable, such as creating calendar entries based on the delivery information, and using smart speakers to read email out to the user. It all boils down to user experience, which will drive engagement, which drives email reputation, and leads to better results.

What’s holding it back?

Eén sees the greatest challenge as being adoption, because senders do not include schema.org yet. He is of the opinion that senders should add it and monitor it, and see how it goes. There is also the need to convince management: in companies where email is a major revenue channel, a small change in an email can have a huge impact on business, and therefore the approval loops for something like schema.org can be a hindrance. Furthermore, many different departments need to be involved. Not only the technical and marketing departments, but customer care, logistics, etc. The process also encompasses different steps in the shopping journey, related to different processes and systems in the company or partner companies. This all need to be kept in mind when implementing it.

Is it worth it? Magnus Eén admitted he doesn’t know yet, but he’s fairly sure it will be. Adding value and making email more useful takes time for adoption. He mentioned calendar invitations as an example – it took a while to take off, but nowadays, it is the easiest way to book a meeting.

As an outlook for Westwing, he said that after implementing schema.org for shipping, the next step will be to try it for promotions.

He finished with a play on the CSA Summit 2019 motto: Not “Email guessed for you”, but “Email made for you”.

Brand Identity, Domain Alignment and Cats, and What They Have in Common

Brand identity

Firstly, he looked at what brand identity is: An end user has an experience with an entity, and interacts with a brand – this can include newsletters, transactional emails, status mails, etc. Brands want to nurture their identity, building a trust relationship. This is not simply a technical issue: the goal is that users recognize the brand and associate a value to it.

He asserted that nurturing, growing, and protecting brand identity is a shared responsibility with all departments. A broader view should be taken of company communications and their impact on brand identity. While marketing and corporate identity may not be associated with technical emails like Ops emails, these nonetheless form part of the brand’s overall emailing, and therefore impact on the brand identity.

Domain alignment – the technical side of brand identity

The rest of brand identity aside, Herkula’s talk had a technical focus, and that was domain alignment. This, he said, is basically a technical approach to achieve the same goal that you want to achieve in marketing with brand identity. A brand’s domain is the most trustworthy instrument to build trust.

There are a range of specifications – such as DKIM, DMARC, SPF, and BIMI – that help to pinpoint from a technical perspective who you are. For example, he admonished, a company should be signing every single email that comes out of it with its DKIM key. While Ops emails do not need a logo, they should still have a DKIM signature. ARC is another email authentication system that ESPs and vendors can implement it to support DMARC. These are all important because a lot of decisions are made based on your domain.

Herkula explained that domain alignment can be defined in two ways: firstly, according to DMARC, in which the Mailfrom and From domains need to align, and secondly, in the manner of anti-spam detection, where all domains found in the SMTP transaction need to align.

As a result, short links (those offered for free, which use the short-link provider’s domain) affect domain alignment, because they result in a link with a different top- level domain. Short URLs should be created using the company’s or brand’s own domain (there are many paid services which allow this). It is also important to consider this when you are hosting on a CDN – here again, a brand should use its own domain. Herkula warned against sharing trust anchors with someone you have no control over.

Avoiding being caught by anti-spam filters

If you, as the brand, are the only point in the chain who is responsible for a domain, it is easier for vendors to decide whether this a good or bad source. Anti-spam vendors do not want to deliver anything which appears questionable to end users, so if you make it hard for vendors, you are likely to be categorized as bad. Herkula went on to say that ESPs also have high risk of being compromised. The low income margin associated with an email customer may mean that some ESPs take shortcuts. Brands should therefore look out for ESPs that comply with the current state of best practices.

Tobias Herkula pointed out that working in anti-spam is much more difficult than the sending of spam. Vendors need to decide whether they should block the IP address, an IP range, or even the whole ASN, etc. He explained that it is easy for spammers to look like your brand. There are increasingly sophisticated tools for counterfeiting brand images, and spammers may also make use of the brand’s URL. This also makes detecting illegitimate mails difficult, meaning that anti-spam filters need to be more aggressive.

It was at this point that Herkula finally explained the cats: Of the 350+ cat images in his slideshow, not one was real. They had all been generated by a neural network. He emphasized that this is also how easily a spammer can make themselves look like you.

Reputation & computational trust

In the end, it is all about reputation and computational trust, according to Herkula. This is achieved through having an authenticated identity, which starts with domain alignment.

The sender header and the from header need to align (the “sender” is the technical identity who sent the email; the “from” is the person who it should be coming from). This can be achieved using a DKIM signing gateway, for example.

Herkula pointed out that once a brand has established computational trust with an “identifier” or domain, this should remain static. A brand should not keep changing it with new corporate identity initiatives, or because of a new provider. Switching the source IP address is not so bad, as long as everything else remains unchanged.

His key take-away was the need to involve IT/Ops in Corporate Identity discussions, and to take this seriously. It is not enough to attempt to build corporate identity with just the marketing team – all technical departments need to be brought into the boat as well. So, he concluded, stop reinventing your brands, and start evolving!

Enhance your email experience with customer feedback

Developing customer experience through listening

According to Jonker, 70% of companies that deliver best in class customer experience use customer feedback. She is convinced that not only is collecting direct customer feedback critical for companies to execute their strategy: feedback is also the building block for creating the strategy to begin with.

Customer experience starts with listening to what your customers have to say. And here, the email marketer has a big influence in customer contact. Email marketing is the most responsive tool in the marketer’s toolkit, according to Jonker – the next best thing to being able to communicate face-to-face with a customer or a potential customer. One advantage that email has over other channels is that the message will still be there for the recipient, even if the recipient was offline at the time it was sent. Email is also highly suitable for feedback: It is immediate, trackable, testable, iterative, and personal. As a result, customer feedback through email gives companies a competitive advantage.

With a history in offline marketing, Leonie Jonker has a clear understanding of the benefits of the immediacy of feedback via email. She provided an example to illustrate the power of feedback for the success of a campaign. In one case, on receiving the email, a subscriber immediately contacted the company to say that none of the links were working. The problem could be fixed in the ESP and not only was the rest of the delivery was saved, but this specific conversion was also saved.

She reiterated that metrics don’t tell the whole story. A metric like an open rate may look good, but the experience of the customer may be different. She gave the example of a a birthday campaign, which had always had good open rates. When they added a feedback option, the feedback showed customer dissatisfaction, because the discount code expired too fast. As a consequence, the company gave people more time to redeem their gift, and customers almost never comment negatively on birthday campaigns anymore.

Why use feedback mechanisms?

Jonker explained that Paula’s Choice sends email across Europe to subscribers in over 20 different countries, and there are observable differences in behaviour and engagement. However, again, the metrics do not provide insight into the causes of these differences. Feedback provided more insights and qualitative data to dive deeper into understanding customer reactions and behavior.

She provided the following list of advantages of gaining customer feedback:

• Understand needs of customers & subscribers
• Improve communication & customer experience
• Differences in engagement between countries
• Understand what lies behind the metrics
• Build trust & relationships, not only generate sales
• Easy feedback on Customer Care advice conversations

She then went on to illustrate how a feedback flow works: The first question is in the email. The recipient clicks on their answer in the email and is taken through to the survey form, where they can leave an extra comment. The customer hits the send button and returns to the email or potentially to a specific landing page. She illustrated the four types of feedback mechanisms she uses:

Email satisfaction | Monitoring different campaigns

Getting a basic “sentiment score” through a simple pos/neg feedback mechanism (e.g. thumbs up/thumbs down); this can be used for all promotional and content emails, for example. It allows the company to compare content to sales metrics to segment customers and find the balance that works. Feedback can also be used to improve design – she gave an example of a VIP shopping night invitation, where the sentiment score rose from 2.0 to 9.0 as a result of implementing feedback into the design.

In-email content | Feedback about a specific part of the campaign

This enables feedback about a specific item in a larger email, also with simple pos/neg feedback option. It can include a question about content relevance, content clarity, or purchase intention.

Customer journeys | Feedback about a process or journey

Such feedback is an opportunity to work together with customer care, with questions like: Do you have a question for our experts? – Questions like this can lead to insights into how experienced the customers are with the topic and what kind of advice they need, and provides an easy way for the customer to get in touch with people who can help. Jonker explained that the company has seen strong conversion rates based on this message and the cooperation with customer care.

Customer relationships | Feedback about the brand/company

This provides insights into the relationship between customers and the brand. Combined with a referral program, such feedback makes it easy to see who your promoters are; these can then be offered the chance to join a rewards program. It is also an opportunity to get in contact with inactive customers: Is there anything preventing you from placing an order? Within 24 hours of activating this message, Paula’s Choice had received 200 responses – the insights are helping the company to work on reactivating these customers.

The feedback mechanism allows a brand to get to know its customers better. It can allow a brand to find out whether there are issues, and makes it possible to follow up. This leads to better customer care, and insights into the kind of content customers prefer. According to Jonker, it’s vital to work together with other teams within the company, starting with customer care. The results of implementing email customer feedback include:

• Improving Sentiment scores for regular email campaigns
• Improving email conversion rates and share of the total conversion rate
• Measurable customer care
• More guidance and information for customers
• Converting negative experience to positive experience
• Measurement of customer experience
• Qualitative data

Leoni Jonker concluded by saying that the secret – the real magic – is designing processes around feedback, and making the most of feedback. Feedback offers the chance to convert a negative customer experience into a positive one. Asking feedback shows you care. Following up with improvement shows you really care.

Email Address Internationalization (EAI) in mail systems and its emerging security threats

Who is using EAI email?

Basically, he explained, EAI is being used by literate computer users who cannot read English characters. He gave India as an example – in the state of Rajasthan, the Indian government is currently handing out email addresses in Hindi (the UASG have produced a case study on this topic).

Development of internationalized characters for email

He provided a brief explanation of the development of non-English characters being used in email. After initially only having the English language-based ASCII character set, the MIME protocol then allowed the display of Unicode characters (with over 1 million characters) in email bodies, but not in addresses.

Unicode characters, which can be of vastly different encoding lengths (from 7 to close to 20 bits), are then recoded as UTF-8 (1-4 bits). This, he explained, means that even if a Unicode string looks the same as an ASCII string, when it is stored in the computer it may well be longer. This means that to be prepared, you need to handle buffer overflows, and make sure that you are prepared for strings that are longer than you are used to. He commented that it is not difficult to prepare yourself, it just needs to be done.

Another complication with Unicode is that there can be several ways to create a Unicode character (e.g. an á can either be encoded as a character in its own right, or as an a followed by an accent). For human readers, this makes no difference to understanding the character, but for computers that can be difficult.

Internationalized Domain Names (IDNs)

IDNs are domain names that can take UTF-8 characters. These can be all Unicode characters or, especially in Europe, a combination of ASCII and Unicode. Levine explained that adding Unicode characters to the domain name system would have created all sorts of problems, so a system was developed in which there were two representations of every UTF-8 domain name. One, the U-label (also known as “native label”), displays with the Unicode characters to be read by humans, and the other (the A-Label) to be read by computers and containing a long string of ASCII characters starting with “xn--”.

So the IDN can provide the domain for an internationalized email address (after the @), but the challenge was then to get Unicode characters in the local domain (before the @). It took over a decade of experimentation to find a way to represent Unicode for the local domain, in the mailbox.

Internationalized email addresses (EAI)

Levine explained that EAI functions like an overlay, like a new separate email system that runs in parallel to the existing email system. He showed that what is critical is whether the recipient mail box is EAI-ready. An ASCII sender can send to either an ASCII or an EAI recipient, but an EAI sender cannot necessarily send to an ASCII recipient. The rules concerning this are extremely complicated (however, if the sender knows that the ASCII recipient is hosted at Gmail or Hotmail, then they can rest assured that it will work fine).

As a result, EAI senders need to be prepared for their email to fail if they are sending to ASCII recipients. In this case, Levine recommended to retry every so often, because even if a mail system does not support EAI now, it may do in the future. As an example, Hotmail and Outlook have only started supporting EAI in the past year, Yahoo intends to begin supporting it in the future.

Implementation of EAI

John Levine explained that the changes required to make an email system EAI- ready are extremely simple. Firstly, this is the inclusion of a new SMTP feature, SMTPUTF8. This allows the recipient to say that it accepts EAI mail. Secondly, the sender system places an SMTPUTF8 tag after the MAIL FROM address. This puts the recipient mail system on warning to check that the recipient has an EAI- compatible email address. The recipient email system also has the possibility to reject EAI mail, even if the system as a whole accepts EAI, depending on whether the specific recipient address can or not.

Advice for writing mail server software

Levine advises programmers first to check and make sure you do not send internationalized email to someone who cannot accept it. In the case of fails, do something sensible: provide a human-readable error message, or, in the case of bulk mails, you might need a different version of the mail for ASCII-only addresses. Further, both U-label and A-label versions of domain names in email addresses should be accepted. Finally, do “fuzzy” matching on incoming addresses – to deal with variations such as upper/lower case or missing accents, similar to the ways mail systems have of dealing with misspellings.

What ESPs and email mailbox providers should consider

When assigning email addresses, ESPs should avoid addresses that people cannot type or that confuse users (for example, if they do not speak the language they are typing in) – the Unicode consortium and the IETF provide guidance on this. Furthermore, ESPs should avoid mailboxes with easily confused local parts (bob, bób, bøb) – do not make these separate addresses, but make them all the same address. (On the other hand, when compiling lists of email addresses, keep in mind that if you come across bob, bób, and bøb, they are probably all the one address, perhaps a misspelling.) Furthermore, most EAI users will also have an ASCII address – you can ask if they will give it to you.

For mailbox providers, Levine again emphasized the need for “fuzzy” matching – allowing mistakes with case, missing accents, or variant characters.

He added that it is not possible to downgrade an EAI message into ASCII without losing information, and it is not possible to respond to a downgraded message. Therefore it is better to put energy into making software EAI-capable than trying to invent non-EAI workarounds.

Security issues

• Homographs: e.g. Latin O, Cyrillic O & Greek Omicron all look the same, are bit-for-bit identical in some programs. If someone sends an email to B- Omicron-B, send it to Bob. But ESPs should not assign addresses like B- Omicron-B in the first place, because that’s just going to confuse people.
• Two-way Text: Left-to-right vs right-to left text flow. Avoid combining these within an emails address (www and .sa going left-to-right, and Arabic text as the local domain going right-to-left). Even the dot itself can be a left-to-right character.
• Avoid mixed scripts. In theory, an address could combine a Chinese character, and Arabic, Cyrillic, etc., but combining them is bad practice. It is unreadable and impossible to type. While compatible scripts are ok (e.g. the three scripts used to write Japanese), mixed scripts should be treated very skeptically by spam filters.
• Variant characters (e.g. different, simplified version of Chinese characters). Be aware of the problem: just like Bøb above, the variant probably refers to the same person.

Challenges

Long domain names – there are top-level domains names as long as 24 characters.
Several ways to write the same character (is it á or a + ́ ?). If it is possible to combine the elements into a single pre-defined character, it is better to do so.
Punctuation is possible in local parts – it is allowable, but not advisable.
It is technically legal to use an emoji in an email address. This should be avoided, because they are not easy to type. An email address must be easy to read and to type. Two different emojis with slightly different skin tones are not easy to differentiate or type.

Conclusion

John Levine finished by saying that EAI is on the way. It is going to be popular, particularly in countries like Thailand and India, where there is a literate population that does not read or write English. And finally, it is not difficult, but it is important to get ready.

Doichain – A Blockchain-Based Approach to Double Opt-In

Stephan Zimprich from Fieldfisher and the eco Association began this session with a brief explanation of the characteristics of blockchain that make it interesting for legal reasons: these being that it is a transparent form of documentation, and it is revision-proof, meaning that its history cannot be changed. He then went on to describe Smart Contracts: blockchain-based applications that allow credible transactions without the need for a third party making transactions trackable and the documentation irreversible. Further to this, he introduced the concept of a Daap – a decentralized application which runs on a blockchain. Daaps do not require a provider or hoster. They are open source and can create crypto hash tokens.

Potential value of blockchain for email marketing

From this point, he turned his attention to email marketing. Sending marketing emails to recipients requires the unambiguous consent of each recipient. This consent can be given in the form of a double opt-in (DOI), however, proof of consent can prove difficult, because it is possible to manipulate log files. The risk exposure for email marketers has increased since the EU General Data Protection Regulation (GDPR) came into effect in May 2018. Zimprich mentioned that recently, a fine of £40,000 was imposed on the UK company Grove Pension Solutions for sending unsolicited mails to around 2,000 recipients. This illustrates the real risk of sending marketing emails without being able to prove that you are entitled to do so.

Before handing over the floor to André Moll, Stephan Zimprich concluded that blockchain allows you to demonstrate that a DOI actually happened – and can do this in a revision-proof manner.

Doichain

André Moll from Doichain LVC then introduced Doichain, a blockchain-based application for documenting and storing DOIs. Doichain is based in Lichtenstein, which he said was the first country in the world to have blockchain law. Doichain was started in response to the EU General Data Protection Regulation (GDPR) and he hopes it will become a standard for secure email permissions. The application is based on bitcoin technology, because it is the biggest and most-commonly used blockchain.

Doichain documents fraud-proof DOIs, providing proof of existence of the DOI email and registration, including the conditions that were displayed at the time of opting in. It also enables the ISP to check the receiver’s permission in real time, which, Moll pointed out, can help with spam protection. Furthermore, Moll describes it as universal, because everyone has access, it is usable worldwide, the blockchain is permission-free, the source code is freely accessible, and the API is freely accessible and freely usable.

Potentially Interested parties:

According to André Moll, the developers of Doichain identified four groups of potential interested parties for the application, and their respective benefits. There were:

1. Lead generators – legal certainty and an improved reputation

2. Brand/list owner – no spam traps, legal certainty, higher reputation, and therefore more successful campaigns

3. Email recipients – higher security, higher trust and less spam

4. ISP – no false positives, clear delivery criterion, increased customer satisfaction, differentiation from competitors, and additional revenue (here, he calculated that a large ISP with 20 million inboxes could earn €10 million per year in revenues, in the case of Doichain having a 100% market share – in response to questioning from Stephan Zimprich at the end of the session, he admitted that this would be “in a perfect world”). Implementation for ISPs includes investing in the installation and testing of the node software, and the operation of a server suitable for 20 million inboxes. There are no license fees and no commissions.

Moll concluded by saying that Doichain currently handles 3,000 transactions per second, but that a second layer is planned that will enable unlimited transactions per second.

In the subsequent Q&A session with Stephan Zimprich, Moll said that, although there remains a risk in China’s intention to ban Bitcoin, he believes recent rises in the value of Bitcoin is demonstrative of the fact that the blockchain is sound, and he believes that many other countries will keep mining going.

Responding to further questions from Zimprich, he went on to say that Doichain has been prepared since inception to be useable for other opt-in processes, such as for push notifications, and that it will integrate into common mobile operating systems in the future. The focus is not currently on these endeavors, because the team currently consist of only four people. However, his vision is that Doichain will become a movement, with many people cooperating and deciding together as to the future direction of the Doichain initiative.

How the Next Generation of Consumer Email is Becoming a Reality

How is email doing in 2019?

Email is simply not dying, according to Becker. Personal communications might follow the path of least resistance, such as through social media. But for businesses, email is 40 times more likely to acquire or convert than Facebook and Twitter combined. With social media, a message disappears when more new messages enter your feed. With email, the message is still there. You can go back and look at it again later, in your own time.

72% of consumers prefer email for communication and information from their favorite brands, in comparison to all other communications channels. 83% of GenZ users will continue to use email to stay informed and get information and coupons. 46% of brands are currently intending to increase their email marketing budgets. Email offers a phenomenal 4200% ROI: For every dollar you spend, you make $42 back. These were just a few statistics to warm up with, before turning the focus to what’s coming up in the next generation of consumer email.

What was email expected to do in 2018?

Becker then went on to recap predictions made during the CSA Summit 2018. Firstly, Marcel Becker himself had forecast that the email experience would increasingly happen outside of the email canvas – e.g. in cards, or through personal assistants and voice assistants. Then Christian Hanke had foretold micro or mini experiences – emails especially tailored and engineered for one individual person. Thede Loder had introduced BIMI, and all had agreed that this was important for brands to reach consumers and create a better email experience.

And Becker had talked previously and again in this presentation about the importance of partnerships – how the different segments of the industry should work together, because it is for the benefit of everyone’s mutual customers. The one thing that keeps all of this together is the data – there is a need to pool available data between companies, because everyone has different data, and we’re not doing enough with the data we have.

Reality check

What happened? – they were right.
Becker pointed out that what the industry is doing is creating a rich and secure environment for consumers. They need to feel safe and have a great experience, so that they will spend money as a result. But they will only do that if the right foundation is in place.

DMARC and protecting customers

Seth Blank then took up the baton, to talk about the topic of DMARC. He started with a hypothetical situation: Imagine I’m using your order navigation system and your purchase flow, but my payment system. It is possible to defraud customers of their money in a really rich experience that looks and feels like the authentic brand. To build the personalization of the future, it is vital to make sure this doesn’t happen. DMARC is essential to achieve this. DMARC is attribution – to know that mail from a particular sender actually comes from that sender, and not from an impersonator.

The key message from Blank is that authentication should be done for the organizational domain, across the entire company. If authentication is done on a subdomain, fraudsters can use any other unauthenticated subdomain to defraud a company’s customers. He calls for the industry as a whole to lift its game, to ensure that personalized experiences in the future can occur without fraud. As a brief illustration of what this means, Blank used messenger apps as an example. This is a very different experience than email, in particular because you know definitively who the two or more parties in the chat are. Email doesn’t work like that.

Marcel Becker came in at this point to say that the difference is that these apps are more for personal communication. Email is being used for something else, and what needs to happen next is that the brand-to-consumer use case needs to be solved. There is a need to develop this kind of trust – what we see in messenger apps – in email. Blank went on to say that consumers want to interact with their brands by email. Consumers need confidence that the email is really from the brand it purports to be from. With DMARC at the center of the communication, consumers can have this confidence.

There is some hesitancy – especially in Germany – to implement DMARC. It is seen as difficult, and not all mail providers evaluate it. In contrast, Seth Blank explained that 100% of receivers in the US, Australia, Japan, and China, and most in Europe, validate DMARC and send reports, and the gap is closing. DMARC is already incredibly widely deployed and available, with 75% of mailboxes globally supporting it. Last year, 5-10% of mail came with a DMARC record attached.

Today, receivers in the US are registering 70% of incoming mail with a valid DMARC record. However, this is mainly large volume senders. If, instead of calculating on the basis of message volume, the number of senders in the “from” domain is counted, then the picture is very different: Only 6% of senders in the world are actually using DMARC at quarantine or reject. Therefore, Seth Blank says there is a lot further to go.

Blank went on to say that DMARC adoption needs to grow in order for the personalization of the future to become a reality. A brand’s campaigns will only be as powerful as they can be when they are truly under the control of the brand, and not in a field of others pretending to be that brand. Blank believes it is important to show leadership here. At the moment, DMARC is a CSA recommendation – he wants it to be a requirement.

BIMI

He then moved on to the topic of BIMI, or Brand Images for Message Identification. He started by saying that if you get authentication wrong, your message will be displayed with fish hooks or questions marks, or warning banners. If you do everything right, your message might be displayed with initials, or the mailbox provider might attempt to guess at your logo, might get it right, but might get the colors wrong, or use an outdated logo from their library, etc.. Even though you, as a brand, have already done everything right, you get no control over how your message will be displayed. BIMI is about giving control to the sender to choose the correct image to appear in the email client.

Becker then mentioned the consumer benefits of BIMI. Verizon asked their users about preferences, and their users prefer emails with an avatar of the recipient, or a logo when the email comes from a brand. 80-90% of all email consists of messages from brands to consumers. Having a visual representation of the sender appearing in the email client has resulted in a 10% increase in the open rate.

The BIMI pilot phase is currently running. So far over 100 brands have signed up, and for around 25-30% of the brands that have signed up, Verizon did not already have a logo in their database. 60-70% of the logos that they replaced with BIMI logos are now higher quality and more up-to-date than those in the database. BIMI really helped to improve the experience.

According to Seth Blank, BIMI also makes DMARC approachable because you can directly see the impact of proper domain authentication. Some say DMARC is hard – but this gives you a reason to get through it. Everyone wins. Receivers want authentication, users want a better experience in their inbox, and brands want the right logo to display.

Other email initiatives

AMP is another initiative that is helping with dynamic content, to create a rich, secure experience. More information about this will be forthcoming later in the year.

Schema.org – in the past, bots were used to identify and categorize what the machine was trying to tell the user. Schema enables machines to talk to each other, to make sense of an email, extract the information, and make it actionable. The email can then be presented to user when it is needed, sorted by relevance, and combined with locational features. There are lots of startups coming up with new ideas making use of it.

What’s coming next?

Brands want more interaction, in order to make more money. One pain point is the increasing loss of access to data, to classic methods for measuring engagement and tracking, when you move outside of the email canvas. Becker warned ESPs and brands that their data is wrong. Becker predicts that a 10% open rate for a campaign is probably more like 5% or less.

Becker announced the launch of a new product from Verizon, “View Time Optimization”, which brings together BIMI, AMP, SCHEMA, and data (true engagement data), putting all the puzzle pieces together in a meaningful tool, with the promise of an increase of ROI to 8000%. The pilot of View Time Optimization resulted in a 5-times increase in open rates, and has exceeded expectations.

He finished by saying that great email experiences can only be achieved through partnerships.

READ WHAT THEY SAID IN…

Report 2016

Report 2017

Report 2018