Subdomain Verification for Email Authentication - Decisimo

Published on: 2024-08-10 18:29:56

Introduction:

Teams working in fraud prevention know that verifying whether an email address is real matters. A solid email check helps separate legitimate addresses from junk. This article describes a simple method for checking email addresses by looking at their subdomains.

Problem Definition:

A common problem in email validation is telling real corporate emails apart from junk or malicious mail. Standard verification methods often miss that distinction, which leads to false negatives or false positives.

One signal that often gets ignored is the presence of subdomains in corporate email domains. A corporate domain is likely to have multiple subdomains that support business services. These may include virtual private network (VPN) endpoints, drives, email servers, and other internal company services.

Problem Resolution:

The solution is to check whether a domain has subdomains. For that, we can use the SecurityTrails Subdomains API service. The API makes it possible to inspect subdomains linked to a given email address.

In the decision flow, the process starts by calling the SecurityTrails Subdomains API to check for subdomains linked to the domain. Then rules run based on the result of that check. The presence of subdomains can indicate that the domain belongs to a legitimate corporate entity, which improves the email verification process.

Proposed Rules for the Fraud Rule Engine:

To make this practical, the check needs to be integrated into the existing fraud rule engine. Here are rules that can be implemented:

  • Data source call: Make an initial call to SecurityTrails Subdomains API to check for subdomains associated with the domain from the email address.
  • Rule 1: If no subdomains are found, flag the email address as potentially fraudulent.
  • Rule 2: If subdomains are detected, run additional checks for common business-related subdomains such as 'vpn', 'email', 'drive', etc.
  • Rule 3: If none of these business-related subdomains are found, flag the email address as potentially fraudulent.
  • Rule 4: If these business-related subdomains are present, validate the email as legitimate.

This approach uses subdomains as a criterion for email validation to separate genuine corporate emails from junk mail. Adding these rules to the fraud rule engine improves the accuracy of the email verification process and supports stronger anti-fraud operations.

Published: 2023-07-06

Related Articles

  • Building Anti-Fraud Competency Without Losing Control of Your Data

    Anti-fraud is not a product you install once and forget. It is an operating capability built from data, decision logic, traceability, and continuous tuning across the customer journey. Companies can buy parts of that stack, but if they outsource the core logic and enriched data, they often create a lock-in problem that is hard to unwind later.

  • Why Case Management Matters in Anti-Fraud Work

    Fraud teams need more than detection. They need decision logic, case tracking, and a clear path from alert to resolution. This article explains why case management matters in anti-fraud work, which functions it should support, and how automation removes repetitive tasks without reducing control over the investigation.

  • How to implement an automated decision strategy that keeps working under failure

    Automated decision strategy is not just about getting the happy path right. It also needs to keep making safe, explainable decisions when data is missing, providers time out, or a complex decision flow fails. This article shows how to design decision logic with failover and missing data strategies built in from the start.

  • 3 minutes guide - Decisimo - Decision Intelligence Services

    This 3-minute guide shows how to connect Decisimo, configure decision logic, and test a release before it goes live. It walks through the setup in 3 steps, from API integration to production deployment, so you can start making decisions with a clear process.

  • Data sources you can use

    This article explains how to integrate external RESTful APIs into Decisimo decision flows. It covers the minimum API requirements and supported response formats, JSON or XML. It also lists common third-party data types, such as anti-fraud, address validation, and email profiling, as well as the option to call internal data services. Finally, it explains the available integration templates and how each API response is stored as JSON in the flow’s output attributes for downstream decision logic.