Share your ideas

Secured tokenization of email footer links

In email footer links to "manage preferences" or "unsubscribe," customer email addresses are being passed in a unsecured manner. Request is to create the ability to tokenize or encrypt customer data (email address) so that the subscription management links in email footers pass customer data securely.

Token should be unique.

Token should expire based on business need.

Token should not be reused.

Should be able to create multiple tokens for a single email address, that operate independently, so that multiple emails sent to a single email address do not share a token.

Base 64 is not secure enough for a solution.

Token should be randomly generated.

An API should be provided so that clients can communicate with the vendor and determine if the token is valid / not expired.

  • Jennifer Bollen
  • Jul 5 2022
Content / User Experience
How will this idea be used?

This will be used in all commercial email footers globally.

By creating secure tokenized email footer links, the customer will be able to:

  1. Click thru on an email footer link and be directed to the application that displays their marketing email preferences

  2. A login or other validation would not be required (unless the token is not valid or expired)

  3. The customer data would be obscured in the customer-facing URL so that bad actors cannot change preference data without customer consent

Attachments Open full size
What is your industry? Travel & Transportation
What is the idea priority? High

Related ideas