Everything you need to know about BIMI for email
Email continues to be the most popular way for businesses globally to communicate, so it’s crucial organizations implement the best methods for ensuring both authenticity and brand experience.
Brand Indicators for Message Identification (BIMI) is an email standard introduced in 2021 that enables businesses to show their brand logo in the avatar slot of the DMARC-authenticated emails they send. This means businesses can proactively protect recipients of their email from bad actors. If you're a technical administrator, marketer, or business leader, implementing BIMI will mean you reap the benefits.
Implementing BIMI email for your business
The inbox is a battleground for attention, and today businesses need to use every way possible to stand out, increase brand impressions, and improve consumer interaction with the emails they’re sending. Below is some useful information on how to implement BIMI for your business.
To help more businesses get ready for BIMI, we’re covering the 7 things you need to know before implementing it.
Everything you need to know in terms of logo requirements for BIMI.
We go into detail on the first step you need to take to get ready for BIMI.
Similar to SPF, DKIM, and DMARC records, your BIMI record lives in your DNS as a text (TXT) file. When an email you send arrives in the recipient inbox, the recipient server looks this up to check that it’s coming from a verified sender (using DMARC). Once authenticated, the BIMI TXT file informs the recipient server of the logo’s location, and it is then made visible in the recipient inbox.
A BIMI record is a text (TXT) record that includes your BIMI logo SVG file’s URL.
Here's an example: v=BIMI1; l=https://bimi.entrust.net/redsift.io/logo.svg; a=https://bimi.entrust.net/redsift.io/certchain.pem
The time it takes to deploy BIMI can vary from business to business. Most of the time, it depends on your organization’s size, the complexity of your infrastructure, your DMARC status, and whether you already have your logo trademarked.
To obtain a VMC, your organization’s domain needs to be in p=quarantine at 100% or p=reject. With OnDMARC, this can be achieved in just 6-8 weeks.
To ensure security and protection for your organization, BIMI can only be implemented on a domain that has a DMARC protection policy of at least p=quarantine, and that policy is at 100%.
DMARC is a protocol that allows domain owners to obtain visibility to email services that are sending on their behalf, and also to block unauthorized senders. DMARC is the only protocol that can prevent illegitimate services from sending on behalf of a domain once that domain is at a policy of quarantine or reject.
DMARC works with existing protocols SPF and DKIM. These protocols need to be configured on your valid email sending services before moving into a DMARC protection policy.
No, BIMI is not a security standard. For a business to be able to use BIMI in line with Google, it must be DMARC compliant. DMARC is a security protocol that protects against exact domain impersonation. When implemented correctly (p=reject), it blocks phishing attacks using your domain, protecting your business, brand reputation, and supply chain. It can also improve your email deliverability and even inbox placement as a result.
It’s vital that we view BIMI as a ‘reward’ for correctly implementing the security protocol DMARC. While the presence of a logo in the email indicates DMARC compliance, it in no way offers domain protection. This is done by the DMARC protocol it sits on.
A Verified Mark Certificate (VMC) is the logo certification required for BIMI. It’s issued by a Certification Authority (CA) and works alongside DMARC to enable logo visibility in the inbox. Google has selected just two CAs as eligible to issue VMCs, one of which is our partner Entrust.
To get a VMC, your logo must be trademarked. Having a VMC is an essential part of the puzzle, as without one you won’t be able to become BIMI certified.
BIMI is the protocol that will enable you to display the logo beside your message.
A VMC (verified-mark certificate) certifies that the logo belongs to the company and that it is a legitimate company. A VMC ties into the BIMI record as a tamper-proof security measure, and by itself won’t do anything.
VMC certifications are going to follow the EV framework. Every organization that wants to set up BIMI and display its logo on Google and Apple Mail will have to go through a certification process with a certification provider. The BIMI certification will specify:
- Which domains are whitelisted
- The logo that the user wants to show
The certification is valid for a year and then will need to be renewed every year.
Any good email marketing strategy will involve tweaking subject lines, cleaning email lists, and curating email content. This is done with the goal of increasing open rates, boosting click-throughs, swerving spam complaints, and keeping bounce rates low. But while these are good practices, it’s likely the widespread adoption of globally-recognized standards like DMARC and the benefits which come with these (such as BIMI) will ultimately make the real difference in keeping our email ecosystem robust for years to come. In early studies we’ve carried out, we found that logo visibility in email does appear to have a positive effect on certain consumer interactions in email.
BIMI is supported by Apple, Gmail, Yahoo, and Netscape among others. Outlook currently does not support BIMI.
BIMI is supported by
Check if you're