Google BIMI & Common Mark Certificates (CMC): Requirements, Benefits & How to Setup (2026)

There is good news for new businesses who don’t want to go into the hassle of getting their logo trademarked for it to display in Gmail inboxes. The recent Google updates now allow brands with even Common Mark Certificates (CMCs) to display their BIMI logo! 

Google now accepts Common Mark Certificates (CMCs) for BIMI logo display in Gmail, making it easier for SaaS startups and e-commerce brands to show their logos without trademark registration. CMCs require only one year of logo usage compared to the expensive trademark requirements for VMCs. It’s excellent news for SaaS startups and mid-market e-commerce brands who want to display their logos in Gmail without the hassle of trademark registration.

By accepting CMCs, Google has made BIMI more accessible for growing brands. To see how this translates into logo display and inbox trust, let’s look at what BIMI is and how it works.

What is BIMI and How Does It Work?

BIMI (Brand Indicators for Message Identification) is an email authentication standard that allows organizations to display their brand logos directly in recipients’ inboxes. When properly implemented, BIMI works alongside existing email authentication protocols like DMARC, SPF, and DKIM to verify that emails are legitimate and from authorized senders.

Here’s how BIMI works:

1. Email authentication: Your domain must have DMARC enforcement (quarantine or reject policy) in place
2. Logo preparation: Your brand logo must be in SVG Tiny PS format and meet specific technical requirements
3. Certificate validation: You need either a CMC or VMC
4. DNS publication: A BIMI record is published in your domain’s DNS containing your logo and certificate information
5. Display: When you send emails, participating email providers like Gmail check your BIMI record and display your logo

Benefits of BIMI for Email Senders

Implementing Common Mark Certificate BIMI helps email senders build brand trust, improve inbox visibility, increase open rates, and reduce phishing risk by displaying a verified brand logo in supported email clients. Here’s a more detailed look at the benefits.

Enhanced brand trust and recognition

BIMI displays your verified brand logo directly in recipients’ inboxes, creating an instant signal of authenticity.

To enable this, you need a Common Mark Certificate for BIMI; a digitally verified credential that confirms your organization’s ownership of its logo. Once in place, every authenticated email carries your official brand mark, building familiarity and trust with every send.

Improved email engagement

When recipients can visually verify a trusted sender, they’re more likely to open the email.

Google BIMI support in Gmail has been especially impactful — with your authenticated logo appearing alongside emails in the world’s largest email platform, your messages stand out in crowded inboxes and drive stronger open rates over time.

Protection against phishing

BIMI requires DMARC enforcement and a verified Common Mark Certificate, meaning only emails passing strict authentication checks can display your logo. This makes it significantly harder for bad actors to impersonate your brand.

When customers learn to associate your verified logo with legitimate emails, any message without it becomes an immediate red flag. It gives both your brand and your audience an extra layer of defense.

The Evolution of BIMI Support in Gmail

Google is a leading supporter of Brand Indicators for Message Identification (BIMI) and was among the first email providers to display brand logos in inboxes. Gmail began showing BIMI-enabled brand avatars in 2021.

Since then, Google has expanded its BIMI framework to support additional certificate types, making logo display more accessible to a wider range of senders.

Simplify Security with PowerDMARC!

No credit card required

Gmail BIMI Requirements Before the Update

Before Google’s recent changes, Gmail only supported BIMI implementations backed by a Verified Mark Certificate (VMC). To qualify, senders had to meet all of the following requirements:

• DMARC enforcement set to p=quarantine or p=reject
• A BIMI-compliant SVG logo
• A Verified Mark Certificate (VMC) issued for a trademarked logo
• A correctly published BIMI DNS record referencing the logo and certificate

This limited BIMI adoption to brands with registered trademarks and the resources to obtain a VMC.

Updated Gmail BIMI Requirements

Google has expanded BIMI support by introducing (CMCs) as an alternative to VMCs. The current Gmail BIMI requirements are:

• DMARC enforcement enabled (p=quarantine or p=reject)
• A brand logo in BIMI-compliant SVG format
• Either a Common Mark Certificate (CMC) or a Verified Mark Certificate (VMC)
• A valid BIMI record pointing to the logo and certificate location

This update significantly broadens BIMI eligibility for senders using Gmail.

Google’s Support for Common Mark Certificates (CMCs)

Google now allows BIMI logo display in Gmail using a Common Mark Certificate. A CMC verifies brand ownership without requiring a registered trademark. This makes BIMI adoption faster and more accessible for small and mid-sized businesses.

With a CMC:

• The brand logo can appear as a BIMI avatar in Gmail
• Trademark registration is not required
• Certificate issuance is typically simpler and quicker than a VMC

Steps to Get Your CMC for BIMI

A CMC lets your brand logo display in email inboxes using Google BIMI without requiring a registered trademark, as long as you meet certain eligibility requirements.

1. Ensure email authentication is fully configured

Before you can request a CMC, your domain must be protected by strong email authentication:

• SPF (Sender Policy Framework) set up correctly
• DKIM (DomainKeys Identified Mail) signing outbound emails
• DMARC implemented with a policy of quarantine or reject (not p=none)
• DMARC must apply to all sending domains and subdomains you use.

Strong email authentication is essential because BIMI and CMC issuance relies on DMARC to prevent spoofing and unauthorized senders.

2. Prepare your brand logo

Your logo must meet the BIMI logo requirements:

• SVG format following BIMI specifications (square shape, transparent background, SVG Tiny 1.2 profile)
• Logo should be publicly used and visible for at least 12 months (proof may include archive.org or live site usage)

This prior use requirement replaces trademark ownership for CMC eligibility.

3. Choose a certificate authority (CA) that issues CMCs

Only trusted Certificate Authorities approved for BIMI CMC issuance can validate and issue your Common Mark Certificate. Common providers include:

• DigiCert
• GlobalSign
• SSL.com

(These are among the recognized Mark Verifying Authorities for BIMI certificates.)

Select the CA you want to work with; many offer online ordering and validation workflows.

4. Submit your certificate request

When ordering your CMC from your chosen CA:

• Provide your domain details; the domain that will send authenticated email
• Upload your SVG logo and evidence of prior use
• Complete any business validation steps the CA requires (e.g., organization details, domain control checks)

Some CAs may require a brief verification call, identity validation, or supporting documents to confirm that your organization controls the domain.

5. Receive and install your CMC

Once the CA verifies your information:

• They will issue the CMC digital certificate
• You’ll receive a certificate file (PEM or equivalent) from the CA
• Store this certificate securely; you will reference it in your BIMI DNS record.

CMCs can typically be issued within 5-10 business days if all prerequisites are already in place.

6. Host your logo and update DNS

To complete your BIMI setup:

• Upload your logo SVG and the certificate file to a secure HTTPS server
• Create a BIMI TXT record in your domain’s DNS that references the logo and CMC certificate location

7. Test and monitor your BIMI setup

After publishing your BIMI record:

• Use BIMI checking tools to verify correct DNS and certificate configuration
• Send test emails to supported inboxes (e.g., Gmail) to confirm your logo displays properly

Remember: CMCs will display your logo but do not generate a blue verified checkmark in Gmail. That feature is available only with a Verified Mark Certificate (VMC).

Common Mark Certificates vs. Verified Mark Certificates: Key Differences

A CMC and a VMC both enable BIMI logo display in supported inboxes like Gmail, but they serve different needs.

Each certificate follows a different verification process and offers a different level of brand trust. This comparison explains the key differences so you can choose the option that best fits your brand and email program.

Troubleshooting BIMI Implementation Issues

Even with common mark certificate BIMI enabled, logos may fail to appear in inboxes due to configuration, authentication, or validation issues. Gmail and other BIMI-supporting mailbox providers apply strict checks across DMARC, DNS, logo format, and certificate validation.

Below are the most common BIMI implementation problems and how to resolve them.

Common issues to check:

• DMARC not enforced: BIMI requires p=quarantine or p=reject
• SPF or DKIM failures: Both must pass and align with DMARC
• Invalid SVG logo: The logo must follow BIMI SVG Tiny 1.2 specifications
• Certificate mismatch: The CMC or VMC must match the logo and sending domain
• Incorrect BIMI DNS record: Errors in the default._bimi TXT record can block validation

What to expect: BIMI logo display may take a few days after a correct setup. Mailbox providers cache results, so changes do not appear instantly.

Which email providers support BIMI?

BIMI support varies by mailbox provider, and not all inboxes display brand logos yet. These email providers currently support BIMI and what type of logo verification they require.

Configure BIMI CMC Easily for Gmail with PowerDMARC

Your brand logo displayed in emails is a sign of enhanced trust for email recipients. It provides them with the confidence to click on your email without a second thought, or worrying about a phishing attempt.

PowerDMARC’s hosted BIMI feature removes the complexity from BIMI setup. Only PowerDMARC offers:

• Fastest BIMI deployment in the industry
• White-glove support from email authentication experts
• Full compliance with Google, Yahoo, and Apple Mail
• SOC2 and ISO 27001 certified infrastructure
• Trusted by over 4,000 organizations globally

A customer talks about their experience with Google BIMI:

“As a growing SaaS company, we needed to establish trust with our customers quickly. PowerDMARC’s CMC implementation helped us display our logo in Gmail within just two weeks, significantly improving our email engagement rates and customer confidence.” – IT Manager, Mid-market SaaS Company

Email security goes beyond branding. For example, a retail e-commerce company recently leveraged automated penetration testing tools to enhance its customer care email security. These tools identified vulnerabilities in password policies and underscored the need for stronger authentication mechanisms.

Display your brand logos in Gmail inboxes in no time with PowerDMARC’s hosted BIMI. Contact us today!

Frequently Asked Questions

1. What is Google BIMI?

Google CMC BIMI is Gmail’s implementation of the Brand Indicators for Message Identification standard, which allows verified senders to display their brand logos next to emails in Gmail inboxes.

2. What is the difference between DMARC and BIMI?

DMARC is an email authentication protocol that protects against email spoofing and phishing by verifying sender identity. BIMI builds on top of DMARC by adding visual brand indicators (logos) to authenticated emails. DMARC enforcement is a prerequisite for BIMI implementation.

3. How much does a BIMI certificate cost?

Common Mark Certificate BIMI typically cost between $1,500-$3,000 annually, while Verified Mark Certificates (VMCs) can cost $1,500-$5,000+ annually. CMCs are more cost-effective for businesses without trademarked logos, while VMCs require trademark registration but provide additional verification benefits.

4. What are the requirements for Google BIMI?

Google BIMI requirements include:

1. DMARC policy at enforcement level (quarantine or reject)
2. Brand logo file in SVG Tiny PS format
3. Either a CMC or VMC
4. Proper BIMI DNS record configuration pointing to your logo and certificate.

5. What does BIMI stand for?

BIMI stands for Brand Indicators for Message Identification. It’s an email authentication standard that enables organizations to display their brand logos in recipients’ inboxes when emails pass authentication checks, helping to build trust and prevent phishing attacks.

6. How long does BIMI implementation take?

BIMI implementation typically takes 2-4 weeks for organizations with existing DMARC enforcement. This includes logo preparation (1-3 days), CMC acquisition (1-2 weeks), DNS configuration (1 day), and testing/validation (2-3 days). PowerDMARC can accelerate this process significantly.

• About
• Latest Posts

Yunes Tarada

Domain & Email Security Expert at PowerDMARC

Yunes is an Operations Team Lead at PowerDMARC with expert knowledge in email authentication and security. Yunes is a Microsoft-certified Azure Administrator Associate with certifications in CompTIA A+ and many more.

Latest posts by Yunes Tarada (see all)

• 550 From Address Violates UsernameCaseMapped Policy: Causes & Fixes - February 11, 2026
• A Step-by-Step Guide to Setting Up SPF, DKIM, and DMARC for Wix - January 26, 2026
• How to Fix “Reverse DNS Does Not Match the SMTP Banner” Error - January 22, 2026