There’s a saying that goes something like, “Don’t judge a book by its cover”. However, we all know that we can’t help but do just that — particularly when it comes to online safety and security. Logos play an essential role in determining whether we decide to open an email or not and how we assess the level of importance of each message. Brand Indicators for Message Identification, or BIMI intends to make it easier for us to quickly identify important information within emails using branding guidelines and visual cues found in logos.
In recent times, email users are often left confused about the authenticity of an email and this has emerged as a major issue for companies that are battling against spam emails. BIMI works to provide email users with easy access to information regarding the sender’s brand identity. It gives an organization the control and liberty to decide which logo should be attached to their authenticated emails. Overall, BIMI acts as an added layer to your pre-existing email authentication setup.
What is BIMI and How Does it Strengthen Your Email’s Security?
BIMI is a standard that can be configured by making certain DNS-based alterations, allowing organizations to display their unique brand logos alongside DMARC compliant emails. BIMI centralizes logo display by empowering domain owners to share a single, standard image. This eliminates the need to create proprietary systems for logo display and management, and the frustration associated with brand proliferation. It provides a better user experience across the email inbox.
Before hopping onto setting up your BIMI record, there are a few key requirements that you need to keep in mind. They are as follows:
- Prior to implementing BIMI, make sure your domain is set up with a DMARC policy of either ‘reject’ or ‘quarantine’ with the help of our DMARC report analyzer
- You need to convert your BIMI logo image to an SVG file that abides by the BIMI standard specifications
- Get a Verified Mark Certificate from a trusted certification authority
Before your emails reach your receivers’ inbox, they are authenticated against DMARC. On passing DMARC, the receiving server queries the sender’s DNS for a BIMI record. When found, the sender-designated logo is then displayed in the receiver’s inbox. While not directly a security protocol, BIMI requires DMARC authentication to function. This ensures that emails are verified before reaching your clients, thereby extending and enforcing the implementation of security standards.
Note: The display of your logo when using BIMI is determined by the mailbox provider. Only the mailbox providers that support BIMI show the logo.
The Highlight of 2021: Gmail Extends Support To BIMI
Previously, BIMI was supported by Verizon Media properties, including Yahoo!, AOL and Netscape, while Fastmail and Gmail were still working on their pilot program. Fast forward to July of 2021, BIMI creators made the much-awaited announcement that Google was officially rolling out BIMI for all Gmail inboxes.
It is no surprise that email is a viable communication tool utilized by an estimated 80% of businesses around the globe, that isn’t going anywhere anytime soon. With attackers trying to launch phishing campaigns by forging sender identities, enhancing the email security posture should be a continuous and ever-evolving process. This is why, slowly yet steadily, email clients are embracing email authentication best practices like DMARC, MTA-STS, and BIMI, to help domain owners protect their information from cybercriminals. Currently, BIMI is supported by the following mailbox providers:
- Verizon Media (Yahoo!, AOL)
BIMI and VMC: Verified Mark Certificates and Their Uses
Verified Mark Certificates is a solution to help companies display verified brand logos in the clients’ sender field. VMC builds on BIMI standards to help organizations commence their BIMI journey seamlessly with verified brand logos that are displayed in their recipients’ inboxes, instead of an arbitrary logo that doesn’t represent their brand in any way.
A VMC is issued by a publicly trusted certification authority. Much like BIMI, it requires the following prerequisites in place:
- Make sure your brand logo is trademarked
- Make sure your emails are DMARC compliant
- Keep your brand logo ready (in SVG format) that abides by BIMI specifications
After getting hold of your certificate, you can easily upload it along with your logo with a single click of a button on the PowerBIMI dashboard, to configure BIMI for your organization.
How to Create a BIMI Record: Single-Click BIMI DNS Record Implementation with PowerBIMI
A BIMI record is essentially a DNS TXT record that needs to be published in your domain’s DNS to configure the protocol. You can easily create your own BIMI record using our free BIMI record generator tool. This tool instantly generates an error-free record as soon as you upload your brand logo and hit the ‘generate record’ button! With PowerBIMI, our hosted BIMI record service, avoiding the difficulties of configuring the protocol is now possible! We help you quickly progress towards an enforced DMARC policy to meet the BIMI requirements, and avail of the following benefits when you get on board:
- Hosted BIMI services that help you configure and operate the protocol effortlessly, as we handle the complexities completely in the background.
- Protocol implementation for the end-user is reduced to publishing a single CNAME record
- Uploading your SVG logo and VMC is instant, with a single click
- Modify and update your BIMI record configurations directly from the dashboard without the need to access your DNS or servers again and again
- Resolve errors easily with constant assistance from our round-the-clock support team
Simply configuring your email authentication protocols is not enough to protect your domain from abuse and impersonation. To stay updated on the evolving tactics of attackers and gain continuous visibility on all your email channels and sending sources, monitor, secure, and protect your domains. Sign up for free DMARC and BIMI now.