Brand Indicators for Message Identification (BIMI)

BIMI: Your Brand’s In-Inbox Verification

BIMI (Brand Indicators for Message Identification) is a standard that helps brands display their logo next to emails in a recipient’s inbox, providing an extra layer of authentication that the message actually came from them.

You’ve almost certainly received emails from people purporting to be FedEx, UPS, Amazon, banking institutions and even your email providers telling you to click here to verify a shipment/transaction or do so-and-so to win a contest, right?

Guess how often those same companies get calls from their clientele asking where their prize is or why they wanted login credentials confirmed. The amount of time their customer service representatives need to take to explain the situation to that client and help them get on the path to getting their identity back after theft was one of the big driving forces behind BIMI: a visual means to indicate to contacts that the company the message is from is actually the message is from.

One of the ways these vendors are combating the constantly growing threat of impersonation is attaching their logo to their messages, which requires a few steps of image preparation, file hosting and having an existing good DMARC policy in play; all of which is definitely too far up the ladder of effort for the usual scammers to do.

Showing a domain logo builds trust with recipients, verifying that the brand emailing them is legitimate.

How BIMI Implementation Works

Step 1: Ensure DMARC Compliance

To use BIMI, a domain must establish robust email authentication using SPF, DKIM, and DMARC with policy levels of at least p=quarantine or p=reject. A policy of p=none is not sufficient for BIMI compliance. 

Step 2: Host A Brand Logo

Next, domain owners host an Scalable Vector Graphic (SVG) of their desired logo on a web server accessible via HTTPS. This logo will be automatically attached to all outgoing mail. 

Step 3: Acquire a Verified Mark Certificate (VMC) 

A VMC is required for Gmail and some other providers to display their logo. To obtain a VMC, the brand logo must be registered as a trademark with an intellectual property office recognized by VMC issuers. 

Step 4: Add a BIMI Record

A BIMI record is added to the sending domain’s DNS, pointing to the location of the SVG file. This DNS record gets checked by recipient mail servers to pull that SVG image and embed it into the email that the recipient then receives in their Inbox.

The Benefits of BIMI

BIMI is more than just a logo - it’s a mark of authenticity and trust. Having your logo on your organization’s emails shows that commitment to the security of your clients and vendors.

Significantly Enhanced Brand Trust

Show a verified brand indicator, protecting your organization from impersonation.

Safeguard Your Brand from Impersonation

Email impersonation attacks can destroy a brand’s reputation in a matter of hours. Over half of cybersecurity experts have encountered a brand impersonation attack, and they account for 1.2% of all daily email traffic. 

Authentication methods like BIMI safeguard against the financial loss, reputational damage, and operational disruption of email impersonation.