From Inbox to Brand Connection: Building Trust with Visual Identity in Emails

Most brands across the globe use email as a go-to communication medium for individual and business needs. With the sheer volume of emails that flood inboxes daily, email spoofing and phishing attacks have become increasingly sophisticated, making it challenging for recipients to determine the authenticity of emails. So brands should work continuously to avoid these phishing attacks from brand impersonators who can cause damage to the reputation of the brands they have with their customers. One powerful solution that can enhance email security and establish brand trust with customers is Brand Indicators for Message Identification (BIMI).

So, What is BIMI?

BIMI is an industry-standard email specification that verifies the authenticity of an email sender. BIMI leverages existing email authentication protocols, such as SPF, DKIM, and DMARC, to verify the sender’s identity and ensure the integrity of the email. When successfully implemented, recipients can see the brand’s logo with a small verification tick mark(Blue Tick) displayed alongside your emails, reinforcing brand recognition, boosting trust, and reducing the risk of phishing attacks.

How does BIMI Look?

From May 3, 2023 Google has started displaying a blue checkmark next to emails in Gmail inbox.

How does BIMI work?

BIMI is a single Txt file hosted at the sender’s DNS, and when the email is delivered to the end user, the recipient server searches for this BIMI Txt file and displays the brand’s logo within the mailbox if all the verification(SPF, DKIM, and DMARC enforcement) and BIMI guidelines passes. 

Why is BIMI strong?

The brand’s logo and blue checkmark(Currently only in Gmail) are displayed within the recipient’s inbox(Not a part of the email content). Fraudsters or brand impersonators cannot place a logo or tick mark in that part of the inbox. In addition to this, Google also displays the verification message.

Benefits of Implementing BIMI:

Enhanced Brand Visibility: BIMI enables your logo to be displayed next to your emails, increasing brand recognition and making your emails stand out in crowded inboxes.

Improved Trust and Credibility: By demonstrating that your emails are authentic and verified, BIMI instills trust in your recipients, reducing the chances of your messages being flagged as spam or phishing attempts.

Mitigation of Spoofing and Phishing Attacks: BIMI’s authentication process ensures that only authorized senders can display your brand logo, safeguarding customers from fraudulent emails.

Consistent Branding Experience: With BIMI, your brand logo will appear consistently across different email clients, reinforcing your brand identity and providing a unified experience for recipients.

Prerequisites for BIMI Implementation:

a) Domain Authentication: Ensure your domain is authenticated correctly using SPF, DKIM, and DMARC protocols. DMARC policy must be at enforcement – either “p=quarantine” or “p=reject,” “p=none” will not pass the BIMI requirement.

b) Prepare Your Logo:

To implement BIMI, you need a high-quality logo file that meets specific requirements. Your logo should be in SVG (Scalable Vector Graphics) format, ensuring its scalability and resolution across various devices and screen sizes. Additionally, the logo file must meet below guidelines outlined by BIMI standards.

The “baseProfile” attribute is set to “tiny-ps”(baseProfile=”tiny-ps”)

1. The “version” attribute is set to “1.2.”
2. An <title> element must be included that reflects the company name, though there are no strict requirements for the element’s content.
3. A <desc> (i.e., the “description”) element is not required, but this should be included to support accessibility.
4. The SVG document should be as small as possible and not exceed 32kb.
5. Images

The SVG document must not include any of the following to be valid under the tiny-ps designation:

1. Any external links or references (other than to the specified XML namespaces)
2. Any scripts, animation, or other interactive elements

c) Generate a Verified Mark Certificate (VMC)

A Verified Mark Certificate (VMC) is a digital certificate that proves your brand’s ownership and authorizes the display of your logo. To obtain a VMC, follow these steps:

Choose a Certification Authority (CA) that supports BIMI and VMC issuance. Entrust and DigiCert support BIMI as Certification Authorities.

d) Creating BIMI record:

BIMI record contains three components 

• BIMI version represented by “v=” currently BIMI1 is the version.
• URL of the logo represented by “l=.”
• URL of the VMC certificate represented by ”a=.”

BIMI record looks like v=BIMI1; l=https://domain.com//logo.svg; a=https://domain.com/vmc.pem;

e) Adding BIMI record:

Adding BIMI records to your DNS is actually quite easy, and your IT team can help you on adding it. It’s as simple as adding any other Txt record to your DNS.

BIMI supported email clients

Image source: https://bimigroup.org/bimi-infographic/

Featured Image credits: Photo by FLY:D on Unsplash