According to an independent report by Symantec in 2018, almost 85% of all emails are spam; there’s always a battle to stop them. Multiple efforts have included the implementation of SPF, DKIM, and DMARC, which has now become pretty mainstream. If you are already using EmailOctopus with a verified domain, then you are likely already using SPF and DKIM to verify every email sent through us.
In addition to this, a new email specification is being implemented called BIMI, which wants to certify the email is from a company, till now everything, including SPF, DKIM, and DMARC, has been focusing on the domain only, whereas BIMI wants to focus on the company behind the domain and their trademark.
Note: Before discussing more aboutBIMI, you need to understand that you need not rush to implement BIMI as it’s still being tested and not widely adopted. It’s expensive to implement too.
What is BIMI
BIMI (Brand Indicators for Message Identification) is a new email specification that helps brands display their logo on email clients. It’s being developed by Authindicators Working Group, an organisation that Fastmail, Google, Mailchimp, Proofpoint, SendGrid, Validity, Valmail, and Yahoo back.
To show the logo, businesses need to have a VMC (Verified Mark Certificate), which verifies whether or not the logo is a registered trademark of the brand. Apart from having a VMC, successful deployment of DMARC is also required.
Some of you might be confused about the significant benefit of BIMI as we already have SPF, DKIM, and DMARC. To understand this, let’s look at the primary role of all these records and specifications.
SPF (Sender Policy Framework): It defines whether or not the mail servers are allowed to send emails from your domain.
DKIM (DomainKeys Identified Mail): It is a cryptographic authentication to validate and sign emails sent via the domain. Think of it as SSL for emails.
DMARC (Domain-based Message Authentication, Reporting & Conformance): This TXT record instructs email clients on what to do if any of the above fails.
While all these above records work on the domain level, BIMI focuses on providing a verified visual identity in the user’s inbox by showcasing the brand’s logo, which helps recognise the sender.
It’s also a great way to stop users from falling into phishing attacks which are common for sites like Facebook and Amazon.
Use of BIMI
Primarily BIMI is meant for better brand identity, but it also has several other benefits. Let’s have a look at some of them.
- Avoid phishing attacks
The best use case of BIMI is to help organisations stop phishing, as once BIMI is fully implemented and widely adopted, users can see whether or not the sender is the owner of the logo. Gmail has started showing a blue tick for organisations that have adopted BIMI along with VMC.
2. Make emails stand out
Right now, there’s no way to set your brand logo across all email clients as a display picture; once BIMI is adopted by all the email clients, brands will get a way to show their logo as a display picture, making them stand out from other emails.
3. Consistent brand experience
BIMI ensures that the brand logo is shown consistently in all email clients. This helps people quickly identify the sender, reinforces brand identity and creates a consistent brand experience.
4. Enhanced Brand Trust
Blue ticks on socials so far have been related to trusty worthy accounts, which is what Google is implementing on Gmail. BIMI will help businesses get a blue tick in all email clients (this may or may not happen; right now, only Gmail shows a blue tick), enhancing the user’s trust in the email.
Requirements for BIMI
When it comes to successfully implementing BIMI, there are multiple requirements that can vary from email client to client. Let’s go through these requirements one by one.
1. Valid DMARC record
The first requirement of having BIMI is to have a valid DMARC record set to either p=quarantine or p=reject.
2. BIMI DNS Record
Apart from having a valid DMARC record, a BIMI DNS record is required too, which comprises of BIMI version (BIMI 1 for now), a hosted web address to your logo (should have HTTPS and preferably in 1:1 ratio) and a VMC link (optional for now).
3. VMC
This is the biggest obstacle for most companies. The majority of email clients (but not all) required a VMC. This is a certificate is given by certifying authorities such as DigiCert, which verifies that the domain owner can use the logo. To apply for a VMC, it’s mandatory to have a registered trademark. Getting a VMC for a year is nearly $1,500. That’s before you consider the cost of trademarking your logo.
Support for BIMI
BIMI is still in its early stages and is not 100% supported by all email clients and those who do haven’t implemented it globally. Here’s the current status of BIMI implementation.
Apple: Shown in the mobile app only once you open the email.
Fastmail: Shown in the mobile app and webmail only when you open the email.
Gmail: Shown in both the mobile app and webmail when you open the email. Additionally, the logo is visible in the inbox list on the webmail.
La Poste: Shown in webmail only.
Yahoo: Shown in the mobile app and webmail when you open the email. Additionally, the logo is visible in the inbox list on the webmail.
Zone: Shown in webmail only.
The above data source is by BIMI Group; apart from email client support, your logo trademark needs to be approved by one of the below intellectual property offices to qualify for VMC.
- United States Patent and Trademark Office
- Canadian Intellectual Property Office
- European Union Intellectual Property Office
- UK Intellectual Property Office
- Deutsches Patent- und Markenamt
- Japan Trademark Office
- Spanish Patent and Trademark Office O.A.
- IP Australia
- Intellectual Property India
- Korean Intellectual Property Office
- Instituto Nacional da Propriedade Industrial
- French Institut National de la Propriete Industrielle
- Benelux Office for Intellectual Property
- Denmark Ministry of Culture
- Swedish Intellectual Property Office
- Swiss Federal Institute of Intellectual Property
- Intellectual Property Office of New Zealand
The BIMI Group has said they’ll work continuously to support logos trademarked under other trademark offices by adding them to the list of supported ones.
Conclusion
BIMI is an excellent approach towards better brand identity and email security. Though it’s very new, indeed has the potential to go big.
That being said, it’s not something everyone should rush towards implementing as it’s not yet widely adopted and is very expensive to implement. Moreover, it requires some amount of technical knowledge too. At this stage, it’s only viable for organisations such as Amazon and CNN that send large volumes of critical business emails and could benefit from it.
We need to wait for some more years and see how this develops, and if it becomes necessary, you’ll soon get to know about it. Till then, focus on general email configurations such as SPF, DKIM and try to send emails that your users would love to engage with, as that’s going to help you build a reputation.
No Comments
Leave a comment Cancel