Subscribe
    Industry updates

    BIMI for Gmail: Google Makes its new security updates using Email Identity Indicators.

    Pankaj KumarBy No Comments3 Mins Read

    Google recently announced their plans for Gmail to support BIMI as part of a larger series of G Suite security updates.

    If you’re already familiar with BIMI, you’re probably excited about it. If you aren’t familiar with it, you’re probably shaking your head at there being yet another acronym in email.

    BIMI stands for Brand Indicators for Message Identification. It allows senders to add a branded logo within supporting email clients. What this means in simple terms is that your email subscribers will now see your logo beside your email, before they even open their mail.
    It’s worth working towards implementing BIMI because BIMI relies you having set a DMARC policy. This instructs mailbox providers to quarantine or reject email that claims to be from you but isn’t helps protect your customers from fraud. Because displaying your logo, and the increased brand recognition that comes with it, is an added bonus for increased security! This open system relies on existing authentication protocols like DMARC, DKIM, or SPF, it isn’t a new authentication protocol in and of itself.

    The BIMI standard uses two different mechanisms to verify emails before displaying the company’s logo: DMARC and verified mark certificates (VMCs). (I will try to add a dedicated article on VMC later)

    DMARC, which stands for domain-based message authentication, reporting, and conformance, is key to email authentication. It gives organizations greater visibility and control of who sends emails from their domains.

    An email signing certificate is issued for an individual user (for example blog@universityofemail.com) and it doesn’t include a logo. It not only authenticates an email sender but it also encrypts email as well (if the recipient also uses an S/MIME certificate).

    How to setup BIMI – A guide

    Please check back frequently for changes and updates. Future BIMI programs may require BIMI certificates. Please note, these steps and resources are not final and will be updated as new information becomes available.

    Step 1

    Authenticate all of your organization’s emails with SPF, DKIM and DMARC – ensure all are aligned

    DMARC policy must be at enforcement – either “p=quarantine” or “p=reject” on the organizational domain

    No sp=none or pct<100

    Produce an an SVG Tiny 1.2 version of your official logo

    Step 2

    W3C – Scalable Vector Graphics (SVG) Tiny 1.2 Specification

    Square logo file

    Include a solid colour background

    Step 3

    Publish a BIMI record for your domain in DNS

    a= tag is currently optional

    default._bimi.[domain] IN TXT “v=BIMI1; l=[SVG URL]; a=[PEM URL]

    View your BIMI record BIMI Generator

    Post Views: 514

    Pankaj Kumar is a senior professional holding 10+ years of experience in CRM, Email Deliverability & Marketing Analytics, Deliverability Onboarding, Implementation, Deliverability Automations He has worked with a broad range of clients to provide strategic, data-driven guidance to increase email delivery, subscriber engagement and revenue. He also helps marketers through this blogs in preparing strategies, data analytics, deliverability, and CRM with a passion for helping email marketers exceed subscriber expectations. You may connect with him on LinkedIn at https://www.linkedin.com/in/kumarpankaj793/

    Related Posts

    Leave A Reply