Domain-based Message Authentication Reporting and Conformance (DMARC) will allow organizations to increase the trust of Gmail recipients by automatically displaying their logos in emails, newsletters, and offers.
Gmail's support for the Brand Indicators For Message Identification (BIMI standard) makes it possible to show that these types of email communications are indeed coming from a legitimate source.
BIMI allows the use of brand-controlled logos in email clients. BIMI does not provide security solutions, but it is a tool that allows you to use brand-controlled logos in your email clients.
The BIMI AuthIndicators Working Group explained that email must pass DMARC authentication checks to allow the logo to be displayed. It ensures that the domain of the organization has not been impersonated.
Fastmail, Google, and Mailchimp support the specification. The BIMI brand indicator is displayed next to the company email sent to Yahoo Mail and Fastmail addresses. It will also start appearing in Gmail.
The Working Group stated that “other mailbox providers have indicated intentions to adopt shortly”.
Gmail: About BIMI
Companies publish a BIMI record via DNS. It points to the SVG logo indicator used and a VerifiedMark Certificate for those recipients that require it (e.g. Gmail).
“BIMI leverages Mark Verifying Authorities (like Certification Authorities) to verify logo ownership and prove that verification in a VMC has been made. After these authenticated emails have passed our anti-abuse tests, Gmail will begin displaying the logo at the existing avatar slot,” Neil Kumaran (Senior Product Manager, Counter-Abuse Technology at Google) and Wei Chuang (Senior Software Engineer at Gmail Security) explained.
The DigiCert and Entrust certification authorities can validate the logos of organizations.
“BIMI adds a layer of security to Gmail. It requires strong authentication and verification before logos can be displayed in the Gmail avatar slot. Strong authentication improves trust in the origin of the email and gives recipients a more immersive experience. This also helps email security systems distinguish legitimate messages from phishing or spoofed emails,” said the Google Workspace team.
EmailAuth announced the general availability of Amplify. This solution allows clients to display their logos along with authenticated emails.