In today’s digital landscape, trust is a currency especially in the inbox. With phishing attacks and email spoofing on the rise, businesses must adopt robust methods to protect their brand and reassure customers. One of the most promising developments in email authentication and brand protection is the adoption of Verified Email and Brand Indicators, a suite of technologies including SSL, VMC, CMC, and BIMI.
The Problem: Spoofed Emails and Brand Impersonation
Cybercriminals have become increasingly sophisticated in mimicking legitimate email communications. According to Statista (2024), over 3.4 billion phishing emails are sent daily, targeting individuals and businesses alike. Traditional email authentication mechanisms, SPF, DKIM, and DMARC help verify that a message is legitimately sent from an authorised domain. However, they do not provide a visual indicator to end users that the email is truly from your brand. This is where Brand Indicators for Message Identification (BIMI) and its associated standards come into play.
Introducing BIMI: Visual Assurance for Recipients
BIMI is a standard that allows organisations to display their verified brand logo directly in supporting email clients (such as Gmail, ZoHo, Fastmail, Apple Mail and more). To the recipient, this appears as a visual cue. A verified logo alongside the sender’s email address, helping establish trust and deter phishing. But implementing BIMI isn’t as simple as uploading your logo. It requires a combination of domain security, cryptographic verification, and official certification.
The Building Blocks of Verified Email
1. SSL (Secure Sockets Layer)
Although not specific to email, SSL certificates ensure secure connections over the internet and are essential for domain security. In the context of email, SSL/TLS is used to encrypt email traffic between mail servers and clients, ensuring data is not intercepted or tampered with in transit. While SSL does not prove sender identity, it forms a foundational layer of trust.
2. DMARC Enforcement
Before enabling BIMI, your domain must have a DMARC policy with a p=quarantine or p=reject directive. This enforces email authentication and is required for BIMI compliance.
3. VMC (Verified Mark Certificate)
A Verified Mark Certificate is a digital certificate issued by a certification authority (CA), such as DigiCert or Sectigo, which confirms the legitimacy of your brand logo. Much like an EV SSL certificate for a website, a VMC ties your brand’s logo to your authenticated email domain through cryptographic validation.
4. CMC (Certificate Management for Certification)
Though less commonly mentioned in general discussion, CMC refers to the framework by which certificate requests are managed securely. In the context of email authentication, CMC ensures that the request and issuance of VMC‘s follow standardised cryptographic protocols.
Implementation Steps
To enable BIMI with full verification, follow these key steps:
- Secure your domain with SPF, DKIM, and enforced DMARC .
- Design and prepare your SVG logo to meet BIMI specifications (square, simple, trademarked), uploaded to a publicly accessible URL.
- Obtain a VMC from a supported certificate authority (CA). DigiCert or Sectigo.
- Publish your BIMI record in your DNS (TXT Record) with a reference to the VMC and logo.
- Test your implementation using tools such as BIMI Inspector or Gmail Postmaster Tools.
Benefits
- Increased Trust: Users are more likely to open and engage with emails when they see a trusted logo.
- Brand Visibility: Your logo appears directly in the inbox, essentially free advertising.
- Enhanced Security: Encourages organisations to adopt DMARC and other best practices.
A 2023 report by Valimail found that emails with BIMI implementation saw a 10% increase in open rates on average, highlighting the marketing potential as well as security benefits. Email remains a critical communication channel for businesses, but it’s also one of the most targeted by bad actors. By combining SSL encryption, DMARC enforcement, and visual trust indicators via VMC and BIMI , organisations can significantly enhance their brand’s credibility and protect their customers from impersonation attacks.
As adoption grows and more email clients support BIMI, verified brand email is set to become the new standard. Now is the time to act and ensure your business isn’t left behind in the trust race.
Author: Jamie Moynahan Jamie is the Support Manager at Pipe Ten, being an integral part of the team for well over 10 years. Jamie is a seasoned expert with the intricacies in the fast changing world of website application hosting. His expansive knowledge of and experience of hosting website applications is instrumental to the entire customer support experience which customers members have come to rely on. Jamie has written and published hundreds of articles about hosting and managing website applications.