BIMI

What is BIMI?

Brand Indicators for Message Identification (BIMI) is an emerging email authentication standard that allows brands to display their logo in the inbox of recipients. BIMI enhances brand visibility and trust by showing a verified logo next to emails from the brand, providing a visual cue that the message is legitimate. This helps in differentiating genuine emails from potential phishing attempts. BIMI leverages existing email authentication protocols such as DMARC (Domain-based Message Authentication, Reporting, and Conformance), DKIM (DomainKeys Identified Mail), and SPF (Sender Policy Framework) to ensure the authenticity of the sender. By integrating BIMI, brands can enhance their email marketing efforts and increase engagement with recipients.

 

Why is BIMI important?

BIMI is important for several reasons:

  • Brand Recognition: BIMI increases brand visibility by displaying the brand’s logo in the recipient’s inbox, which can improve email open rates and engagement.
  • Security: It enhances email security by working alongside DMARC to verify the sender’s authenticity, thereby reducing the risk of phishing attacks.
  • Trust: Recipients are more likely to trust and engage with emails that display a verified brand logo, which can lead to higher response rates and conversions.
  • Consistency: BIMI ensures consistent brand representation across different email clients and platforms, reinforcing brand identity.
  • User Experience: A recognizable logo provides a better user experience, making it easier for recipients to identify and interact with legitimate emails.

 

How does BIMI work?

BIMI works by leveraging existing email authentication protocols. Here’s a step-by-step outline of how it operates:

  1. DMARC Policy: The brand must have a DMARC policy in place with a “quarantine” or “reject” enforcement.
  2. Logo Verification: The brand’s logo needs to be verified and registered, often through a Verified Mark Certificate (VMC).
  3. DNS Record: A BIMI record containing the URL of the brand’s logo is added to the DNS (Domain Name System).
  4. Email Client Support: When an email is received, the email client checks the DMARC policy. If the email passes authentication, the client retrieves the BIMI record and displays the logo in the inbox.

 

How does BIMI interact with DMARC, DKIM, and SPF?

BIMI relies on DMARC, DKIM, and SPF to authenticate emails. Here’s how they interact:

  • SPF: Verifies the sender’s IP address against the domain’s list of authorized sending IPs.
  • DKIM: Ensures the email content has not been altered by adding a digital signature to the email header.
  • DMARC: Uses SPF and DKIM results to determine the authenticity of the email. For BIMI to display the logo, DMARC must be configured with a “quarantine” or “reject” policy.

BIMI does not function independently; it requires the combined authentication provided by DMARC, DKIM, and SPF to confirm the sender’s legitimacy.

 

What is a Verified Mark Certificate (VMC)?

A Verified Mark Certificate (VMC) is a digital certificate that certifies the authenticity of a brand’s logo for use with BIMI. VMCs are issued by certificate authorities (CAs) and verify that the logo belongs to the organization sending the email. This ensures that only legitimate logos are displayed in email clients supporting BIMI. VMCs are crucial for preventing the misuse of brand logos by unauthorized entities and enhancing the overall trust in email communications. They help maintain brand integrity and reinforce security measures against phishing and spoofing attacks.

 

How to set up BIMI

Setting up BIMI involves several steps:

  1. DMARC Policy: Ensure you have a DMARC policy with enforcement (quarantine or reject).
  2. Logo Preparation: Create an SVG format of your brand’s logo, adhering to BIMI specifications.
  3. VMC Acquisition: Obtain a Verified Mark Certificate (VMC) from a certificate authority.
  4. DNS Configuration: Add a BIMI DNS record with the URL pointing to your logo.
  5. Testing: Test the implementation using tools to ensure the BIMI setup is correct and functioning.

 

What size should the BIMI logo be?

The BIMI logo should be in SVG format and designed to be square, typically 1:1 aspect ratio. This ensures the logo displays correctly across various email clients and devices. The file should be optimized to a reasonable size, generally not exceeding a few kilobytes, to ensure quick loading times and maintain the integrity of the logo’s appearance. Ensuring the logo is clear and recognizable even at smaller sizes is crucial for effective branding.

 

How do I check my BIMI record?

To check your BIMI record, you can use online BIMI record checker tools. These tools analyze your DNS records and verify the presence and correctness of the BIMI configuration. Follow these steps:

  1. Online Checker: Use a BIMI record checker like BIMI Inspector or MxToolbox.
  2. Enter Domain: Input your domain name into the checker.
  3. Review Results: The tool will display whether your BIMI record is present and valid, and provide details on any errors or missing elements that need to be addressed.

 

What is BIMI in email security?

BIMI enhances email security by leveraging existing email authentication protocols to verify the sender’s identity. By displaying a brand’s logo, BIMI helps recipients quickly identify legitimate emails, reducing the likelihood of falling for phishing scams. This added visual trust indicator works alongside DMARC, DKIM, and SPF to ensure that only authenticated emails display the brand’s logo. BIMI not only bolsters security but also aids in maintaining brand integrity and protecting against spoofing and fraudulent emails.

 

Is BIMI required?

BIMI is not required, but it is highly beneficial for brands looking to enhance their email marketing efforts and improve security. Implementing BIMI can significantly increase email open rates and engagement by providing a recognizable visual indicator of authenticity. While not mandatory, adopting BIMI can give brands a competitive edge in the inbox, fostering greater trust and credibility with recipients.

 

 Who uses BIMI?

BIMI is used by brands across various industries to improve email security and increase brand visibility. Notable companies adopting BIMI include:

  • Financial Institutions: Banks and financial services use BIMI to ensure their communications are trusted and reduce phishing risks.
  • E-commerce: Online retailers utilize BIMI to enhance customer trust and improve email marketing effectiveness.
  • Technology Firms: Tech companies adopt BIMI to reinforce their brand presence and secure their email communications.
  • Healthcare: Healthcare organizations implement BIMI to protect sensitive communications and build trust with patients and partners.

 

How to build your BIMI reputation

Building your BIMI reputation involves:

  • Implementing Strong Email Authentication: Ensure robust SPF, DKIM, and DMARC policies.
  • Consistent Brand Identity: Use a recognizable and high-quality logo.
  • Monitoring and Compliance: Regularly check your BIMI implementation for compliance and update as necessary.
  • Engagement: Maintain high engagement rates and avoid sending spammy or low-quality emails.
  • Feedback: Monitor feedback loops to address any issues promptly.

By adhering to these best practices, brands can build a strong BIMI reputation, leading to increased trust and engagement in their email communications.