Persona enfrente de una pantalla de computadora

How to Leverage DMARC to Harness the New Standard, BIMI

Are you interested in seeing your brand’s logo displayed in Yahoo! and Gmail? Would you like to give your mail streams the anti-fraud benefits of DMARC, with the added bonus of having your logo in front of your customers?

Enter Brand Indicators for Message Identification (BIMI). BIMI is an emerging specification from the AuthIndicators Working Group— a consortium of professionals representing companies across the email landscape. You may have already heard about BIMI, or you’re hearing more about it now as Google has recently announced their soon-to-be-launched BIMI pilot program for Gmail.

What Is BIMI?

BIMI builds upon the long-established DMARC standard by leveraging DMARC’s anti-spoofing mechanisms to bring visible brand images to consumer inboxes. BIMI is essentially a marketing incentive to bring your sending domains within striking distance of DMARC compliance. Once your organizational domains have a DMARC policy of quarantine or reject, you’re in a position to establish BIMI and have your logo displayed in front of your consumers as well as furthering your brand’s exposure and reach. In fact, the AuthIndicators Working Group has sought BIMI as a way to shed light on the importance of “turning on” DMARC for your sending domains.

How BIMI Works

So, how does BIMI actually work? In its simplest form, BIMI is a DNS text record, pointing to your logo that is to be rendered and displayed in inbox providers such as Yahoo! and Gmail. A BIMI record consists of three primary components:

  1. An organizational domain with a DMARC policy of quarantine or reject.
  2. Your brand image in SVG (Scaled Vector Graphics) form.
  3. A valid Verified Mark Certificate (VMC) from a participating Certificate Authority – in this case, DigiCert or Entrust Datacard.

Yahoo! has been experimenting with an early draft version of BIMI and they are already displaying hand-picked brand images; however, Google will be enforcing a stricter, more current version of BIMI as a core goal of their pilot program. The verified mark certificates (issued by DigiCert or Entrust Datacard) will be required for Gmail participation, and offer an identity solution to prevent spoofing of your brand.

How Proofpoint Can Enable BIMI

Once DMARC enforcement is in place with Proofpoint Email Fraud Defense, and your BIMI record is complete, mail receivers will now have the power to display your brand image, elevating the consumer inbox experience and communicating to your customers a visual representation of not only your logo, but your secure DMARC compliance.

Proofpoint has studied BIMI and monitored its evolution for some time, to understand how we can leverage its benefits for our customers. To learn more about how email specifications like DMARC and BIMI and how Proofpoint’s Email Fraud defense can defend your organization from attacks, check out our Stopping Email Fraud guide.