What would you first consider to explore a foreign land? A passport, obviously. BIMI is the new passport for proving your authentication, brand reputation and to verify the exact ownership of emails that reaches people’s inboxes. With your logo being integrated into your emails, it will stand out when your subscribers let their eyes skim through their inboxes.
What is BIMI (Brand Indicators for Message Identification)?
Email authentication and identification become a piece of cake with BIMI. BIMI is a recent technology now handled by Yahoo alone. BIMI has now become the discussion over tea, for most of the marketers today, hoping to implement it soon, so as to improve their credibility.
You will be able to display your brand’s logo on every email you send. It will provide you with safety and security from scammers and further degradation of your reputation that might affect your emails. It will be easier for users to trust the emails they receive and thereby your brand.
Implementation of BIMI
- Being compliant with DMARC (Domain-based Message Authentication, Reporting, and Conformance) shows the world that you are conscious of the reputation of your domain and your reputation as a sender.
- Registering domains and subdomains with a DNS.
- Setting up SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records.
- Uploading your brand’s logo in SVG format.
- Maintenance of an impressive sent history, good reputation and good deliverability.
How does BIMI work?
A multi-step process is incorporated into the validation of email senders and verifying the email. It is also verified if the email was actually built on an authorised brand name, based on the BIMI standards. If the email gets through all the steps automatically the logo appears next to the sender’s address in the receiver’s inbox. Thus the recipient is clear about your action, protecting them from a downfall or threat.
SPF, DKIM and DMARC, provide domain-level authentication for email. Distinguishing of emails that are actually verified to use the domain name and those who pretend to be spreading unauthorised emails becomes easy with this authentication. BIMI is just a text file of a particular format. It’s not BIMI that ensures security but it is the protocols that are linked to it. When your email gets delivered to the right audience their email servers scan through the BIMI text file so as to make sure the email is from a verified user.
Prevention of a person who behaves maliciously, without ruining our reputation is essentially impossible. But with proper verification, that too becomes an easy task.
What are the types of BIMI?
There are two types of BIMI records. They are “self-asserted” and “certified”.
The “self-asserted” record is the one in which your logo will be published without verifying that it belongs to your domain. They are only required to be in SVG P/S format. Mailbox providers like Yahoo, AOL and Netscape are accepting this type of record and beginning to display logos on qualified messages.
Other mailboxes like Gmail do not accept self-asserted records. They demand logos to be “certified” on their association with a particular company or firm and domain. To certify the legitimacy of a logo, some organisations have been authorised to act as Mark Verifying Authorities (MVAs). MVAs verify the association of the brand logos with domains. They issue a certificate called the Verified Mark Certificate (VMC). This certificate can be added to the BIMI records.
Where do the fraudulent emails go?
BIMI testing comes up with two suggestions after the Domain Alignment Test conducted by the authentication mechanism.
Emails that fail the test will be either;
1. Rejected: The email is not delivered to the inbox of your customer.
2. Quarantined: The email is sent to their Spam folder.
Email security and trust-based customer relationships
A very tough job in email marketing is living in the shadows cast on your emails and reputation by phishers and other scammers.
BIMI promises to provide a powerful triple cybersecurity safeguard for your deliverability and reputation, making life harder for phishers. If companies adopt it along with DMARC, they will increase their brand visibility, creating greater customer trust by increasing communications and giving their brand improved security.
With fraudulent and spam emails, frequent data breaches and recurring phishing, no one tolerates another series of attacks where the sender credentials are taken for any sort of compromise. For many firms, it is a convenient way to not only provide assurance and protection to their customers but also to keep their brands safe. It is an effective way to completely rule out repeated deceptive emails from the same brand. Once, trust is created for the brand, it will be near impossible for others to impersonate. There is a hope that if BIMI becomes a success and is open to the public, it will be used widely in messaging and other communications.
BIMI beyond emails
Any internet-based communication service for any device can have BIMI incorporated into its applications. These applications can include any online services, messaging services and social media apps.
It enables brands and social media companies to display the correct logo on platforms where they are allowed to establish and manage their own pages, like on Facebook, Twitter and Linkedin. Also, it provides app developers with securities against impersonation and fraud by others.
BIMI beyond email marketing
BIMI logos will also be displayed on emails sent by individuals who are part of companies or organisations using BIMI. Consider for example, that you received an email from an employee at your health insurance company asking for your insurance ID for some sort of due payment. This employee’s email will also be marked with the insurance company’s logo. Phishers or malicious senders will not be able to use and display the company logo, thereby checking fraud.
What is the latest on BIMI?
As of the last quarter of 2020, some major updates have been made on the BIMI support infographic. Verizon Media domains consisted of AOL and Netscape along with other Verizon media properties who are thought to unofficially support BIMI or will do so eventually. Google launched its pilot program on July 21, 2020, and is still currently continuing in this. They are issuing VMCs to only the domain that has been invited to participate in this pilot run. After it is complete, and any required modifications made, they will issue VMCs to even more domains across the globe. Presently, those part of the pilot run can only get a VMC on an invitation basis. Fastmail, too, which started working towards the pilot program in 2020 is still continuing on the same.
BIMI sounds extremely impressive and can be considered as a leap of technology in safety and security. It provides opportunities from which any company can take advantages to secure and consolidate their brand. It is intended to become the leading logo display standard in a mailbox provider’s UI. Thus, it will remove the need for dependency on any manual or outdated solution and revolutionise emails.