Brand Indicators for Message Identification (BIMI) – Linking your logo to email
| December 4, 2023Which emails would you rather trust? – The ones with the anonymous sender’s emblem on the left or the ones with brand logos on the right.
Fake sender identities are the most common form of email attacks, with a whopping 83% impersonating well-known brands. Hence, it is crucial to implement email authentication through BIMI to effectively thwart these attacks.
A well-implemented BIMI not only enhances brand recall but also has potential ramifications on email deliverability. BIMI-compliant emails also reduce the chance of being flagged as spam.
Simply put,if you aim to carve your way as credible and genuine brand in the email landscape , mastering BIMI is essential.
So, let’s start the journey to make your next email stand out with BIMI…
What is BIMI?
Without BIMI, all you can see are just uniform letters in colored circles, which is likely to be less trusted or opened. The primal purpose of BIMI is to verify that you are who you say you are—not a scammer or spammer.
1. Authentication: BIMI requires three significant email authentication methods:
- Domain-based Message Authentication, Reporting, and Conformance (DMARC)
- Domain Keys Identified Mail (DKIM)
- Sender Policy Framework (SPF)
2. Visibility: When recipients view their inbox, emails authenticated with BIMI will showcase the brand’s logo, enhancing immediate brand recognition and setting them apart from other generic emails.
3. Trust: BIMI helps in fostering trust in a digital world crowded with scams and phishing threats. When users see the brand’s logo next to the email, they’re more likely to view it as legitimate, reducing the chances of it being flagged or ignored.
Which Inboxes Support BIMI?
Supports BIMI | Considering BIMI | Limited Support |
---|---|---|
Apple (iOS 16, iPadOS 16, and macOS Ventura 13 or later, and iCloud.com) | Atmail | Microsoft |
Cloudmark | BT Mail | |
Fastmail | Comcast | |
Qualitia | ||
La Poste | Seznam | |
Onet Poczta | Web.de | |
Zone | GMX | |
Yahoo (excluding Yahoo Japan) | Yahoo Japan |
However, the last major holdout in the BIMI adoption race is Microsoft. Microsoft currently supports BIMI to a limited extent. Despite this, BIMI has already garnered substantial support in the email market.
A report from April 2023 highlighted that Gmail, Apple, and Yahoo — three of the top four email clients — collectively held 89.9% of the email market share. This statistic underscores the vast reach and significance of BIMI in the contemporary digital landscape.
How Does BIMI Work?
- Setup: First and foremost, brands need to implement and enforce DMARC (Domain-based Message Authentication, Reporting, and Conformance) with a policy of either ‘quarantine’ or ‘reject.’ This ensures that only authenticated emails can represent the brand.
- Logo Hosting: Brands upload their logo in SVG (Scalable Vector Graphics) format to a web-accessible location, ensuring it’s compliant with the BIMI standards.
- BIMI Record Creation: A BIMI DNS (Domain Name System) record is then created in the brand’s DNS. This record points to the location of the brand logo and is designed in a specific syntax that participating email providers can read.
- Verification: When an email is sent, the receiving mail server (of providers supporting BIMI) checks the DMARC validation. If the email passes DMARC, the server then looks up the BIMI record.
- Logo Display: If both DMARC authentication is successful and the BIMI record is found, the email provider retrieves and displays the logo from the specified location in the recipient’s inbox.
- Additional Verification (VBR): Some mailbox providers may also require brands to obtain a Verified Mark Certificate (VMC). This is an additional layer of verification that ensures the logo being used is owned by the brand.
How To Set Up BIMI: A Step-by-Step Guide
1. Ensure DMARC Implementation
2. Prepare Your Logo
3. Host Your Logo
4. Create Your BIMI DNS Record
- v=BIMI1 specifies the BIMI version.
- l= points to the hosted logo’s URL.
5. Publish the BIMI Record
6. Obtain a Verified Mark Certificate (VMC)
7. Test and Monitor
How Do You Check If BIMI Is Properly Set Up?
1. Manually Check the BIMI Record: Dive into your domain’s DNS records. Look for a TXT record associated with the “default._bimi” prefix of your domain. For instance, if your domain is “test.com,” your BIMI record should be named “default._bimi.test.com.” This record should contain your brand’s logo in SVG format, hosted on a publicly accessible HTTPS server.
2. Utilize BIMI Checkers: There are dedicated online BIMI validation tools like MXToolBox, DMARCLY, etc. designed to simplify this process. By inputting your domain, these checkers will scrutinize your BIMI setup, checking for any discrepancies or issues and ensuring that all the required parameters are met. They often provide feedback on what might be wrong or steps for rectification.
What Are The Benefits Of BIMI?
Apart from enhanced brand recognition, let’s delve into the detailed benefits of BIMI authentication.
1. Improved Trust and Credibility
Besides, a startling report from Entrust and Red Shift revealed that implementing BIMI could bolster brand recall by a substantial 18%.
2. Boosted Email Deliverability
3. Enhanced User Experience
“BIMI is a game-changer for email marketers, as it provides a visual representation of the brand, which can help increase brand recognition and trust with recipients.”
Recipients appreciate visual differentiation in their cluttered inboxes. A logo next to the email simplifies their scanning process. Think of receiving a promotional email from “Starbucks” with their green mermaid logo; it stands out in a sea of text-heavy emails.
4. Increased ROI on Email Marketing
Future Outlook And Trends For BIMI
-
- Wider Adoption of BIMI: As more companies recognize the benefits of BIMI in terms of brand recognition and trust, it’s anticipated that more brands will start implementing it. This includes both larger corporations and smaller businesses wanting to ensure their emails get the visibility they deserve.
-
- Microsoft and Other Holdouts: Given the adoption rate of BIMI among other major email platforms, there’s a possibility that Microsoft and other holdouts might consider supporting BIMI shortly to stay competitive and address user demands for more secure email experiences.
-
- Integration with Advanced Security Protocols: As cyber threats continue to evolve, BIMI may be integrated with other advanced security protocols and tools. It will ensure that emails are not just authenticated but also protected from sophisticated threats.
-
- Increased Use in Regional Email Clients: Beyond the major email giants, regional and smaller email clients may start to integrate BIMI support as a value proposition to their users. As mentioned, some, like France’s La Poste, have already taken the leap.
-
- Collaboration with AI and Machine Learning: We might see BIMI working in conjunction with AI and machine learning algorithms to further enhance email delivery rates. This could be done by predicting and understanding user behaviors, patterns, and preferences.
Wrapping Up…
In 2022, the Anti-Phishing Working Group pinpointed a record-breaking number of phishing assaults, topping one million in a single quarter. Yet, there’s a beacon of hope. While a broad view shows only 2.2% of over 66 million domains being BIMI-ready, it’s heartening to see 30.4% readiness amongst the colossal public companies.
Take a moment to appreciate that in places like India, the U.S., and the UK, the figures skyrocket to 64%, 58.7%, and 50%, respectively.
While BIMI may not be a mandatory component in email communication, its implementation emerges as a strategic move, particularly for large-scale enterprises. By embracing BIMI, organizations can:
- Bolster their brand recognition
- Amplify trust among their email recipients
- And potentially improve their email deliverability rates
For those looking to stay ahead of the curve, the message is clear: prioritize email authenticity and, in doing so, enhance your reach and impact.