To improve user trust in emails, the industry created the Brand Indicators for Message Identification (BIMI) standard. Gmail will start rolling out the resulting verified company logos over the coming weeks.
This email specification allows for brand-controlled logos that — in gmail case — appear in the avatar slot. This circle shows up in the top-left corner of a message on both mobile and the web, right next to the sender’s name and address.
It’s meant to provide “increased confidence in the source of emails,” with a pilot BIMI program in Gmail launched last year. For example, instead of a generic “B” against a color background, Bank of America can show its official flag logo:
Bank of America has a wide range of security measures in place to support our customers, and we constantly evolve our program to deliver best in class protection. Part of this effort is our partnership with Google on BIMI, which provides an easy way to validate if correspondence is from us.
Behind the scenes, BIMI uses the Domain-based Message Authentication, Reporting, and Conformance (DMARC) standard that already works to combat spoofed messages. If an organization already supports DMARC, validated logos — like trademarks — will appear on authenticated emails from those domains and subdomains.
Organizations who authenticate their emails using Sender Policy Framework (SPF) or Domain Keys Identified Mail (DKIM) and deploy DMARC can provide their validated trademarked logos to Google via a Verified Mark Certificate (VMC). BIMI leverages Mark Verifying Authorities, like Certification Authorities, to verify logo ownership and provide proof of verification in a VMC. Once these authenticated emails pass our other anti-abuse checks, Gmail will start displaying the logo in the existing avatar slot.
Gmail users will started seeing verified company logos over the “coming weeks.”