What Is BIMI and How to Use It in Email Marketing?

BIMI - Brand Indicators for Message Identification
Alex Kachalov Alex Kachalov 01 february 2022, 15:16 0

Brand awareness and safety combined.

What Does BIMI Stand for?

BIMI is an acronym which stands for Brand Indicators for Message Identification. It also stands for your safety and brand visibility. In short, it is an emerging technology which allows you to set up a logo that will be displayed along with your messages in users’ inboxes.

Even more, this logo is interconnected with your digital signature, serving as a guarantee for the recipient that the sender is no one but you. Or at least aiming to, since the technology was still maturing, as of 2021. The ultimate scam-proof solution, however, may come at a price.

How Does BIMI Work?

The recipient's optics

Take a look at your mailbox, and you’ll see thousands of diverse letters. Most of them just blend in. However, if a company’s logo is shown alongside the message, it gives your clients a clear sign that the message is worth opening.

These are examples of what a BIMI logo might look like in your inbox

BIMI logo in inbox

The average user may find it hard to see the difference between a fake mail and a genuine one. How can they know for sure whether it’s his bank sending them an important message or it’s just some fraudster who craves their financial details?

From the viewpoint of the recipient, BIMI's work is a no-brainer. The addressee notices your logo in their inbox, acknowledges the sender, and opens the email. A BIMI logo is a visual sign for the recipient that opening the email is safe.

The Brand’s and Backend’s Optics

The BIMI technology lets you specify the location of your logo in the form of a dedicated DNS record for a certain domain. An email provider finds the logo by its address and displays it as shown in the picture above.

As a result, the recipient can see the logo in their inbox, but only if the domain has also properly set up other means of email validation, namely DMARC, DKIM, and SPF records. If any of the above is missing or incorrect, the logo will not be displayed.

A Brief History of This Novelty

BIMI was born as an initiative of DMARC.org under the Authentication Indicators section. Now it’s an independent project maintained by BIMI Group. The technology appeared quite recently (the first specs were published in early 2019), but is already implemented by several email providers.

Google is on the verge of implementing BIMI in its services. Yahoo and Mail have been using it for quite a long time.

Benefits of BIMI

Why use BIMI? To protect your recipients from phishing and spoofing. But not just that.

Implementing BIMI in your email marketing strategy offers the following benefits, either directly or indirectly (by virtue of following DMARC requirements):

  • Safe identification by a recipient
  • Increase in brand awareness
  • Protection of IP reputation
  • Reduced risk of phishing attacks
  • Effective protection from spoofing
  • Lowering the risk of customer data leaking
  • Increase in open rate and deliverability
  • Preventing your email from going into spam
  • Noticeable competitive advantage for early adopters

The Flipside of BIMI

BIMI has some weaknesses as well. Being a quite new technology, it has not yet been implemented and supported by many email providers (check the table below for details).

The second disadvantage of BIMI is the substantial amount of emails that companies have to send in order to be approved by postal services. Currently, email providers will not display a BIMI logo for small senders.

The third weakness of BIMI lies in the fact that businesses update their visual identity from time to time, usually every four years or so. A new logo can somewhat confuse your clients.

Perhaps the most important downside of BIMI is a costly Verified Mark Certificate, also known as VMC. This certificate is meant to confirm your rights on the use of a certain logo. It is already mandatory for Gmail and may also become a requirement with other services. VMC is already being used by such giants as CNN.

The minimum pricing for VMC is about 1000 dollars per year. This may be harsh for small businesses.

Which Email Providers Support BIMI?

BIMI logos are supported by the following email services:

Location

Email Provider

Alongside the From name
in an open email

Yahoo!, AOL, Netscape

(except Yahoo! Japan)

Gmail, Google Workspace

Fastmail, Pobox

In messages list view, by the subject line (mostly desktop versions, except Fastmail and Pobox)

Yahoo!, AOL, Netscape

(except Yahoo! Japan)

Gmail, Google Workspace

Fastmail, Pobox

Unfortunately, major corporations such as Apple and Microsoft (Outlook, Office 365) do not yet support BIMI technology. However, one can add a logo to the email signature in Apple Mail using Apple’s proprietary technology. Microsoft mail also shows labels, and you can add a logo to your signature, but their solution also differs from BIMI.

DACH (Deutschland, Austria, Switzerland) people can use logos with the help of TrustedDialog, but currently this option is supported by a limited number of email providers.

The Field of Application

With the worldwide switch to remote workflow, the percentage of corporate data leaks has grown. BIMI is a tool that might offer a certain protection. Banking will probably be one of the most popular uses of BIMI. It might also be useful in medical, social, human resources, transport services, as data protection is crucial in all these spheres now.

Requirements

BIMI only works for domains which use DMARC (Domain-based Message Authentication Reporting and Conformance).

DMARC is a policy that enables the recipient to know whether he can trust the sender or not. It helps to protect people from spam, phishing and other threats.

In turn, DMARC relies on SPF and DKIM.

DKIM (DomainKeys Identified Email) adds an e-signature to the email’s digital envelope. It's then verified on the recipient's side. By checking its validity using the public domain key, published via DNS, the recipient’s system will automatically tell whether the particular sender’s address has been authorized by the domain owner. The signature also guarantees that the email has not been modified.

SPF (Sender Policy Framework) defines which servers have a right to send emails on behalf of your domain.

Thus, BIMI serves as a visual representation of the fact that the sender makes proper use of email authentication technologies.

Setting Up BIMI

You need to meet certain requirements in order to obtain a BIMI logo. Here’s a list of what is necessary:

  • SPF, DKIM, DMARC records already set up and functioning;
  • a square logo in SVG Tiny Portable Secure format, accessible via HTTPS, and a corresponding DNS record;
  • a substantial amount of emails (although there are no specific numbers).

In some cases, you should get a VMC certificate. It is not obligatory for all email providers yet, but is a must for the most popular ones — Google Mail. Note that without DMARC, VMC is also unavailable.

You can find the detailed procedure of setting up BIMI here.

Possible Issues and Tips

The most common issue is the wrong format of your BIMI logo. Remember that it should be converted into SVG Tiny Portable Secure and be square.

Also keep in mind that the readability of the logo can suffer when scaled down. The text parts can become unreadable when opened on mobile.

Overall, the problems are few, but setting up a BIMI logo does take some time. You can learn more about certain possible issues at the official BIMI group website.

To make sure the domain meets the standards of BIMI, use the validation tool.

For those who’d like to take a more holistic and thorough approach, technical resources like GitHub and IETF can come in handy.

The Future of BIMI

As of now, BIMI is far from being a common feature in email marketing. However, the brands that will not hesitate to implement it, might win the attention of the audience. BIMI has the potential to become more popular in coming years. The number of email providers embracing the trend will increase too.

In the era of information technology, sensitive data in an email is still vulnerable. With the growing popularity of remote work and post-covid realities, BIMI could soon become a necessity. Though obtaining a VMC certificate and renewing it every year can be costly, setting up DMARC for your email is already a must. Using BIMI for transactional and corporate emails is a growing tendency that any large-scale business needs to follow if it values its clients’ privacy.