Security

Google Finally Rolls Out the “BIMI” Security Feature on Gmail

By Bill Toulas / July 13, 2021

About a year ago, Google teased a new system called “BIMI” (Brand Indicators for Message Identification), which would help brands authenticate their logos in email communications carried out through Gmail. After a notable period of limited application and testing, the tech giant has finally decided that BIMI is ready to be rolled out to everyone, so support for the new security standard is now going global. With this new feature, Gmail users could see a notable difference in the received spam volumes, which is also the main point of the system.

BIMI leverages what Google calls Verified Mark Certificate (VMC), which companies can use in order to “declare” their logos. This, together will the authentication that happens through the Sender Policy Framework (SPF) - or alternatively the Domain Keys Identified Mail (DKIM) - helps all emails coming from this sender to pass through Gmail’s anti-abuse checks. On the other side, recipients will see the logo in the avatar slot of the sender, so they will have a quick and intuitive way to be sure about the origin of the message.

Of course, BIMI has to be embraced by companies that use email marketing, or the recipients will have no way to verify if a message comes from an official source or a scammer. This is very important, and many large companies have realized it already. The ‘Bank of America’ that participated in the testing of BIMI has made the following statement:

Bank of America has a wide range of security measures in place to support our customers, and we constantly evolve our program to deliver best-in-class protection. Part of this effort is our partnership with Google on BIMI, which provides an easy way to validate if correspondence is from us.

Source: Google

For now, the two certification authorities that will support the BIMI validation process are ‘Entrust’ and ‘DigiCert.’ However, Google promised to expand this list soon, adding support for more logo types and other authenticating marks. The effort is now focused on trademarked logos that are common targets of impersonation, so the first wave of the roll out aims at that crucial space.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: