New Release: Email Security Awareness Training- Empower your team to proactively combat email threats with easy-to-launch phishing simulations and assessments Learn More
New Release: Email Security Awareness Training- Empower your team to proactively combat email threats with easy-to-launch phishing simulations and assessments
Learn More
What Is BIMI & Why It Matters to Email Security

What Is BIMI & Why It Matters to Email Security

Developer Developer
December 29, 2021
BIMI – Brand Indicators for Message Identification is a standardized protocol introduced recently to systematically display brand logos in emails. BIMI is not only a marketing tool, it is also an important new email security feature. In addition to ensuring the visibility of your brand by displaying logos to your customers, BIMI protects your emails from fraudulent senders and ensures their delivery. Companies and digital marketers rely on BIMI to send accurate information about their brand. BIMI relies on additional security technologies: DMARC, SPF, and DKIM. BIMI works in conjunction with these protocols to protect emails you send from being impersonated by scammers and to build confidence in the recipients that the messages they receive from your company are authentic.

What Is BIMI and How Does It Work?

Like other email authentication protocols, BIMI is a text record that resides on your sending servers (in your DNS records). The BIMI file consists primarily of text in a specific format which contains the URL for your brand’s logo and information on any Verified Mark Certificate (VMC) you may have. During delivery of an email sent from your servers, the recipient’s email service searches for the BIMI text file, as well as its location, to verify if the message can be authenticated. When the recipient’s servers find your BIMI record, the receiving service knows where to locate your logo file, and the email clients that support BIMI display that logo in the recipient’s inbox. As you can see, the basic concept of BIMI standard is technical but not complicated. Nevertheless, when setting up BIMI for your brand, you should keep these things in mind:
  • For a BIMI logo to be displayed, you need additional verification records set up. These include SPF, DMARC Authentication, and DKIM.
  • Ensure that your brand’s logo is an SVG file.
  • If you need to create or add a new BIMI TXT record to your DNS, you will need access to your domain name servers.
Those are a lot of acronyms to digest. Here is a breakdown of each one:
  • DKIM: DomainKeys Identified Mail adds a digital signature to emails by utilizing cryptography to make sure the messages are not tampered with during transmission.
  • SPF: Sender Policy Framework is a type of email authentication feature that ensures only designated IP addresses are used to send messages from your domain.
  • DMARC: Domain-based Message Authentication, Reporting, and Conformance provides mail servers with the ability to detect when emails are not being sent from an approved email provider domain. This feature allows brands to set policies that tell inbox providers how to deal with such unauthorized emails. In order to implement BIMI for your brand, you must first set up DMARC.
  • SVG: Scalable Vector Graphic is an image format that doesn’t rely on unique pixels to make up the image on the screen. Instead, SVG uses ‘vector’ data that can scale up to any resolution.
  • DNS: A Domain Name Server translates twelve-digit IP addresses into human-friendly domain names, like Google.com.

Why BIMI Matters to Email Security

Due to email’s long-standing role as the primary means of communication between customers and businesses, it has always been a significant tool for marketing and customer service—particularly after the disastrous COVID-19 pandemic. Research from the year 2020 shows that email marketing generated a 4200% return on investment, returning $42 for every $1 invested. With email inboxes more cluttered than ever, heightened visibility gathers attention. Moreover, as phishing and business email compromise (BEC) scams have increased in the past year, the capability to establish trust through enhanced brand visibility has proven invaluable. The BIMI technology was developed by a group of industry leaders (BIMI Working Group) to address email security and branding. The feature allows a verified sender’s official brand logo to be shown alongside email text in a space controlled by the mailbox provider, typically next to the user’s initials or avatar. A number of major email providers have set up pilots in support of BIMI, including Gmail (Google had already launched a BIMI pilot program in 2020), AOL, Yahoo, Fastmail, and Netscape. A large-scale rollout is expected within the next year for other mailbox providers as well. BIMI enables businesses to enhance brand recognition and visibility while ensuring proper email security. It secures emails, protects brand image, and increases consumer confidence and trust. The use of BIMI helps email marketers reduce bounce rates from spam filtration, increase open rates, and solicit higher response rates. Implementing BIMI provides an additional barrier against phishing and spoofing attacks, or other fraudulent emails which rely on impersonating businesses.

Final Thoughts

BIMI is a great tool for both email security and email marketing efforts. Used in conjunction with DMARC, SPF, and DKIM, BIMI implementation provides maximum security and maintains brand reputation. Trustifi’s Inbound Shield email security solution incorporates all these technologies to protect your emails. Trustifi also provides additional layers of security to your email system with outbound encryption, One-Click Compliance, and Data Leak Protection driven by sophisticated AI and machine learning engines. Yet, the Trustifi multi-layer solution is simple to implement and administer. Contact a Trustifi representative today for a free demonstration and a quote to implement the premier industry protection for your small business.
Related Posts