Anyone with an email address is aware that there are many criminals and scammers who take advantage of the power of email.
That’s why email spoofing is so common. Cybercriminals impersonate brands and send emails in their name just to acquire subscribers’ sensitive data and damage your reputation along the way. This is a severe problem for subscribers, businesses, and mailbox providers.
So how can this new email protocol, Brand Indicators for Message Identification (BIMI), help?
Let’s dig in.
Is There Any Hope against Phishing Attacks?
Email is a fantastic way to communicate with customers but requires a lot of work behind the scenes, which your subscribers are unaware of.
75% of organizations around the world experienced some kind of phishing attack in 2020.Proofpoint
That’s a grim statistic.
What does this mean for your subscribers?
It means you are working towards providing the best email experience they can have with your brand. And providing consistency and better security, knowing that you are actually sending those emails and not someone ripping you off is a significant part of creating an amazing experience with businesses.
This is where BIMI comes in. It adds additional protection against spoofing.
What Is BIMI?
Brand Indicators for Message Identification (BIMI) is the fourth email authentication protocol, in addition to SPF, DKIM, DMARC.
What do email protocols do?
Email authentication protocols prevent email fraud, spamming, and scamming before the email reaches the inbox. They benefit legitimate businesses by reducing impersonation and consumers by protecting their data from being stolen and misused.
Here’s a guide on email authentication protocols if you want to dig deeper and learn more about each.
What does BIMI do?
BIMI is a TXT record published on your domain’s DNS that mailbox providers use to determine the authenticity and legitimacy of the email.
When correctly implemented, BIMI displays your brand logo in emails next to the message. By adding it, email clients can check that this is a verified business logo that you own and that is connected to your domain.
So basically, your email has to pass another security checkpoint to display your logo in the customer’s inbox. This checkpoint is added to ensure that nobody else uses your business logo or is impersonating a brand.
Your subscribers will see your logo in their inbox next to your message and know that they receive an email from the actual brand and not some scammer.
Why Is BIMI Relevant for Email Marketers?
While BIMI and email authentication protocols work in the background, the results of BIMI can be seen by your subscribers. BIMI has its benefits, and here’s what you can expect:
1. Better brand recognition
People will see your logo next to the message (if the email client they use supports BIMI). This adds trust that this is a legitimate business email that is safe to open and not some other phishing attempt. Plus, constantly seeing a logo will lead to better brand awareness and recognition—consistency matters.
2. Increased email security
As mentioned, email spoofing is a very serious issue. There is no shortage of scammers trying to impersonate a brand or company to get important personal and financial data from email subscribers. To fight off these scammers, mailbox providers want businesses to implement better protection.
To display your logo, BIMI cannot work on its own. It requires you have other authentication protocols working. And if brands want recognition by showing off their logo, they’ll need to implement email authentication.
So it’s a win-win for all.
3. Increased email engagement
By displaying your logo, people will recognize an email from a brand they can trust. Which means it’s more likely that they’ll interact and engage with it. This will lead to more opens and clicks, and engagement from your subscribers.
4. Improved email deliverability
Brand recognition and increased engagement can positively affect your deliverability as well. More opens and increased engagement with emails can thus decrease unsubscribes and spam reports which is great news.
How to Implement BIMI?
Email marketers usually don’t deal with email authentication. For proper implementation, go to your IT team, and they’ll help set this up for your email sending domain. You’ll also need your designer to take care of your logo file.
1. Authenticate your email authentication protocols
Start by identifying your correct sending domain. BIMI is an additional entry in your DNS records. So your IT person must know where to publish the email authentication protocols.
The three other email authentication protocols SPF, DKIM, DMARC, need to be aligned for BIMI to work. Note that your DMARC policy needs to be set to either quarantine or reject. So make sure all of this is in place. If you haven’t done this by now, this is the time to do it and set up DNS records.
2. Create a BIMI logo
Of course, the logo you use must be trademarked. Plus, it needs to be in a specific format, an SVG file (SVG P/S Tiny 1.2). Since there are several specific requirements your designer needs to know about to create the correct file, it’s best to follow the information about editing SVG logo files.
Note 1: BIMI currently supports only one logo for multiple domains and subdomains.
Note 2: You may see some brands’ logos even though they don’t have a BIMI record. Some mailbox providers have ways to display a logo, but this is not a standardized BIMI process.
3. Generate and publish your BIMI record
Once you make sure that SPF, DKIM, DMARC are aligned, and you have created your logo, it’s time to add your BIMI record.
Here’s an example of how the BIMI record looks like:
default._bimi.mydomain.com in TXT "v=BIMI1; l=[URL of logo]; a=[URL of VMC]"
You can use the LookUp & Generator tool to generate your BIMI record.
What do you need to generate a new BIMI record?
- You’ll need to state your sending domain.
- Link to the SVG file of your brand logo.
- If you have a Verified Mark Certificate (VMC), link to it. Otherwise, you can leave the value blank. VMC proves that you own the logo. For now, this is something that only Google requires for BIMI authentication, but other mailbox providers may ask for it soon. Here’s a list of VMC issuers.
4. Confirm that BIMI is working
You’ve published your BIMI record to your DNS. Now you need to ensure that it’s working as it should.
You can use the same BIMI Inspector tool you used to generate your record to check if it works. Just enter your domain name and click the button.
This will generate an audit report with the following information:
- The presence of all found records, MX, SPF, DMARC, and BIMI.
- List any warnings or issues with these records.
- Verify that you are using the correct SVG logo.
- A toggle to display your logo in dark mode.
- Generate a mobile preview of how your logo will look in a client’s inbox (see image below).
- If the BIMI record is not correct, you get a chance to modify it and generate a new one.
Which Email Providers Support BIMI?
Not all email providers will display your logo. Some of your subscribers may see it while others won’t, depending on which provider they use and whether it’s supported or not.
In the image below, you can see which mailbox providers offer support:
- With BIMI support: Aol, Netscape, Yahoo, Gmail, Google Workspace, Pobox
- Considering BIMI: Comcast, Seznam
- No BIMI support: Yahoo Japan, Outlook, Office 365
This is not set in stone, and more providers are expected to follow.
Image via BIMI group
If you need help, we at Loopify can guide you through the BIMI process. Feel free to contact our success team at firstname.lastname@example.org.
In the end, although the implementation of BIMI is technical, it’s worth the trouble. Not only because of the added email security against impersonation but also for better brand recognition, awareness, and engagement. Which is what we marketers strive to achieve.