• Subscribe   
  • Subscribe   

BIMI adds an exciting layer to email authentication

Exploring BIMI An Exciting Email Authentication Standard (1)

One of the most frustrating things for an email marketer is the shadow of doubt and mistrust that phishing casts on an otherwise highly effective marketing tool.  

Phishing emails that claim to be from recognizable brands, trick unsuspecting victims into sharing their personal or banking information. This is bad for email marketers because it makes people suspicious of legitimate emails, affecting click rates and impacting conversions. 

It makes sense then that technology companies are constantly looking for ways to better establish trust and in doing so, make life harder for phishers. 

A working group called the BIMI Group has developed what promises to be another layer in the fight to protect legitimate commercial emails. 

Brand Indicator Message Identification, known as BIMI, enables legitimate senders to display their branding in the email inbox.  As an addition to SPF, DKIM and DMARC, BIMI makes it harder for cyber scammers to make their phishing emails look legitimate. 

The 5 standards of email authentication

The 5 standards of email authentication

How does BIMI work?

It’s important to note that it’s another layer, not a silver bullet. BIMI only works alongside the other four authentication standards – SPF, DKIM, DMARC and ARC. 

BIMI is specifically an extension of DMARC that the Bimi Group defines as enhancing a “brand’s value within participating mailboxes, connecting the display of verified logos to the increased protection provided by DMARC enforcement”.

To implement BIMI, a specifically formatted text file is hosted on your email servers. When an email arrives in the recipient’s inbox, the receiving server looks for the BIMI text file and uses it to verify the sender.  

As an added bonus to email marketers (because who doesn’t love a bit of branding) the receiving server uses information in the text file to find the sender’s logo, which is then displayed in the inbox.  

In an article entitled What is BIMI and why should marketers care? Litmus providers this image from Yahoo! Mail to show how it looks: 

Source: Litmus

Can’t phishers just create the same text file?

They could create a text file, but what they can’t do is successfully validate the BIMI record relative to the sending domain.

Some mail providers will require a certificate to validate the logo against the sender. For BIMI to work, the sender would need a Verified Mark Certificate (VMC), which connects the company, the domain and the trademarked logo, and authenticates them as a package.

What happens now?

BIMI has been trialed by one webmail provider – Yahoo! Mail –  so far. In mid-2019, Google announced that it had joined the working group, and is planning a trial in 2020.

We can expect that as BIMI becomes more mainstream, it will help to build the trust relationship that email marketers so desperately need. It will also positively impact deliverability,  as getting an email successfully delivered is very much based on sender reputation.

Looking to partner with a digital communication specialist that applies all email authentication standards & ensures the best possible email deliverability rate?

By submitting your details via this form, you are consenting that we receive and store your information for the exclusive purpose of contacting you.
  • We will not share or publish your information or process it for any other reason.
  • Once your request is fulfilled, we will either delete your information or request your consent for further processing.
  • Please find additional information in our Privacy policy.
View our Terms of use | Protected by reCAPTCHA.

Stergios Saltas

Stergios Saltas

Operations Director, Africa

Stergios Saltas is Operations Director at Striata, with a focus on the Africa region.

With 20 years’ experience in the ICT industry, Stergios is responsible for guiding the strategic direction and daily operations of the African business. During his career at Striata, Stergios mastered a wide range of roles where he oversaw the management and delivery of messaging solutions.

Stergios is dedicated to understanding client needs and executing solutions with precision; ensuring that Striata products meet the highest standards of quality and functionality; while promoting the wellbeing of Striata’s valuable resources.

Read more of Sterg's blog posts here or connect with Stergios on the following social channels: