Gmail increases email security by adding support for BIMI
Organizations who deploy Domain-based Message Authentication, Reporting, and Conformance (DMARC) will, from now on, be able to increase Gmail recipients’ trust in the emails, newsletters, receipts and offers they send by automatically displaying the company’s logo.
This effective indicator that these types of email communication are, indeed, coming from that specific legitimate source is made possible by Gmail’s added support for the Brand Indicators for Message Identification (BIMI) standard.
About BIMI
BIMI is an email specification that enables the use of brand-controlled logos within email clients. BIMI is not a security solution but its use depends on them.
“For the brand’s logo to be displayed, the email must pass DMARC authentication checks, ensuring that the organization’s domain has not been impersonated,” the BIMI AuthIndicators Working Group explained.
The specification is backed by Fastmail, Google, Mailchimp, Proofpoint, Twilio SendGrid, Validity, Valimail and Verizon Media. The BIMI brand indicator currently appears next to company emails sent to Yahoo Mail, AOL, Fastmail and Pobox email addresses, and will now start appearing in Gmail.
“Other mailbox providers have announced intentions to adopt in the near future,” the Working Group noted.
About BIMI in Gmail
Companies publish a BIMI record for their domain via DNS, and it points to the logo indicator in SVG format to be used, and/or a Verified Mark Certificate for those receivers that require it (e.g. Gmail).
“BIMI leverages Mark Verifying Authorities, like Certification Authorities, to verify logo ownership and provide proof of verification in a VMC. Once these authenticated emails pass our other anti-abuse checks, Gmail will start displaying the logo in the existing avatar slot,” Neil Kumaran, Senior Product Manager of Counter-Abuse Technology at Google, and Wei Chuang, Senior Software Engineer at Gmail Security, explained.
Organization logos can currently be validated by the Entrust and DigiCert certification authorities.
“BIMI promotes another layer of security to Gmail by requiring strong authentication and verification of logos before they’re displayed in the Gmail avatar slot. Strong authentication increases confidence in the source of emails and provides recipients with a more immersive experience. Further, this helps email security systems filter spoofed, phishing emails from legitimate messages,” the Google Workspace team added.
In related news, Valimail also announced general availability of Amplify, a solution that gives clients the ability to display their logo alongside authenticated email messages.