Common Mark Certificates Make It Easier to Display Your Logo in Gmail
Companies can now display their logos as their brand avatars in messages to Gmail recipients (like in the picture above) without needing a registered trademark
Want to display your brand’s logo as the avatar on your emails in Gmail? Up until recently, the only way to do this was to verify your trademarked logo using a Verified Mark Certificate (VMC). But this approach didn’t work for all organizations because it required a registered logo trademark, which most businesses don’t have, and getting one requires a costly and time-consuming registration process.
Enter the Common Mark Certificate (CMC), a solution that is accessible to nearly every organization — no trademark required. But what makes CMCs different and how are they beneficial to businesses?
Let’s hash it out.
What Is a Common Mark Certificate?
A Common Mark Certificate (CMC) is the newest type of Mark Certificate that allows you to display your brand logo alongside emails you send to Gmail users. CMCs simply require proof of prior logo use or a modified trademark to display your brand’s logo next to the sender’s name field in outbound messages.
Common Mark Certificates make emails you send stand out in recipients’ inboxes, while also fighting against email spoofing and making the entire email ecosystem more trustworthy. Here’s how Felix Tatrai, Deliverability Advisor at the email marketing platform Inxmail, describes it:
“A CMC is a sign of trust. It signals the authenticity of an email and helps recipients to recognize phishing. At the same time, it can be a decisive advantage to stand out in a flood of emails in the inbox. I don’t need a registered trademark for a CMC, so more organizations can now benefit from the potential of BIMI.”
A Quick Look at a CMC
So, what will a CMC look like? Here’s a quick example of how a Common Mark Certificate-enabled logo displays in Gmail webmail:
This differs from Verified Mark Certificates (VMCs), which are the original type of Mark Certificates with more stringent requirements that allow you to display both your logo and a blue checkmark in Gmail. Let’s take a closer look at the differences between these two types of Mark Certificates.
A Common Mark Certificate vs a Verified Mark Certificate
TL;DR: A VMC displays a blue verified checkmark in addition to your logo; a CMC simply displays your logo (but is much easier to get).
While it’s true that a CMC doesn’t have the same stringent trademark requirements, the downside is that it also means you can’t display a blue “verified” checkmark next to your brand’s logo. (That benefit is reserved for VMCs only.) But that’s not the only difference between these two types of Mark Certificates email branding certificates.
Here’s an overview of the differences between these two overarching categories of Mark Certificates:
Common Mark Certificate | Verified Mark Certificate | |
Uses | A certificate that allows you to display a logo in Gmail that doesn’t have to be trademarked | A certificate that allows you to display your registered trademark logo or Government-claimed mark in multiple email clients |
Logo Requirements | Either you have used the logo on your website for at least a year, or the logo is an acceptable modification of a registered mark | Requires use of a brand logo that has a valid registered trademark with the U.S. Patent and Trade Office |
Validation | Validates your organization details, domain control, and requires showing 12+ month use of the logo | Validates your organization details, domain control, and trademark registration |
Cost | Costs significantly less than VMCs, in part because of its lower validation requirements and the fact it doesn’t require a registered mark | A bit more expensive due to the manual validation requirements performed by the Mark Verifying Authority that will issue the certificate |
Logo Display | Yes, your logo will display on emails you send to Gmail users | Yes, your logo will display on emails you send to users of Gmail, Apple, and other emails clients |
Verified Checkmark in Google Mail (Gmail) | No verified checkmark in Gmail | Yes, a verified checkmark will display in Gmail |
Get a CMC | Get a VMC |
But what does it look like when you receive emails that use VMCs, CMCs, or no Mark Certificates at all? Let’s take a gander at how these emails display in Gmail webmail:
So, what does this look like in the Gmail app for iOS mobile users? Let’s take a look:
Breaking Down the Types of Mark Certificates in More Detail
According to the BIMI Group’s latest Minimum Security Requirements for Issuance of Mark Certificates (March 7, 2024), there are two types of Mark Certificates, and each type also has two sub-types. Here’s a list to help keep the types straight:
1. Common Mark Certificates
These certificates don’t require the use of a registered trademark, making them more accessible for all companies that want to enable digital trust. These don’t have the verified blue checkmark you see in the screenshot above. The two sub-types are:
- Prior Use Mark Certificates — These certificates are for companies that don’t have a registered logo that’s officially trademarked but can provably show (e.g., via the Wayback Machine) that they’ve used the logo on their website for at least the previous 12 months.
- Modified Registered Trademark Certificates — This is for companies with trademarked logos who want to modify its appearance for special uses (e.g., adding holiday-themed elements to make the logo more festive at certain times of the year). Modified marks must retain 50% of the original registered mark’s representation.
2. Verified Mark Certificates
These certificates display the verified blue checkmark — they represent the highest level of validation because they require a registered or government mark. The two sub-types are:
- Registered Mark Certificates — These certificates are issued for official logos that are registered trademarked with a supported trademark office and are in good standing. This is what most people think of when referencing a traditional VMC.
- Government Mark Certificates — These are for displaying government logos that have been legally reserved by a government entity even if they’re not traditional registered trademarks.
Only Gmail Supports Common Mark Certificates (For Now)
Google announced support for the new CMCs in a September 2024 blog post. As of the time this Hashed Out article was written, Gmail is the only email client that supports Common Mark Certificates, although several others support VMCs.
Once you have your mark certificate issued, you’ll need to make some DNS changes so that Gmail and other email clients will start displaying your logo.
CMCs and VMCs work with an open standard called Brand Indicators for Message Identification (BIMI), which uses DNS records to display your organization’s branded logo on your emails. (NOTE: BIMI is how all Mark Certificates are published/deployed.)
To quickly recap: BIMI adds another layer of security and authentication to emails to help prevent spam and increase trust in organizations’ verified brands. It requires companies to enforce their DMARC policy (or what’s known as Domain Message Authentication, Reporting and Conformance). BIMI is supported by companies like Apple, Yahoo, Fastmail, and several others. Adding your branded logo to your outbound messages helps increase trust in your messages along with open rates and click-thru rates.
Ready to Brand Your Emails Using a Mark Certificate-Enabled Logo?
Regardless of whether you choose a VMC or CMC, the process is largely the same for both types of certificates. The main difference boils down to the additional requirement of providing your trademark info that’s required for a Verified Mark Certificate.
How to Get & Publish a Common Mark Certificate in 5 Steps
To get started, here’s an overview of what you’ll need to do to start displaying your company logo in messages to Gmail users using a Common Mark Certificate:
1. Set Up Your DNS Records
A prerequisite to displaying your logo on your emails is setting up DMARC enforcement. This is a DNS record that helps fight email spoofing and blocks unauthorized senders from sending emails from your domain. You’ll need to set up your organization’s outbound emails using the Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and DMARC.
After you’ve authenticated all of the emails you’re sending with DKIM and/or SPF, set DMARC enforcement to either “p=quarantine” or “p=reject”.
2. Check Whether Your Logo Qualifies
For CMCs, you’ll need to show that your logo has been in use for at least 12 months using archive.org. Or, alternatively, you must provide proof that you control a similar registered trademarked logo (i.e., one that’s at least 50% similar) and provide the trademark number and trademark agency country.
3. Purchase a Common Mark Certificate
You can get a DigiCert Common Mark Certificate right here at TheSSLstore.com — visit our Common Mark Certificate product page for more information.
4. Specify Which Domain(s) Will Share and Display Your Logo
When you purchase a DigiCert Common Mark Certificate from TheSSLstore.com, you’ll be prompted to enter the domain name that your logo will be associated with on the enrollment page.
You’ll also need to upload your BIMI-configured logo .svg tiny portable/secure logo file.
NOTE: DigiCert offers logo hosting for CMCs and VMCs, which you can select during the certificate enrollment process (as shown below).
Other information to provide includes your organization and contact-related information, which will be used in the Mark Certificate validation and order process.
5. Create and Publish a BIMI Record
A BIMI record is a type of DNS record that provides email clients with the URL of your logo that you want to display and the URL of your Mark Certificate (that verifies your logo). This record will need to be published in your DNS txt records so they’re accessible by other connecting servers and email clients.
Use the BIMI Group’s BIMI Inspector and Generator tool to simplify the process. This useful tool provides a BIMI audit report that shows what DNS records are properly set for your domain and which ones are missing or need to be updated.
Here’s a quick example of what information the BIMI Audit Report provides:
Want to Learn More About BIMI and Mark Certificates?
Check out our other related resources:
Be the first to comment