How Can I Brand My Mail? Use a VMC and BIMI
According to Mimecast’s report The State of Brand Protection 2021, their detection of brand impersonations rose to 39.2 billion in February 2021, an increase of 170% compared to 2019. Learn how branding your emails using VMC and BIMI can be your “silver bullet” that helps your messages claim prime real estate within your customers’ inboxes and prevents phishing scams
Editor’s Note: This is a guest blog contribution from Nadia Bonini, a technical writer, certified CSPO mail application security product owner and former application security engineer. Nadia shares her perspective on ways that you can brand your mail, including the trump card of enabling a BIMI verified logo to appear in your recipients’ inboxes.
A trustworthy brand has become paramount for consumers. According to research by the global data intelligence company Morning Consult, almost 90% of surveyed customers stated that they’d buy more from a brand they trust.
With the Radicati Group reporting an average of 319 billion emails are sent and received each day, it’s easy to see why grabbing your customer’s attention in an already overloaded inbox has become a real challenge.
In an inbox cluttered with spam, even legitimate emails from trusted brands can easily go unnoticed, end up in their junk folders or, even worse, get deleted. This issue leaves you asking the question that led you here: “How can I brand my mail to help messages reach their inboxes?” This is where implementing certain email identity measures can help your business’s communications to shine a spotlight on your brand.
In this article, you’ll learn how to brand your mail in a way that makes your messages stand out from the crowd by using tools called verified mark certificates (VMCs) and brand indicators for message identification (BIMI). Together, these two components serve to:
- Enhance your organization’s credibility,
- Create trust in your brand’s emails upfront, and
- Ensure that your email will never be treated as spam again.
Let’s hash it out.
How to Brand My Mail (While Adding Security to the Equation)
As of 2019, The Radicati Group also estimated that the average user received 126 emails per day. That’s an average of 45,990 emails per year! And imagine how much that has increased as we approach 2022. With this in mind, it’s easy to see why you need to take steps to make your messages stand out in customers’ inboxes. Thankfully, there are several ways that your organization can brand your mail in outbound emails:
- Create emails that include engaging and consistent banner images and email signatures.
- Use your organization’s branding (writing style/voice, colors, design, typefaces, graphic elements, etc.) consistently.
- Create email templates that simplify and streamline the email creation process.
- Include relevant links to content from your site, blog, etc.
- Use a verified mark certificate (VMC) and brand indicators for message identification (BIMI) to project your brand to promote trust.
As far as branding your mail goes, it’s likely you’re already doing several of the recommendations above. However, these first four appear exclusively inside the emails themselves. That last option — using VMCs and BIMI — helps you brand your email on the “outside of the envelope” as well as inside the message as well. This contributes to not only better branded messages but, ideally, ones that your customers recognize as being safe as well.
VMCs and BIMI Bring Your Organization’s Inbox Identity to a Whole New Level
While it’s true that email filters are doing their best to filter spam emails from users’ inboxes, those efforts aren’t enough on their own. They need help to differentiate legitimate emails from fake ones, and using VMCs and BIMI, together, can help do that.
What Is a Verified Mark Certificate?
A verified mark certificate (VMC) is a digital certificate that:
- Enables your organization to display its verified logo in your recipients’ inboxes,
- Enables you organization to display the same verified logo next to your sender field information within your emails, and
- Validates that the certificate is authentic and owned by you.
For example, take a look at the screenshot of one of The SSL Store’s employees’ Gmail inboxes. See the verified logo for Chase in comparison to the generic letters and people icons? This is an example of the visual impact emails can make for companies using VMCs and BIMI (more on that momentarily).
Getting a verified mark certificate requires having a publicly trusted certificate authority (CA) verify the authenticity of your logo and that you have ownership of it. Therefore, any messages that display that verified logo in your recipients’ inboxes prove that you’re a legitimate business and that your branded emails came from you.
As a result, your recipients will know that the emails they receive from you are not suspicious and will be more willing to open and read them.
What Are Brand Indicators for Message Identification?
Brand indicators for message identification (BIMI) is a term for an open standard that allows your brand logo (that’s been verified with a VMC) to be displayed next to your email in your customers’ inboxes.
Working together with the verification and authentication methods listed below, BIMI not only increases the visibility of your branded messages, but it also provides additional security and trust that contribute to a better overall email experience.
- SPF (Sender Policy Framework). Ensures that emails are sent only from trusted IP addresses, thus preventing spammers from sending messages using your domain.
- DKIM (DomainKeys Identified Mail). Authenticates you as a trusted sender by adding an encrypted signature to all outgoing message headers and confirming that your message has not been altered.
- DMARC (Domain-based Message Authentication Reporting and Conformance). Provides additional protection against spoofing and phishing emails through enforcing the use of the domain name in the from field. It also boosts delivery rate, enabling you to tell the receiving mail servers how to handle messages that were sent from your domain but didn’t pass SPF and/or DKIM checks. All of this happens on the backend, so users don’t see it happening.
We’ll speak about BIMI more in-depth later in the article. But an important takeaway you should get from this section is that a VMC creates an additional security layer on top of your BIMI records so that, when used all together, they protect your brand (and your customers) from spoofing and phishing.
How VMCs and BIMI Work to Display Your Brand’s Logo Up Front
VMC works together with BIMI to display your verified company logo in your customers’ inboxes regardless of which devices they use.
When a customer receives your email, some standard authentication and validation checks will be run in the background. If everything is properly configured and validated, your BIMI logo will display next to your message, just before the sender field information and message preview. Basically, they work more or less like the “verified” account badges and checkmarks on social media.
This all sounds great, right? It is! But for everything to function correctly, there are a few prerequisites that need to be met, including:
- Setting up specific email authentication with specific DMARC configurations,
- Having a registered logo that you own and can legally use,
- Having a logo image file available in the right format, and
- Getting a VMC from a certificate authority such as DigiCert.
We’ll talk more about the technical aspects of how VMC and BIMI work later in the article. Before going into technicalities, let’s see how all this will look like in your customer’s inbox.
How a VMC and BIMI Email Looks In Customers’ Inboxes
Now that you have an overview of how VMC and BIMI work together, in order to better understand the outcome, it’s important to have a look at a practical example. Let’s say that you received in your inbox two emails with the same subject and from the same sender (or so it seems). The first email has the generic letter display you see everywhere (as illustrated in the left half of the example below); the second one (the right half of the image) is branded with an official logo image instead of only a capital letter:
- Which one captures your attention? The generic first one or second one on the right? Probably the latter.
- Which one looks more professional, thus more trustworthy? Once again, definitely the second one.
- Which email would you open? We’re going three for three… most likely number two, the one with the logo.
The same happens with your customers. In a sea of blue t-shirts, the white one is always stands out.
To give you an even better idea, let’s take a look at how a branded email would look like when viewed in an email client’s inbox that supports BIMI (i.e., Gmail, Netscape, Yahoo, AOL, Pobox, and Fastmail):
It makes a big difference, right? Not only does the logo make the email look more professional, but it also makes your email and brand really stand out from the unbranded ones.
How Using a Verified Mark Certificate + BIMI Benefits Your Business & Customers
At the beginning of this article, we said that VMC can have a positive impact on your organization, not only from the pure business point of view, but also from a security perspective. These are exactly the two main categories of benefits that VMCs offer.
Business & Reputational Benefits
In today’s competitive world, finding customers and grabbing their attention is not an easy task. Enhancing your online reputation and distinguishing your business from the competition can be good ways to put you on the right path. Using a VMC in combination with BIMI can help you achieve this and much more. How?
- Enhancing visibility in your customers’ inboxes. VMC will put your brand center stage in your customers’ inboxes. Rather than the anonymous default initials, your customers will see your validated logo before they even open your email.
- Increasing your email open rates. A study by Yahoo! Verizon Media showed a 10% average increase in brand engagement for companies that used a verified logo and BIMI for their emails. This resulted in increased visibility and ROI, even for new businesses.
- Improving your email delivery rates. Thanks to the adoption of DMARC, one of the prerequisites of VMCs and BIMI, you’ll be able to reach a higher number of recipients and avoid ending up in their spam folder.
- Creating a unified experience across all platforms. Till now, your logo was shown on your social media accounts and websites. With VMC and BIMI, your customers will also be able to see your verified logo in their inboxes. This will increase brand consistency across all of your platforms, enabling your brand to be everywhere and ensuring that everything you do is immediately associated with your brand!
- Boosting email authenticity and trust. Your recipients will be more likely to trust your messages if they’re branded. As such, creating branded, authentic emails helps you pave the road towards building and strengthening a loyal customer base.
- Helping to prevent phishing and spoofing. Since having a BIMI record and DMARC policy in place are required for BIMI and VMCs, you’re able to thwart brand spoofing and mitigate phishing attacks.
- Promoting security as a priority. Once again, DMARC will show your customers that security is your priority and confirm to them that the email you’ve sent them is from a legitimate organization.
With phishing on the rise, a high number of emails are being classified as spam, which makes things even harder and more costly for businesses trying to reach their customers in the digital world. This is where VMC can help your organization before phishing and spoofing make too much damage.
- Providing spoofing and phishing protection. Since having a BIMI record and DMARC policy in place are required for BIMI and VMCs, you’re able to thwart brand spoofing and mitigate phishing attacks. In a typical phishing attack, an attacker tricks email recipients into believing that the message is coming from a reputable source. They can do this by using a forged email address. The best way to avoid this happening is to have a mechanism that can verify the sender’s identity. This is what DMARC does.
- Protecting the security of your brand. In order for the certified authority (CA) to issue a VMC, you will need to register your logo as a trademark. This will add another layer of security, ensuring that your brand logo won’t be spoofed by attackers.
- Preventing attacks by detecting incorrect DMARC configurations. DMARC is a very powerful tool for security specialists. Publishing your DMARC records into your DNS record will enable you to:
- Track who’s sending unauthorized emails on behalf of your domain,
- Identify the emails that have been authenticated incorrectly due to a server misconfiguration, and
- Know how often this is happening.
- Aiding spam detection filters. Sending your emails with VMC and DMARC confirms to email providers and users that your message is genuine, improving the accuracy of their spam blockers thus, increasing your sender’s reputation rate.
- Providing all-around robust email security. Combining VMC and DMARC (which relies on SPF and DKIM) helps your organization achieve truly branded emails and better security. This will help increase customers’ confidence in your brand by demonstrating your commitment to email security and customers protection.
But that’s not all. To make VMC even more effective and be able to really capitalize on all the benefits offered by a comprehensive and secure email solution, BIMI should be added to the equation.
Make Your Emails Stand Out: Display Your Brand Logo In Your Customers’ Inboxes
A 2020 report by the Data & Marketing Association shares that 55% of email users prefer having a way to recognize the sender of the email before opening it. If they don’t, they will rather ignore the email.
Here comes the importance of BIMI. It will enable you to bring your brand logo to your customers’ inboxes, enhancing brand recognition, leveraging and increasing the value of VMC and DMARC.
Breaking Down the Basics of BIMI
Brand indicators of message identity standardize and facilitate the process of logo management and brand display with supporting email clients. It helps customers to easily recognize real emails from fraudulent ones and make an informed choice before opening a message. Moreover, BIMI:
- Gives you complete control of your brand logo in your customers’ inboxes.
- Builds trust by authenticating your logo, thus ensuring that you’re the only one that can use it.
- Provides your customers with a richer and more secure inbox-perusing experience.
Interesting right? Now that you know more about the added values of BIMI, let’s get into some technical details.
How Can I Brand My Mail With BIMI
To ensure that BIMI works correctly, you must first follow the steps below:
- Create your logo in a supported format. This would be a square image file that’s in SVP Tiny PS format and saved in a secure web location (i.e., HTTPS instead of HTTP).
- Create, configure and save your BIMI text record on your sending server. This BIMI inspector and generator tool can help you to ensure that it’s done correctly. Important: The URL where your brand logo is located must be included in the DNS .txt record.
- Validate your organization’s domain with DMARC’s standards. You can set the DMARC policy: “p=quarantine” or “p=reject”
- Trademark your logo with the patent and trademark office of your region. For example, if you’re located in the US, you should contact the United States Patent and Trademark Office (USPTO).
- Validate your brand logo getting a verified mark certificate (VMC). This required validation checks and approval by a trusted CA.
Now that you’re ready to brand your mails with BIMI, let’s see how the technical process works when you send an email.
Before the email being delivered to the recipient:
- The recipient’s email provider tries to authenticate your message.
- If the authentication succeeds, the email provider checks the availability of a corresponding BIMI record through a DNS lookup.
- Once found, based on the information contained on the BIMI file, it extracts your brand logo from its source and displays it in your customer’s inbox!
Et voilà! It’s done! Now you can use BIMI in combination with the VMC of your choice to brand your mail online.
If you want to know more about how BIMI works, check our latest article, “BIMI for Gmail: Google Makes Email Identity Indicators Part of Its New security Updates.”
Email Providers Supporting VMC and BIMI
Before moving to the next chapter, it’s important to understand that since VMCs and BIMI are relatively new technologies, not all email providers are already offering these features to their users.
However, according to the information published on The BIMI Group’s website, there are several big players in the email world that are already officially supporting this enhanced email security and branding. And several other major providers are already considering joining the pack:
|Email Providers Supporting BIMI||Email Providers Considering Supporting BIMI||Email Providers Not Supporting BIMI (Yet)|
|Yahoo! (including AOL and Netscape)||1&1 (including mail.com, GMX and WEB.DE)||Apple|
|Google (with Gmail and Google Workspace)||BT (British Telecom)||Microsoft (including Outlook and Office 365)|
|Fastmail (including its parent company Pobox)||Comcast|
As you can see BIMI is on the right track to becoming the standard for the majority of email providers quickly. Businesses like CNN, Bank of America, and Chase have already implemented BIMI and are using this technology to their advantage.
As the saying goes — “The early bird gets the worm.” Don’t wait to take your email branding to the next level! Get the best visibility in your customers’ inboxes with VMCs and BIMI to let them know at first glance which sender they can trust.
Before we move on to the next talking point, it’s important to bear in mind that, even though you’ve branded your email through VMC and BIMI, each mailbox provider will have the last say in displaying your logo. Very often, this will depend on your sending reputation score, which is calculated by each email provider using its specific formula (never shared with the public) based on different metrics and criteria.
Some email providers and email deliverability experts offer resources and tools to help you learn more about your sender score reputation. A handful of the most popular tools are:
- SenderScore.org. Your sender reputation is evaluated using a scale between 0 and 100. This tool provides you with detailed information about how your IPs are ranked by the major email providers. A reputation higher than 80 will enable you to qualify for the Sender Certification Program.
- Gmail Postmaster Tools. This tool allows you to measure useful data when sending to Gmail recipients (e.g., IP and domain reputation, delivery errors, and spam rate — just to name a few).
- TrustedSource. Managed by McAfee, this tool enables you to check your domain reputation, providing you with detailed information about your website, mail server, and DNS.
- Outlook’s Smart Network Data Services (SNDS). This goldmine of high-quality information allows you to get a comprehensive look into your Outlook.com sender reputation. The data provided includes not only the reputation status of your IPs, but also your spam complaint rate and the number of emails sent by your organization that ended up in their spam traps as well.
If you keep an eye on your reputation (including IP blacklisting) and follow the information described in this article, you should be OK. To help you out even further, some providers like Yahoo and Gmail have even published some general tips to help you ensure to get your logo displayed.
VMC and BIMI: Ultimate Partners For a Verified, Labeled and Trustworthy Brand
Wouldn’t it be wonderful if, when your customers’ inboxes are seemingly busier than ever, there was a way you could differentiate your emails from others visually? Wouldn’t you love to see your email immediately stand out like fireworks and grab your customers’ attention?
This is exactly what VMC and BIMI together can bring to your business, in addition to other great advantages:
- Protects your company and potential customers from spoofing and phishing attempts.
- Grants you more brand visibility. This ensure that your customers get familiar with your brand, leveraging your investment in email authentication and verification.
- Boosts your email marketing conversion and customers engagement rates.
- Allows you to take control of your logo, ensuring that you get the correct brand image in front of your audience.
And these are just a few examples of the positive influences that VMC and BIMI can have on email security and brand trust. But before you can use them together, you’ll need to know how to get a verified mark certificate for your logo — and this is what we’re going to explore next.
How to Get a Verified Mark Certificate
Before being able to obtain a verified mark certificate, your business has to meet a few requirements. Assuming that you’ve already followed the process of getting BIMI to work, which means that you’ve already implemented DMARC and have a trademark logo, obtaining a VMC it’s even easier.
Let’s see what this process looks like:
- Make your emails DMARC compliant.
- Get your logo trademarked and ensure that it’s saved in the right format (SVG Tiny PS).
- Select a trusted vendor to purchase your VMC from.
- Get your organization validated by the CA.
- Receive and upload your VMC.
- Upload your BIMI DNS record.
Done! It’s not too difficult right? Once you’ve received the entity certificate from the CA (which will come as a privacy-enhanced mail file, or PEM file), you’ll be able to upload it to your server together with any other intermediate certificates you’ll receive from the CA.
To help you even further, we’ve published on our blog a detailed guide describing the process step-by-step.
Final Thoughts on “How to Brand My Mail” Using a VMC and BIMI
In a world where fraudulent and spam emails are chipping away customers confidence towards senders, VMCs and BIMI serve as a way to boost project, brand visibility, and security in the inbox.
Email is evolving and so are your consumers. Although support for these technologies is still growing, you can get in on it now and let your brand shine in the sea of generic emails. Research shows that customers are more trusting of branded emails; using a verified logo for your emails assures them that your brand makes security a priority.
Now that you know how to brand your mail, don’t wait! Businesses are progressively getting their logo next to their email messages! Build up your brand and reputation with a Verified Mark Certificate! Steal the show in your customers’ inboxes!
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018in Hashing Out Cyber Security
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chromein Everything Encryption
Re-Hashed: How to Fix SSL Connection Errors on Android Phonesin Everything Encryption
Cloud Security: 5 Serious Emerging Cloud Computing Threats to Avoidin ssl certificates
This is what happens when your SSL certificate expiresin Everything Encryption
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Messagein Hashing Out Cyber Security
Report it Right: AMCA got hacked – Not Quest and LabCorpin Hashing Out Cyber Security
Re-Hashed: How to clear HSTS settings in Chrome and Firefoxin Everything Encryption
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithmsin Everything Encryption
The Difference Between Root Certificates and Intermediate Certificatesin Everything Encryption
The difference between Encryption, Hashing and Saltingin Everything Encryption
Re-Hashed: How To Disable Firefox Insecure Password Warningsin Hashing Out Cyber Security
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settingsin Everything Encryption
The Ultimate Hacker Movies List for December 2020in Hashing Out Cyber Security Monthly Digest
Anatomy of a Scam: Work from home for Amazonin Hashing Out Cyber Security
The Top 9 Cyber Security Threats That Will Ruin Your Dayin Hashing Out Cyber Security
How strong is 256-bit Encryption?in Everything Encryption
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3in Everything Encryption
How to View SSL Certificate Details in Chrome 56in Industry Lowdown
PayPal Phishing Certificates Far More Prevalent Than Previously Thoughtin Industry Lowdown