Companies can now display their verified logo in Gmail messages to grow their brand and boost engagement

Ready for your Gmail inbox to become more eye-catching and secure? It’s about to start happening thanks to Google’s rollout of VMC support. Formally announced earlier this week, the change will see verified company logos start making their way to your emails via the BIMI standard.

After an initial pilot run last year, in which a limited number of companies and certificate authorities (CAs) participated, the world’s most-used email service will start recognizing VMCs. If you missed the test run or are unfamiliar with VMCs and the BIMI standard, they’re basically a way for companies to include their trademarked logos in the messages they send out. The purpose is to boost brand recognition, increase engagement rates, and provide a higher level of trust with their communications.

So, what are BIMI and VMCs, exactly? What are the requirements for using them? And who will they benefit?

What Are BIMI and VMCs?

BIMI stands for Brand Indicators for Message Identification and works with existing email authentication protocols such as DMARC (Domain-Based Message Authentication, Reporting, and Conformance), DKIM (DomainKeys Identified Mail), and SPF (Sender Policy Framework). Without getting too far into the nitty-gritty details, it’s a type of DNS resource record that is used to display an image (a logo, to be more specific) in the “from” field, representing the sender’s organization.

Verified Mark Certificates (VMCs) work in conjunction with BIMI to provide verification that the logo in question does, in fact, belong to the sender. They’re a kind of digital certificate that authenticates your company and corresponding logo in order to stop phishers and spammers from misusing logos in order to trick their targets. Think of it like the checkmark on social media platforms, but with more stringent and secure validation requirements.

VMC support in gmail
An authenticated logo displayed in Gmail next to the sender’s details. BIMI is the mechanism that displays the logo, while the VMC is what verifies the logo and its ownership. (Edit: As of late September 2024, a verified blue checkmark appears next to VMC-enabled logos in Gmail.)

What are the Prerequisites for BIMI and VMC Certificates?

Before you can take advantage of the new VMC support and display your logo with BIMI, you must have DMARC deployed on your email server. DMARC helps to minimize phishing and spoofing attempts by providing a higher level of control over the emails that your organization processes. It performs a series of authentication checks and then handles the message accordingly based on your policy configuration.

After that, you’ll go about setting up your BIMI record on the DNS server. A very important thing to note is that whichever image file you include in the BIMI record (a sample configuration can be seen below) must be trademarked.

bimi record
An example of a BIMI record.

Then, you can proceed with purchasing your VMC and going through the verification process with the CA.