Google Finally Rolls Out the “BIMI” Security Feature on Gmail
Last updated July 13, 2021
- Google is now rolling out support for the “BIMI” security system on Gmail.
- The tech giant spent a year in testing, and the feature is now ready to tackle spam.
- BIMI will have to be embraced by those who are most often impersonated by scammers.
About a year ago, Google teased a new system called “BIMI” (Brand Indicators for Message Identification), which would help brands authenticate their logos in email communications carried out through Gmail. After a notable period of limited application and testing, the tech giant has finally decided that BIMI is ready to be rolled out to everyone, so support for the new security standard is now going global. With this new feature, Gmail users could see a notable difference in the received spam volumes, which is also the main point of the system.
BIMI leverages what Google calls Verified Mark Certificate (VMC), which companies can use in order to “declare” their logos. This, together will the authentication that happens through the Sender Policy Framework (SPF) - or alternatively the Domain Keys Identified Mail (DKIM) - helps all emails coming from this sender to pass through Gmail’s anti-abuse checks. On the other side, recipients will see the logo in the avatar slot of the sender, so they will have a quick and intuitive way to be sure about the origin of the message.
Of course, BIMI has to be embraced by companies that use email marketing, or the recipients will have no way to verify if a message comes from an official source or a scammer. This is very important, and many large companies have realized it already. The ‘Bank of America’ that participated in the testing of BIMI has made the following statement:
For now, the two certification authorities that will support the BIMI validation process are ‘Entrust’ and ‘DigiCert.’ However, Google promised to expand this list soon, adding support for more logo types and other authenticating marks. The effort is now focused on trademarked logos that are common targets of impersonation, so the first wave of the roll out aims at that crucial space.
