About BIMI (Brand Indicators for Message Identification)

BIMI is an emerging email authentication protocol that allows your brand logo to start showing beside all your valid outgoing emails.

Benefits of BIMI are manifold. BIMI helps you improve your brand visibility, by continuously building your brand’s good reputation and trust with every outgoing email.

BIMI was introduced so that businesses could have an easy way to prove the authenticity of their outgoing mails. The equation is simple: when your brand logo shows up in an email, it assures users that the message is secure and truly sent by you.

BIMI works on top of DMARC, SPF, DKIM to verify sender information. Essentially BIMI is a TXT record that resides on your DNS servers. It works with a trademarked SVG logo to validate your identity. As you build more and more trust with BIMI, you also keep signaling to receiving mail servers that your sending mail servers only send valid, authentic emails.  As a result, your email deliverability automatically improves.

Prerequisites for BIMI

Although the benefits of BIMI sound tangible and simple – your logo showing up in outgoing emails – there are a couple things that need to be done just right so that you can implement BIMI.

For BIMI to work, you need the following aspects to be in place:

1. Get your logo registered and trademarked
2. Your emails need to pass the DMARC, SPF, DKIM authentication
3. Create a SVG file of your official brand logo
4. Obtain a Verified Mark Certificate (VMC)
5. You need editing access to your DNS servers so you can setup a new BIMI TXT entry

The complete process of BIMI adoption has elaborated on the Logix BIMI service site.

Benefits of BIMI for email marketers

It leverages the automatic security of DMARC

As we discussed before, BIMI is built on top of DMARC capabilities. Therefore, your sender email domain needs to be DMARC compliant for BIMI to start showing up. In this way, BIMI compels you to get your DMARC authentication in order, thereby vastly improving your email domain security.

Protect your subscribers and email recipients from phishing

When a phishing campaign is launched by hackers who borrow your business email domain, your reputation takes a hit. Although the damage is actually borne by the victims of the phishing attacks, your business is indirectly affected in the form of loss of trust.

But by implementing BIMI, you make it very simple for email recipients to verify the authenticity of your emails: does the logo show up or not? If it doesn’t, your prospects can safely assume that something is not right and ignore such emails.

Improve your opens and clicks

Just by virtue, BIMI makes your marketing emails stand out. Imagine a sea of mails without the official logo, and then suddenly your prospect sees your mail with official branding. It catches attention, instils instant trust, and boosts your engagement rate.

Acquire the benefits of BIMI for your brand

Logix has expertise with DMARC implementation and enjoysclose tie-ups with Digi-Cert, which provides VMCs. Both these aspects are critical for your successful BIMI implementation. Moreover, BIMI by Logix is a fully owned and managed process. With us, your BIMI is already on the fast track.

Why digital trust – The changing trends of digital businesses

The business world has now shifted its pivotal operations to the digital world. There are no more distinctions between personal and work devices, and people are now almost never truly disconnected from their work. This has resulted in a hyperconnected world with a staggering number of people, devices, and networks thrown in the mix. Remote working has become the norm. On top of all this, the adoption of cloud technologies has added even more complications.

For continuing on the digital path, maintaining security is a must

This is where digital trust comes into play. If we are to continue with this model of working and connecting with others, it is of utmost importance that we maintain the proper security.

Unless business brands and devices maintain and portray digital trust, participants of this hyperconnected ecosystem can never securely conduct their activities. This is especially important because of the nature of the activities we’re conducting online. We make payments, share confidential emails, maintain personally identifiable information on our digital personas, and connect on audio / video calls. All of this generates data which needs to be protected at all costs.

Now, digital trust has become even more vital, because the attack surface has suddenly expanded exponentially. There are PCs, laptops, tablets, smartphones, IoT devices, SMART gadgets, public and private networks, and remote connections in the equation, all of which need to be secured religiously. Digital trust, therefore, has become an IT necessity.

3 pillars of digital trust

Digital trust rests on 3 pillars:

1. Authenticating identities of any entity (person / machine / data).
2. Assuring the integrity of an entity which is participating in a digital transaction.
3. Implementing encryption of data to secure it in transit.

These three elements come together to indicate the digital trust of a website / web application / online entity. It can be an email that needs authentication, a person that needs to be authorized, or a document that needs to be digitally signed or even a network request that needs to be scanned for potential threats. Digital trust ensures that these interactive entities are secure and free of “infections”.

These 3 pillars are delivered over digital certificates that work on public-private key pairs. This Public Key Infrastructure or PKI enable organizations to establish their true identity.

Building blocks of digital trust

Standards

Standards define trust for any technology or industry. The CA/Browser Forum is a standards enforcing organization, established in 2005 to consolidate a group of certification authorities (CAs), web browser vendors, web application service providers. Such forums determine the standards that CAs must adhere to so as to be able to offer digital trust.

Compliance and operations

Compliance and operations are a set of activities that actually establish trust. Compliance defines a set of policies and audits that are used to verify whether operations are being conducted as per defined standards declared by a governing authority. Operations, on the other hand, verify the certificate status for certificates delivered by CAs.

Trust management

Digital trust is not a once-done-permanently-done achievement. Trust certificates each have their own validities, the expiry of which is an indication that you need to renew your certificates. Trust needs to be managed as a physical entity and every digital presence needs to establish time and again that they are still compliant with the standards. Nowadays, there are software processes that can automate trust management for you. This reduces your administrative overhead.

Connected trust

Companies need ways to extend trust into more complex, continual ecosystems. For example, some manufacturers want to establish trust for the entire lifecycle of a device they are manufacturing, across an entire ecosystem of third-part software vendors and hardware suppliers. This reduces the complexities of establishing trust for each component of a comprehensive solution.

About DigiCert

DigiCert is the world’s leading provider of digital trust, enabling individuals and businesses to engage online with the confidence that their footprint in the digital world is secure. DigiCert® ONE, the platform for digital trust, provides organizations with centralized visibility and control over a broad range of public and private trust needs, securing websites, enterprise access and communication, software, identity, content and devices. DigiCert pairs its award-winning software with its industry leadership in standards, support and operations, and is the digital trust provider of choice for leading companies around the world. For more information, visit digicert.com or follow @digicert.