Email Security and Authentication

The new email authentication frontier: Brand Indicators for Message Identification (BIMI).

minute read

Post Image

Over the last decade or so, marketers have been hard at work implementing Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM), and many have started down the road of implementing Domain-based Message Authentication, Reporting and Conformance (DMARC). But we never sleep on email, so we’re excited by the prospect of an additional frontier of authentication: BIMI.

What is BIMI?

Brand Indicators for Message Identification (BIMI), pronounced “bih-mee,” is a new standard aiming to motivate brands into authenticating all of their mail to protect their users. What’s in it for brands? An additional brand-building touchpoint—BIMI adds a visual indicator in users’ mail clients affirming email is legitimately from a trusted sender. This is similar to the Google+ profile image in place for several years now, but BIMI would allow for a single, unified implementation with a consistent appearance across desktop, mobile, or app interfaces for mail clients.

“There’s a win-win situation: The brand has better exposure and control of their brand and higher engagement on the consumer side, and it’s more secure and we get authenticated emails into our system,” said Marcel Becker, director product management at Oath.

How does BIMI work?

BIMI relies on the email sender to authenticate their mail utilizing SPF, DKIM and DMARC (preferably with a p=reject policy). When an email is validated and DMARC is passed, the recipient’s mail client can query the BIMI record to identify the hosted logo and display it in their UI.

When 250ok was asked if we had any clients willing to participate in the BIMI trial, we discussed it with eHarmony and Furniture Row. These two brands worked with us to successfully move to p=reject DMARC policy, so we knew they understood the value of authentication and only needed to add a BIMI record. After walking them through the steps to add the record and logo, they’re now successfully in beta testing on Yahoo/Oath, and recipients of their emails on both the desktop and mobile versions of these clients see brand logos associated with their emails.

“When there is something we can do to increase consumer confidence and brand awareness, especially something as simple as BIMI, we jump on the chance without hesitation. 250ok already helped us a great deal with inbox deliverability, so when they suggested we take part in the BIMI directive trials, we immediately agreed,” said James Einspahr, digital creative director, eCommerce design & implementation consultant at Furniture Row.

Mobile view:

Inbox view:

Message view:

We’ll keep an eye on these programs’ metrics while in beta testing to determine how consumers will react to seeing these logos.

If you are interested in learning more about our authentication solutions and DMARC monitoring, hit us up.