As email phishing and scam attacks continue to rise, it is becoming increasingly important for companies to take deliberate actions to protect their brand and reputation. Phishing messages have been proven to be the primary entry point for cyber threats, and a strong brand is valuable to criminals. This is where the BIMI standard comes into play, and it's worth getting acquainted with it. BIMI is a new standard for email and marketing communication authentication.

What is BIMI?

BIMI stands for Brand Indicator for Message Identification. It is a new approach aimed at preventing fraudulent attempts and enhancing the credibility of email senders. When fully implemented, it becomes extremely challenging for hackers to impersonate brands in emails and many other future communication applications. BIMI record is a DNS record in a company's name service that specifies which brand logo to display. Once brands are certified and properly authenticated, companies can display their logos next to each customer message, as shown in the example below. BIMI

BIMI is an open-standard

BIMI email authentication has been developed as an open standard, supported by platforms such as Google Mail, Yahoo, Twilio, Comcast, Mailchimp, Apple Mail iOS, Mac, and iCloud, among others. As of the time of writing this article, Microsoft O365 email does not yet support the BIMI standard, although messages sent through Microsoft Dynamics 365 Customer Insights and Salesforce Marketing Cloud do support the standard. It is believed that BIMI will expand to other applications, including social media platforms. Its benefits include:
  • Enhanced communication reliability
  • Better customer engagement
  • Improved security (in conjunction with DMARC records)
  • Easy implementation with new applications
VMC option is a worthwhile investment Some email applications require not only a BIMI record but also confirmation of ownership of the company's logo and a Verified Mark Certificate (VMC). The annual cost for this BIMI option is approximately $1,500, and obtaining it is highly recommended. Considering the reputation management of large companies, this cost is negligible compared to its benefits.

Criticism

Critics of BIMI have argued that the DNS DMARC standard is sufficient for improving email security and that Google's investment in the standard is primarily driven by its own marketing efforts. While it's true that careful domain name management significantly enhances security and reputation management, every company also wants to excel in digital marketing, protect its reputation, and ensure safe electronic interactions with customers. BIMI is a new email authentication standard, and planning its adoption is a worthwhile endeavor.   Hannu Rokka Senior Advisor 5Feet Networks Oy, Helsinki, Suomi linkedin.com/in/hannurokka