BIMI (Brand Indicators for Message Identification) is an email authentication feature established by the BIMI Group that allows brands to display their logo next to email messages in a recipient’s inbox. This extra layer of identification helps combat email fraud and phishing scams while giving subscribers peace of mind about the emails they receive. This builds trust for brands, and in the long run, leads to fewer unsubscribes and boosts overall deliverability.

BIMI has been a topic of conversation over the last 2 years, but actual adoption from both inbox providers and brands has taken off over the last several months. BIMI isn’t a requirement for brands right now but may be in the future. Getting ahead of the game on authentication trends can prevent spam issues when stricter rules are eventually put in place.

BIMI was created by the AuthIndicators Working Group  who has been working tirelessly since 2015 to drive adoption of email authentication protocols. Current members behind BIMI include Google, MailChimp, Yahoo!, and SendGrid, to name a few. The AuthIndicators Working Group has been pushing for Domain-based Message Authentication, Reporting & Conformance (DMARC) compliance for years. DMARC, a protocol that focuses on protecting domains against hackers and helps inbox providers with identifying spammers, is crucial in fighting against brand impersonation.

Since brands have been slow to widely adopt DMARC, why not throw in the ability to show logos to subscribers to entice them? This added feature not only has the benefit for brands to provide more recognition to their subscribers but pushes organizations to fully authenticate themselves for a better user experience. As technology progresses, we are seeing more opportunities for data breaches, putting customer data at risk, which leads to distrust. Although it can be a lengthy setup for some, the benefits outweigh the BIMI implementation process.

BIMI’s Functionality Differs From Inbox To Inbox

Currently all major inbox providers (Apple, Google, Yahoo!) support BIMI with Microsoft (Outlook, Office 365) being one of the only outliers. While BIMI is supported by Apple Mail, there are some nuances that set it apart from other inbox experiences.

With the Gmail and Yahoo! apps, users will see brand logos right next to their messages in their mobile inbox, but Apple Mail app users will have to open the email first to see logos. BIMI also only applies to iCloud account users in Apple Mail. If Gmail and Yahoo! accounts are housed inside of Apple Mail, BIMI will not be visible. From a desktop perspective, it varies whether BIMI appears in the inbox view or once an email is opened.

It is worth noting the importance of having good email deliverability before a BIMI implementation. If you set up BIMI and still are having issues seeing your verified logo, it could be an issue with the audience you are sending to (unengaged contacts) and the content you are providing. Some inbox providers can choose not to fully authenticate you if you are labeled as a spam sender. If you are unsure about your organization’s deliverability, running some health tests before starting the BIMI process is a good first step.

The Benefits Of BIMI Are More Than Cyber Security

One of the main benefits of BIMI is the added protection that no one is impersonating your brand and ensures that your sender reputation is safe. While the extra verifications a brand must go through can be lengthy, it is an important step that can help in the long run. From a subscriber perspective, it gives users the reassurance that the messages they are receiving are truly from your brand and not phishing or spoofing attempts. This is especially valuable for businesses like banks and retailers who house sensitive data.

Additionally, BIMI allows your emails to stand out from other messages in an inbox and encourages people to open the email. It’s very easy to overlook messages that flood your inbox on a daily basis. Having the ability to show your brands logo next to the message is more enticing than a message without a logo. This not only will keep your brand top of mind but will build brand awareness when up against competitors. The awareness you build in the inbox will have both a positive effect on email engagement as well as other channels where your logo is visible (paid media, social, etc.) ensuring a better cross-channel experience.  Implementing BIMI is also a great opportunity to A/B test different logo styles to see which one performs best. Have multiple brands under one umbrella? You can use different logos for different communications in your organization. Remember, the logo area for BIMI is very small. A logo that is text heavy will have to use an abbreviation or find an icon to represent the brand so that it is recognizable in the inbox view.

With more awareness comes better engagement. A 2021 report from Red Sift suggested that adding BIMI could increase email open rates by 21%, increase brand recognition by 18%, and raise the probability of purchasing by 34%. In a study they did on transactional emails, a leading financial investment organization saw a 6% increase in open rates. If there was a way to stand out from competing messages in the inbox, this is it.

Getting Setup With BIMI Is No Easy Feat

While BIMI sounds like a simple concept, it is not so simple to implement. To qualify, an organization must pass certain verifications that work in tandem with BIMI:

  1. Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and DMARC all need to be aligned. These are existing email authentication protocols that many companies already have in place, but the focus for BIMI is mostly on DMARC compliance. This requires lift from IT/development teams that manage the domain name system (DNS) records. There are also companies like Red Sift that can help navigate this process if extra support is needed. If all these protocols are already in place, it is still a good idea to review the setup and ensure it falls in line with BIMI requirements.


  1. An organization needs to obtain a scalable vector graphics (SVG) version of their logo for the inbox display. The requirements for the logo are square aspect ratio, solid background, centered image, and it must be under 32 kilobytes.


  1. Obtain a Verified Mark Certificate (VMC) for the logo by registering your logo as a trademark. Then, a request to either DigiCert or Entrust must be made to receive a VMC. This process can take months if an organization does not already have a trademark. The VMC certificate is good for one year and has a yearly renewal cost of $1,500. VMC is currently only required by Gmail, but with Gmail making up a large percentage of inbox users, it is a recommended step.


  1. Publish the BIMI record to the DNS. This pushes a text file that includes your SVG logo path to your DNS records so that it can be displayed in an inbox. This is a quick and easy step that can be accomplished by IT.


  1. Use the BIMI Inspector tool to check if BIMI is properly configured. If there are still issues with verification, consult with a 3rd party.

BIMI Compliance Offers a Better User Experience

We know that authentication and privacy has been a new trend over the last few years in the mar-tech space. Large organizations like Google and Apple are cracking down on what data can be shared and how messages reach your inbox. It is no surprise that further protocols like BIMI are coming to light to pressure organizations into compliance.

While BIMI isn’t a requirement, organizations are strongly encouraged to implement it. Especially brands who deal with sensitive customer information that are more at risk of scammers impersonating their brand. The end goal of email authentication is to provide a more seamless and safer experience for the end user. Less spam, less data breaches, and brand trust are what users want. Authentication aside, tying your logo into the inbox experience is a great way to set yourself apart from competitors and create brand recognition. Verified logos help grab subscribers’ attention more than those without a logo. A BIMI implementation is a win-win for all parties involved, and it sets the stage for future protocols to come.