2 min

Tags in this article

, , , ,

Google provides full support to BIMI standard in Gmail Application to help email recipients know whether or not the message they are receiving is authentic.

What is BIMI?

Brand Indicators for Message Identification, or BIMI, is a specification that allows companies to display their logo next to the senders’ names as an icon every time they send out an email. It is meant to help decipher whether an email is trustworthy or not.

Google now has full support for BIMI to become part of Gmail. It will help users see the logo to identify whether they received it from an official source or some phisher online.

What else does BIMI do?

The BIMI standard does not just provide a visual cue for recipients. Google’s senior product manager of Counter-Abuse, Neil Kumaran, and Gmail Security’s senior software engineer Wei Chuang explained how this standard would also be helping in improving automated email security systems.

They wrote: “BIMI enables authentication of emails using Domain-based Message Authentication, Reporting, and Conformance (DMARC) — a standard for providing strong sender authentication that allows security systems to perform better filtering and separate legitimate messages from potentially spoofed ones — to validate ownership of their logos and securely transmit them to Google.”

When will Google start rolling out the new features?

Google had introduced the BIMI standard in Gmail last year in a pilot project. Now, they are rolling it out to all their users.

Chuang and Kumaran have stated that there is more to be anticipated from this standard. For example, its designers have planned to expand their support for numerous new validators and logotypes. They said it is crucial, as logos are commonly used for impersonation so that Gmail users can trust the source.

The process

Organizations wanting to avail the BIMI standard on Google have first adopted the DMARC standard. What this entails is registering a valid logo with specific certification authorities. Users will not have to do anything and know that if they see any official symbol, it is confirmed that the message was sent to be an authentic source.