Google revealed on Monday that authenticated brand logos in Gmail, a security feature first disclosed in July, will be rolling out in the coming weeks. The Brand Indicators for Message Identification (BIMI) standard, which Google joined the working group for in 2019, enables the capability.
The idea is that when an organization sends you an email that is authenticated using the DMARC standard, the logo will appear in your inbox to help lower the possibility that you will open and act on an email posing as one from a valid source. The authenticated brand logos will, in theory, work similarly to the verified badges you might see on social media sites, indicating that an account is genuinely owned and run by the business it claims to represent.
According to Google, here’s how it works behind the scenes:
Organizations who use Sender Policy Framework (SPF) or Domain Keys Identified Mail (DKIM) to verify their emails and use DMARC can give Google their certified trademarked logos via a Verified Mark Certificate (VMC). To validate logo ownership and offer proof of verification in a VMC, BIMI uses Mark Verifying Authorities, similar to Certification Authorities. Gmail will begin showing the logo in the existing avatar area once these verified emails pass our standard anti-abuse checks.
The authorized brand logos will be visible to Gmail users without having to do anything, according to the business.