• by Ray Schultz , Columnist, March 27, 2018

Yahoo Mail will be the first email service provider to test a security standard that allows brand logos to be displayed alongside emails in the inbox list, combining branding with security. 

The new standard -- Brand Indicators for Message Identification (BIMI) -- was developed by Agari, an eight year-old cybersecurity firm, which worked with Comcast, Google, Microsoft and Oath, the parent of Yahoo Mail.

“It’s really DMARC 2.0,” says Pat Peterson, founder and executive chairman of Agari, referring to Domain Message Authentication Reporting And Confirmation (DMARC).  “This marks the start of the next chapter -- not just removing phishing but starting to put trust back in.”

BIMI displays the brand’s logo in real estate controlled by the email application and within the emails themselves.

“The logo doesn’t appear if the email’s not authenticated,” says Peterson.

This reduces the burden on consumers who want to know whether an email supposedly sent by a brand is legitimate: The logos themselves are authenticated.

“I don’t want to spend 15 or 20 minutes doing technical diligence when I get an email,” Peterson adds. “When I get in my car in the morning, I don’t get the brakes checked and bump into a tree to see if the airbag system triggers.”

BIMI may also be useful for government agencies such as the Department of Health and Human Services and the IRS that have a relationship with individuals: Their logos will indicate that the emails can be trusted, Peterson says. 

According to Agari, BIMI also:

• Provides billions of free brand impressions
• Allows brands to publish and control their logos without cumbersome manual procedures.
• Prevents impersonation attempts.
• Automatically updates logos for different product lines, seasons and groups of consumers.

Will this new security scheme work? 

“The technology is as solid as it can be,” Peterson says. “But, sadly, no matter how secure we make it, there will always be a consumer who opens an email from one of the bad guys.

He acknowledges, however, that BIMi may require some consumer education. 

For their part, brands seem to approve of BIMI. Aetna feels that “brand indicators will make it easier to communicate with our customers while making them more resistant to phishing and other fraudulent emails,” states Jim Routh, chief security officer, Aetna. 

Torsten Reinert, senior manager messaging delivery, Groupon, adds that “by increasing consumer confidence in the authenticity of our messages, we believe BIMI will increase response rates, magnifying the power and reach of our marketing efforts.”  

And the ESPs?

“This is a win-win situation; the brand has better exposure, better control of their logo, higher engagement on the consumer side, it’s more secure and Yahoo can authenticate emails in our system,” states Marcel Becker, director of product management for Oath.

Peterson returns the compliment. Yahoo Mail has the “courage and the technical chops to try it,” he says. And he expects that other ESPs will follow suit when they see it works.