BIMI (Brand Indicators for Message Identification) has gotten another boost with Thursday’s announcement that Entrust Datacard is partnering with Red Sift to bring Verified Mark Certificates (VMCs) to market.
Red Sift is a cybersecurity company that focuses on scaling digital domain security for organizations. Entrust offers trusted identity and secure issuance technologies
BIMI allows domain owners to “publish their logo in DNS, so mailbox providers can use that logo alongside any authenticated emails that they receive from that domain,” Valimail states. But they must first deploy DMARC (Domain-based Message Authentication, Reporting and Conformance) at the enforcement level.
To use BIMI at the highest level of validation, a brand must have a VMC from an authorized Certificate Authority (CA). Entrust Datacard says it published the first VMCs last fall.
In effect, the VMCs validate that the brand owns the logo.
Google announced on July 21 that it is starting a pilot with a limited number of senders. Entrust Datacard is one of two CAs that will validate logo ownership. The other is DigiCert.
Entrust says the Gmail pilot will help validate the VMC offering prior to general availability. Gmail is the second ESP to embrace BIMI, the first being Yahoo!.
The AuthIndicators Working Group that is working on BIMI includes such high-powered tech companies as Google, Yahoo, Twilio, Comcast, Valimail, 250ok and ReturnPath.
"As BIMI expands to more and more mailbox providers, VMCs will likely become a requirement everywhere," says Seth Blank, chair, AuthIndicators Working Group and VP standards and new technologies, Valimail. "This is a welcome development, because it provides a reliable, secure, scalable way to authenticate logos, alongside the sender authentication provided by DMARC at enforcement."