Authenticated brand logos in Gmail, a security feature that was first announced last July, will be rolling out over the coming weeks, Google announced on Monday. The feature is enabled by the Brand Indicators for Message Identification (BIMI) standard, which Google joined the working group for in 2019.
The idea is that an organization’s logo will show up in your inbox when they send you an email that’s authenticated using the DMARC standard to help reduce the likelihood that you’ll open and act on an email posing as one from a legitimate source. Ideally, the authenticated brand logos will function like a verified badge you might see on social networks that tell you that an account is actually owned and operated by the entity it claims to represent.
Here’s how it works behind the scenes, according to Google:
Organizations who authenticate their emails using Sender Policy Framework (SPF) or Domain Keys Identified Mail (DKIM) and deploy DMARC can provide their validated trademarked logos to Google via a Verified Mark Certificate (VMC). BIMI leverages Mark Verifying Authorities, like Certification Authorities, to verify logo ownership and provide proof of verification in a VMC. Once these authenticated emails pass our other anti-abuse checks, Gmail will start displaying the logo in the existing avatar slot.
Gmail users won’t have to do anything to see the authenticated brand logos, the company says.