BIMI

What is BIMI?

Brand indicators for message identification (BIMI) is a new email authentication protocol facilitating brands to display their logos in customers' email inboxes. The recipient can establish trust and legitimacy with the sender by seeing this emblem in the email next to the sender's name.

BIMI’s purpose is to offer an extra layer of security and legitimacy to email communication, which can help to thwart phishing scams and enhance email recipients' overall user experiences.

Many organizations use email encryption software to further enhance the security of information traveling through email servers.

How does BIMI work?

BIMI allows email senders to show their brand logos alongside their emails in the recipient's inbox. This verifies that the email is authentic and not a phishing attempt, with the logo aiding in building trust and authenticity with the recipient.

Engineers should configure domain-based message authentication, reporting, and conformance (DMARC) authentication for the email sender's domain before using BIMI. Once DMARC is configured, the email sender can add a BIMI record to their domain name system (DNS) that indicates where their company logo is located. The BIMI record also contains guidelines that must be followed for the logo to appear next to the email. 

When a recipient receives an email, the recipient's email client checks to verify whether the DMARC authentication was successful and whether a BIMI record for the sender's domain exists. The client retrieves the sender's corporate logo from the designated location and displays it next to the email in the recipient's inbox if all requirements are satisfied.

Benefits of BIMI

Despite being a strong open system that can distinguish between reliable and unreliable messages, BIMI also has several other business-oriented benefits besides technical ones. 

• Builds customer confidence: Customers will view a brand as more reliable if the email has the associated logo. A similar method lessens the likelihood of transmitted emails being classified as spam.
• Increases email engagement: Because the emails are classified as safe and are not quarantined, there’s a higher likelihood that they will turn into sales for businesses. Customers are more inclined to purchase goods from these companies.
• Provides additional security: Since BIMI and DMARC authentication are being developed together, a multi-layered framework is created, adding a layer of protection.
• Increases trust: Users will be more inclined to open emails marked as safe and coming from well-known sources. The logo serves as visual confirmation of the email's validity.

Features of BIMI

Some of the key features of BIMI include:

• Improved brand recognition: BIMI allows companies to display their logo next to their emails, improving brand recognition and customer trust.
• Authenticated email senders: BIMI uses DMARC to authenticate email senders, helping to prevent email spoofing and phishing attacks.
• Greater control over brand representation: BIMI gives companies greater control over how their brand is represented in email inboxes, ensuring their logo is displayed correctly and consistently.
• Standardized format: BIMI uses a standardized format for displaying logos, ensuring they are displayed consistently across different email providers.
• Improved email deliverability: BIMI requires that senders have a valid DMARC policy, which can improve email deliverability and reduce the risk of emails being marked as spam.

Safety measures implemented by BIMI

BIMI uses brand indicators for domain owners, end users, and mail recipients. However, it’s still vulnerable to security exploits used by malicious hackers. Enforce the following measures to maintain security.

• Metadata in indicator headers: Any metadata should be removed to prevent larger file sizes. It can be accomplished by checking and removing unnecessary data using a message transfer agent (MTA) or mark verifying authority (MVA).
• Slow DNS queries: To prevent attempts by hostile actors to abuse email servers, most of them feature an internal predetermined delay for DNS queries. Additionally, caching allows systems to load previously loaded data without fully connecting to the source.
• Common gateway interface (CGI) scripts in the indicator payload: MVAs and MTAs ensure indicators are a specific size and pass security inspections. Additionally, MTAs occasionally cache indicators and serve them to mail user agents (MUAs) to get around malicious payloads.
• Buffer overflows: The MTA or MVA will look for indicators with huge file sizes and stop them to avert cyberattacks utilizing information overload.
• Unsigned BIMI: The domain owner would encounter numerous difficulties when adding requirements if the sender policy framework (SPF) is used instead of domainkeys identified mail (DKIM) authentication. Additionally, DKIM may be required by receivers using BIMI when determining whether to include a BIMI location header on the sender side. Domain owners must stand well with the MTA to avoid using copycat indicators and domains. As a result, BIMI will send emails to the addressee after authenticating them. To prevent emails from duplicate or fraudulent sources, the receiver keeps a database of reliable sources that will be compared with the incoming emails.

BIMI vs. SPF

Brand indicators for message identification and sender policy frameworks are two different email authentication protocols.

BIMI is a new email standard that enables companies to display their brand logos in the email inboxes of their customers. It requires the implementation of both SPF and DKIM email authentication protocols, along with a verified mark certificate (VMC). 

BIMI is designed to enhance the visual recognition of an email's sender by displaying the sender's logo in the email client's interface.

SPF is an email authentication protocol that checks whether the sender's IP address is authorized to send emails on behalf of a particular domain. Sender policy frameworks help prevent email spoofing and phishing attacks by verifying that the sender can send emails to that domain.

Learn more about spoofing and explore ways to protect against it in an organization.