Have you heard about BIMI? It stands for Branded Indicators for Message Identification, and marketers have been hearing about it a lot in recent months. In this article, I’m breaking down what BIMI is and why it matters to both brands and email marketers.
The Origins of BIMI
Deliverability is a big problem in email marketing. Every day, brands look for ways to improve the deliverability of their messages and ensure those messages land in consumers’ inboxes. Once brands’ messages get to the inbox, the hope is that recipients will actually notice them, open them, and follow the calls to action in them. In other words, there are a lot of ways the path from brand to recipient can go wrong.
For years, cybersecurity companies have been trying to create ways to improve email deliverability for brands. Authentication using SPF, DKIM, and DMARC were introduced to provide ways for domain owners to verify their identities thereby increasing the likelihood that their messages would be delivered properly. At the same time, these standards aimed to keep phishing and spam messages out of people’s inboxes.
Each of these authentication standards does what it was designed to do well. However, they can be challenging, time-consuming, and expensive to set up and maintain. As a result, many companies failed to implement them. Security teams recommend that their companies implement DMARC, but leadership often views it as a low priority cost. For example, it’s estimated that 67% of Fortune 500 companies do not have DMARC policies. The number is even lower for smaller companies.
In an effort to improve email marketing results for brands and boost deliverability, the Authindicators Working Group developed BIMI. The team includes members from cybersecurity company Agari, Comcast, LinkedIn, Microsoft, PayPal, Returnpath, Valimail, and Oath (which is a Verizon subsidiary that operates both AOL and Yahoo). Interestingly, many of the members were involved in the development of the DMARC email authentication standard in 2010-2013.
A BIMI pilot program launched in March of this year with Yahoo and several brands, including Groupon and Aetna, and while it’s still being tested, early results look positive.
What is BIMI?
BIMI provides a way for brands to publish their logos online and make them available for use in email marketing messages, social media applications, mobile apps, and more. Brand safeguards are built into BIMI, so application providers and consumers are protected from impersonation attempts.
Here’s how BIMI works for email marketing from the consumer perspective. When a brand that has verified its logo through BIMI sends an email message, its logo will appear alongside the authenticated message in the inbox as well as within the email message. Keep in mind, the brand’s logo will only be displayed in recipients’ inboxes if the sender’s domain has already been authenticated via DMARC.
Therefore, to set up BIMI, companies must first authenticate their domains via DMARC. Next, companies have to create a supportable logo and host it online so it’s accessible to third party apps, such as email service providers. While only one logo can be used during the pilot program, multiple versions of the logo can be uploaded in the future and used for different email marketing purposes. Next, the BIMI record must be created within the company’s DNS records.
With BIMI, the logo is automatically displayed by the email service provider giving the company additional brand impressions inside the inbox, and recipients instantly know the message is from the actual company.
Benefits of Implementing BIMI for Brands and Email Marketers
The team behind BIMI is hoping companies will take the initiative to implement BIMI because it will pay for itself in the long-term through additional brand impressions and increased brand recognition and trust. Some of the top benefits brands get from BIMI include:
- Impressions: Brands have the potential for “billions of free brand impressions” in third party apps where they don’t currently get them, which leads to greater brand recognition and recall.
- Control: Brands can control their own logos rather than having to contact internet service providers manually to update logos.
- Security: Brands will be the victims of fewer impersonation attempts.
- Automation and Centralization: Brand logos are automatically updated by email and mobile platforms which gives companies flexibility to use different logos for different purposes across third party applications on the fly.
- Engagement: Since recipients will understand that the appearance of the logo means it has been authenticated and the message is actually from the brand, opens, clicks, and overall brand engagement should increase.
- ROI: Authentication adds to the perception of brand trust, which boosts consumer confidence in the brand and should lead to more a higher return on marketing investments.
Keep in mind, BIMI isn’t an email authentication service. It’s a service to make it easy for brands to ensure their logos are correct across platforms. The Authindicators Working Group hopes the branding benefits that BIMI provides (at no cost) will motivate more companies to implement DMARC policies, which means more emails will be authenticated. Ultimately, email deliverability will improve. Together, the team believes DMARC and BIMI deliver a better experience to brands, email service providers, and consumers.
What’s Next for BIMI?
While the BIMI pilot program is only available to a select group of companies and Yahoo mail, it will roll out to more companies and email service providers in the future. In addition, the goal is for BIMI to be the standard used for all forms of messaging, including email, social media, mobile apps, and more. Ultimately, messages in various formats could be authenticated through BIMI.
The Authindicators Working Group is working with pilot participants to test existing features, improve those features, and develop new features, but there are still gaps in the BIMI standard. For example, BIMI doesn’t have a way to verify that an email sender has the legal right to use a specific logo. In the short-term, online certificate authorities will fill the verification role, but a long-term solution is needed.
Companies that are participating in the pilot program have positive things to say about BIMI so far, but only time will tell if the metrics show the investment delivers adequate value through trackable clicks and sales.
However, the concept of brand verification and prioritization isn’t confined to the Authindicators Working Group and BIMI. Microsoft is rolling out its own brand verification process to Outlook.com users who have signed up to participate in its Microsoft Business Profile beta.
Microsoft’s process will give verified business accounts a blue check mark and a profile card that Outlook.com users can click on to view information about the business. This information could include contact information, location, photos, and more. Users could also subscribe to or unsubscribe from business newsletters and view offer details in their message lists without having to open the corresponding messages.
Although, at this time, the Microsoft process does not require DMARC and is not positioned to protect users against phishers that pretend to be legitimate businesses, this move by Microsoft bolsters the argument that the benefits provided by BIMI are becoming increasingly important.