Cybercrime is big business. During 2018, the US economy alone lost over 2.7 billion U.S. dollars due to phishing and network intrusions.
If you are a business owner, it might be time for a cybersecurity revamp to catch up with hundreds of other large corporations, big brands and SMEs in researching and pursuing new strategies. This can minimize the threat of cyber hijacking and other outside cyber-attacks.
We’re already seeing banks making the move into the area of unique domain names with the .BANK extension that brings very strict and mandatory eligibility and security requirements to the fore.
Consider technologies that assist your B2B and B2C marketers while protecting your brand, too. A trending technology that is gaining a lot of traction, and is being labeled as the future of email is BIMI or Brand Indicators for Message Identification.
Already being used by CNN, Groupon, and Aetna to name but a few, BIMI is a tool designed to authenticate your business emails by means of sender verification. It possesses similarities to DKIM (Domain Keys Identified Mail), DMARC (Domain-based Message Authentication, Reporting & Conformance) and SPF (Sender Policy Framework).
How does BIMI work?
BIMI is, in essence, a text record.
It authenticates your business or brand emails by displaying your logo next to your sent message. While this may sound nonsensical, it is an effective safety measure as your hosting provider needs to have the exact location of the logo (which is almost impossible to imitate).
Just as new cloud storage solutions have been praised for their numerous security benefits, the benefits of implementing BIMI are immense and the tech giants seem to agree. Going forward, it’s looking to become an industry standard. Yahoo! Mail is already testing out BIMI while Google has committed to a 2020 pilot program.
The benefits of BIMI
BIMI is the first email identification method that can be seen by your end-users. It is ultimately one of the best security practices for email marketing.
The AuthIndicatator’s Working Group introduced the tool to the world in March 2018. This vendor-neutral committee of companies aims to create a valuable, trustworthy email experience for email users globally. All the while establishing better authentication methods to reduce email fraud.
According to a study by Forrester, the DMARC email authentication protocol that forms its basis already stops millions of phishing attacks every year. In addition to making your brand’s reputation management easier and more effective, it is also protecting your brand against fraud.
BIMI is also proving its worth in email performance. The DMARC protocol boosts email deliverability by ensuring that emails aren’t blocked by receiving servers on suspicions of fraud. This leads to an overall increase in email open rates and higher rates of conversion. By using only the most secure email service providers and making use of a small visual cue to confirm the authenticity of your emails, the BIMI-delivered logo leads to further advantages above your competitors.
BIMI is the first email identification method, that is visible to your end-users (Link to image)
How can I implement the BIMI Standard?
The BIMI text record depends on your sending server and follows a specific format that is very similar to other email authentication formats such as DMARC, DKIM, and SPF. This effectively stops spam and phishing filters in its tracks. Once your recipient receives an email from you, their email service identifies the BIMI SVG file and its location and verifies the email.
After the verification process has been completed, the BIMI file points the recipient’s email service to the SVG file or brand logo and their service pulls it into their inbox. BIMI implementation is fairly straightforward, but there are some important steps you should take in order to ensure seamless implementation.
- Ensure all your email authentication standards are set up
The BIMI email standard should be set up after all your other email authentication standards have been put in place. These include:
- SPF: The SPF or The Sender Policy Framework certifies that the sender’s mail IP address is on the domain’s whitelist.
- DKIM: The DomainKeys Identified Mail (DKIM) validates email messages.
- DMARC: The Domain-based Message Authentication, Reporting & Conformance (DMARC) will check the ‘From’ field of emails authenticated by SPF and DKIM and makes sure that ‘From’ is visible on the user’s end.
- ARC: ARC or the Authenticated Received Chain helps to improve how DKIM and SPF results are passed between mail servers, even if an email has been forwarded multiple times.
- Ensure a good sender reputation
Even if you’ve implemented the BIMI standard correctly, your logo may not show up next to your emails right away. Your emails need to have a solid IP reputation, a domain on an ICANN-approved registrar, and exceptional engagement rates -which includes your open and click-through rates. If you know that you are lacking in that area, creating new content, and revising your marketing strategies can help ensure that your emails get opened and read.
- Choose a square logo with the correct resolution
You can choose one logo for each of your domains. Each logo should be square and properly aligned. The format has to be .SVG or it will not be verified and displayed. Also make sure that there is no tagline or any form of text on the logo file.
- Acquire a Verified Mark Certificate (VMC)
A VMC or Mark Verifying Authority issues a Verified Mark Certificate that validates your brand logo attached to your specific domain. This is not one of the compulsory prerequisites, but it has been rumored that it might become a requirement sometime during 2020.
- Publish your BIMI
Once you have finalized your set up of your BIMI record with an appropriate logo and the VMC, the BIMI record will be published into your Domain Name Service or DNS.
It is a fact that authenticity leads to trust. Implementing a BIMI standard will help your brand to gain the trust of your consumers and sustain their loyalty. While the BIMI standard is not the industry standard yet, we believe mass adoption will occur during 2020 as Google and other tech giants start executing their BIMI programs.
About the Author:
Samuel Bocetta is a former security analyst for the DoD, having spent 30-plus years bolstering cyber defenses for the Navy. He is now semi-retired and educates the public about security and privacy technology. Much of his work involved penetration testing Navy ballistic systems. He analyzed networks looking for entry points, then created security-vulnerability assessments based on findings. He also helped plan, manage and execute sophisticated “ethical” hacking exercises to identify vulnerabilities and reduce the risk posture of enterprise systems.