Combining Brand Visibility, Deliverability and Email Security

Romina Gansbühler: Our target group is women of the age 50+. In many cases, this demographic is not really familiar with the concept of being careful of suspicious-looking emails, and unfortunately sometimes they can be a little too credulous. As a result, we were looking for a way to protect our customers from phishing and spoofing.

BIMI (Brand Indicators for Message Identification) stands for trust. Our customers can see our logo in their inbox and can be sure that this email was really sent by us.

A nice side-effect is that the brand itself gains a lot more visibility in the inbox. And don’t forget: this is not only good for customers – employees can also be protected. In summary, BIMI can only be helpful for any company!

Gansbühler: If you want to use BIMI, you have to do your homework. There must be an authentication system, so that the email provider can be sure you are who you say you are. To achieve this, you have to implement the security standards SPF and DKIM (which really should already be implemented – but if they aren’t then this is step one).

Then DMARC can be started. After a short period of observation, you can switch the DMARC policy from “none” to “reject”. This means that all unauthorized emails will be blocked. These are the basic requirements to implement BIMI.

Now it’s time to set the BIMI record in the DNS. For this, you need the logo in a svg-format. It has to be square and have a solid background. Please make sure that the logo is hosted at the same domain for which you want to implement BIMI. The record itself is standardized. You just put in the URL of your logo. It is best to contact your domain administrator here. If your ESP also has access to the domains, they can help you too. Our big supporter was Florian Vierke from MAPP. He and his great knowledge were very helpful for us in this project. 
So that’s it – the email provider will need a few days to authenticate you and to build a basis of trust.

If additional email providers decide to integrate BIMI, you can just lean back and watch, because they will automatically recognize your BIMI record.

An additional task can be to create added awareness for IT security in your company. Security often tends to be an uncomfortable topic, and few people like to talk about it. But people need to realize that priorities must be very high on this topic for all company members, in order to prevent data theft.

Gansbühler: The combination of BIMI and the other standards that come with it helped us to reduce the number of cyber attacks. Cyber criminals have noticed that our level of Internet security is very high. They put almost no effort into attacks in our company’s name, because they are no longer successful. So they have turned their focus now to companies with fewer security barriers.

Another positive finding is that our deliverability is flawless. There are no spam problems and consistently high open rates at the supporting providers. Our emails are automatically delivered to the inbox and, with the logo on display, our mails are of course much more eye-catching than before.

Gansbühler: Just do it! There is a bit of maintenance on your side but it’s free of charge, so no budget can be in the way. You can protect your customers from cyber crime, you get more brand visibility, and delivery into the inbox is guaranteed. 

Members of email marketing and IT security worked on this project as a team. Everyone thought outside the box and that was a great combination. We can highly recommend involving these two groups of experts.

Altogether, BIMI combines great benefits for deliverability and email security!

Romina joined the Email Marketing team of the Witt-Gruppe three years ago. She is responsible for the Email Marketing and the Push Marketing in the Dutch market, the Slovak market, and in Germany. In addition to the development of newsletter campaigns, she has a focus on deliverability and Internet security. Therefore, she was part of the launch of DMARC and BIMI as a new security standard, to protect their customers from phishing mails.