Summary
While some sources suggest the end result of using either Entrust or DigiCert for BIMI is similar, distinctions exist in process, security measures, customer service, and user interface. Entrust is praised for strong security and support; DigiCert for user-friendliness and efficient certificate issuance. BIMI implementation relies on VMCs (issued by CAs after legal verification), SPF, DKIM, DMARC, and a BIMI DNS record. Costs for VMCs vary. Successful implementation requires technical expertise in DNS and email authentication. Troubleshooting involves checking DNS records and VMC validity.
Key findings
- Similar End Result, Different Process: The final outcome of using either Entrust or DigiCert may be similar, but the process of obtaining and implementing BIMI certificates can differ.
- Entrust's Strengths: Entrust is known for its strong security features and proactive customer support.
- DigiCert's Strengths: DigiCert is recognized for its user-friendly interface and efficient certificate issuance.
- VMC is Key: BIMI implementation requires a valid VMC, obtained from a Certificate Authority after legal verification of logo ownership.
- Email Authentication Standards: Compliance with SPF, DKIM, and DMARC email authentication protocols is essential for BIMI to function.
- DNS Configuration is Critical: Properly configured DNS records are fundamental to successful BIMI implementation.
- BIMI Cost Factors: While BIMI itself is free to implement, the cost of obtaining a VMC varies depending on the vendor and features included.
Key considerations
- Vendor Evaluation: Carefully evaluate vendor reputation, customer support, pricing, and compatibility with your existing infrastructure.
- Technical Expertise: Ensure you have the necessary technical skills or resources to configure DNS records and implement SPF, DKIM, and DMARC properly.
- Logo Ownership: Verify legal ownership of the brand logo before pursuing BIMI implementation.
- Troubleshooting Resources: Familiarize yourself with BIMI technical details, including DNS record structure and logo validation processes, for effective troubleshooting.
- Cost-Benefit Analysis: Assess the long-term value and benefits of BIMI, considering the cost of the VMC and implementation efforts.
What email marketers say
9 marketer opinions
The key differences between BIMI certificate vendors Entrust and DigiCert appear to be nuanced. Some sources suggest minimal difference in the end result, while others highlight distinctions in process, security measures, customer service, and user interface. Entrust is often praised for strong security and customer support, while DigiCert is favored for its user-friendliness and efficient certificate issuance. The cost can vary, and it's crucial to consider long-term value and support. Implementation also requires careful attention to DNS records and email authentication protocols (SPF, DKIM, DMARC).
Key opinions
- Minimal End Result Difference: Some experts suggest that the ultimate outcome of using either Entrust or DigiCert for BIMI certificates is largely the same.
- Process Variations: The process of obtaining and implementing BIMI certificates may differ between Entrust and DigiCert.
- Entrust Strengths: Entrust is noted for its robust security features, proactive customer service, and comprehensive capabilities.
- DigiCert Strengths: DigiCert is often preferred for its user-friendly interface, efficient certificate issuance, and robust encryption.
- Cost Variations: The cost of BIMI certificates can vary among vendors, emphasizing the importance of evaluating long-term value and support.
Key considerations
- Vendor Reputation: Assess the reputation and credibility of each vendor before making a decision.
- Customer Support: Evaluate the quality and responsiveness of customer support offered by each vendor.
- Pricing and Features: Compare pricing models, available features, and overall value proposition.
- Infrastructure Compatibility: Ensure compatibility with existing email infrastructure and authentication protocols.
- DNS Configuration: Pay close attention to proper DNS record configuration for successful BIMI implementation.
- Email Authentication: Verify the correct setup of SPF, DKIM, and DMARC for email authentication.
Marketer view
Email marketer from Reddit shares that the cost of a BIMI certificate can vary depending on the vendor and the specific features included. While some vendors may offer lower initial prices, it's essential to consider the long-term value and support provided. Investing in a reputable vendor can ensure a smoother implementation process and better email security.
27 Apr 2025 - Reddit
Marketer view
Marketer from Email Geeks explains that there isn't really any difference between Entrust and DigiCert for BIMI certificates. They also mention their employer is an Entrust partner.
20 Jul 2023 - Email Geeks
What the experts say
2 expert opinions
While BIMI itself is free, obtaining a VMC from a CA like Entrust or DigiCert incurs a cost, with pricing varying between vendors. Implementing BIMI successfully requires careful DNS configuration and adherence to email authentication best practices (SPF, DKIM, DMARC).
Key opinions
- BIMI Cost: BIMI implementation is free, but a VMC is required and costs vary by vendor.
- Vendor Pricing: Entrust and DigiCert individually set their prices for VMCs.
- DNS Configuration: Careful DNS configuration is essential for BIMI implementation.
- Email Authentication: Adherence to SPF, DKIM, and DMARC best practices is crucial for BIMI adoption.
Key considerations
- VMC Cost Research: Research and compare VMC pricing directly on Entrust and DigiCert websites.
- Technical Expertise: Ensure you have the technical expertise to configure DNS records and implement SPF, DKIM, and DMARC correctly, or seek assistance.
- Validation: Proper implementation and validation of DNS records and email authentication are crucial for successful BIMI adoption.
Expert view
Expert from Word to the Wise explains that BIMI itself is free to implement, but obtaining a VMC (Verified Mark Certificate) from an authorized Certification Authority (CA) like Entrust Datacard or DigiCert incurs a cost. They also state that these vendors set their prices individually, so it's best to check the exact prices on their websites.
11 Nov 2021 - Word to the Wise
Expert view
Expert from Word to the Wise responds that implementing BIMI requires careful configuration of DNS records and adherence to email authentication best practices, such as SPF, DKIM, and DMARC. Ensuring proper implementation and validation of these technologies is crucial for successful BIMI adoption.
28 Oct 2023 - Word to the Wise
What the documentation says
3 technical articles
BIMI uses VMCs issued by CAs like Sectigo, DigiCert and Entrust to validate brand logo ownership. Implementation requires a valid VMC, SPF, DKIM, DMARC, and a BIMI DNS record. Understanding the BIMI DNS record structure and logo validation process is crucial for troubleshooting and optimization.
Key findings
- VMC Validation: BIMI relies on VMCs to verify brand logo ownership in emails.
- CA Issuance: VMCs are issued by Certificate Authorities after verifying legal rights to the logo.
- Implementation Requirements: BIMI implementation necessitates a valid VMC, SPF, DKIM, DMARC, and a BIMI DNS record.
- Technical Understanding: Understanding the BIMI DNS record and logo validation process is key for troubleshooting and optimization.
Key considerations
- Legal Verification: Ensure you have legal ownership of the logo you intend to use with BIMI.
- Technical Setup: Properly configure SPF, DKIM, and DMARC email authentication protocols.
- DNS Management: Publish a valid BIMI DNS record according to specifications.
- Troubleshooting Resources: Familiarize yourself with the BIMI DNS record structure and logo validation process to effectively troubleshoot any issues.
Technical article
Documentation from DigiCert explains that to implement BIMI, organizations need to meet certain requirements, including having a valid VMC issued by an authorized CA, implementing SPF, DKIM, and DMARC email authentication protocols, and publishing a BIMI DNS record. Meeting these requirements ensures that email clients can securely display the brand's logo in recipients' inboxes.
17 Feb 2024 - DigiCert.com
Technical article
Documentation from Entrust provides technical details on how BIMI works, including the structure of the BIMI DNS record, the process of logo validation, and the interaction between email servers and email clients. Understanding these technical aspects can help organizations troubleshoot issues and optimize their BIMI implementation.
14 Apr 2023 - Entrust.com
Are DMARC RUA and RUF tags mandatory for compliance and what are their benefits?
Are there GDPR concerns related to IP addresses in DMARC reporting?
Do I need a VMC for BIMI to work with Google and Gmail?
How can I check if a domain uses Entrust or Digicert for BIMI, and should I avoid Entrust?
How do I implement BIMI for email verification in Gmail and Yahoo?
Is DigiCert the only working VMC issuer for Google BIMI?
