Summary
The attestation of a trademark for a Verified Mark Certificate (VMC) is a multi-faceted process, primarily involving the legal owner of the trademark and a Certificate Authority (CA). While someone who can officially represent the company (e.g., legal counsel, executive) is essential, the CA plays a crucial role in validating the organization's identity, legal existence, trademark ownership, and logo. They ensure compliance with industry standards and protect against fraudulent use. Documentation is required to prove rightful ownership, and the specific validation process varies between CAs and Mailbox Providers (MBPs). Although self-assertion is an evolving aspect of BIMI, a VMC provides enhanced credibility. Some sources suggest legal counsel or registration alone may suffice, but the consensus leans toward CA validation for robustness and compliance.
Key findings
- Legal Owner: The legal owner of the trademark must ultimately attest to its validity.
- Certificate Authority (CA): A CA validates the organization’s identity, trademark ownership, and logo.
- Official Representation: Someone who can officially represent the company (e.g., legal counsel, executive) is usually required.
- Documentation Needed: Official records and documentation are required to prove trademark ownership.
- VMC Benefits: VMC's provide brand protection and enhanced credibility compared to self-assertion.
Key considerations
- Identify Representative: Determine who within your organization can legally represent the company.
- Choose CA Carefully: Select a reputable Certificate Authority with a thorough validation process.
- Prepare Documentation: Gather all necessary documents to prove trademark ownership.
- Monitor MBP Policies: Stay informed about Mailbox Provider policies regarding VMC and BIMI.
- Cost of VMC: Evaluate costs associated with a VMC against risks without it
What email marketers say
7 marketer opinions
Attestation for a Verified Mark Certificate (VMC) primarily involves verifying the legal ownership of a trademarked logo. Various sources indicate that while the organization legally owning the trademark is critical, the process is often facilitated by a Certificate Authority (CA). The CA validates the applicant’s identity, trademark registration, and business details to ensure that only legitimate trademark holders can use the logo in email. While some suggest that legal representation or simply the trademark registration might suffice, the prevailing opinion highlights the CA's role in attesting the trademark's validity and protecting brand reputation.
Key opinions
- Trademark Ownership: Legal ownership of the trademark is a fundamental requirement for VMC attestation.
- Certificate Authority Role: A Certificate Authority (CA) typically validates the applicant's identity, trademark, and business details.
- Phishing Prevention: VMCS help prevent phishing by ensuring that only authorized senders use the logo.
- Validation of Identity: Before attestation, the registration of the company must be validated
Key considerations
- Legal Verification: Ensure the trademark is legally registered and that you have documentation to prove ownership.
- Choosing a CA: Select a reputable Certificate Authority to handle the validation and attestation process.
- Implementation: Ensure you have the ability to implement the changes
Marketer view
Email marketer from DNSrecords mentions that a registration of the trademark is sufficient to attest to it
22 Apr 2024 - DNSrecords.io
Marketer view
Marketer from Email Geeks argues that without the VMC, it would be really easy to buy a domain similar to a legitimate one, enforce DMARC, self-assert a logo, and start phishing people.
20 Jun 2021 - Email Geeks
What the experts say
6 expert opinions
The attestation process for a Verified Mark Certificate (VMC) involves multiple layers of verification and varies based on the company and Mailbox Providers (MBPs). It's generally agreed that someone who can officially represent the company, such as legal counsel or an executive, is required. A Certification Authority (CA) validates the organization's logo, trademark, and identity before issuing a VMC. This ensures brand protection and helps prevent phishing. The AuthIndicators Working Group aims to expand BIMI accessibility, while MBPs individually decide whether to accept self-asserted logos or require VMC-signed mail.
Key opinions
- Company Representative: Attestation typically requires someone who can officially represent the company, such as legal or an executive.
- CA Validation: A Certification Authority (CA) validates the organization's logo, trademark, and identity.
- MBP Variation: Mailbox Providers (MBPs) have different policies regarding self-asserted logos versus VMC-signed mail.
- VMC and Trademark Link: A VMC is linked to a trademark; both are generally needed.
Key considerations
- Legal Authority: Identify who within your organization has the authority to officially represent the company for trademark matters.
- CA Selection: Choose a reputable Certification Authority for validation and attestation.
- MBP Policies: Be aware that different Mailbox Providers may have different requirements for logo display.
- BIMI Accessibility: While a VMC is the gold standard, self-assertion options may become more prevalent as BIMI evolves.
Expert view
Expert from Email Geeks shares that the AuthIndicators Working Group is exploring options to expand into other forms of identification and logo support to make BIMI more accessible to more senders. This is why "self assertion" was built into the standard, but it is up to the mailbox providers to decide if they will consider self asserted logos, or the higher bar of VMC signed mail.
20 Jun 2021 - Email Geeks
Expert view
Expert from Email Geeks clarifies that a VMC and a trademark are linked and both are needed. However, one can self-assert and sign without a VMC, but not all mail will display the BIMI logos, as the rules vary between Mailbox Providers (MBPs).
25 Jun 2023 - Email Geeks
What the documentation says
5 technical articles
All documentation consistently states that for a Verified Mark Certificate (VMC), the applicant must prove rightful ownership of the trademarked logo. This involves providing official records for validation by a Certificate Authority (CA). The CA acts as the attesting party, performing legal checks on the applicant's identity, trademark ownership, and the organization's legal existence. The entire process aims to ensure that only legitimate trademark holders can use the logo in email, which helps protect users from phishing.
Key findings
- Rightful Ownership: Applicants must prove they are the rightful owner of the trademarked logo.
- Official Records: Proving ownership requires providing official records and documentation.
- CA Validation: A Certificate Authority (CA) validates the applicant’s identity and trademark ownership.
- Legal Checks: The CA performs legal checks on the information.
- Phishing Protection: The process ensures only legitimate trademark holders can use the logo in email, protecting users from phishing.
Key considerations
- Documentation Preparation: Prepare all necessary official records and documentation to prove trademark ownership.
- CA Selection: Select a reputable Certificate Authority for validation and attestation.
- Validation Process: Be prepared to undergo a thorough validation process by the CA.
Technical article
Documentation from Entrust.com states that the applicant must prove they are the rightful owner of the trademarked logo when applying for a VMC. This involves providing official records or documentation that shows their legal ownership and right to use the logo for email authentication.
30 Oct 2022 - Entrust.com
Technical article
Documentation from DigiCert.com explains that a VMC is issued after verifying the applicant’s identity and trademark. This process ensures that only legitimate trademark holders can use the corresponding logo in email, protecting users from phishing.
21 Jul 2021 - DigiCert.com
Does a VMC SVG logo need to exactly match a trademarked logo?
How can I expedite the VMC certificate issuance process?
How can I prepare a logo for BIMI/VMC without using Adobe Illustrator?
How do I set up BIMI? Is a VMC certificate always required?
Is VMC mandatory for BIMI implementation?
What are the requirements and alternatives for implementing BIMI with VMC certificates, especially regarding trademark jurisdiction and costs?
