What is a Verified Mark Certificate (VMC)?

A VMC is a digital certificate that verifies the ownership of a trademarked logo. It allows your organization's logo to be displayed in the inbox alongside your sender name for emails sent from your domain, enhancing brand recognition and trust.

Is a VMC always required for BIMI to display a logo?

While not always strictly required by all email clients, a VMC is highly recommended and often necessary for consistent logo display, especially with major inbox providers like Google and Yahoo . It provides the highest level of logo authenticity. You can review the requirements for logo display .

What are the main prerequisites for obtaining a VMC?

The primary prerequisites include having a DMARC policy at enforcement (p=quarantine or p=reject) and owning a registered trademark for the logo you wish to use. The trademark must be registered with a recognized intellectual property office.

How long does it take to get a VMC?

The time required to obtain a VMC can vary depending on the MVA's validation process and how quickly your organization can provide the necessary documentation. It can range from a few days to several weeks, similar to obtaining an Extended Validation SSL certificate.

What happens if my trademark expires or is revoked?

If your trademark expires or is revoked, your VMC will become invalid. MVAs periodically check the validity of trademark registrations, and an invalid trademark will result in the VMC no longer being honored, meaning your logo will cease to display via BIMI.

What kind of organization issues Verified Mark Certificates for BIMI? - BIMI - Email authentication - Knowledge base

Q: Which organizations are authorized to issue VMCs?

VMCs are issued by accredited Mark Verifying Authorities (MVAs), which are specialized Certificate Authorities (CAs). Currently, key issuers include companies like DigiCert and Entrust , among others approved by the BIMI Group.

When we talk about Verified Mark Certificates (VMCs) for Brand Indicators for Message Identification (BIMI), we're discussing a critical component for email security and brand authentication. A VMC is a digital certificate that verifies the ownership of a trademarked logo, allowing it to be displayed next to your sender name in supported email inboxes.

The issuance of these certificates is not handled by just any entity. It requires specialized organizations known as Mark Verifying Authorities (MVAs). These MVAs play a crucial role in maintaining the integrity of the BIMI ecosystem by ensuring that only legitimate, trademarked logos are associated with sending domains.

Understanding which organizations are authorized to issue VMCs, and the process they follow, is essential for any brand looking to implement BIMI and enhance their email presence. It's all about building trust and ensuring your brand's visual identity is correctly and securely presented to your recipients.

The role of Mark Verifying Authorities (MVAs)

Mark Verifying Authorities (MVAs) are the organizations responsible for issuing Verified Mark Certificates. They function as trusted third parties, similar to how Certificate Authorities (CAs) issue SSL/TLS certificates for websites. Their primary role is to rigorously confirm the legitimacy of an organization and its trademarked logo before a VMC is issued.

The process for obtaining a VMC is quite stringent, often mirroring the detailed validation required for Extended Validation (EV) SSL certificates. This strict verification ensures that the logo displayed in an email inbox truly belongs to the sending organization, thereby combating impersonation and improving overall email security. The AuthIndicators Working Group (BIMI Group) provides further insights into MVA qualifications.

A crucial prerequisite for any organization seeking a VMC is that their logo must be a registered trademark. This trademark must be active and registered with a recognized intellectual property office, such as the United States Patent and Trademark Office (USPTO) or the European Union Intellectual Property Office (EUIPO). MVAs will verify this ownership as part of their validation process.

The rigorous validation by MVAs ensures that VMCs contribute significantly to a trustworthy email ecosystem, making it harder for bad actors to impersonate legitimate brands. This layer of verification is what gives BIMI its strength in brand protection.

Key players in VMC issuance

Currently, a limited number of Certificate Authorities (CAs) are accredited to act as Mark Verifying Authorities and issue VMCs. These include industry leaders that have undergone the necessary audits and approvals from the BIMI Group to ensure they meet the strict standards for identity and trademark verification. Two prominent organizations that have been at the forefront of VMC issuance are DigiCert and Entrust. These companies have been instrumental in pioneering VMC availability.

The selection of MVAs involves a thorough accreditation process by the AuthIndicators Working Group. This ensures that only CAs capable of performing robust identity and trademark checks are authorized to issue VMCs. This exclusivity helps maintain the high level of trust associated with BIMI-verified logos.

The MVA validation process includes

Trademark verification: The MVA confirms your organization holds an active, registered trademark for the logo you wish to display, typically in an approved jurisdiction.
Organizational identity validation: The MVA verifies your organization's legal identity and operational existence, similar to the process for other high-assurance digital certificates.
Domain ownership verification: The MVA confirms that your organization owns and controls the sending domain for which the VMC is being requested.

The BIMI Group continues to work towards expanding the number of accredited MVAs, which will make VMCs more widely accessible to organizations globally. For now, it's essential to consult the official BIMI Group website or directly contact known MVAs for the most up-to-date information on accredited providers.

The VMC issuance process in detail

The journey to obtaining a VMC begins with ensuring your logo is properly trademarked. Once that's in order, you'll engage with an accredited MVA to initiate the application process. This typically involves submitting documentation proving your organization's identity, domain ownership, and trademark registration. The MVA then conducts its validation checks.

Example BIMI DNS record with VMCDNS

v=BIMI1;l=https://yourdomain.com/bimi/logo.svg;a=https://yourdomain.com/bimi/vmc.pem;

Upon successful validation, the MVA issues the VMC, which is a digital file (.pem format). This certificate is then hosted on your domain, and its location is referenced within your BIMI DNS record. This record acts as a pointer, instructing supporting email clients like

Google and

Yahoo to retrieve your verified logo. If you're wondering what type of certificate is used, it is specifically a VMC.

While a VMC is not always a mandatory requirement for BIMI logo display with every email client, it is increasingly becoming a best practice, especially with major providers. For example, some providers may display logos without a VMC if the domain has a strong reputation and a DMARC policy at enforcement, but a VMC guarantees the logo's appearance with the highest level of assurance. Learn more about BIMI requirements and implementation. If you're wondering if a VMC is always required for BIMI, the answer varies by recipient.

Why VMCs are crucial for email trust and brand display

The primary benefit of a VMC is the undeniable proof of ownership it provides for your brand's logo. This translates directly into increased brand visibility and recipient trust. When your logo appears consistently and reliably in the inbox, it reinforces your brand identity and assures recipients that the email is genuinely from you, not an imposter.

Email without VMC

Generic avatar: Recipients often see a generic initial or default placeholder.
Lower trust: Lack of visual verification can lead to skepticism about sender authenticity.
Reduced engagement: Emails might blend in, potentially resulting in lower open rates.

Email with VMC

Verified logo: Your trademarked logo is displayed prominently in the inbox.
Enhanced trust: Instantly signals authenticity, improving recipient confidence.
Increased engagement: Improved brand recognition often leads to better email performance.

A VMC complements a strong DMARC policy, which is a fundamental requirement for BIMI implementation. DMARC ensures that your emails are authenticated with SPF and DKIM, protecting your domain from spoofing and phishing attacks. Suped offers robust DMARC monitoring and reporting tools, providing AI-powered recommendations to help you fix issues and strengthen your policy. This unified approach to email authentication and brand display leads to significant improvements in email deliverability.

By adopting VMCs, organizations not only secure their brand but also enhance their overall email deliverability. Email clients are more likely to trust and prominently display emails from domains that have invested in these authentication standards. This commitment to security translates into better inbox placement and improved engagement with your audience. For a more general overview, consider what a Mark Certificate is.

Ensuring brand authenticity in email

Ultimately, Verified Mark Certificates are issued by specialized Mark Verifying Authorities (MVAs), which are essentially accredited Certificate Authorities. These organizations undertake stringent validation processes to confirm both the applicant's organizational identity and the ownership of the trademarked logo. This rigorous approach underpins the trust that BIMI aims to build in the email ecosystem.

Implementing a VMC, in conjunction with a robust DMARC policy, offers significant benefits, including enhanced brand recognition, increased recipient trust, and improved email engagement. By displaying your verified logo in the inbox, you create a more secure and visually appealing experience for your email recipients, standing out from generic avatars and reducing the risk of phishing attacks.

As the email landscape continues to evolve towards greater security and authentication, VMCs will play an increasingly vital role. For any organization serious about protecting its brand and maximizing its email deliverability, pursuing a VMC through an accredited MVA is a strategic investment in their email future. Remember, tools like Suped can help you monitor your DMARC performance and ensure your email authentication is solid.