What are the benefits of using CMC certificates for BIMI logos?
Matthew Whittaker
Co-founder & CTO, Suped
Published 23 Apr 2025
Updated 17 Aug 2025
7 min read
For years, Brand Indicators for Message Identification, or BIMI, has offered a powerful way for brands to display their logo next to their email messages in supporting inboxes. This visual cue helps recipients quickly identify legitimate senders and can significantly boost trust and recognition. However, a major hurdle for many organizations was the requirement to have a Verified Mark Certificate (VMC), which necessitates a registered trademark for the logo.
The landscape recently changed with the introduction of Common Mark Certificates (CMCs). CMCs offer a more accessible path to BIMI adoption, removing the strict trademark requirement and opening up logo display to a much broader range of businesses. This update promises to democratize email branding and authentication, making it easier for almost any sender to benefit from a verified logo.
What are common mark certificates?
A Common Mark Certificate (CMC) is a digital certificate that verifies the ownership and usage rights of a brand's logo. Unlike the traditional VMC, a CMC does not require the logo to be a registered trademark. Instead, it relies on proof of prior public use, making it an ideal solution for small and medium-sized businesses, non-profits, or any organization whose logo is not formally trademarked. This greatly expands the eligibility for BIMI.
This shift is monumental for the email ecosystem. Previously, the high cost and complex process of trademark registration, along with obtaining a VMC, limited BIMI's reach primarily to large enterprises. By simplifying the verification process, CMCs enable more senders to leverage the visual authentication benefits of BIMI, which ultimately strengthens trust across the entire email channel. This aligns with ongoing efforts to improve email security.
The underlying principle of CMCs is to provide a standardized, verifiable method for brands to assert logo ownership. This verification helps email providers confirm the legitimacy of the sender's brand image, reducing the likelihood of phishing and brand impersonation. It’s a pragmatic approach to foster greater trust without imposing overly burdensome requirements.
Expanding brand reach and trust
The primary advantage of using a CMC for your BIMI logo is significantly enhanced brand visibility. Your logo appears prominently next to your sender name in supported inboxes, immediately catching the recipient's eye. This visibility can lead to increased brand recall and recognition, making your emails stand out in crowded inboxes. It’s a direct visual cue that reinforces your brand identity with every message.
Beyond visibility, CMCs contribute to greater trust and user engagement. When recipients see a verified logo, they are more likely to perceive the email as legitimate and safe, which can lead to higher open rates and click-through rates. This increased engagement is a direct result of the confidence instilled by verified sender identity. For more on the requirements and benefits of BIMI, see our guide on BIMI's benefits and requirements.
From a practical standpoint, CMCs offer a more cost-effective and faster implementation pathway than VMCs. Avoiding the need for trademark registration saves both time and legal expenses, making BIMI accessible to a wider array of businesses. This lower barrier to entry means more organizations can benefit from displaying their verified logo without significant upfront investment or delays. This is crucial for brands looking to enhance their email presence efficiently.
CMC versus VMC: a detailed look
While both CMCs and VMCs serve the purpose of displaying your brand logo in the inbox, they differ significantly in their verification processes and the level of trust they convey. A VMC (Verified Mark Certificate) requires a government-registered trademark, which provides the highest level of assurance that the logo genuinely belongs to the sending entity. In contrast, a CMC relies on demonstrating prior public use of the logo.
Common mark certificate (CMC)
Trademark requirement: Not required for the logo itself, but proof of consistent public use is necessary.
Verification process: Verified by a Certificate Authority based on documented prior use, as outlined by the BIMI Group.
Visual indicator: Displays the verified logo in supporting inboxes like Gmail. No blue checkmark.
Cost and speed: Generally lower cost and faster to obtain due to less stringent requirements.
Verified mark certificate (VMC)
Trademark requirement: Requires a registered trademark of the logo with an approved intellectual property office.
Verification process: Rigorous verification of trademark ownership by a Certificate Authority.
Visual indicator: Displays the verified logo and a blue checkmark, indicating a higher level of authentication.
Cost and speed: Higher cost and potentially longer process due to trademark registration and verification.
While a VMC provides the strongest assurance with the visible blue checkmark, CMCs still deliver substantial benefits. They allow businesses to achieve brand visibility and increase trust without the significant investment required for a trademark. This makes BIMI more equitable and attainable for a wider range of senders, leading to broader adoption of this important email standard. You can read Google's announcement about their support for CMCs here.
The introduction of CMCs demonstrates the email industry's commitment to making email more secure and trustworthy for everyone. It acknowledges that not all legitimate businesses have registered trademarks but still deserve a way to verify their brand identity in the inbox. For more details on the differences, refer to our comparison of VMC and BIMI pricing and approach.
Steps to implement BIMI with a CMC
Implementing BIMI with a CMC involves several crucial steps, similar to a VMC but with the adjusted logo verification. First and foremost, your domain must be fully DMARC compliant with an enforced policy, meaning a DMARC policy set to p=quarantine or p=reject. This foundational authentication ensures that only authorized emails from your domain are delivered. Without a strong DMARC policy, BIMI cannot be implemented.
Next, you need to obtain your Common Mark Certificate from a recognized Certificate Authority (CA) that issues CMCs. This process will involve demonstrating prior consistent public use of your logo. Your logo also needs to be formatted as an SVG file and hosted on a secure, publicly accessible URL. The SVG format is essential for scalability and proper display across different email clients.
Finally, you will publish a BIMI record in your domain's DNS. This TXT record specifies the URL of your SVG logo and the URL of your CMC. Once published, supporting email clients will be able to retrieve and display your verified brand logo. For a detailed guide, refer to our article on how to set up BIMI with a CMC.
Common Mark Certificates represent a significant leap forward for email branding and security. By making BIMI more accessible to a wider range of organizations, CMCs empower more businesses to leverage verified logo display, fostering greater trust and visibility in the inbox. This increased accessibility helps combat phishing and impersonation, making email a safer and more recognizable communication channel for everyone.
While the blue checkmark of a VMC still denotes the highest level of trust due to trademark verification, the benefits of CMCs in terms of broader adoption, enhanced brand recognition, and improved engagement are undeniable. They are a practical and effective solution for businesses ready to elevate their email presence and bolster their email security posture. Strong email authentication, including SPF, DKIM, and DMARC, remains the essential foundation for BIMI, whether you use a CMC or VMC.
Views from the trenches
Best practices
Ensure your DMARC policy is at p=quarantine or p=reject before pursuing a CMC.
Prepare your logo in the exact SVG format required by BIMI specifications for smooth implementation.
Host your BIMI SVG logo on a secure URL, typically HTTPS, to avoid display issues.
Common pitfalls
Forgetting to properly implement DMARC, SPF, and DKIM, which are foundational for BIMI.
Using a logo that does not meet the specified format or public accessibility requirements.
Expecting a blue checkmark with a CMC, as this feature is exclusive to VMCs.
Expert tips
Leverage BIMI with a CMC to enhance brand recognition even without a registered trademark.
Monitor your DMARC reports closely to ensure proper email authentication alignment.
Keep an eye on evolving BIMI standards and client support for new certificate types.
Expert view
Expert from Email Geeks says that Google's support for CMC certificates significantly simplifies the process of obtaining a BIMI logo, as a trademarked logo is no longer a strict requirement.
2024-09-25 - Email Geeks
Marketer view
Marketer from Email Geeks says that they had to immediately update their client documentation regarding BIMI steps after hearing about CMC support, highlighting how quickly the landscape changes.
Verified by a Certificate Authority based on documented prior use, as outlined by the BIMI Group.
Displays the verified logo in supporting inboxes like Gmail. No blue checkmark.
