What are the costs and steps for implementing BIMI (Brand Indicators for Message Identification)?

Key findings

• VMC costs: The price for a Verified Mark Certificate (VMC) can range from approximately $1,000 to $1,900 annually per domain, purchased from accredited certificate vendors.
• Trademark requirement: Acquiring a U.S. trademark for your logo, which is typically a prerequisite for a VMC, can cost between $250 and $600, plus potential lawyer fees.
• DMARC enforcement: A critical prerequisite for BIMI is having a DMARC policy set to an enforcing level, such as p=quarantine or p=reject. Learn more about DMARC, SPF, and DKIM.
• Self-asserted BIMI: While free, self-asserted BIMI (without a VMC) has limited support among major mailbox providers, with Yahoo Mail being a notable exception. For comprehensive support and display across more inboxes, a VMC is generally required. Understand the full implementation steps and requirements.
• Gmail's requirements: Gmail requires a VMC for BIMI logo display, unlike some other providers that may support self-asserted BIMI.
• SVG logo format: The brand logo must be in Scalable Vector Graphics (SVG) format and adhere to specific technical standards, ensuring public accessibility via HTTPS.

Key considerations

• Cost-benefit analysis: Evaluate whether the investment in VMC and trademark fees aligns with your brand's marketing and security objectives. While self-asserted BIMI is free, its limited reach may not justify the effort for some.
• DMARC foundation: Ensure your DMARC policy is at enforcement (p=quarantine or p=reject) before pursuing BIMI, as it's a fundamental requirement. You can find more information in the BIMI Group FAQs.
• Trademark process: Factor in the time and cost associated with registering your logo as a trademark, as this can be a lengthy process.
• SVG readiness: Prepare your logo in the correct SVG format, ensuring it meets all BIMI specifications for optimal display.

Key opinions

• Starting point: Self-asserted BIMI is a common initial step for those wanting to test the waters, even if its major MBP support is limited to platforms like Yahoo Mail.
• Cost concerns: The annual cost of VMCs, often around $1,000 to $1,900, is considered substantial, particularly when factoring in additional trademark fees. The SSL Store provides a good comparison of BIMI certificate costs.
• Trademark essential: A U.S. trademark is seen as a necessary, though relatively affordable (compared to VMC), expense for full BIMI implementation requiring a VMC.
• Gmail's influence: Gmail's requirement for a VMC is a key driver for brands to consider the paid route, despite the current lack of a firm rollout ETA.
• Brand impact: BIMI is widely recognized for its potential to boost brand trust and visibility by displaying a verified logo alongside email messages. Discover more about BIMI's impact on email engagement metrics.

Key considerations

• Phased implementation: Consider starting with a self-asserted BIMI to gain initial experience and observe performance before investing in a VMC.
• Budget allocation: Allocate sufficient budget for both the annual VMC cost and the one-time trademark registration fees.
• DMARC readiness: Ensure your domain has a strong DMARC enforcement policy (p=quarantine or p=reject) as it's a non-negotiable prerequisite. Review the business value and ROI of implementing BIMI.
• Logo preparation: Prioritize the creation and hosting of your SVG logo according to BIMI specifications.

Key opinions

• Self-asserted limitations: Self-asserted BIMI is suitable for initial testing but will not work with all providers, notably Gmail. It requires adherence to SVG and DMARC requirements.
• DMARC enforcement is key: A DMARC policy set to p=reject or p=quarantine (with pct=100 if present) is a non-negotiable prerequisite for BIMI. Ensure you set up DMARC for BIMI.
• VMC for widespread display: While some providers like Yahoo Mail and AOL Mail display logos in various places with self-asserted BIMI, a VMC-backed implementation is crucial for major platforms like Gmail and achieving maximum visibility. Verizon Media provides details on their BIMI support.
• No authoritative Gmail ETA: There is no definitive timeline from authoritative sources regarding Gmail's full public rollout of BIMI support.
• SVG formatting: Adherence to specific SVG requirements, such as SVG Tiny PS, is a critical technical detail. More on validating your BIMI SVG.

Key considerations

• Technical precision: Pay close attention to all technical specifications for BIMI, including DNS record setup and SVG file preparation.
• Trademark and VMC: Understand that the bureaucratic process of trademarking and acquiring a VMC is a significant part of the implementation, both in terms of time and cost.
• Prioritize DMARC: Ensure your DMARC policy is robust and enforcing before proceeding with BIMI. Without it, BIMI simply won't work effectively.
• Selector usage: It's advisable to stick to the standard default._bimi.<domain> selector for your BIMI records, regardless of whether you're using a top-level or sub-domain.

Key findings

• Core purpose: BIMI is designed to enhance email authentication and improve brand recognition through verified logo display.
• VMC necessity: A Verified Mark Certificate (VMC) issued by a qualified Certificate Authority (CA) is required for full BIMI utilization and logo display by all supporting Mailbox Providers, especially for Gmail.
• DMARC prerequisite: Organizations must have DMARC implemented with an enforcement policy of p=quarantine or p=reject on the sending domain. For more information, please see BIMI Group's FAQ for Senders & ESPs.
• SVG specifications: The brand logo must be in SVG format, adhere to specific technical requirements (e.g., SVG Tiny PS), and be publicly accessible via HTTPS. You can find out more about recommended SVG dimensions for BIMI.
• Trademark for VMC: A trademarked logo is generally required to obtain a VMC, ensuring brand legitimacy in BIMI displays.

Key considerations

• DMARC policy rigor: Prioritize achieving and maintaining a strong DMARC enforcement policy as it forms the security foundation for BIMI.
• SVG compliance: Strictly follow the technical guidelines for SVG logo creation to ensure proper rendering across different email clients. Find answers to common questions about BIMI email authentication.
• Certificate authority selection: Engage with a qualified Certificate Authority for VMC issuance, understanding their specific requirements and processes.
• Trademark registration: Initiate the trademark registration process early, as it is a foundational step for VMC acquisition and can be time-consuming.