Deliverability

Gmail's blue verified checkmarks and BIMI: what you need to know

Whether at work or at home, chances are you’ve received a fair number of unwanted emails from potentially questionable or unauthorized senders. In a world filled with spam, how can consumers be sure the email they are receiving is from a trusted source? Gmail wants to be the email provider that solves that problem by offering consumers a sense of confidence and comfort. In a recent blog post, they announced that, since May of 2023, they have been slowly rolling out a new verified checkmark system. These checkmarks are part of the Brand Indicators for Message Identification (BIMI) protocol that Gmail adopted in 2021. BIMI requires senders to use strong authentication and verify their brand logo in order to display that brand logo as an avatar in emails. Once fully implemented the blue checkmark icon will appear next to the sender’s name to verify their identity, indicating that Gmail has authenticated that the logo belongs to the sender.

Should you want to be blue-check verified?

The short answer is yes, it will give you credibility with your audience and create a better email ecosystem for all of us. The long answer – Gmail’s blue verified checkmarks represent a big win for email authentication and security. Verification makes it easier for readers to distinguish between messages from the senders they want to hear from, such as brands they are loyal to or interested in, and impersonators or scammers.

Being a verified sender will also help with deliverability. We know from past research, that nearly 1 in 6 emails from U.S. senders get sent to spam or blocked,1 so it’s crucial that email marketers keep deliverability at the heart of all their marketing efforts.

Verification gives security a huge boost – but nothing is perfect

Strong email authentication helps users and email security systems identify and stop spam and enables advertisers to fully-utilize brand recognition. The system isn’t foolproof yet, Google is in the early stages of rolling it out. A Gmail user and cybersecurity expert recently caught a bug in the process that allowed a phishing email to slip through as verified.2 Google has since worked to correct the error, but the industry needs to remain vigilant.

Overall, this will be a boon to the entire email marketing world as it increases consumer confidence that they are receiving a personalized, authentic email and not a phishing scam or virus.

Advantages of the blue checkmark

Here are some ways to leverage the blue check mark to your advantage:

  • If you want to boost trust
    The blue check mark signals to the recipient that the message is safe to open and not a phishing attempt. With a sure way to know that an email is safe, recipients will feel more confident to open messages with the blue check. In turn, this can boost engagement metrics, deliverability, and sender reputation.
  • If your goal is to increase credibility
    The biggest benefit of having a blue check mark is that it gives your brand credibility, trustworthiness, and authority. It also creates a sense of comfort for your audience. This is especially important for brands and/or public figures that want to position themselves as thought leaders or experts in their industry.
  • If you want your marketing messages to stand out in the inbox
    The blue check mark helps businesses stand out in the inbox and differentiate themselves from other senders. This can increase the chances of their emails being opened, read and clicked on.
  • If you are looking to leverage brand recognition
    The blue check mark is part of the BIMI protocol, which requires senders to use strong authentication and verify their brand logo in order to display a brand logo as an avatar in emails.

How to get the blue checkmark

1. Implement DMARC with a p=quarantine/reject enforced policy.

DMARC stands for “Domain-based Message Authentication, Reporting & Conformance.” It allows email senders to decide how email providers (AOL, Gmail, Outlook) treat unauthenticated emails coming from their domain. It builds upon the email authentication methods of SPF and DKIM.

SPF (Sender Policy Framework) – verifies that the sender of an email message is authorized to do so on behalf on the domain in the “From” field.

DKIM (DomainKeys Identified Mail) – uses a digital signature to verify that an email message was sent by an authorized sender and that message content has not been altered in transit.

If you need to set up SPF, DKIM, and DMARC, here’s a great guide.

2. Obtain a VMC for your company’s logo from a reputable certificate authority.

A Verified Mark Certificate authority, often known as a VMC, is where Google needs you to register and trademark your logo. DigiCert or Entrust must be used for this. You must then upload the certificate you obtained to your website, make sure it is accessible to the public, and keep a record of it.

You are probably already aware, but for those who aren’t, there is a yearly cost associated with VMC. Ultimately, businesses have to decide where and how to invest their resources. Our recommendation would be that if email is an important channel to you (and it most likely is) it’s a good investment. That being said, we can always chat about that one-on-one if you would like to get in touch.

3. Set up BIMI on your domain.

BIMI (Brand Indicators for Message Identification) is an emerging email standard that allows businesses to display their brand logo within consumer inboxes for authenticated emails. It gives email inbox providers a standardized way to confirm your brand’s identity and pull your brand logos into their platforms and their users’ inboxes.

In order to enroll with BIMI, marketers need a DMARC policy, something Inboxable helps implement and monitor. The Inboxable team can also coach marketers through the BIMI enrollment process which streamlines tasks and makes the whole initiative a bit less daunting.

How to confirm it worked

Use this handy BIMI Inspector tool, and of course, when you receive email on Gmail the blue checkmark next to your name should now appear.

Want to chat more about email marketing best practices? Check out our extensive library of resources or get in touch with one of our Inboxable experts. Our team consists of experienced and dedicated deliverability analysts. We remain focused on keeping our finger on the pulse, digesting the latest and most important information and relaying it directly to our clients.


1 https://www.marketingcharts.com/digital/email-online-and-mobile-112538
2 https://manchesterinklink.com/nh-man-finds-glitch-in-google-security-matrix-potentially-saves-entire-gmailing-world-from-scammers/

Stephen Taunt
Stephen Taunt
Email Marketing Strategist

Stephen Taunt is an Email Marketing Strategist at Data Axle. With over a decade of data and client relations experience under his belt, he has worked within multiple industries ranging from the music business to global aviation media. In his current role, Stephen develops targeted and personalized email marketing strategies that optimize engagement, conversion, and customer retention, while closely monitoring key performance indicators to drive measurable success for clients.