Gmail to Start Testing Brand Logo Validation System for Emails - MacRumors
Skip to Content

Gmail to Start Testing Brand Logo Validation System for Emails

by

Google this week announced several new security features for its G Suite services, and the most notable for Gmail users is a pilot of an email specification that allows brand logos to display within authenticated emails.

gmail logo display
Brand Indications for Message Identification (BIMI) is developed by the AuthIndicators Working Group, and requires emails to pass Google's anti-abuse validation, after which it brands the incoming message with a logo of the company that sent it.

Our BIMI pilot will enable organizations, who authenticate their emails using DMARC, to validate ownership of their corporate logos and securely transmit them to Google. Once these authenticated emails pass all of our other anti-abuse checks, Gmail will start displaying the logo in existing avatar slots in the Gmail UI.

By authenticating messages using the existing DMARC system and requiring strong authentication, the spec aims to give users and email security systems increased confidence in the source of emails while creating a trusted brand presence.

Google says it will be starting the BIMI pilot in the coming weeks with a limited number of senders. To learn more about BIMI, you can visit the working group's website.

Tag: Gmail

Popular Stories

Gmail General

Don't Like Your Gmail Email Address? You Can Finally Change It

Tuesday March 31, 2026 7:31 am PDT by
Google today announced that you can finally change the Google Account email address that you use for Gmail, Google Calendar, Google Photos, Google Drive, and more, but this ability is only rolling out to U.S. accounts for now. The company did not indicate if or when this functionality will be available in other countries. You can switch to any available @gmail.com address, and your previous...
Read Full Article73 comments
Gmail General

Gmail End-to-End Encryption Comes to iOS for Workspace Users

Friday April 10, 2026 5:45 am PDT by
Google has expanded Gmail's end-to-end encryption for Workspace users to iOS and Android, allowing mobile users to compose and read encrypted messages natively within the Gmail app for the first time. The feature is part of Gmail's client-side encryption (CSE) offering, which until now was limited to desktop. According to Google's Workspace update, users no longer need to download additional ...
Read Full Article14 comments
Four iPhone 18 Pro Colors Mock Feature

iPhone 18 Pro Launching in September With These 10 New Features

Monday April 20, 2026 7:13 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are not launching until September, there are already plenty of rumors about the devices. It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component will be moved under the...
Read Full Article48 comments

Top Rated Comments

U
Unggoy Murderer
75 months ago
Maybe Google should have a chat with Twitter about how well these "verification" systems work.

Also, I'm sure there's some subtle irony in using CNN in their graphic...
Score: 8 Votes (Like | Disagree)
B4U Avatar
B4U
75 months ago
Hey, Google. No need to remind everyone that you peek at the emails. 🤣
Score: 4 Votes (Like | Disagree)
3
3329783
75 months ago
authentic fake news.
Score: 3 Votes (Like | Disagree)
Dezryth Avatar
Dezryth
75 months ago
Certified verified fake news straight to my Inbox?? Thanks Google! :P
Score: 2 Votes (Like | Disagree)
4
4487549
75 months ago
Glad to see Google authenticating their customers
Score: 2 Votes (Like | Disagree)
A
[AUT] Thomas
75 months ago
Oh, yes... BIMI. It's useless without VMC (Verified Mark Certificates), possibly even creates false security...
Why? It doesn't protect from lookalike domains. Everyone can setup a lookalike domain like "macrumrs.com" and setup BIMI on that, put the MR logo. SPF, DKIM, DMARC... all of that will pass with flying colors. S/MIME signing has the same issue.

As for BIMI: We don't need any further protection from fake "FROM:" emails. Spoofed emails end up in the junk anyway thanks to SPF and possibly DKIM.

All of this nonsense could be eliminated when the sending server simply signs the emails using a (manually) validated cert for the sending domain.

However, there are to many backward people that think that, before touching the core of the mail-server they rather build another system around it. For example, Microsoft doesn't even support DKIM on Microsoft Exchange Server.
Score: 1 Votes (Like | Disagree)
Read All Comments