News & Views

Embracing BIMI security

Market leader in phishing defense for the enterprise, Agari (www.agari.com) by HelpSystems (www.helpsystems.com) is introducing the Agari Brand Protection solution for Domain Message Authentication Reporting & Conformance (DMARC) email authentication to help customers take advantage of Google’s newly launched support for BIMI in Gmail.

Brand Indicators for Message Identification (BIMI) is an industry-wide standards effort to increase email security at a time when cyber theft and hacking are on the rise.  BIMI builds on the DMARC standard to allow Gmail and other mailbox providers to display a brand’s verified logo to signify the sender’s domain has been authenticated. This visual cue indicates the email is from a trusted entity and is safe for recipients to open.
 
Sophisticated email phishing campaigns are designed to fool users into clicking on what looks like a legitimate message from a company they know, when it is in fact a ploy for a cybercriminal to trick the recipient into transferring funds or revealing credentials that allow the hacker to gain entry into the recipient’s system to launch malware.

“BIMI builds on growing expectations to display verified logos alongside authenticated email messages and shows a sender is doing everything possible to secure the emails coming from their domain,” says Ciaran Rafferty, Managing Director of Email Security, HelpSystems.  “Agari has long been a leader in the email security community.  Many well-known companies already look to Agari Brand Protection to automate and simplify their DMARC email authentication, and now we’re making it easy for our customers to get additional benefit from BIMI on their domain.”
 
DMARC is the first step in the BIMI process as it allows email senders to prove they are authorised to send messages from that domain.  Validation of logo ownership is a sister component, whereby a certification authority such as Agari partner Entrust provides a Verified Mark Certificate (VMC).  With its newly enhanced support for VMC, the Agari solution makes it easy for IT or security teams to manage everything Gmail requires to display the logo: DMARC and related records in the domain name system (DNS), the logo image, and the VMC.  While the company sending the email can set up DMARC and BIMI, the Gmail platform ultimately makes the determination that the email has passed all security checkpoints and can be trusted, ultimately enabling the logo to display in the Gmail user’s inbox.