What BIMI does
BIMI is an open standard that enables organisations to display verified brand logos in the inbox preview when a message is delivered. This provides recipients with visual confirmation that an email is genuinely from the brand, helping to distinguish legitimate communications from phishing attempts and spoofed emails. BIMI builds upon existing email authentication protocols like SPF, DKIM, and DMARC, adding a visual layer of trust. The logo is displayed within the inbox preview, similar to how Gmail displays avatars for contacts.
BIMI in Australian tenants today
For AU mid-market organisations, implementing BIMI requires a robust DMARC policy set to 'reject' or 'quarantine' at 100%, demonstrating control over email sending infrastructure. The SVG logo must meet strict TinyPS-Portrait format specifications. While a Verified Mark Certificate (VMC) is optional, it’s increasingly recommended for enhanced security and brand protection. Organisations should factor in the cost of a VMC, balancing brand visibility with ongoing operational expense, particularly given the scrutiny around data security under APRA CPS 234 and the OAIC Privacy Act 2024. Alignment with the Australian Voluntary AI Safety Standard regarding brand impersonation is also relevant.