As part of a series of security updates to G Suite announced this week, Google says it’s piloting a new standard for email authentication that will display a company or brand icon next to email that Google has verified as legit—a measure that may help curb phishing and other malicious activity from bad actors.
With the Brand Indicators for Message Identification standard, Google will begin displaying brand logos—from organizations with emails already authenticated using the DMARC system—in those little user icon bubbles in Gmail. In order to have their brand logos appear in your inbox and signal to you that the sender is who they say they are, brands will have to pass an anti-abuse vetting process, which the company said would involve a validation process from a pair of certification authorities, Entrust Datacard and DigiCert.
This verification process should help curb phishing attempts and help users better identify when an email is coming from someone legit and not, say, a scammer trying to steal your shit. Google said it would be kicking off the pilot “in the coming weeks with a limited number of senders,” though BIMI could be adopted more widely later on down the road.
Seth Blank, chair of the AuthIndicators Working Group and VP of Standards and Technologies at Valimail, said in a statement that for those senders “that want to create a trusted brand presence over email, BIMI is a great opportunity, incentivizing them to implement strong authentication, which in turn will lead to a safer, more trusted email ecosystem for everyone.”