Entrust Datacard today announced that it has partnered with Red Sift, a data-driven cybersecurity company focused on scaling essential digital domain security for organizations, to bring Verified Mark Certificates (VMC) to market that support the Brand Indicators for Message Identification (BIMI) email authentication standard rollout.
BIMI is a cross-industry effort to standardize the transmission and use of brand logos in recipients’ emails. As email has become more critical than ever for organizations to connect and communicate with their customers, the ecosystem is looking to BIMI as an opportunity to increase the wide adoption of email authentication while simultaneously providing senders with a way to provide their customers with a more immersive experience. Email recipients would see verified brand logos from BIMI users in their emails.
Using BIMI at the highest level of validation requires a VMC from an authorized Certificate Authority (CA), which works alongside an organization’s Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol policy. In conjunction with the BIMI working group, Entrust Datacard created the initial concept of the VMC, was the primary developer for this offering over the past 3 years, and published the first set of VMCs starting in September 2019.
Adding BIMI instructions to the DNS record allows an organization’s logo to be displayed on email communications that originate from that domain. DMARC provides strong authentication and guidance for identifying spoofed messages.
Entrust Datacard VMCs and Red Sift’s Automated DMARC service Work in Tandem
Entrust Datacard will authenticate an organization’s registered trademark and include this information in a VMC. When strong authentication is implemented with DMARC, the organization’s verified registered trademark logo will automatically display in participating email clients. Red Sift’s OnDMARC service enables organizations to deploy a compliant DMARC policy quickly in order to qualify for BIMI. It works in tandem with Entrust Datacard, serving as the foundational, high-assurance security behind the VMC to provide strong authentication and guidance for preventing spoofed messages.
Google recently announced that it will begin a BIMI pilot in the coming weeks. Entrust Datacard continues to collaborate with the BIMI working group and DMARC providers to support the next phase of BIMI pilots with customers.
“BIMI gives brands a powerful opportunity to build a more immersive experience with consumers. Entrust Datacard helped develop the concept of the VMC with the BIMI working group and issued the first certificates to help our enterprises and institutions deliver these authenticated visual marks to their customers,” said Chris Bailey, vice president of strategy and operations at Entrust Datacard. “In collaboration with DMARC providers like Red Sift, our VMC solution allows organizations to offer a standard, repeatable method for providing the peace of mind their customers are looking for while maintaining BIMI compliance.”
“DMARC is an essential prerequisite for BIMI, yet, most domains with a DMARC policy are not in compliance with the requirements for BIMI. There are hundreds of thousands of organizations vulnerable to email impersonation based phishing attacks due to low levels of DMARC compliance. BIMI is a great opportunity to align marketing, IT and security teams while encouraging the adoption of DMARC compliant email in the industry so that everyone can benefit from safer email.” said Rahul Powar, CEO at Red Sift. “We’ve partnered with Entrust Datacard as a thought leader in building the VMC program and bringing it to fruition. Our highly automated, compliance focused DMARC service paired with Entrust’s VMC services enables us to offer an integrated solution that helps organizations prepare for BIMI.”
The Gmail pilot is designed to help validate the VMC offering before general availability, Which will be scheduled following a successful pilot. Customers can contact Entrust Datacard for information on implementing the requirements for VMC issuance prior to its general availability here: firstname.lastname@example.org.
About Entrust Datacard Corporation
Consumers, citizens, and employees increasingly expect anywhere-anytime experiences — whether they are making purchases, crossing borders, accessing e-gov services or logging onto corporate networks. Entrust Datacard offers the trusted identity and secure issuance technologies that make those experiences reliable and secure. Solutions range from the physical world of financial cards, passports and ID cards to the digital realm of authentication, certificates, hardware security modules and secure communications. With more than 2,500 Entrust Datacard colleagues around the world and a network of strong global partners, the company serves customers in 150 countries worldwide. For more information, visit www.entrustdatacard.com.
About Red Sift
The Red Sift Open Cloud is a data analysis platform that is purpose-built for the challenges of cybersecurity. By harnessing the power of machine learning we securely collate, compute and visualize data from thousands of individual signals to help organizations to optimize their cybersecurity. Our current solutions include OnDMARC and OnINBOX, SaaS applications that work together to offer a complete email security solution that closes the net on the phishing problem by blocking outbound phishing attacks and analyzing the security of inbound communications for company-wide email threat intelligence. Red Sift is a global company providing cybersecurity services to organizations such as TransferWise, Telefonica and top global law firms. For more information, visit www.redsift.com.