Email Marketing & Email Marketing Automation

Protecting Your Brand and Reputation in Email Marketing with Verified Mark Certificates (VMCs)

Email marketers understand that a successful campaign is about much more than delivery and messaging. It’s about engaging prospects and forging a relationship that they can nurture over time. Fundamentally, that relationship-building starts with the reputation and trust in the brand:

The vast majority (87%) of global consumers say that they consider the reputation of a company when purchasing a product or service.

How Reputation and Trust Affect Purchase Decisions and Marketing Efficiency

But maintaining brand integrity in the online world isn’t easy, especially when today’s cybersecurity threat landscape is changing fast. Phishing attacks, spam, and other threats are on the rise, and bad actors are becoming more aggressive in utilizing look-alike domains:

22% of breaches involved social engineering—96% of which arrived via email. 

2020 Verizon Data Breach

Despite these evolving threats, email continues to play a critical role in marketing, especially in the wake of the global pandemic:

80% of marketers noted an increase in email engagement over the past 12 months. 


The stakes are high, and email threats can not only put end customers at risk but severely undermine confidence in corporate brands—especially if an attack using a fraudulent domain actually succeeds.

Together, VMCs, BIMI, and DMARC Enhance Email Trust

To help businesses protect their brands in today’s dynamic threat environment, a working group of email and communications leaders developed the Brand Indicators for Message Identification (BIMI). This emerging email standard works together with Verified Mark Certificates (VMCs) to allow companies to display their logos within supported email clients, including all Google and Apple Mail products.

Much like a blue checkmark on Twitter, a logo displayed via VMC gives the receiver confidence that the email has been verified.

To be eligible to utilize a VMC, organizations must also enforce Domain-based Message Authentication, Reporting & Conformance (DMARC). DMARC is an email authentication policy and reporting protocol that is intended to help protect organizations from having their domains used for attacks like spoofing, phishing, and other unauthorized uses. Email clients use it to verify that email really comes from the domain specified. DMARC also gives organizations improved visibility into the messages that are being sent from their domain, which can increase their own internal email security.  

By using VMCs secured by DMARC, marketers show customers that their organization is focused on taking action to ensure customer privacy, as well as stronger email security. This sends a powerful message about their commitment to their brand and reputation.  

Shining A Spotlight On Brands For Engagement

By displaying an organization’s logo right in the recipient’s inbox, VMCs and BIMI not only present a visual trust indicator but also offer a new method that can help companies take full advantage of the equity accumulated within their logo, for minimal investment. By enabling customers to see a familiar logo in their inbox before they even open up the email, marketers gain an opportunity to cut through the noise in a packed inbox and leave more brand impressions. Logos are powerful symbols that resonate with customers and help ensure a consistent, positive interaction. Early results from Yahoo Mail BIMI trials with hundreds of participants were promising, and verified email was shown to enhance engagement by approximately 10 percent.  

VMCs are also exceptionally cost-effective because they are built around the email channel that organizations have already invested in and developed over the years. 

VMCs Require An IT Partnership

To take advantage of VMCs, marketers need to team up with their IT departments to make sure that their organization complies with DMARC enforcement standards. 

The first step is to set up Sender Policy Framework (SPF), which is designed to prevent unauthorized IP addresses from sending emails from your domain. The IT and marketing team will also need to set up DomainKeys Identified Mail (DKIM), an email authentication standard that uses public/private key cryptography to prevent message tampering when they are in transit.

After these steps are complete, the teams put DMARC in place to monitor email traffic, generate reports, and provide visibility into messages sent from the domain. 

Establishing DMARC enforcement can take days or weeks, depending on the size of the company. However, it ultimately helps organizations strengthen security for users, protect themselves against a large number of phishing attacks, and qualify the organization for a VMC certificate. A variety of blogs and other online resources are available to help organizations become DMARC-ready.

As VMC certificates become more widely adopted by email marketers, it’s likely that customers and prospects will soon come to expect a familiar logo in their email inboxes. Companies that take steps to start planning their VMC and DMARC today will position themselves to stand out from the crowd and assure their audience that they have made security a priority. By associating trust with all their email communications, they will continue to strengthen their brand and reputation even during changing times. 

Download Digicert’s VMC Marketing Guide 

Mark Packham

Mark Packham joined DigiCert in July 2016 and oversees brand strategy, lead gen, thought leadership, content strategy, public relations, digital marketing, and analyst relations. He brings over 20 years of experience as a strategic marketer and global brand manager, having led global marketing engagements with companies like, Microsoft, Verizon, and Abbott.

Related Articles

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.