Verified Mark Certificates.

VMCs are currently supported by various providers (Gmail, yahoo!, Netscape, Gmail Android, iphone app and more) or they are in the process of integrating and supporting them. BIMI shows in an infographic all providers that currently already support VMCs.
It is important to note that Gmail owns the most users, with over 1.8 billion active users. Additionally, 75% of Gmail users access their email via their mobile device.

The time and effort to get DMARC enforced varies for each business. For some, it may have already been set up by your hosting provider. For other businesses, with just a single sending domain, it could be simple – just add the sending domains to SPF, set up DKIM, create a DMARC record and enforce it.

In the case of larger companies with many internal email sending solutions, identifying and building allow-list servers to put into SPF record can require a lot of effort. Some large institutions employ DMARC specialists for DMARC at enforcement and analysis or management of DNS.

Yes, for a DigiCert VMC, DMARC is always required.

You can utilize a number of online tools to check your record. Here are three options:

• https://domain-checker.valimail.com/dmarc/
• https://www.mailhardener.com/tools/dmarc-validator
• https://bimigroup.org/bimi-generator/

When you purchased your VMC, you submitted a SVG file, and received a PEM file in return. Both files, retaining their original names, need to be placed on a publicly accessible server, and they need to be accessible via https: (note: http will result in error). Please note: the SVG that is hosted and referenced in your BIMI record must match, to the byte, the SVG file that was validated and is referenced in your PEM file. If there is a mismatch, the BIMI functionality will be inhibited.

Bulk, transactional or individual emails will all display a VMC logo the same way. In general, most organizations will need a single VMC for their domain. If you require multiple logos, you will need a VMC for each logo. To have multiple logos associated with a domain, you will also need to set up a “Selector” in your email header.

You can learn more about this topic here:

www.digicert.com/blog/how-many-vmcs-will-i-need

There are a number of free and paid online tools to convert your logo into SVG Tiny PS format necessary for VMC certificates.

In addition, you can convert your logo to an SVG format using Adobe programs such as Illustrator or Photoshop. It is important that your logo is in a vector format.

Yes! Gmail, which displays VMCs, is used by over 5 million businesses worldwide including small startups, mid-sized companies and large enterprises like Verizon, Colgate-Palmolive, and Keller Williams. (Source: Google Cloud, 2019)

With the Multi-year Plan, longer validity periods can be selected for VMC certificates. Please note that, after the maximum term of 397 days, a revalidation and reissue is mandatory for further extension in order to meet all security guidelines as set out by the CA/B forum.

VMCs do not act like a typical TLS certificate. They do not encrypt traffic, use a private key or require a CSR to order. VMCs create a cryptographically verifiable and auditable connection between an identity, a logo and a domain. This ensures that the identified organization is operating on a domain that they own when sending emails to end-users.

All sending domains need to be listed, but subdomains do not as they will be covered by the base domain.

For example, if you have 3 sending domains like mail.example.com, marketing.example.com and example.com, you only need to list example.com in your request. You are free to list each subdomain if you like, but it is not necessary—and if you do list them, there will be a charge.

But if you are also sending from example.co.uk, then that should be listed because it’s a different domain.