Get VMC - Verified Mark Certificate at Abion

Win the Inbox Battle with a Verified Mark Certificate

Increase open rate and brand awareness with a Verified Mark Certificate (VMC). A Verified Mark Certificate also enables your company to render both a Google Checkmark and your logotype next to your brand name in your customer’s email inbox. Contact us and we will help set it up!

Get your VMC now

Enhanced Recognition

The certificate showcases Google Checkmark and your logo in the inbox, helping it to stand out from the clutter.

Boost Open Rates

Implementing VMC and connected services can boost open rates by up to 39%.*

Increased Deliverability

VMC strengthens security against phishing and spoofing with DMARC enforcement which can increase deliverability by 5-10%.**

Abion VMC logos before and after

How Does a Verified Mark Certificate (VMC) Work?

A Verified Mark Certificate (VMC) combines law and IT to revolutionize email infrastructure. With a VMC, you can showcase your logo in authenticated emails, thanks to the next phase of BIMI (Brand Indicators for Message Identification). The Verified Mark Certificate (VMC) legally confirms that your organisation has the right to use your logo, ensuring it’s protected and displayed with confidence.

Sources:

*Consumer Interaction with Visual Brands in Email from Red Sift & Entrust

**Digicert

Ensure All Requirements Before VMC Application

In order to obtain a certificate, you need to ensure that your figurative/word mark is properly registered and that your e-mail infrastructure has the right level of security protection.

Parts of the process may take time. A trade mark application usually takes 3-6 months and implementation of the required security levels for your email may take 1-3 months.

Implementation of DMARC

In order for the certificate to be issued, it is required that you have implemented DMARC with your existing e-mail client. DMARC secures that the domain you are e-mailing from has adequate security levels. Abion provides a service called Secure Email (EPC) so that you can implement DMARC with the correct quarantine policy.

Review figurative/word mark

In addition to implementing DMARC, you must also prove that you own legal rights to the logotype, as the main purpose of the Verified Mark Certificate is to validate that the organisation owns the rights to a figurative/word mark. At present, you can only use registered figurative/word marks that are verified by affiliated intellectual property authorities. You must have proper trademark protection for the exact logotype you intend to use. Convert your logo to an SVG file. Here is a guide of how to save your logo: Convert logo to SVG file.

Contact us today!

With the right level of e-mail security and a registered figurative/word mark, you will be able to implement your logo (SVG file) to the certificate that gives you the right to render your logo in certain e-mail clients. We help to check that you have the conditions to be able to bye the certificate. Contact us directly and we will help you!

Which email would you open
- with or without logo?

Med eller utan VMC - Abion - Vilket mail skulle du öppna?

Is your brand ready to rule the inbox?

Fill in the form and we will analyze how ready your brand is, with no strings attached.

  • What logo you have registered
  • If the logo is registered for the right markets
  • The security levels on your email

Learn More: How to Secure VMC to Brand Your Emails

A VMC is a digital certificate that allows companies to display their verified (and trade marked) logo next to their emails, enhancing brand recognition, trust and security. With the requirement of DMARC compliance, this certificate solidifies brand authenticity and helps to protect against email spoofing.

Understanding Verified Mark Certificates (VMC)

VMC are digital certificates that enable organisations to display their registered trade marked logos in the avatar spot of outgoing emails, providing a visual cue that helps recipients verify the sender's authenticity. Working in conjunction with the organisation, Brand Indicators for Message Identification (BIMI), VMCs offer an immediate trust indicator, transforming how emails are perceived by making them more recognisable and trustworthy at a glance.

By placing a trade marked logo next to the sender field in recipients' inboxes, VMCs significantly enhance brand recognition and boost email engagement. They also help to prevent phishing attempts and email spoofing by ensuring that only authenticated emails can display these logos, adding an extra layer of security.

Supported by major email services like Google, Yahoo Mail, and Apple, VMCs are set to become a standard feature in email marketing and security strategies. This widespread support makes it crucial for brands to adopt VMC technology to stay ahead in the digital landscape.

Step-by-Step Guide to Acquiring a Verified Mark Certificate

Obtaining a valid certificate necessitates several crucial steps such as, achieving DMARC compliance, having a registered trade marked logo, and designing an SVG format logo. Each of these steps is vital to meeting the VMC requirements and successfully implementing your VMC. It can be a complex process and therefore advisable to seek the help of an expert in this area, like Abion, who can support you through this process.

1. Ensure DMARC Compliance

Achieving DMARC compliance is a fundamental step for securing a valid certificate and is indispensable for BIMI. DMARC, or Domain-based Message Authentication, Reporting & Conformance, involves setting up SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records to validate emails sent from your domain. This setup ensures that your emails are authenticated, reducing the risk of domain spoofing and phishing attacks.

To achieve DMARC compliance, you need to publish a DMARC record in your DNS settings. This record dictates how receiving email servers should handle messages that fail authentication checks, with policies like ‘p=quarantine’ or ‘p=reject’ being necessary to meet BIMI standards. Ensuring full DMARC compliance can be technically challenging, but it is a crucial step in securing your VMC.

2. Register Your Trademarked Logo

Securing a BIMI-compliant logo involves trademarking, a process that can take several months. Trademarking your logo not only verifies its authenticity but also shields it from misuse, making it more difficult for malicious actors to spoof your brand. If your logo isn't trademarked yet, it's crucial to speak with a brand protection expert like Abion, who can guide you through the process.

Trademark registration involves clearances searches, filing an application and having it reviewed by an examiner from the trademark office. Each logo requires its own trademark registration and VMC, so if your organisation uses multiple logos, each will need to undergo this process separately. Our step-by-step guide explains how to register a trademark and it is also possible to check if your brand name/logo has already been trademarked on the WIPO website.

Initiating the trademark process early on is crucial because it can take from 3 months to over a year to complete. Engaging a legal team can help navigate the complexities of this process, ensuring that your logo meets all necessary requirements and is ready for VMC certification.

3. Create an SVG File Logo

Verified Mark Certificate demand logos in Scalable Vector Graphics (SVG file) format. The significance of this format lies in its ability to scale the logo to various sizes without compromising quality, and meets specific technical requirements for BIMI compliance.

The SVG file must:

- The logo must be an SVG file
- Be kept under 32 kilobytes
- Have a square aspect ratio
- Center the logo within a solid background.

Creating a BIMI-compliant SVG file can be a technical hurdle for many organisations. The file must not contain any x= and y= attributes apart from the XML namespace, and it should be formatted correctly to meet all BIMI standards. Tools like Adobe Illustrator can help in creating and formatting the SVG logo, ensuring it adheres to all necessary specifications. We will help you with the specifications if needed. 

4. Purchasing and Implementing Your VMC

Once you have ensured DMARC compliance, registered your trademarked logo, and created an SVG format logo, the next steps involve purchasing and implementing your Verified Mark Certificate.

5. Select a Certificate Authority

Choosing a trustworthy Certificate Authority (CA) is paramount to the VMC implementation process. The high assurance validation process for purchasing a VMC is similar to that for SSL certificates but includes additional security steps, such as identity validation, face-to-face confirmation, and validation of the trademarked and formatted logo. It might be smart to choose a provider who gives you specific instructions and support during the process. 

When choosing a CA, consider the current rates and ensure the CA provides the necessary support and guidance throughout the whole process of VMC implementation. 

6. Upload the PEM File to Your Web Server

After purchasing your VMC, you will need to complete the following steps:

- Receive a Privacy Enhanced Mail (PEM) file.
- Upload the PEM file to your public web server.
- Note the URL of the uploaded PEM file for further steps.
- Use the PEM file to add extra security to your logo. This verification was done by the CA.

Ensure that your web server uses the HTTPS protocol and TLS version 1.2 or later to host BIMI files, including the BIMI record, enhancing security and compliance. If you have a provider like Abion, we can help you with all of these steps. 

7. Add a BIMI TXT Record to Your Domain

The final step in implementing your VMC is to add a BIMI TXT record to your domain. This record must include the URL of the PEM file and the location of the SVG logo file. Both files must be accessible via HTTPS on a public server and retain their original names.

Adding this TXT record enables the display of your verified logo in recipients’ email inboxes, completing the VMC implementation process. 

Benefits of Using VMCs for Email Security and Brand Recognition

The benefits of VMCs extend well beyond email security. One of the primary advantages is the protection against email fraud through DMARC’s anti-spoofing technology. By ensuring that only authenticated emails can display your trade marked logo, VMCs help to prevent phishing attempts and reduces email spoofing. This not only safeguards your brand’s reputation but also bolsters employees’ confidence in the legitimacy of emails from internal senders or partners.

Moreover, brand recognition and email engagement are significantly bolstered by VMCs. Organisations using BIMI and VMC report increased engagement rates, with some companies seeing a boost in email engagement by approximately 10%. Preliminary findings also indicate that VMC-backed emails may have improved open and response rates by up to 39%. 

User trust and engagement can also be elevated through the implementation of VMCs. By adhering to BIMI specifications, VMC-backed emails stand out in customer inboxes, leading to higher interaction rates and a more positive perception of your brand. Tracking detailed email metrics like open rates, link interactions, and forwarded emails becomes easier, providing valuable insights into your email marketing strategies.

Benefits of Using VMC

Common Challenges and How to Overcome Them

Despite the evident benefits of VMC or mark certificate, their implementation can pose a number of challenges. These challenges include meeting technical requirements, navigating the trade mark registration process, and the time-consuming nature of obtaining a VMC.

Technical Requirements

A significant technical challenge in VMC implementation involves fulfilling all the necessary requirements of your email infrastructure. This includes achieving DMARC compliance and properly formatting your SVG logo. Ensuring that your email infrastructure is not on any blacklists is also essential for successful BIMI implementation. Technical hurdles like creating an SVG file that meets BIMI standards and configuring your email authentication records can be daunting, but they are essential for securing your VMC certificate.

To overcome these challenges, consider seeking assistance from experts. Ensuring that all technical requirements are met can take time, but it is a critical step in achieving the full benefits of VMC implementation. At Abion, we handle all steps of the process, so you can focus on your core business.

Trademark Registration Issues

Another common challenge when actualising VMC or mark certificate is the trade mark registration process. The process can be lengthy, in some cases taking anywhere between 3 months to over a year to complete. It is essential to consult with a legal department or lawyer to ensure timely and successful completion of the trade mark registration process. The ‘use-in-commerce’ requirement must also be met, meaning the logo must be actively used in commerce.

Partnering up with a brand protection specialist like Abion can significantly increase the chances of a successful trade mark application. They can help navigate the complexities of the application process, ensuring that your logo meets all necessary legal requirements and is ready for VMC certification.

Conclusion

In summary, securing a VMC certificate for your branded emails involves several critical steps, including ensuring DMARC compliance, registering your trade marked logo, and creating an SVG format logo. Despite the challenges, the benefits of enhanced email security, increased brand recognition, and higher email engagement rates make VMCs a worthwhile investment to transform your email communication strategy. While we have outlined the steps of how to obtain a VMC, working with an expert in these matters is strongly advised. 

FAQ about Verified Mark Certificate 

No. A backorder increases your chances, but if multiple parties compete for the same domain, it may go to auction or be registered by another provider. We use established registration channels and monitor the release process closely to maximise your chances of success.

Backorder availability depends on the TLD and registry policies. We will confirm eligibility before placing a request.

Non-compliance can result in fines, legal consequences, and damage to both your brand and your business. More importantly, the directive is about having effective security controls in place that reduce vulnerabilities and strengthen your resilience against attacks.

Responsibility extends beyond IT. Under NIS2, management and boards are explicitly accountable for ensuring appropriate cybersecurity measures and oversight are in place.

NIS2 is the EU’s updated cybersecurity directive, designed to raise the level of cyber resilience across essential and important sectors. It expands the scope of the original NIS directive and introduces stricter requirements for risk management, incident reporting, and management accountability across essential and important sectors.

Monitoring is automated, with alerts reviewed and contextualised to help you prioritise relevant risks.

Depending on the registry and provider, the domain may enter an auction process or be allocated based on system priority. We will inform you about the process. 

If the domain is not secured, we can advise on brokerage options or alternative domain strategies.

Email remains the most common entry point for phishing, impersonation, and account takeover, all of which can lead to reportable incidents under NIS2 and DORA.

NIS2 is a directive that must be implemented into national law and applies across many sectors. DORA is a regulation focused on the financial sector and applies directly across the EU. Both require demonstrable preventive controls, not just policies.

Domain Monitoring detects changes such as website activation, DNS or name server updates, and email configuration that may indicate phishing, fraud, or impersonation.

Yes. You can monitor individual domains or larger sets depending on your risk profile and brand footprint.

Related services

Secure Email With ECP

Email Security Solutions – A Must For Any Serious Business

The technology behind secure email protects organizations against email fraud, both internally and externally for customers and suppliers.
Avanan top image w illustration reversed

Avanan – Keeping your inbox safe

Abion offers a suite of domain blocking solutions designed to give you complete control over your online presence.

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At Abion AB, corp. ID no. 556633-6169, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data