Galaxus gets the blue checkmark
No, not on Twitter, but in all the e-mails we send you. And unlike the blue checkmark on Twitter, this one can’t be bought from Elon Musk.
To clearly mark our official communication, the e-mails Galaxus sends out now have a blue verified checkmark. This checkmark is a security certificate that only reputable companies receive. It serves to increase security and counteract phishing attempts.
What exactly does the blue checkmark mean?
The blue checkmark shows that we’re BIMI (Brand Indicators for Message Identification) certified. This certificate makes it possible for companies to easily display their brand in e-mails. You’ll now see our logo – and a blue checkmark – right in your e-mail client.
To obtain BIMI, companies need to be validated by an authorised certification body such as Entrust, as well as pass DMARC validation checks. And to get it, a company needs a registered trademark – without it, no certificate can be issued.
Simply put, the blue checkmark means the sender can be trusted.
The blue checkmark should make phishing more difficult
In phishing attacks, fraudsters try to steal confidential information such as passwords, credit card numbers or personal data from people. To do this, they pose as a legitimate company in an attempt to trick the recipient into providing their personal data. And these fake e-mails are becoming more and more convincing.
The BIMI certificate and blue checkmark signalise that the sender of the e-mail is, in fact, the real company.
They allow our customers to more easily distinguish real e-mails from potentially dangerous phishing attacks – an important development, as we value our customers and want to offer maximum security.
The nitty-gritty of BIMI
BIMI uses a multi-step process to validate e-mails. This validation ensures that the e-mails are actually associated with the sender’s domain.
Here’s how it works:
- SPF (Sender Policy Framework) identifies the mail server and authenticates the e-mail.
- DKIM (DomainKeys Identified Mail) checks the e-mail to see if it was sent from an authorised domain and adds a digital signature.
- DMARC (Domain-Based Message Authentication, Reporting, and Conformance) validates the SPF and DKIM entries and determines how to handle an unauthorised e-mail.
- VMC (Verified Mark Certificate) confirms the trademark rights and with them the owner of the logo used for BIMI.
In a nutshell, these technologies work together to help verify the authenticity of e-mails. If the e-mail is genuine, it will display the brand logo.
BIMI hasn’t reached everyone
As useful and well thought-out as BIMI is, there is a catch: not all e-mail clients support BIMI. If your client doesn’t support it, you won’t see the checkmark or logo.
Here are the e-mail providers that do support BIMI:
- Apple Mail
- Cloudmark
- Fastmail
- Google Mail
- La Poste
- Onet Poczta
- Yahoo!
- Zone
These e-mail providers are considering BIMI:
- atmail
- BT
- Comcast
- Qualita
- Seznam
- Web.de / GMX
- Yahoo! Japan
Here are the e-mail providers that do not support BIMI:
- Microsoft (Outlook)
You’ll find the official list from BIMI here.
Security for our customers
All our customers receive e-mails from us, and in Switzerland, nearly everyone is a customer. Our customers are important to us, which is why we strive to offer maximum security. And the blue checkmark is a great opportunity to raise awareness about security and lower the rate of successful phishing scams. After all, secure communication also includes e-mails.
Cool: Creating interfaces between the real world and the world of pure information. Not cool: Driving by car to the mall to shop. My life happens online, the information age is where I feel at home.