Blog article

  • 8 minutes read
Author Profile Picture
  • Kiara Saloojee
  • DMARC Enthusiast

VMC vs. CMC: How to Choose the Right BIMI Certificate

Glowing Checkmark On Digital Background

VMC vs. CMC overview:

  • Choosing between a VMC and CMC generally comes down to trademark status, budget, timeline, and provider coverage.
  • A VMC is the better fit for companies with a registered trademark that want the broadest possible mailbox provider support.
  • A CMC offers a faster, lower-cost alternative for organizations without a trademark, and can serve as a stepping stone toward a VMC.
  • Both certificates share the same technical requirements: A DMARC policy of p=quarantine or p=reject, aligned SPF and DKIM, a valid SVG Tiny PS logo, and a correctly configured BIMI DNS record.

Implementing BIMI requires choosing between two certificate types – a VMC and a CMC. Most businesses make this decision based on trademark status, budget, timeline, and mailbox provider support.

This guide covers what each certificate is, what separates them, and the factors that typically drive the selection. Either way, both share the same prerequisite: DMARC must be at p=quarantine or p=reject before a certificate can be obtained.

Whether you’re working toward DMARC enforcement or ready to implement BIMI, Sendmarc can help you get there.

Book a Demo

What a BIMI Certificate is

BIMI is an email standard that lets companies display their logo in recipients’ inboxes alongside authenticated messages. It strengthens brand recognition, not security.

A BIMI certificate validates logo ownership and enables display across participating mailbox providers. Two types exist: A Verified Mark Certificate (VMC) and a Common Mark Certificate (CMC). Without one, most major providers won’t render the logo, even if the BIMI DNS record is correctly configured. Both serve the same purpose but have different requirements.

VMC vs. CMC – The Core Difference

A VMC requires a registered trademark and is supported across all major BIMI-compatible mailbox providers, including Gmail, Yahoo Mail, and Apple Mail. In Gmail, it can also display a verified checkmark alongside the sender’s logo.

A CMC removes the trademark requirement, making BIMI accessible to organizations that haven’t yet registered their logo. Lower cost and faster to obtain, it’s a practical option for businesses that want to activate BIMI while trademark registration is still in progress. CMC support is currently narrower than that of VMC, so verify mailbox provider compatibility before proceeding.

When to Choose a VMC

A VMC is the right fit when:

  • The logo is already trademarked, or the business is prepared to register it. VMC issuance requires trademark registration, which can take months or years.
  • Cross-provider coverage is a priority. VMC has the broadest mailbox provider support, which matters for companies whose email is primarily a customer-facing channel.
  • Brand trust in email is a commercial differentiator. In sectors where impersonation is a known risk, a verified logo provides a visible signal of legitimacy to recipients.

When to Choose a CMC

A CMC is the right fit when:

  • No registered trademark exists, and the organization doesn’t plan to register one in the short term. CMC removes this barrier.
  • The budget or timeline makes VMC impractical. CMC is faster and less expensive, making it a viable interim option for businesses that want their logo displayed while working toward trademark registration.
  • Partial coverage is an acceptable trade-off. CMC support is narrower than VMC, but for companies whose primary audience is on supporting providers, the limitations may be acceptable.

Choosing a CMC doesn’t prevent a future upgrade to a VMC. Organizations often start with a CMC and transition once trademark registration is complete.

What Both Certificates Require

  • DMARC enforcement: Your DMARC policy must be set to p=quarantine or p=reject. A p=none policy doesn’t qualify. This is a hard requirement, not a recommendation.
  • SPF and DKIM alignment: Both must be correctly configured and aligned with the sending domain. Misconfigured or missing records will prevent the logo from displaying.
  • SVG Tiny PS logo: The logo must conform to the SVG Tiny PS specification, which is more restrictive than the standard SVG format.
  • BIMI DNS record: A BIMI TXT record must be published in DNS, pointing to both the certificate and the hosted logo file.
Hand Interacting With Digital Checkmark Symbol

Start with the Right Foundation

Choosing between a VMC and a CMC is straightforward: A registered trademark and broad mailbox provider support point to a VMC; no trademark and tighter timelines point to a CMC.

Less straightforward is the foundation that both certificates depend on. DMARC isn’t a one-time configuration. Over time, new sending sources are added, teams adopt tools independently, and authentication gaps emerge that leave the domain vulnerable.

BIMI also doesn’t protect against phishing, spoofing, or lookalike domains. A certificate confirms logo ownership; it doesn’t defend the domain against those threats.

Whichever certificate you choose, its effectiveness depends on a properly maintained DMARC record – one that is continuously monitored, centrally managed, and regularly optimized.

Sendmarc automates the ongoing management of DMARC, so your email authentication stays accurate, and your BIMI deployment stays effective.

Book a Demo