What is a Common Mark Certificate for BIMI and Email Logos?

Common Mark Certificate for BIMI and Email Logos

Your emails do more than just deliver messages; they carry your brand’s identity.

But without visual recognition, even well-crafted campaigns can feel anonymous. The Common Mark Certificate (CMC) changes that. It allows your logo to show up in inboxes, backed by cryptographic trust and domain-level email authentication. No need for a registered trademark, no legal red tape – just a clear, standards-based path to brand visibility through BIMI.

As email becomes a front line for both engagement and security, CMC offers a practical, accessible way to stand out while proving you’re legitimate. This blog covers what is Common Mark Certificate, how it works and who it’s for. Let us understand why it’s becoming a smart choice for brands looking to build trust and visibility in the inbox.

What is a Common Mark Certificate (CMC)?

A Common Mark Certificate is a digital certificate that authenticates the connection between an organization and a publicly used logo to enable a verifiable visual identity in email. It is issued by a trusted certificate authority (like DigiCert) and is designed for businesses that want to use Brand Indicators for Message Identification (BIMI) but don’t have a legally registered trademark

Technically, a Common Mark Certificate assures that the organization:

  • Have a DMARC policy enforced (p=quarantine or p=reject)
  • Owns and controls the domain
  • Has used the specified logo publicly for at least one year (or is using a valid modification of a trademarked logo)

Upon verification, the CMC allows the organization’s logo to be displayed alongside outbound emails in supported inboxes (e.g., Gmail and Yahoo) in the sender field. This results in brand recognition, email authenticity, and phishing resilience, as well as making marketing messages stand out in increasingly crowded inboxes.

In short, the Common Mark certificate offers an easy solution to the problem of brand authentication in email with a standard-based solution. It also helps with email security and builds trust with recipients.

How Common Mark Certificate Works with BIMI

To understand how a CMC enables logo display, it’s important to look at its connection with BIMI. It is an email specification that allows senders to show their brand logo in inboxes but only after passing specific authentication checks. It does not work by itself and relies on three things:

  1. Properly configured SPF, DKIM, and DMARC records
  2. A BIMI TXT record in your domain’s DNS
  3. A CMC certificate, that proves you own or use the logo

Here’s the general process:

  1. Your emails are authenticated using SPF, DKIM, and an enforced DMARC policy (p=quarantine or p=reject)
  2. You publish a BIMI record pointing to your logo (in SVG format) and reference the CMC
  3. A certificate authority (like DigiCert) issues a CMC based on proof of logo usage
  4. Mailbox providers like Gmail or Yahoo verify all these records
  5. If everything checks out, your logo will be displayed in the inbox

In short, the CMC acts as proof, BIMI handles the display, and email authentication ensures trust. Together, they bring branded visuals into your recipients’ inboxes securely and reliably.

Eligibility Requirements and Practical Use Cases

Common Mark Certificates are designed to make BIMI adoption more accessible, especially for organizations that lack trademarked logos. CMCs increase the exposure of brands to more businesses and institutions by eliminating the legal obstacles and adhering to email authentication standards.

Common Mark Certificate Eligibility

To qualify for a CMC, an organization should meet the following technical and branding requirements:

  1. Logo Usage History
    You must have had your logo publicly visible by at least 12 months, usually on your website, social media, or product. Certificate Authorities verify it through tools like Wayback Machine or archived site snapshots.
  2. DMARC Enforcement
    Your sending domain must have DMARC enabled with a policy set to p=quarantine or p=reject. This setup is essential for proper email authentication and is a key requirement for both BIMI and CMC validation.
  3. BIMI-Compliant Logo Format

    Your logo must be formatted as an SVG Tiny 1.2 file with the following specs:

    • ≤32KB in size
    • Square layout
    • Solid background
    • No animations or scripts

Ideal Use Cases for Common Mark Cert

Due to their affordability and minimal legal requirements, CMCs are most suitable to:

  • Startups building email credibility without a trademark
  • Small-to-midsize brands seeking better inbox visibility
  • Marketing teams aiming to boost open rates with visual branding
  • SaaS companies looking for early trust signals in cold outreach or onboarding emails

Common Mark Certificate strikes a balance between security, accessibility, and branding which is ideal for growing companies that want the benefits of BIMI without trademark complexity.

How to Get a Common Mark Certificate?

Obtaining a Common Mark Certificate is a fairly straightforward process compared to a Verified Mark Certificate.

Verify Logo Usage

Your brand’s logo must have been publicly used for at least 12 consecutive months. CA can check this using tools or verifiable public records.

Enforce Email Authentication

Make sure that your domain is properly configured with:

  • DKIM and SPF
  • DMARC policy set to p=quarantine or p=reject

Check that the setup is correct by using the tools like MXToolbox or Google Postmaster Tools and correct misalignments when necessary.

Prepare Your Logo (SVG Format)

Convert your logo into a BIMI compliant SVG Tiny 1.2 file:

All logo files should follow the same specifications defined above, including size limits, square layout, and solid backgrounds, without any transparency, animations, or scripts.

If needed, ask a designer to assist in converting your logo while meeting these specs.

Complete Identity and Logo Validation

The validation procedure complies with a strict identity validation procedure. It normally involves:

  • Verification that the person requesting the certificate is a legitimate representative of the organization.
  • Identity confirmation through notarized documents or a secure video call.
  • Logo validation, that ensures that the logo has been in use on a verified domain over the past year.
  • This process will make sure that the brand identity displayed in recipients’ inboxes is legitimate and verifiable.

CMC Issuance and DNS Computation of the moment

After validation, the CA issues the Common Mark Certificate. You will then have to post it through DNS, along with your BIMI record and SVG logo file. It allows the email clients who also support BIMI (like Gmail and Yahoo) to start including your logo in the sender field of your outbound emails, passing the qualification check.

Send Branded Email Message

As soon as the CMC is deployed and DNS records are set up properly, the logo of your brand will begin to appear in the inbox of the supported platforms, increasing engagement, brand recognition, and building trust with every message that your organization sends.

CMC Setup Made Easy with CheapSSLShop

  • DMARC Alignment
  • SPF & DKIM Support
  • Logo Formatting
  • DNS Publishing
  • Logo Verification

Pros and Cons of Using a Common Mark Certificate

CMC can offer meaningful benefits for marketers and security teams but it’s important to weigh the trade-offs.

CMC Pros:

  1. Cheaper than VMCs which makes them a budget-friendly way to improve brand presentation.
  2. Because trademark validation is not required, organizations can deploy a CMC in a much shorter timeframe, bypassing the typical 12–18 month wait for trademark approval and accelerating BIMI adoption.
  3. A visible logo increases brand recognition and helps emails stand out in crowded inboxes leading to higher open rates.
  4. They remove the trademark registration barrier for BIMI adoption making them faster and more accessible for smaller brands.

CMC Cons:

  1. Logos may appear in inboxes, but they don’t get the blue checkmark that comes with VMCs in Gmail.
  2. You’ll still need to configure SPF, DKIM, DMARC, set up proper DNS records, and format your logo as an SVG so the technical lift remains.
  3. Since they rely on BIMI, they won’t show up in all inboxes. Not every mailbox provider supports BIMI yet.
  4. To qualify for a CMC, your organization must prove that the logo has been in constant public use. This can be a challenge to newly rebranded businesses or recently launched startups.

Conclusion

A Common Mark Certificate is a practical, low-friction way to boost email credibility and brand visibility without the overhead of trademark registration. For marketers, it means standing out in the inbox. For security teams, it enforces authentication best practices like DMARC. Whether you’re a startup looking to make a strong first impression or an established brand without a trademark, a CMC offers a cost-effective path to visual trust. If your logo has been in public use for a year and your email domain is properly authenticated, you’re already halfway there. The inbox is evolving, so now’s the time to evolve with it.

Ready to Put Your Logo in the Inbox Spotlight?

Get a DigiCert Common Mark Certificate from CheapSSLShop and bring trusted logo visibility to your outbound emails.

Buy DigiCert CMC Now

Related Articles:

4.8/5 star
overall satisfaction rating
4507 reviews
from actual customers at
review
Star
The shopping experience was very quick and straightforward. No hassles.
WDL T
review
Star
Smooth order process and checkout. In addition - the SSL was cheap compared to many other places.
Camilla Solberg E
review
Star
母亲啊一切顺利,因为还没有部署,从购买体验上很好,very good
cheny