How to Get a Verified Mark Certificate (VMC) and Common Mark Certificate (CMC) – A Step-by-Step Guide


With email security and brand recognition becoming increasingly important, Verified Mark Certificates (VMCs) and Common Mark Certificates (CMCs) play a crucial role in enhancing email authentication and trust. These certificates allow companies to display their verified logos next to the sender’s name in email inboxes, boosting credibility and engagement.

This guide walks you through the process of obtaining a VMC and CMC, ensuring your organization meets the necessary requirements to secure and implement these certificates effectively.

What is a Verified Mark Certificate (VMC)?

A Verified Mark Certificate (VMC) is a digital certificate that allows organizations to display their trademarked logo in email clients that support BIMI (Brand Indicators for Message Identification). To qualify for a VMC, organizations must:

  • Implement DMARC (Domain-based Message Authentication, Reporting & Conformance) with a policy of p=quarantine or p=reject.

  • Have a trademarked logo registered with an approved trademark office.

  • Convert their logo to the SVG P/S (Portable/Secure) format.

What is a Common Mark Certificate (CMC)?

A Common Mark Certificate (CMC) is a more flexible alternative to a VMC that enables brands to display their logos in Gmail, even if they do not have a registered trademark. While VMCs display a blue checkmark next to the logo in Gmail, signifying much higher verification, CMCs will only display the logo. They are ideal for organizations that want to leverage BIMI without the strict trademark requirement.

Step-by-Step Guide to Getting a VMC or CMC

Step 1 – Ensure DMARC Compliance

DMARC is a critical prerequisite for obtaining a VMC. Here’s how to set it up:

  • Set up SPF (Sender Policy Framework):

    • Identify all email-sending sources (e.g., mail servers, third-party services).

    • Create an SPF TXT record and publish it in your DNS. Example: v=spf1 ip4:1.2.3.4 include:thirdparty.com -all

    • Use an SPF checker tool to verify the record.

  • Enable DMARC:

    • Publish a DMARC policy in your DNS with either p=quarantine or p=reject.

    • Example DMARC record: v=DMARC1; p=quarantine; rua=mailto:dmarcreports@yourdomain.com

    • Gradually enforce the policy to p=reject for full security.

Step 2 – Trademark Your Logo (VMC Only)

For a VMC, your logo must be registered with an approved trademark office. If your logo is not yet trademarked:

  • Search for your logo in global trademark databases (e.g., WIPO, USPTO).

  • Apply for a trademark with the relevant office in your jurisdiction.

  • Search for your logo in global trademark databases (e.g., WIPO, USPTO).

  • Once approved, obtain the official trademark registration details.

For a CMC, a trademark is not required, simplifying the process.

Step 3 – Convert Your Logo to SVG P/S Format

Your logo must be in Scalable Vector Graphics Portable/Secure (SVG P/S) format to be compatible with BIMI.

  • Convert your logo using Adobe Illustrator or an SVG conversion tool.

  • Ensure the file meets SVG Tiny 1.2 specifications.

  • Add metadata, including your organization’s name, to the SVG file.

Step 4 – Apply for a Verified Mark Certificate or Common Mark Certificate

  • Choose a Certificate Authority (CA):

    • Leading providers include DigiCert and Entrust.

  • Submit the required documents:

    • Trademark details (for VMCs only).

    • DMARC compliance proof.

    • Correctly formatted SVG P/S logo.

  • Complete the verification process:

    • The CA will validate your domain and logo authenticity.

    • Approval may take several business days.

Step 5 – Publish Your BIMI Record

Once you receive your VMC or CMC, update your DNS with a BIMI record: v=BIMI1; l=https://yourdomain.com/logo.svg; a=https://yourdomain.com/vmc.pem

  • Replace l= with the URL of your SVG P/S logo.

  • Replace a= with the URL of your VMC certificate.

  • Verify your BIMI record using a BIMI lookup tool.

Step 6 – Test and Monitor

  • Send test emails to check if your logo displays in Gmail and other supporting email clients.

  • Monitor DMARC reports to track deliverability and security improvements.

JNR Management: Your Trusted Partner for VMC and CMC Solutions

At JNR Management, we specialize in providing Verified Mark Certificates (VMC) and Common Mark Certificates (CMC) to enhance your brand’s trust and credibility. Our team ensures seamless implementation, compliance with BIMI standards, and expert guidance on email security best practices.

With our expertise in authentication, encryption, and digital certificate solutions, we help businesses protect their brand identity and improve email deliverability. Contact JNR Management today to secure your VMC or CMC and strengthen your email communication security!