PDF download Download Article
Everything you need to know about Gmail's blue checkmarks
PDF download Download Article

Have you noticed that some senders in Gmail have a blue checkmark next to their name and logo when you open a message from them? Much like the verification badges you see on many social media platforms, these blue ticks mean that Google has verified the sender’s identity, which helps prevent spam, phishing scams, and email spoofing . It’s also a great way to establish trust with recipients and customers. In this article, we’ll tell you more about what these checkmarks mean and how to get one.

Things You Should Know

  • Gmail’s blue checkmarks are mainly for businesses and organizations rather than individuals.
  • These checks indicate that the email is from a verified sender.
  • To get a checkmark, you’ll need to set up BIMI (Brand Indicators for Message Identification) with your organization’s domain provider.
Section 1 of 2:

Why do some senders have blue checks in Gmail?

PDF download Download Article
  1. Google uses these blue ticks the same way a lot of social media platforms do: it means they’ve confirmed the identity of the organization or person that sent the message.
    • The blue verified checkmark is a great way to prevent phishing, spoofing, and other scams where senders pretend to be someone else (like a bank or social media support account) to trick people into giving them sensitive information.
  2. While some public figures or celebrities may be able to get blue checks, Google mostly uses them to identify organizations and companies. For example, emails from a major retailer, bank, hospital, or social media platform might feature a blue check next to the sender’s logo.
  3. Advertisement
Section 2 of 2:

How to Get a Blue Checkmark in Gmail

PDF download Download Article
  1. If you run a business or other organization and you want to get a blue verified checkmark from Google, there are several steps involved. First, you’ll need to set up a few security features for your organization’s web domain. To do this, you’ll need to: [1]
    • Get administrator login information for your domain provider. For example, if your business’s domain is hosted by a company like Squarespace or IONOS, you’ll need to sign in at their website to turn on these security features for your domain.
    • Create an SPF (Sender Policy Framework) record for your domain. This will help recipients verify that emails sent from your specified domains and servers really come from your organization. For detailed instructions, check out this page from Google Support .
    • Add an encrypted digital signature to your emails with DKIM. For detailed instructions, check out this guide from Google .
    • Turn on DMARC to catch messages from spoofers pretending to be your organization. DMARC works with SPF and DKIM to help screen out messages that don’t pass those verification checks. Get the full breakdown from Google .
  2. This logo will appear on all outgoing messages from your organization in the place where you’d normally see a Gmail profile picture or sender initials. You’ll need to format the image as an SVG (Scalable Vector Graphic) and upload it to a public web server that shares the same domain as your outgoing email server. For full instructions on how to format and upload your SVG logo file correctly, see this document from Google .
    • Make sure to read the instructions from Google carefully. You’ll need to use a text editor to add some special attributes to your SVG file so it meets Gmail’s requirements.
    • Copy and save the URL for this file once you upload it to your domain.
  3. Once you’ve created your brand logo, you’ll need to register it as a trademark and get a VMC (Verified Mark Certificate). After you secure the trademark, contact either Digicert or Entrust to request your VMC. [2]
    • Whichever organization you use to get your VMC will send you a PEM (Privacy Enhanced Mail) file, which you’ll need to use along with your logo to verify outgoing emails. Upload the PEM to your public server.
      • You might also receive other certificate files, which you’ll need to append to the PEM.
    • Copy and save the URL for the PEM and any appended files once you’ve uploaded it.
    • For more detailed information, check out this guide from Google .
  4. Setting up BIMI (Brand Indicators for Message Identification) is the last step in attaching your verified logo to your emails and getting a Google checkmark. Use the instructions and template here and plug in the URLs you saved for the SVG and PEM files on your server.
    • It may take up to 48 hours for BIMI to start working. Once it does, emails from your organization should display both your logo and a blue checkmark.
    • If your logo and blue checkmark still aren’t showing up after 48 hours, or if your organization’s messages are getting marked as spam, try some of these troubleshooting steps .
  5. Advertisement

Expert Q&A

Search
Add New Question
  • Question
    How to determine email scams?
    Naveh Ben Dror
    Social Media Security Expert
    Naveh Ben Dror is a Social Media Security Expert and the CEO of Spikerz based in Tel Aviv, Israel. Naveh and his team provide social media protection for content creators, businesses, and enterprises. His professional background is in international brand marketing and e-commerce. Naveh received both his Bachelor of Law and MBA from Reichman University.
    Social Media Security Expert
    Expert Answer
    To identify email scams, watch out for several telltale signs. Firstly, scrutinize the sender's email address carefully, as scammers often use addresses that mimic legitimate organizations but contain subtle variations or misspellings. Secondly, be wary of unsolicited emails requesting personal or financial information, especially if they claim urgency or threaten consequences for non-compliance. Thirdly, examine the email for grammatical errors, inconsistencies, or unusual formatting, as these can indicate a fraudulent message. Additionally, refrain from clicking on suspicious links or downloading attachments from unknown senders, as they may contain malware or lead to phishing websites. Finally, verify the legitimacy of the email by contacting the sender through official channels or by visiting their website directly. By remaining vigilant and exercising caution, you can protect yourself from falling victim to email scams.
Ask a Question
      Advertisement

      Tips

      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Name
      Please provide your name and last initial
      Thanks for submitting a tip for review!

      Expert Interview

      Thanks for reading our article! If you’d like to learn more about using social media, check out our in-depth interview with Naveh Ben Dror .

      About This Article

      Thanks to all authors for creating a page that has been read 7,627 times.

      Is this article up to date?

      Advertisement