The blue checkmark on Twitter (now Twitter is called "X") has become a status symbol and an important official stamp confirming the authenticity of the account. In a reality where distinguishing truth from falsehood becomes ever more challenging, social networks and other apps offer a verification seal, usually for a fee | Now Gmail will also display a blue hook... but unlike easy verification for a subscription fee, getting a blue hook in Gmail requires beekeepers to go through a tedious process. What is the process? Who is it suitable for? And how do you get a blue hook?
תוכן עניינים
האזנה לפודקאסט
Deep Blue Twitter
The phenomenon of impersonation and fake profiles is a blow that Twitter has been suffering from (not only it, but also other social networks) for a long time. According to various studies, a quarter of Elon Musk’s own followers are fake profiles. Elon Musk used this argument in his negotiations to lower the price he paid for Twitter.
When Elon Musk bought the social network Twitter for the monstrous amount of 43 billion dollars, it was clear that he would take steps to try to return the investment.
In the first days of his new position (at the same time as being the richest man in the world who runs other huge companies), he fired workers and managers with the swing of a machete and cut the beef at dangerous levels, which seemed as if he was testing the system’s limitations in terms of the minimum manpower necessary for its stability. Twitter then looked like a SpaceX rocket just after the explosion. Advertisers and users have abandoned and it seems as if Elon is doing everything to kill the network.
On April 1, 2023, Twitter, under Musk’s leadership, removed the blue V verification from all accounts. That blue hook has been a status symbol all these years, but also confirmation that Twitter has verified the identity of the account owners and confirms (by displaying a blue hook) that this is a real, legitimate account.
At the same time as the complete cancellation of the Blue Way, Twitter began to offer everyone to purchase Twitter Blue – a premium subscription that grants a paid Blue Way and provides additional premium features such as the ability to edit tweets, 50% fewer ads, the ability to create much longer tweets, highlight text, upload a longer video and some other features.
The account must meet the following criteria to receive or keep the blue logo:
Only accounts that are actively subscribed to the Twitter Blue service are eligible to receive the blue badge after a review by Twitter.
Data integrity: Account must include name and profile picture.
Account in active use: The account must be active for the last 30 days to be eligible to register as a Blue Hook subscriber.
Security: The account must be more than 30 days old and the owner must verify their phone number.
Not misleading: any change in the visibility of the account such as the profile picture, the display name or the username (@handle) will result in the removal of the blue checker until re-examination and re-approval by a team on behalf of Twitter.
Accounts that are suspected of deception or impersonation, or that show signs of engaging in platform manipulation and spamming, will not be approved.
The paid subscription that was launched at the beginning of April 2023 effectively canceled the blue hook marks given under the previous criteria (active, prominent and authentic) and only a few accounts that Elon Musk claimed (in a tweet on Twitter of course) that he paid for remain with a blue hook, for example the writer Stephen King.
The verified subscription brought with it a lot of criticism for the ease of the verification process on the grounds that it was not strict enough and even led to a user revolt. But it seems that more and more users active on the platform have realized that these are the new rules of the game. Some have given up on the blue hue for now. Others pay to verify their account and get a blue hook as well as some premium features. Verification of a private Twitter subscription in Israel costs about 29 NIS per month (or 300 NIS per year).
Twitter also offers Gold Verification for business accounts. A gold hook for a business account costs about 3,600 NIS every month.
Facebook and Instagram
When Facebook changed its name to Meta, this was accompanied by the separation of the subsidiary companies’ activities from the parent company (a similar move occurred even earlier in Google, when it separated its activities under the parent company Alphabet, which was done partly for regulatory and branding considerations).
Facebook has been flagging selected accounts with blue hooks for several years and, like Twitter, is now even considering a paid subscription offer to verify Facebook and Instagram accounts. It offers (for now in the US, Australia and New Zealand) a Meta Verified subscription – a subscription that verifies the Facebook and Instagram accounts and displays a blue V on Instagram or a blue V on Facebook.
YouTube
YouTube allows channels that have over 100,000 followers to apply for account verification. Similarly a blue V will be displayed on these accounts.
TikTok
The Tiktok social network also allows private and business account holders to verify their account and thereby display a blue V on Tiktok.
Spotify
Spotify account verification gives artist and creator accounts more credibility. Many of them suffer from impersonations. Spotify allows artists to verify their account easily and receive a blue check mark – verified artist.
Blue Vee authentication in Gmail
On 3/5/23 Gmail announced on the Google Workspace blog that it is adding a blue checkmark in Google Workspace accounts and private accounts (in the Gmail.com domain) to the sections that have implemented BIMI.
I’m sorry to disappoint, but receiving a blue V in Gmail is a cute gimmick that will show a blue V in Gmail only to those who have passed BIMI certification, and in order to win the coveted blue V, a lot of assessments are required on the part of the benefactors until BIMI is fully implemented, which is a long and expensive process.
Displaying a blue V in Gmail is based on BIMI and VMC verification (details below) and is not at all dependent on Gmail which only reflects a blue V to those who meet the conditions.
What is required to get blue hook verification in Gmail?
- Verification of the mailed domain with SPF and DKIM protocols in all mailed systems. In an average business, there are many, many different mailing systems for different mailing activities: interpersonal, transactional, operational, marketing, and the verification operation should be performed in all of them.
- DMARC implementation in P=reject and 100% enforcement mode (P=reject, PCT=100).
Important note: see the extension below – this is evolution. - Embedding the BIMI logo in an appropriate format – setting up the DNS record and embedding the logo image in an appropriate format on a hosting server.
- Obtaining VMC certification – these are bureaus authorized to verify the ownership of the logo and its association with the domain (there are only two such bureaus at the moment).
What are the conditions for receiving a blue V in Gmail?
To display the BIMI logo, mailers are required to embed a DMARC record as required in p=reject pct=100 mode. Whoever embeds the record in this way without understanding the meaning of what he is doing, will encounter obstruction and serious delinquency problems.
The implementation of DMARC is an evolution in which an audit is performed for the bee infrastructures, their correct definition in terms of SPF and DKIM authentication protocols and their alignment. In addition, mailers are required to embed a logo that has been verified by VMC. This is a long process that should be done slowly and carefully with appropriate guidance. Only mailers who pass all these steps successfully will be able to display the BIMI logo and the blue hoi in Gmail.
האזנה לפודקאסט
First step – implementing DMARC
- It is recommended to implement DMARC using a monitoring tool (see list of recommended tools).
- Start implementing DMARC in p=none policies where you only receive reports.
- The reports should be examined with a professional eye and the beekeeping infrastructures that require, according to the reports, a correction or change in the authentication settings should be handled.
- About a month later, during which only monitors and installations are done, and only after it seems that all the infrastructures have been taken care of, can you move to p=quarantine. This situation continues for about another month during which reports are monitored and deficiencies are corrected. Since the tightening of the policy may affect the way in which emails are received by customers, it is useful to get feedback from customers and a service center if you have one, whether the changes affect the receipt of emails by customers.
- Then switch to partial p=reject mode by setting PCT=10 and set 10% reject. They run like this for about a month and continue to monitor reports and correct deficiencies.
- The next step in the reject policy will be to gradually move towards pct=100.
- DMARC continues to be monitored even in its latest state. Things may change.
In terms of time period, proper DMARC implementation is an evolution of at least 3-4 months.
כלי הטמעה וניטור DMARC נפוצים
שם הכלי | הערות |
easydmarc | value for money |
Uriports | value for money |
dmarcdigests | value for money |
dmarcly | |
dmarcian | |
kdmarc | |
dmarcanalyzer | |
dmarcreport |
Caution Showstopper ahead
Logo verification using VMC costs $1,000-$1,500 each year! This is a cost that most businesses will not be able to afford. What’s more, not everyone can prove ownership of their logo (for example, blogs that don’t have a legal entity behind them) and register a trademark on it.
The amount of domains with BIMI approved by VMC is minimal.
האזנה לפודקאסט
The current situation is absurd: anyone can buy a domain, including a domain with a similar name (synonyms domain / cousin domain) to that of another business, verify it in a mailing system by setting up domain verification records in DNS and mail in the domain name. The whole purpose of DMARC in enforcement mode, p=reject is to reach a situation where the ability to impersonate a domain name is reduced.
In a world where there is so much phishing and impersonation, is this what will help? Implementing DMARC in full enforcement mode is a prerequisite for displaying the BIMI logo and requires organizations to go through a process that helps prevent phishing and impersonation.
I hope that the BIMI group will also offer solutions to smaller columns or bloggers who do not have the ability to prove ownership of their brand logo or do not have the budget for the second payment for VMC.
If I were in their place, I suggest a grace period of several years in which any email marketeer who meets all the conditions, except for VMC, would be given the opportunity to display a logo in all email providers. During this period, it will be possible to examine whether VMC is required at all or if less burdensome mechanisms can be found that will allow displaying a logo.
By the way, not all email providers require VMC. Email provider Yahoo does not require VMC to display BIMI Logo.
Webinar on the subject of receiving a blue V in Gmail that I delivered to Active Trail customers on 6/13/23
האזנה לפודקאסט
Yahoo Mail
The email provider Yahoo implements the acceptance of the BIMI logo and the authentication of the sender by a purple checkmark as long as the mailer meets the conditions for displaying BIMI, even without needing VMC approval. From this point of view, the only difference between Gmail and Yahoo authentication is that Yahoo does not require a VMC certificate at this point.
רוצה להתייעץ איתי לגבי שיפור האימייל מרקטינג או עבירוּת המיילים שלך? אני מזמין אותך לפגישת ייעוץ ראשונית של 1/2 שעה, ללא עלות. book a 1/2 email deliverability discovery call.
Further reading
News on the subject on Google’s blog
bimi group website
More on BIMI, spamresource blog
Benefits of Twitter Blue
Facebook account verification
Twitter account verification and conditions for receiving blue verification
YouTube channel verification
Sella Yoffe
Email Deliverability & Email Marketing Expert
working with global email senders, startups, and ESPs to improve their deliverability and email authentication
Podcast host & Blogger @ CRM.BUZZ & EmailGeeks.Show