Is Gmail’s Anti-Fraud Checkmark Trustworthy? Let’s Analyze It

Google has released a blue checkmark of authenticity that will be next to the name of the Gmail sender. The idea is to indicate that the email address with this seal is reliable, since it has passed through this verification criteria.

The update, which started on May 3rd, will be automatic for accounts that already have a logo registration and the platform’s security protocols set up.

According to the company, the new feature will positively impact both Gmail account administrators and end users. The measure is another step towards making sending and receiving emails more secure within the platform.

The “verification checkmark” is used on several social networks, such as Twitter. There, the blue seal (or gold, for companies) was free and an indication that the account was of public interest and belonged to that person or entity.

However, the end of the era of trusted “verified profiles” arrived on April 1, 2023, when Elon Musk (CEO of Twitter) thought it would be a good idea to change the rules to acquire the checkmark. Now, any user can have the blue checkmark: just pay for Twitter Blue.

A paid verification takes away the credibility of the seal within the social network, since it is enough to pay an amount to be “notable”, but not necessarily reliable.

So, will that blue badge on Gmail accounts bring the credibility that Google expects?

Why did Gmail decide to have a verification badge?

Since 2021, Gmail has used a verification system called BIMI (Brand Indicators for Message Identification).

BIMI works as an email standard in which it is possible to add a brand logo to submissions from that domain. Thus, whoever receives the message knows that the sender is genuine.

According to Google, the main advantages of using BIMI are:

• authentication of sent messages, which prevents hackers from taking action on the domain;
• brand recognition, with the company’s logo present in each message;
• credibility, because recipients are sure that the email is legitimate.

Therefore, the new blue verification badge adds another layer of protection to the Gmail user, now with a visual proof that the sender is trustworthy.

How to get the Gmail Verification Badge?

To have the blue checkmark, the user administrator must have an account configured according to BIMI, adding the brand logo to authenticated emails.

Sounds simple, but this process involves setting up email protocol records for the domain and other security steps. This gives the account the VMC (Verified Mark Certificate).

Is Gmail’s Verification Checkmark Really Trustworthy?

So far you have understood that it is not just any Gmail account that can have the blue checkmark. Security authentication, trademark registration, and admin access to the account are required.

The question is whether the checkmark will really bring confidence to users, since other giants besides Twitter have adopted the “paid verified” model: Meta, for example, also fixed a payment to acquire the blue seal.

The verified profile was created by Twitter in 2009 with the aim of providing an easy and quick way to identify whether a profile is genuine or not. It’s a way to prevent imposter accounts from impersonating other people on the social network. Later, other networks adopted verification, such as Instagram, Pinterest and Youtube.

Although each social network or platform has its own criteria for account verification, the blue checkmark is in the imagination of internet users a synonym for credibility. That trust is in check with increasingly frequent paid verification.

Despite being reliable, considering the entire verification process I described here, it is curious that Google opted for this type of veracity attestation in Gmail after the controversial decision of the blue bird network. In the end, on Twitter, that blue checkmark no longer means legitimacy. In addition to not attesting that the account is who it claims to be, it still does not mean that the person or organization is reliable in the information it discloses.

Time will tell how well this strategy will work for Google.

For the end user, the usual recommendation remains: pay attention to the security and privacy policies of the social networks you use and follow best practices to identify if a piece of information is false, which is also part of the internet security package.

Do you want to continue to be updated with Marketing best practices? I strongly suggest that you subscribe to The Beat, Rock Content’s interactive newsletter. There, you’ll find all the trends that matter in the Digital Marketing landscape. See you there!