[ethbr1]

Email logo validation and prominent display seems like a perfectly valid use case.

See arguments about red-warning unencrypted HTTP and how that pushed the web to update.

Add in that genAI is going to make plausible-looking phishing emails a lot easier for the world to generate en mass, and giving the everyperson something better than "decide if it looks suspicious" is important.

[teddyh]

Logos are bound to trademarks, which are split by country and type of business. Anybody could get a BIMI of a duplicate of your logo if they just register a different trademark in some different business (and/or country). Therefore, BIMI does not guarantee what they say they do – logo trustworthiness – and is therefore a scam. If your trademark is not valid and known globally, BIMI does nothing for you. This explains why only huge entities – i.e. with such trademarks – have ever expressed any interest.

A dead giveaway would otherwise have been that the BIMI issuers are all the now-panicking EV certificate issuers, which nobody will now buy.

[account42]

Warnings on unencrypted HTTP were only feasible after free certificates were widely available. BIMI doesn't have that so yes it's a racket.