Getting started with Mark Certificates

This guide walks you through requesting a Verified Mark Certificate (VMC) or Common Mark Certificate (CMC).

Prerequisites

Mark certificates require the following prerequisites depending on the certificate type:

  • General requirements:

    • The customer must have access to the domain’s DNS or email to complete domain control validation (DCV).

    • The logo file must meet BIMI technical specifications (SVG Tiny 1.2, square aspect ratio, no scripts or external resources, etc).

    • The logo must be submitted in a BIMI-compatible SVG format that meets both technical and visual standards.

    • The organization details provided must match those associated with the trademark or prior use evidence.

    • DMARC enforcement must be active for the sending domain to meet BIMI requirements.

    • All information submitted must be accurate and verifiable.

  • For Verified Mark Certificates (VMCs):

    • The logo must be a Registered Mark with a recognized Trademark Office.

    • There must be a clear link between the organization and the Registered Mark for which the VMC is requested.

    • The logo must exactly match its description in the trademark registration documents.

    • The trademark must be valid and not expire within 397 days of verification.

  • For Common Mark Certificates (CMCs):

    • The website domain must match the domain specified in the certificate application.

    • The logo must be displayed on the website for at least 12 consecutive months prior to application. This requirement applies specifically to the logo and the domain name for which the certificate is requested. It ensures a clear association between the logo and the domain from which emails will be sent.

Step one: Request a mark certificate

Request a mark certificate through the Sectigo Partner Portal or by using the Sectigo API.

Step two: Complete domain control validation (DCV)

Verify control over the domain by responding to a validation email or updating DNS records as instructed.

Step three: Assist in your organization validation

  1. Collaborate with us to confirm your organization’s identity and eligibility.

  2. Submit the required organization information and documentation to meet the validation requirements.

  3. Participate in a remote face-to-face call to complete subscriber identity validation.

    • For VMCs — organization identity validation, trademark verification, and logo checks.

    • For CMCs — organization identity validation and logo checks (no trademark verification required).

Step four: Publish your BIMI record

Add the BIMI record to your domain’s DNS after your certificate has been issued.