They might require Google Verified companies to have passed a certain level of security audit, or have baseline security measures, to receive a checkmark.
Or route their emails through Google's servers or store a copy of their DNS/SPF records on Google infrastructure.
i should have said "How is Google checkmarks different than how Twitter checkmarks used to work?"
sorry. I'm in IT so I know what that stuff is. We get DMARC fails alllllll the time at my job.
It looks like it's something you have to register for, unlike the old Twitter checkmarks. As I look into it, the level of detail is quickly overwhelming my level of interest, but my impression from a skim of this Google blog post about Gmail's implementation of the 'BIMI' standard which is being expanded to now show checkmarks is that Google's BIMI implementation lets businesses register with them so that their DMARC authentication is integrated into Gmail's UI
They might require Google Verified companies to have passed a certain level of security audit, or have baseline security measures, to receive a checkmark.
Or route their emails through Google's servers or store a copy of their DNS/SPF records on Google infrastructure.