Partnership concept demo · An unaffiliated look at how embedded BIMI Sidekick tools could power a Certificate Authority's VMC / CMC experience. Not affiliated with Sectigo.
Sectigo × BIMI Sidekick
View the live demos →
Verified & Common Mark Certificates

A verified logo in the inbox is a Marketing + IT achievement.

A VMC or CMC only issues when Marketing has the registered trademark and brand SVG, and IT has email authentication fully enforced. BIMI Sidekick gives both teams the same source of truth — so a certificate is bought and deployed right the first time. Here are two live, interactive demos of that idea.

Open the buyer's funnel ↗ Open the checkout ↗
Live against the public BIMI Sidekick API · no sign-in · real DNS & SVG checks
Two live demos

See it from both sides of the sale.

One shows the marketing funnel that qualifies a customer before they buy; the other shows the checkout that won't let them buy a certificate they can't deploy.

Demo 1 · the buyer's funnel

Self-qualify before you buy

A Sectigo-styled VMC landing page with the readiness check embedded — plus live tools for each team.

  • Live eligibility verdict (DMARC / DKIM / BIMI / MX) by domain
  • Marketing tool: SVG Tiny P/S logo validator + inbox preview
  • IT tool: email authentication header analyzer
  • The "it's an API, not a redirect" embed story
Open live demo ↗ bimi-sidekick-demo.pages.dev
Demo 2 · the checkout

A purchase, de-risked

A simulated 5-step VMC/CMC checkout where the API verifies readiness before payment and tracks deployment after.

  • Choose certificate + term, with a live price
  • Readiness gate — can't reach payment for a cert you can't deploy
  • SVG logo preflight + simulated billing (no charge)
  • Deploy-ready BIMI record + live propagation across 4 resolvers
Open live demo ↗ bimi-sidekick-buy-demo.pages.dev
Four live tools · two teams

Each one embeddable under your brand.

Every tool in the demos is real and white-labelable — a JSON API call or a self-contained in-browser check. Marketing and IT each get the one they own.

Eligibility check IT MK

Domain in, verdict out — DMARC, DKIM, BIMI & MX checked live across multiple resolvers, plus VMC/CMC purchasability.

GET /api/eligibility

SVG Tiny P/S validator Marketing

Drop a logo, get the exact profile checks a Public CA enforces — and an inbox preview, square and circle-cropped.

In-browser · no upload

Email auth analyzer IT

Paste a message's headers and read its SPF/DKIM/DMARC/BIMI results — the same evaluation a receiving mailbox runs.

In-browser · no upload

DNS propagation matrix IT

After deploy, confirm the BIMI record is visible from Cloudflare, Google, DNS.SB & AliDNS — a record × resolver grid.

GET /api/propagation
Two teams, one trusted inbox

Why a Verified Mark needs both.

🎨
Marketing owns
The brand & the mark

  • A registered trademark for the logo (USPTO, EUIPO, WIPO …).
  • The logo as a square SVG Tiny P/S file that meets the BIMI profile.
  • The business case: recognition, engagement, a verified presence.

🛡️
IT owns
The authentication & trust

  • DMARC at enforcement — the precondition for any logo.
  • Aligned SPF & DKIM so every message authenticates cleanly.
  • The BIMI record + certificate, published and propagated.
Why it matters for a CA

Qualify first, sell more, refund less.

Turning requirements into a 15-second self-check changes the economics of selling mark certificates.

1 call
JSON in, verdict out — drop the check into any page.
Fewer refunds
Orders that would fail validation are caught before checkout.
Your brand
White-labelled; customers never leave your domain.

Explore the partnership.

Two live demos, four embeddable tools, one shared path to the inbox for Marketing and IT.

Buyer's funnel ↗ Checkout ↗