Authentication icon for verified senders

Spammers can spoof a message to make it look like it's sent by a real website or company that you might trust. To help protect you from such messages, Google tries to verify the real sender using email authentication. As an additional security measure, you can enable the Gmail “Authentication icon for verified senders” lab.

If you enable this lab, you will see a key icon next to authenticated messages from trusted senders, such as Google Wallet, eBay, and PayPal, who match the following criteria:

  • Send a high volume of messages over time that most Gmail users think are not spam.
  • Publish a DMARC reject policy, which means that the domain only sends authenticated mail and any unauthenticated mail sent by the domain should be rejected.

Enable the lab

  1. Open Gmail.
  2. Click the gear in the top right and select Settings.
  3. Click the Labs tab.
  4. Find the "Authentication icon for verified senders" lab and select the Enable radio button.
  5. Click Save Changes at the bottom of the page.

What should I do if I see this icon?

You can trust that the message was in fact sent by the trusted domain.

What should I do if I receive a message from a trusted sender and it doesn’t have the icon?

You should treat such messages suspiciously. These messages may be scams aimed at collecting your personal information, which is known as phishing. Never reply to suspicious messages with your personal or financial information or fill out forms or sign-in screens that might be linked to from these messages.

This icon may not show if you are forwarding your mail, so we recommend following these best practices for email forwarding.

How do I know if a message I received should have the icon?

You can check if the domain has a DMARC reject record published using this DMARC Inspector tool. The domain should have “p=reject” in the record to be eligible for this feature. Currently, only a few domains are supported by this program.