How Gmail Improved Security & Email Analytics by Caching Images

Google officially announced that images in Gmail would be enabled for all webmail users on December 12th (with iOS and Android Gmail apps following suit sometime in January), regardless of whether or not the recipient clicked “display images below.” This change should prove to be a boon for email marketers, but not without some tradeoffs. […]

Chat with MarTechBot

Google officially announced that images in Gmail would be enabled for all webmail users on December 12th (with iOS and Android Gmail apps following suit sometime in January), regardless of whether or not the recipient clicked “display images below.” This change should prove to be a boon for email marketers, but not without some tradeoffs.

“Images Off” A Matter Of Security

HTML emails — specifically, scripts, images and links — have been disabled in email clients for so long that it can be hard to remember why this is the norm. In the early days of HTML emails, many hackers took advantage of vulnerabilities in email clients’ rendering engines to execute code, in addition to having victims click on a link or open an infected attachment. Viruses also leveraged curiosity and naivety of users with the most popular social app at the time (email) by spoofing the From: address to appear it was coming from someone in their address book or a well-known brand institution. While we don’t read headlines about viruses like Klez or Melissa crippling businesses and the Internet anymore, these threats are still real today and do happen. We can thank security precautions like disabling HTML for making this somewhat of a non-issue today.

Is Gmail Making The Internet Less Safe?

It may seem, then, that Google is actually taking a step backward. If images and links in email wreaked havoc before, won’t it happen again? This is where image caching comes into play. By caching each unique image link in the emails, checking for viruses, and then serving that one image to all users who received the email, Google’s Gmail eliminates the risk of users unwittingly downloading and spreading malware.

Gmail is also going an extra step in the security and privacy of their users. Gmail is no longer sending the IP address or information about the device that opened the email. This change will affect email marketers tracking geolocation of open data, as well as knowing whether or not their Gmail users are reading their emails in webmail or mobile.

What’s The Impact Of Google Caching Gmail Images?

The loss of data caused by Google’s caching of images only affects emails being opened in Gmail’s webmail user interface, as well as their iOS and Android apps.

Here’s a summary of which email clients are affected:

Email Domain Email Client Affected Gmail (webmail, iOS app, Android app) Yes Not Gmail No
Not Gmail (webmail, iOS app, Android app) Yes
Not Business Google Apps Gmail No

That means if someone is using the native Mail app in iOS to read emails, marketers can still receive things like total opens, the IP address that opened the email, and device information. Businesses using Google’s hosted email solution, which uses the same Gmail technology, appear not to be affected by this change, either. Email accounts like or Yahoo! Mail that are forwarded to a Gmail account will be affected by this change.

The biggest impact of the change is in user agent tracking, such as whether or not the email was opened in webmail or on mobile. However, at this time, this impact appears to be more positive than negative. Email marketers will finally receive accurate unique open counts for their Gmail users. Since one could read an email without enabling images, open rates have always been a faulty measurement and nearly always undercounted. Now that email marketers can see who is actually engaged with and reading their emails, they can make better decisions when it comes to removing inactive subscribers. This is important because Gmail will filter email from a sender simply for sending to too many inactive users.

The negative impacts of this change are minor. IP geolocation will no longer be available, but few marketers outside of some niche email services companies are using geolocation in their emails. Additionally, all emails opened in Gmail webmail, or mobile apps will appear to be opened in Firefox in Mountain View, CA. The Firefox user agent data is fake information and is meant to give Gmail users more privacy. All IP geolocation information will now show Mountain View, CA since this is where Google’s image servers are located. Return Path data shows that less than 1% of Gmail users were opening emails in Gmail mobile apps before this change. Marketers can trust that user agent data being sent over is primarily webmail opens. In fact, our own data shows little impact. Emails opened on mobile devices surpassed the 50% mark for all industries for the first time in December 2013, with mobile opens surging to 60% of all email open share on Christmas day. Open counts also saw Gmail webmail opens going from 2% of all opens to nearly 1 in 5 of all opens, which is a more accurate reflection of real world market share.

What Else Changes?

These changes mean we will need to change our terminology in 2014 when it comes to discusses open rates and device usage.

Unique Open Rates: Since Gmail caches the first image, unique user tracking in emails will only show the first open in email clients affected by this change (see above table), meaning email marketers can only track unique opens at Gmail. In the age of user based engagement spam filtering, the unique open rate is a better metric to track.

Desktop, Smartphone, Tablet: Device tracking categories are currently based on Desktop (specifically email clients like Outlook or Thunderbird), webmail (viewed in a browser), or Mobile (including smartphones and tablets). As an industry, we should move to changing “desktop” to include both email clients and webmail since Gmail is returning the same user agent information for all opens. Smartphones and Tablets should also be separated now that smartphones are the dominant device to read emails on, and because both offer different user experiences.

Do the changes at Gmail affect you in a negative, positive or neutral way? Share your experiences below.

Opinions expressed in this article are those of the guest author and not necessarily MarTech. Staff authors are listed here.

About the author

Tom Sather
Tom Sather is Return Path’s senior director of email research. Tom uses his knowledge of ISPs, spam filters and deliverability rules to advise marketers on how to get their email delivered to the inbox. He began his Return Path career as an email deliverability consultant working with top-brand clients like eBay, MySpace, IBM and Twitter.

Fuel for your marketing strategy.