.Bank Represents “A New Online Chapter For Global Banking Community”

Craig Schwartz, Managing Director fTLD Registry Services
Craig Schwartz, Managing Director fTLD Registry Services

In 2008, ICANN approved a program to offer on the Internet thousands of new generic Top-Level Domains in addition to existing ones such as .COM and .ORG.

Recognizing what this could mean to financial institutions, their customers and Internet users, a coalition of banks, insurance companies and financial services trade associations formed a partnership to establish fTLD Registry Services in order to apply for and operate the .BANK and .INSURANCE gTLDs on behalf of the global banking and insurance communities.

fTLD – a top level domains registry – was granted the right to operate .BANK on September 25, 2014, and .INSURANCE on February 19, 2015. .BANK was not available to would-be registrars until June 25, 2015. Since its release, the domain has been in demand.

“The launch of the .BANK domain is the start of a new online chapter for the global banking community,” Craig Schwartz, Managing Director at fTLD Registry Services, told Hacked.

As a trusted, verified and more secure location on the Internet for the banking industry and its customers, .BANK provides a more secure way for banks to do business and a powerful tool to take immediate ownership of their brands online.

The theory goes that since only verified members of the global banking community are eligible to register domains, a .BANK domain signifies that an organization has been verified as legitimate and committed to implementing security requirements that surpass existing standards. .BANK requires registrants to comply with requirements not currently mandated by the operators of other commercially available gTLDs, including:

  • Mandatory Verification Re-Verification of Charter/Licensure for Regulated Entities to ensure that only legitimate members of the global banking community are awarded domain names.
  • Domain Name System Security Extensions (DNSSEC) to ensure that Internet users are landing on participants’ actual websites and not being misdirected to malicious ones.
  • Email Authentication to mitigate spoofing, phishing and other malicious activities propagated through emails to unsuspecting users.
  • Multi-Factor Authentication to ensure that any change to registration data is made only by authorized users of the registered entity.
  • Strong Encryption to ensure security of communication over the Internet.
  • Prohibition of Proxy/Privacy Registration Services to ensure full disclosure of domain registration information so bad actors cannot hide.
  • Domains must be hosted on .BANK Name Name Servers to ensure compliance with all technical security requirements.

Not only can individuals register .Bank domain these days, but also thousands of other new domain extensions.

“There has been a lot of reference to how the new domain extensions are ‘the biggest land rush in Internet history,’ Schwartz said. “In some ways, it’s certainly a land rush, since the domains are like plots of land all mapped out and companies need to register and lay claim to the domains they want.” Schwartz points out this is all in the early stages.

“We’re still in the beginning stages of this transformed Internet, but part of our thinking process for .BANK was to consider the issues banks and their customers currently face online as well as to anticipate the new challenges and dangers that would come from the creation of so many new domains,” he said.

It’s that thinking and care for the community that led in part to the thirty security requirements we have in place for .BANK.

The banking industry is changing, with Internet-only operations in some cases out competing brick-and-mortar locations. Many banks are closing their brick-and-mortar locations. This could bolster the need for .BANK in Schwartz’s eyes.

“Many banks are closing their physical locations and transitioning many of their services online,” Schwartz said. “Another way to look at it is that flow of money has changed from paper bills and coins to digital. The need .BANK meets is that to have a place and a way to conduct business more securely online.” When I ask if .BANK has any plans for Bitcoin businesses, Schwartz informs me they do not at this time. He also said that, at the time of this publication, nobody had filed for the Bitcoin.Bank domain. 

“We provide a trusted and identifiable piece of Internet real estate that comes with extensive security requirements that will help safeguard financial transactions and services,” he added. There are many ways a financial institution can use the .BANK domain.

“.BANK is an exceptionally flexible tool in a bank’s toolkit. How to take advantage of the benefits .BANK provides is up to the individual banks who register the domains,” Schwartz told Hacked.

While some organizations will transition some or all of their consumer-facing online presence to .BANK to maximize the value of participation, others may use the new address as a channel to communicate with customers, banks and regulators.

At the time of this writing, fTLD Registry Services had received over 5,700 .BANK applications from members of the global banking community, representing approximately 2,300 individual banks as some banks have applied for more than one domain name. More than 3,700 verifications have been completed and .BANK names are now reserved for the banks that submitted the applications until the verification process is complete.

“The strong demand for owning a .BANK domain shows that banks recognize that the security offered by .BANK will be a critical tool for protecting their customers’ proprietary information,” Schwartz said. “The use of .BANK will signal that the bank has made a visible commitment to online security.”

Featured image from Shutterstock.

Justin O'Connell is the founder of financial technology focused CryptographicAsset.com. Justin organized the launch of the largest Bitcoin ATM hardware and software provider in the world at the historical Hotel del Coronado in southern California. His works appear in the U.S.'s third largest weekly, the San Diego Reader, VICE and elsewhere.