Dot Bank Launches to Clamp Down on Banking Fraud

The fTLD Registry has officially launched the new generic Top Level Domain (gTLD) .bank into general availability, promising it will provide a more trusted and secure location for banking services online.

The gTLD is set to become the new home for most of the world’s major banks, managed by a registry owned, operated and governed by banks, insurance companies and their trade associations.

The idea is that consumers will be able to more easily trust communicating online with a .bank entity thanks to the strict registration requirements.

Not only will the suffix signify that it’s a legitimate bank, but all registrants also have to meet enhanced security requirements not seen in other gTLDs. These include verification by Symantec and ongoing monitoring for domain name abuses including phishing, malware distribution and spam from Architelos.

Robert Holmes, general manager of email fraud at anti-fraud business Return Path heralded the launch of .bank as a “significant step for the industry.”

“No other industry has suffered more at the hands of cyber-criminals than the banking sector. In the last year alone, it’s dominated headlines with everything from millions of pounds lost to countless customer data breaches, and as a result trust has fallen to an unprecedented low,” he explained.

“For consumers, it means they won’t have to second guess an email with a .bank address and can enter their details with ease to a .bank website. For banks, email communication has been a challenging way to engage with their customers, but the mandatory implementation of DMARC (Domain-Based Message Authentication, Reporting and Conformance) for the new domains will ensure that spoofed attacks are blocked before getting to the inbox at some of the largest consumer mailbox providers in the world, including Gmail, Yahoo and”

Others were slightly more skeptical of the new domain.

Paul Vlissidis, director of .trust at NCC Group argued that consumers need to be absolutely certain that their personal and financial details are safe for the move to work.

“Open generics aren’t good for businesses or customers alike unless security has been given the utmost priority,” he added.

“The technical policy that we created for the .trust domain is a benchmark that they should be looking at. Network, web application, email, malware and DNS risks all need to be covered.”

What’s Hot on Infosecurity Magazine?