Internet Corporation for Assigned Names and Numbers, a nonprofit organization that has the responsibility of managing the domains and Web addresses across the Internet, has created a new domain name—.bank—to help fight off increasing cybercrime. This domain name is only available for verified banks, credit unions and other qualifying financial institutions.
The .bank domain will be managed by a financial industry advocacy group, ensuring that all websites ending with “.bank” are owned by real banks conducting real business with consumers around the world.
According to the domain name group CentralNic, 550 European financial institutions, including Royal Bank of Scotland and Santander have registered to obtain .bank top-level domains (TLDs) since US internet regulators launched it in June 2015.
Ben Crawford, CEO of CentralNic, who issued the data said, "Restructuring the aspects that allow cybercrime in banking is a priority and tackling the domain element will significantly reduce the chances of online intellectual property theft. Now, quite simply, the only way to own a .bank address is to be a bank."
The basic registration cost for the institutions is about $1500. This higher price reflects the fact that .bank domains have additional security features built into the registrations, reflecting the increasing security requirements place on banks in order to facilitate safer online banking.
There have been more than 4,000 registrations in the US, with the first successful applications progressing to operational websites.
The private company fTLD Registry Services, which is owned and run by the banks, was set up in order to manage the registration of .bank TLDs. The institutions involved include the British Bankers Association, the European Banking Federation and the Royal Bank of Scotland Group.
Before the new domain name .bank came into the picture, banks and other financial services companies registered their websites with a .com address just like anyone. Because anyone can register any available .com Web address, banks didn't have control over who owned Web addresses with similar words or phrasing as their brand.
Hackers and online fraudsters can clone bank websites and put them online with a Web address which is the same as the original bank. From there, a fraudster could drive traffic to the fake website via spam emails, fraudulent advertisements, or by making the web address of the fake site similar to the name of the real bank.
Once the customer ends up on the fake site from any of these sources, the risk of fraud is very high. Since the fake website appears identical to the real one, the user may enter their username and password, providing the hacker all the information needed to log onto the real site and empty their account or steal their identity. This new initiative will help in increasing cybersecurity.