Jump to Navigation


.bank and Other Domain Names to Open for Financial Institutions... And Others

October 28, 2014

The governing body that administers the domain name space, the Internet Corporation for Assigned Names and Numbers (ICANN), is in the process of vastly expanding the number of top level domain names (like .com and .net) from less than thirty generic top level domains or “gTLDs” that exist now, to nearly a thousand new domain spaces in the near future.  Included in this expansion are the new gTLDs .bank, .insurance and .money. A more detailed list of these gTLDs that are relevant to the banking industry is set forth further below.

While many of these new extensions operate very much like a .com (in that they remain open and unrestricted), all financial domains are not created equal. Certain financial gTLDs (including .bank and .insurance) will provide a designated space for legitimate banks and financial service institutions to establish themselves as trusted members of the banking community to target content towards clients, companies and consumers in the field of financial and commercial transactions, secured online banking and related services. There will be a limited time that applicants will be able to seek pre-registration within these specialized gTLD extensions (prior to general availability). Brand owners and businesses would be well advised to take stock of the timelines tied to these domains and consider the opportunities that domain registrations in this space may offer (in that proactively seeking registration may greatly assist in securing domains within these specialized spaces).

fTLD Registry Services, LLC’s (fTLD), formed by financial trade groups including the American Bankers Association and the Financial Service Roundtable, was afforded authority by ICANN to operate finance specific domains such as .bank and .insurance for verified members of the global banking and insurance communities and the customers they serve in order to create and manage protected, secured and easily recognizable spaces on the Internet. The domains will be available only to verified members of the insurance and banking communities and will be subject to an extensive vetting process and enhanced security measures and regulations (including, by way of example, charter and or license verification through local and/or national regulators). Additional details regarding the fTLD security controls follow below.

While there are numerous existing domain extensions in the finance sector that are currently available for general registration, there are several others that are approaching a “Pre-Registration” phase where it will be possible to submit an application to express interest in a domain ahead of the defined dates for other registration phases in advance of general availability (where domains are available to the public on a first come, first served basis). While pre-registering does not guarantee acceptance/approval of your application, it does place your application in front of the line.

The “Sunrise” period affords owners of a registered trademark the opportunity to register or block domain names for general distribution (for example the .loan and .market domains are currently in their Sunrise phases). The “Landrush” period is a stage where domain registrations are generally not permitted on a first-come, first-serve basis but, alternatively, for premium rates or via auctions (when two or more parties express interest in an identical name). Once the Landrush period expires, general availability opens to the public at normal retail prices on a first-come, first-served basis.  Prices for financial unrestricted domains for General Availability start at approx. $50 (though prices for .bank and .insurance will likely be higher given the added restrictions and securities afforded to these extensions).

If you would like assistance in securing a domain name with one of the new gTLD extensions within the financial sector, please let us know and we would be happy to discuss potential strategy and tactical registrations tailored to your business needs. 

Domains that are Fully Available:

  • .capital
  • .cash
  • .cheap
  • .credit
  • .creditcard
  • .discount  
  • .finance
  • .financial
  • .fund
  • .holdings
  • .insure
  • .investments
  • .loans
  • .tax
  • .ventures
  • .versicherung

Domains that are in their Sunrise Periods
(for Trademark holders)

  • .loan (18 Nov 2014 - 16 Jan 2015) 
  • .market (26 Aug 2014 - 25 Oct 2014) 

Domains Available for Pre-Registration
Q4 2014 (projected)

  • .banque
  • .creditunion
  • .lifeinsurance
  • .lotto

2015 (projected)

  • .buy Q1 2015 
  • .free Q1 2015 
  • .gold Q1 2015 
  • .money Q1 2015 
  • .pay Q1 2015 
  • .bank Q2 2015
  • .insurance Q4 2015

Enhanced Security Controls include the following (according to ftld.com):

  • Mandatory Verification of Charter/Licensure for Regulated Entities ensures that only legitimate members of the banking and insurance communities are awarded domain names.
  • Domain Name System Security Extensions (DNSSEC) ensures that Internet users are landing on participants’ actual websites and not being misdirected to malicious ones. fTLD will require that all domain levels, from fTLD as the top-level registry operator to your entity as the registrant, utilize DNSSEC. Conventional domains such as .com only require DNSSEC at the top-level registry.
  • Email Authentication to alleviate spoofing, phishing and other malicious activities propagated through emails to unsuspecting users.
  • Multi-Factor Authentication to ensure that any change to registration data is made only by authorized users of the registered entity.
  • NIST Level 3 Encryption (or greater) to protect exchanges of information among registry, registrar and registrant.
  • Abuse Monitoring, which provides for quicker detection, investigation and remediation of inappropriate registrant activity (i.e., any violation of fTLD’s Acceptable Use/Anti-Abuse Policy) thus reducing exposure to negative consumer impact and reputational risk.
  • Escalated Compliance and Enforcement, which ensures strict registration requirements are adhered to.
  • Prohibition of Proxy/Privacy/Anonymous Registration Services to ensure full disclosure of domain registration information so bad actors cannot hide.