Dot-Bank Gets Mixed Reviews

A new company is preparing the path for website addresses ending in .bank for the banking industry - but not without objections from some banks.

Craig Schwartz is leading the joint effort of the American Bankers Association and BITS, a division of the Financial Services Roundtable, to create a company that will apply for top-level domain names on the level of .com or .net or .gov. The company is expected to be formed and named by yearend, and to file applications in March with the Internet Corporation for Assigned Names and Numbers, said Schwartz, who previously worked for ICANN.

The company's organizers plan to file for at least one dot domain and as many as three. Those might include .bank, .insure and .invest, or some variation on those, such as .banking, to reflect the interests of the members of BITS and the ABA.

Banks and other financial institutions would be able to apply for their website addresses, such as www.abcbank.bank, through the new company. Eligibility requirements are still being worked out, but the criteria would be strict: Only chartered financial institutions overseen by regulators would make the cut, Schwartz said.

The company plans to add security measures to .bank to make the domain safer and more secure than other top-level domains. Consumer fears over phishing attacks and other web crimes have been a primary factor in why online banking and mobile banking have not grown more over the past few years. Attacks have grown increasingly sophisticated, forcing the banking industry to scramble to find new tech and strategic solutions to keep pace.

The new alternative domain effort is considering several types of authentication measures and certifications, enhanced encryption and other means of blocking phishing, denial of service attacks and website fraud, he said.

The reaction of the banking industry to the ABA-BITS plan ranges from support to disapproval, with the majority approving, Schwartz said.

In the case of those that object, it's mostly a matter of protecting prior investments and concerns over consumer confusion regarding new web addresses.

Banks that object fall mostly into two camps, he said. Some larger banks that have invested considerable sums in branding and marketing based on their current addresses don't want to spend a significant amount by starting over with a new address. And some banks that plan to file their own top-level domain application to have dibs on any address ending with ".abcbank" for example, don't want .bank addresses adding to the confusion.

Schwartz counters that the change for consumers could be minimal, and the adding of new addressees could make security strategy more layered. Adding a .bank Web address doesn't mean that a bank has to throw out its .com address, Schwartz said. A bank may use its .bank domain name for secure banking transactions, and its .com address for less security-critical functions.

As for a bank buying its own domain, Schwartz said, most don't understand the cost involved.

"This whole process is not for the meek," he said. "The application process is very time-consuming; the application process is very expensive."

Schwartz estimates the cost for each application by the new company for a top-level dot domain will exceed $200,000, factoring in the $185,000 application fee, possible additional fees for the application if meets objections, consulting costs and legal costs.

"And that's just to get through the application process," he said.

ICANN requires the owner of each dot domain to pay a $25,000 annual maintenance fee. The domain owner also has to pay for a technical service provider - VeriSign, in this case - to maintains the domain, typically at a price tag of $2 per name.

The specific price for a .bank address has not been determined, but it will be more than a domain without special security measures, such as .travel, which goes for about $400, Schwartz said.

A number of banks are watching the developments with interest, and are looking to see how popular the new addresses are before making an investment in expanding their web addresses.

Angelo Valletta, chief information officer at Sun National Bank in Vineland, N.J., said his bank will likely take a wait-and-see approach on deciding whether to switch to a .bank Web address.

The $3.3 billion-asset bank would likely register a .bank website name as a placeholder, even if it is not used immediately.

"I'd like to see what the market does first," Valletta said. "Ultimately, at the end of the day, it's about what our customers want."

At the very least, a bank adopting a .bank web address would make it harder for an unauthorized person create a fake website than with .com, where a fraudster makes an address that leaves out one letter or substitutes a "1" for an "l", for example, said Avivah Litan, a Gartner analyst.

"In general, I think the banks are more secure with their own domain, instead of a dot com, in that it can be more closely monitored," Litan said. "Right now, anyone can get a dot com, and they can use that to forge the true thing."

Jeff Ernst, a principal marketing analyst for Forrester Research, said he has spoken with several banks that are considering applying for their own top-level domain.

"I would expect big banks are still going to go after their own top-level registry, while the smaller ones will go after .bank," he said.

Banks who buy their own top-level domains should consider creating customer- or employee-specific Web pages, such as www.johnsmith.abcbank, to build loyalty and to convey information securely, Ernst said. Owning a top-level domain would also give a bank access to useful analytics about traffic within that domain - all attempts to access .abcbank websites, for example.

If a bank is interested only in brand building with .abcbank websites, that probably isn't such a good idea, Ernst said.

"All that's doing is moving the brand from the left of the dot to the right of the dot," Ernst said.

For reprint and licensing requests for this article, click here.
Bank technology
MORE FROM AMERICAN BANKER