Latest news of the domain name industry

Recent Posts

BITS may apply for six financial gTLDs

Kevin Murphy, October 5, 2011, Domain Registries

BITS, the technology policy wing of the Financial Services Roundtable, may apply to ICANN for as many as six financially-focused new top-level domains.

The organization is pondering bids for .bank, .banking, .insure, .insurance, .invest and .investment, according to Craig Schwartz, who’s heading the project as general manager for registry programs.

(UPDATE: To clarify, these are the six strings BITS is considering. It does not expect to apply for all six. Three is a more likely number.)

Schwartz, until recently ICANN’s chief gTLD registry liaison, told DI that the application(s) will be filed by a yet-to-be-formed LLC, which will have the FSR and the American Bankers Association as its founding members.

It will be a community-designated bid, which means the company may be able to avoid an ICANN auction in the event that its chosen gTLD strings are contested by other applicants.

“We’ve looked at the scoring, and while it may not come into play at all we do believe we can meet the requisite score [for a successful Community Priority Evaluation],” Schwartz said. “But we’re certainly mindful of what’s happening in the space, there’s always the possibility of contention.”

There’s no relationship between BITS and CORE, the Council of European Registrars, which is apparently looking into applying for its own set of financially-oriented gTLDs, Schwartz said.

It’s not a big-money commercial play, but the new venture would be structured as a for-profit entity, he said.

“It’s relatively analogous to what’s happened in the .coop space, where after 10 years they have only about 7,000 registrations,” Schwartz said.

It sounds like pricing might be in the $100+ range. Smaller financial institutions lacking the resources to apply for their own .brand gTLDs would be a likely target customer base.

Interestingly, .bank may begin life as a business-to-business play, used primarily for secure inter-bank transactions, before it becomes a consumer-facing proposition, Schwartz said.

He added that it would likely partner with a small number of ICANN-accredited registrars – those that are able to meet its security requirements – to get the domains into the hands of banks.

VeriSign has already signed up to provide the secure back-end registry services for the bid.

Senior ICANN staffer hired by .bank project

Craig Schwartz, ICANN’s chief gTLD registry liaison, has been headhunted by BITS, the tech arm of the Financial Services Roundtable, to head up its .bank top-level domain application.

Schwartz will become BITS’ general manager of registry programs in early July, following the conclusion of the next ICANN meeting in Singapore.

BITS has yet to reveal the TLDs it plans to apply for, but .bank is the no-brainer. I understand it is also considering complementary strings, such as .finance and .insurance

The organization has already said that it plans to use VeriSign as its back-end registry services provider.

Schwartz is a five-year ICANN veteran, and his experience dealing with registries will no doubt be missed, particularly at a time when the number of gTLDs is set to expand dramatically.

His replacement will have plenty of time to settle into the role, however. The first new gTLDs approved under the program are not likely to go live until late 2012 at the earliest.

VeriSign now front-runner for .bank

VeriSign has signed a deal with two major banking industry organizations to become their exclusive provider of registry services for any new top-level domains designed for financial services companies.

The deal is with the American Bankers Association and BITS, the technology policy arm of the Financial Services Roundtable. Together, they represent the majority of US banks.

While the announcement conspicuously avoids mentioning any specific TLD strings, .bank is the no-brainer. I suspect other announced .bank initiatives will now be reevaluating their plans.

The way ICANN’s new gTLD Applicant Guidebook is constructed, any TLD application claiming to represent the interests of a specific community requires support from that community.

There are also community challenge procedures that would almost certainly kill off any .bank application that did not have the backing of major banking institutions.

BITS has already warned ICANN that it would not tolerate a .bank falling into the wrong hands, a position also held by ICANN’s Governmental Advisory Committee.

In an era of widespread phishing and online fraud, the financial services industry is understandably eager that domains purporting to represent banks are seen to be trustworthy.

Because we all trust bankers, right?

VeriSign is of course the perfect pick for a registry services provider. As well as running the high-volume .com and .net domains, it also carries the prestige .gov and .edu accounts.

“We’re honored to have been chosen by BITS and ABA as their registry operator for any new gTLDs deployed to serve the financial services industry and their customers,” said Pat Kane, VeriSign’s senior VP of Naming Services, in a statement.

Apart from the multilingual versions of .com and .net, I think this may be the first new TLD application VeriSign has publicly associated itself with.

Banks to write security rules for “.bank”

Kevin Murphy, January 17, 2011, Domain Registries

Financial services firms unhappy with ICANN’s new top-level domains program are to take matters into their own hands by writing security guidelines for TLDs like “.bank”.

BITS, the technology policy arm of the Financial Services Roundtable, said it plans to develop “elevated security standards for financial gTLDs” and wants ICANN to make them mandatory.

The organization, which counts many major world banks as members, is concerned that a “.bank” in the hands of a registry with lax security could increase fraud and reduce confidence in banking online.

BITS said its guidelines would be drafted by a globally diverse working group and submitted to an international standards-setting organization for ratification.

It wants ICANN to include a single sentence in its new TLDs Applicant Guidebook, apparently incorporating the guidelines by reference:

Evaluators will use standards published by the financial services industry to determine if the applicant’s proposed security approach is commensurate with the level of trust necessary for financial services gTLDs.

An ICANN working group is working on the concept of a High Security Zone TLD for precisely this kind of application, but in September the ICANN board abruptly decided that it “will not be certifying or enforcing” the idea, apparently in order to mitigate its own corporate risk.

The BITS project appears to be in direct response to that move.

It certainly seems to be a more productive avenue of engagement than hinting at a lawsuit, which it did in a November letter to ICANN.

I’m attempting to confirm whether the BITS plan, submitted as a response to the Applicant Guidebook public comment period, is being proposed with ICANN’s backing. (UPDATE: it isn’t.)

ICANN told to ban .bank or get sued

Kevin Murphy, November 21, 2010, Domain Registries

A major financial services lobby group has threatened to sue ICANN unless it puts strict limitations on “.bank” top-level domains.

BITS, the technology policy arm of the Financial Services Roundtable, said financial domains should be banned from the first round of new TLDs, until rules governing security are developed.

In a November 4 letter to ICANN chief executive Rod Beckstrom, BITS said:

If these critical issues are not fully resolved and ICANN chooses not to defer financial TLD delegation, BITS, its members and its partners are prepared to employ all available legislative, regulatory, administrative and judicial mechanisms.

BITS counts all the major US banks among its membership, as well as many large insurance companies and share-trading services.

The organization is concerned that TLDs such as .bank could lead to consumer confusion and an increase in fraud online if delegated into the wrong hands.

While BITS said that it “prefer[s] a prudent solution”, it has threatened to file “legal complaints in one or more jurisdictions” and to lobby the US Congress for legislation.

It noted that ICANN’s IANA contract, which gives it the power to create new TLDs, expires next August, and said that it may lobby Congress for legislation mandating better security as a condition of the renewal.

BITS and other financial groups have already written to members of Congress, in September, expressing disappointment with the absence of a high-security TLD policy from ICANN and adding:

In recognition of the need for higher levels of security and stability in financial services gTLDs than in gTLDs generally, we urge you to support inclusion of language in cyber security legislation language that prevents ICANN from adding financial services gTLDs to the root zone unless the IANA contract specifies higher levels of security for such gTLDs.

The Federal Deposit Insurance Corporation, the US government body responsible for insuring banks, has also written to the Department of Commerce, expressing its concerns about the possible introduction of a .bank TLD.

Currently, I’m not aware of any public initiative to apply for .bank, but it’s possible that restrictions on financial services TLDs could capture the recently launched German “.insurance” project.

The BITS correspondence was published (pdf) as an attachment to an ongoing Reconsideration Request lodged by Michael Palage, chair of the High Security Top Level Domain Verification Program Advisory Group.

The HSTLD group has been working on a set of technological policy specifications for registries managing high-security TLDs.

Palage is annoyed that ICANN’s board seems to have distanced itself from the HSTLD concept before the group has even finished its work, by resolving in September that:

ICANN will not endorse or govern the program, and does not wish to be liable for issues arising from the use or non-use of the standard.

The HSTLD group, by contrast, has a “clear majority in support of ICANN retaining a continued oversight role”, according to Palage. He wrote:

The ICANN Board’s unilateral actions also have a chilling effect on future bottom up consensus efforts because participants have no basis to know when the ICANN Board will take such unilateral actions in the future.

He’s not alone in worrying about recent top-level ICANN decisions that appear to put corporate legal liability ahead of the wishes of the community. I reported on the issue last week.