Look at any internet address right now and you’ll find just a handful of categories into which the owner falls: .com for commercial, .edu for education, .gov for government, .org for organization, and .mil for military.
That is set to start to change relatively soon as the governing body of internet domain names—The Internet Corporation for Assigned Names and Numbers, or ICANN—slowly considers hundreds of applications to establish many more such categories, called “generic top level domain names,” or TLDs for short.
One of these proposed TLDs is .bank, for which ABA is part of a group seeking approval and, more important, getting authority to restrict its use to chartered banks and with appropriate levels of authority.
At the end of August, ICANN announced that .bank, along with more than 1,700 other applications, had reached a major milestone by passing the initial phase of consideration. Now it proceeds to further consideration steps, which could take several months.
Doug Johnson, ABA’s vice president of risk management and the organization’s point person on this issue, says he expects the decision could come later this year or the beginning of next year.
Earlier this year, Johnson was part of a panel that discussed the issue during ABA’s summer meeting. Also on the panel were Jeff Plagge, ABA chairman-elect and president, CEO, Northwest Financial Corp., Ramses Martinez, director of threat response for Yahoo!, and Joel de la Garza, director of security for Box.com.
Briefly, they described a number of related issues with the pending TLD expansion and why it’s important for the banking industry to be actively involved:
- Potential customer confusion or abuse—It was pointed out that even if a bank wanted to keep its existing URL, say, for example, www. xyzbank. com, some other entity could come along with www. xyz. bank and, at best, confuse a customer or, at worst, attempt to get sensitive confidential information from the customer.
- Potential attempts to demand exorbitant fees to obtain a given .bank name—“From a banker’s standpoint, think about somebody else getting this and coming to you and saying, ‘By the way, if you want your .bank configuration, send us a check for $20,000’,” said Plagge.
- Potential fake domain names—ICANN is considering domains written in non-English letters, such as Cyrillic. Fraudsters could attempt to use, for example, .ваηκ, or something like it, in order to swindle bank customers.
- Other bank-like domain names—Entities have applied for .money and .loan, for example, which, again, could cause customer confusion.
- Unknown affects on mobile banking—“The one wild card in this will be mobile. As it becomes more prevalent, an app really doesn’t care what domain is behind it. What we all need to be thinking about as business folks is how much is this going to affect my mobile users, if at all?” said Martinez.
Johnson said ABA, the state bankers associations, and a coalition of other financial services organizations are working to sort out such challenges. While ICANN likely will make a final decision around the turn of the year, in 2014, bankers should expect to receive a lot of detailed information about the scope of the issue and what they can and should do to prepare.
One promising thing is there will be time to get ready. “From what we see right now, 2015 is going to be the big year where .bank will actually be operational,” Johnson said.
Added Plagge: “Start paying attention to what this is going to mean in your own organization and what you may do with it.”