10/25/2016

Member News

fTLD Posts Application for Third-Party Providers to Assist .BANK and .INSURANCE Registrants

To assist .BANK and .INSURANCE registrants with options for third-party providers that can help them comply with any of fTLD Registry Services’ (fTLD) Security Requirements, fTLD invites qualified providers to submit an Application so they may be considered for inclusion on a list of resources to be published on fTLD’s websites.

fTLD’s operations of the .BANK and .INSURANCE Internet web extensions makes them trusted, verified, more secure and easily identifiable places online for the global banking and insurance communities and the customers and stakeholders they serve. What differentiates our extensions from others are the mandatory Security Requirements (the “Requirements”) that registrants (i.e., entities that register domain names) must implement and maintain for their websites, email and other services that use .BANK or .INSURANCE, and that fTLD actively monitors for compliance with these Requirements.

Some of the more technical Requirements may necessitate registrants to implement new technologies and practices, which has resulted in fTLD regularly receiving inquiries from them about third-party providers that can help implement these Requirements and maintain the service levels required in .BANK and .INSURANCE. For organizations that outsource certain functions (e.g., website hosting, online banking/payments, security and fraud services, domain name system services), it may be their third-party provider is responsible for provisioning services and products on their behalf, but ultimate responsibility for compliance with these Requirements lies with the registrant so they want to know where to start their search for a provider for these critical services. Examples of the Requirements are:

• Domain Name System Security Extensions (DNSSEC) to ensure that Internet users are landing on legitimate websites and not being misdirected to malicious ones.
• Email Authentication to ensure brand protection by mitigating spoofing, phishing and other malicious email-borne activities.
• Strong Encryption (i.e., Transport Layer Security) to ensure confidentiality and integrity of communications and transactions over the Internet.
• Authoritative DNS Name Servers hosted in .BANK or .INSURANCE to ensure compliance with technical Requirements.

fTLD’s publication of third-party providers is not an endorsement of any providers or their services and fTLD may add or remove providers at its discretion at any time. fTLD will review each Application to ensure that the information provided is accurate and will provide the service for the Requirement identified, but fTLD makes no additional representations or warranties regarding such providers’ services. The provider list will be presented in alphabetic order.

It is anticipated the initial list will be made available on December 5, 2016, on www.ftld.com as well as www.register.bank and www.register.insurance. To meet this timeline, please submit your Application no later than November 15, 2016.

Applications may be submitted on an ongoing basis by email to fTLD@fTLD.com and third-party providers will be added to the list as they are approved. Questions about the application should be submitted to the same email address.