First published: 31st March 2007
ICANN (Internet Corporation for Assigned Names and Numbers), the organization responsible for the global coordination of the Internet's system of unique identifiers, should introduce a .safe domain name to be used by registered banks and other financial organizations, according to F-Secure.
According to APACS, the UK payments association, 17 million people now bank via the Internet in the UK and that figure is set to rise in the next few years (APACS - The way we pay bills report, February 2007). The trend is similar in other countries. But as the number of Internet bankers rise, so too does the amount of people committing fraud. Compared to the first six months of 2005, online banking fraud rose by 55 per cent in 2006 (APACS - Press Release - Latest figures show UK card fraud losses continue to decline in first six months of 2006, November 2006).
If ICANN introduced a .safe domain (or .sure or .bank), which could only be used by registered financial institutions, it would allow security providers to create better software to protect the public, according to F-Secure. It would be similar to other top level domain names such as .uk and .gov.
"While a .safe domain name won't prevent phishing attacks, it will help banks and security providers to keep their customers safe, said Mikko Hyppönen, Chief Research Officer at F-Secure. "Banks need to take on some of the responsibility for protecting their customers and using a secure domain name such as .safe will give customers the reassurance they need when banking online."
"It's true this will mean banks have to pay a premium to be able to use the domain name, but it will reduce the number of successful phishing sites that have been tricking many customers out of their hard earned cash," Hyppönen continued.
"Right now, customers have no good way of automatically being able to tell whether or not a bank website belongs to the bank. So a small bank or credit union phishing site is something that has to be researched. If .safe or .sure is locked down, then security companies would have a much better set of assumptions to start with when filtering email and web traffic. Security providers would then be able to build a better security product and users would feel safe online," said Hyppönen.
"ICANN has the power to create a safer online banking world, by introducing a top level domain name for banks and other reliable financial institutions. The idea was mooted some time ago, but with levels of online fraud as high as they are, now is the time to take action. .safe would give the millions of online customers the reassurance they need that banking via the Internet is safe," concluded Hyppönen.