So what’s the deal with .BANK instead of .COM?

Over the past year, you may have asked yourself why Kensington Bank’s website now uses the .BANK extension as opposed to the traditional .COM extension. While on the surface this may not seem to carry much impact for you, me, and every one who banks with Kensington Bank, however there is some “method to the madness” so to speak. But first, lets “geek-out” and review what these domains actually mean.

Generic Top-Level Domains

.com, .net, .org and other website suffixes are known as “top-level domains” (TLDs). While we normally see only a few of these, there are hundreds of them – and there may be thousands more soon. Top-level domains are managed by the Internet Assigned Numbers Authority (IANA), which is run by the Internet Corporation for Assigned Names and Numbers (ICANN).

Perhaps the most common top-level domains are .com, .net, and .org. Originally, each had a unique purpose:

  • .com: Commercial (for-profit) websites
  • .net: Network-related domains
  • .org: Non-profit organizations

However, these top-level domains all offer open registration – anyone can register a .com, .net, or .org domain for a website (for a fee). The distinction between the domains has largely been lost, although there are still non-profit organizations that prefer .org.

There are a variety of other domains that were added later to take some off the stress off of the original generic top-level domains (gTLDs), including .biz and .info. However, fewer websites use these top-level domains – there’s more brand recognition associated with a .com domain. Currently, .com is by far the most popular top-level domain – nearly 50 percent of the websites Google visits use the .com top-level domain.

Open vs. Closed TLDs

In contrast to the above top-level domains, which are “open” in that they allow anyone to register a domain without meeting any qualifications, many TLDs are “closed.” For example, if you want to register a .museum, .aero, or .travel domain, you must verify that you’re a legitimate museum, air-travel, or tourism-related entity. (Source)

Enhanced Security

Security is perhaps the most important factor a community bank will consider when deciding whether to adopt a .BANK extension. As online security breaches continue to make headlines, concerns about website security are weighing heavily on banks and their customers. Customers want peace of mind that they can conduct financial transactions safely on a bank’s website, while banks want to prevent financial losses and damage to their reputations as a result of fraud. Because no single magic bullet exists to protect against all threats, website security typically uses a multilayered approach. If one defense fails, other defense mechanisms can still detect and prevent an attack.

The information below will help you understand what .BANK is, why it’s more secure, and what it means for their online interactions with the bank.

The main takeaway: For security purposes our email addresses and website URL now end in ‘.BANK’ instead of ‘.com’; look for the ‘.BANK’ before interacting with any email or website of ours. Kensington Bank makes your security at top priority, which is why we have made the switch to .BANK in 2018. As an early adopter among other financial institutions, we are proud to named a Cyber-security Pioneer from the fTLD.

Cybersecurity Pioneer - .Bank Secure - FTLD

What is .BANK?

.BANK is a gated domain, like .gov or .edu, but for verified banks. Replacing .com, which can be purchased by anyone, .BANK quickly verifies that the website or email is authentically from our bank, so you can interact with confidence when you see the ‘.BANK’ at the end of our email address and website URL.

How is .BANK more secure?

All banks are verified and authenticated by fTLD, the .BANK administrator, prior to registering their .BANK domain, and re-verified annually thereafter. This ensures everyone using a .BANK domain is an eligible organization. Hackers and bad actors can’t get a .BANK domain to create lookalike domains for phishing and spoofing, as they can in ‘.com’ and other publicly available domains.

With the ‘.BANK’ visual authentication cue in place you can quickly confirm emails and websites of ours are real, and avoid interactions that could lead to identity theft and financial fraud. This authentication is also an additional layer of protection for our internal and vendor communications, helping us to further secure against potential breaches.

All banks within the .BANK domain must also implement additional Security Requirements to help secure their sites and email, and protect them, their vendors and their customers from phishing, spoofing and other cyber-attacks. All banks using .BANK are monitored for compliance with these security requirements on an ongoing basis.

Banks must use domain name system security extensions, which verify that Internet users are reaching the web page of the institution and have not been taken to a fraudulent site.

Banks must employ e-mail authentication, a technology process used to protect against phishing and spoofing e-mails. Criminals frequently use forged e-mails to obtain information that can facilitate crimes. E-mail authentication technologies (e.g., DomainKeys Identified Mail, Sender ID, and Sender Policy Framework) verify the identity of the sender of an e-mail and can block e-mails that cannot be authenticated or notify the recipient that the identity of the sender could not be verified.

Additional security requirements include, but are not limited to, using multi-factor authentication for attempted changes to a bank’s registration information, prohibiting registration through a third party (which hides information about the registrant), and implementing the encryption standards of the National Institute of Standards and Technology Special Publication 800-57

Do I need to do anything differently now that you’re in .BANK?

Our email addresses and website URL now end in .BANK. From now on, before interacting with emails from us, and before you enter your username and password on our website, simply look for the ‘.BANK’ to authenticate the email or website is ours.

You’re the first ‘.BANK’ I’ve seen, why haven’t all the other banks moved?

The move to .BANK is a business decision every bank must make, and plan for, based on its own priorities and resources. We decided it was a priority for us to enhance our security and provide our customers with an easy way to authenticate our email communications and website so we’ve made the move to .BANK.