Registrar FAQ
fTLD on Twitter

Top 10 QuestionsExpand Top 10

How do I become an fTLD Registrar?

See the information at BECOME AN fTLD REGISTRAR for details on the process.

Where can I find information on fTLD’s Verification Process and Token Validation System?

All fTLD-Approved Registrars will be issued credentials to fTLD’s Registrar Web Portal, where this information can be accessed.

How does the fTLD verification process work?

Registrants must be verified by fTLD to ensure that registrations are made only to organizations that meet and maintain the eligibility requirements (.BANK eligibility requirements; .INSURANCE eligibility requirements)  per the Registrant Eligibility and Name Selection Policies accessible here before their Registrars are permitted to register domain names for them.  To get verified by fTLD, Registrants for .BANK domain name must complete the Verification Application available here and for .INSURANCE here. fTLD’s Verification Process Overview is accessible here and in the Registrar Web Portal.

What additional information (application fields) is required for .BANK and .INSURANCE Registrant Verification Applications and how is it provided to fTLD?

In addition to the standard Registrant information, the following details are required for fTLD to process the application:

  • Government Regulatory Authority Name and ID Number – This information is required unless it is not applicable to the Registrant type (i.e., Association, Government Regulator, Service Provider).
  • Verification Contact name, email, and phone number – Contact information to verify the employment and authority of the Registrant contact to register the domain name(s) requested.
  • Supporting Information – This information may be requested to support how a domain name complies with fTLD’s Name Selection Policy available here. The information may include websites, documents (e.g., advertising or marketing materials; pictures demonstrating use; a copy of the trademark, trade name or service mark registration) or trademark registration number and jurisdiction information.
What data is used for domain name annual verifications? Does a Registrar need to submit a transaction to trigger an annual verification?

The data used is the current Whois information. No, fTLD will initiate the process with a verification email to the Registrant to review the registration data.

How is the registration token used by the Registrar to submit a domain registration to Verisign?

Once fTLD completes the verification process and approves the application, fTLD will issue the registration token to the Registrant and its Registrar of choice (if selected). The Registrant will then present the registration token to its Registrar of choice. The Registrar validates the token and extracts the Whois data, then submits the registration data via EPP to the Registry System and the domain name(s) is automatically put into a pendingCreate status.

How does the Token Validation System work?

The Token Validation System (the “Token System”) is how Registrars validate .BANK and .INSURANCE domain registration tokens issued by fTLD for verified domain applications. A key goal of the Token System is to ensure that Registrars use the validated token results when processing a domain name registration. The registration token encodes data identifying Registrant information and the associated domain name(s), and this ensures that domain registration information EXACTLY matches what was verified by fTLD. The Token Validation System Guide (available to approved Registrars on the fTLD Registrar Web Portal) covers the two mechanisms for token validation, API and Web-Based (“Manual”), and identifies other information available through the system.

What is the cost for the fTLD verification process to Registrars?

There is no separate cost for the verification process. fTLD’s wholesale domain name fee to Registrars includes the charge for verification services. There are no additional costs for annual verifications that are performed during the term of the registration.

Do any of the fTLD Security Requirements apply to Registrars?

Yes, the fTLD Operations Pledge accessible here outlines the policies and procedures fTLD and our Registrars must follow to ensure the secure, stable and reliable operations of the .BANK and .INSURANCE domains.

What information is available to Registrars and Registrants to assist in the activation of .BANK and .INSURANCE domain names?

fTLD has incorporated the lessons learned and implementation solutions from early adopters into guides, tools and resources that are designed to help Registrants transition to their .BANK or .INSURANCE domain name:

fTLD Registry System

Who operates the fTLD Registry System?

Verisign is the Registry Service Provider and fTLD is the Registry Operator. fTLD performs domain registration verification for .BANK and .INSURANCE.

Is there a web interface available for Registrars to process registrations for fTLD?

No, fTLD registration is not supported by a web interface to EPP.

Are there any special requirements for Registrars to be able to offer fTLD Premium Names?

Yes, Registrars need to select the appropriate option in Exhibit A of Verisign’s Platform Access Order Form for each fTLD TLD supported to be able to sell fTLD premium names. If a Registrar did not initially select this option for the desired fTLD TLD, they should contact Verisign at info@verisign-grs.com to update their Form(s).

When does the five-day (5) Add Grace Period start since domain names are put into a pendingCreate status when initially registered?

The five-day (5) Add Grace Period starts when the domain name has been put in the pendingCreate status.

Can a Registrar delete a domain name after the five-day (5) Add Grace Period?

Yes, a domain name can be deleted after the Add Grace Period. However, the Registrar would not receive a refund of the registration fee.

Is Registry Lock available for domain names?

Yes, Registry Lock service is available. Please contact Verisign at info@verisign-grs.com for more information. Registry Lock is encouraged for .BANK and .INSURANCE domains.

Registering A Domain Name

What is the process to register a domain name in .BANK and .INSURANCE?

All Registrants and domains must be verified by fTLD before their Registrars submit a registration to the Registry System. More information about fTLD’s Verification process is provided below.

Can a Registrar submit a registration before the registration token has been provided?

No, Registrars must not submit any registrations until they have received a verification token for the domain name and successfully processed it in the Token Validation System. See Registration Token & System below for more information. If this process is not followed, fTLD will reject the registration.

Can eligible Registrants register any domain name(s) they want?

Any domain name(s) that corresponds to the Registrant’s legal name or branding (e.g., trademarks, trade names or service marks) can be registered, provided it is not an fTLD or ICANN reserved name. For guidance on selecting domains, please see fTLD’s Name Selection Policies accessible here.

Are there any premium names in .BANK and .INSURANCE?

Yes, all single-character names (e.g., 1.BANK, B.INSURANCE), most two-letter names (e.g., AB.BANK, GE.INSURANCE), and names fTLD has reserved for its potential use, indicated in bold on the list of Generic Names in .BANK and list of Registry Operator Reserved Names in .INSURANCE, are identified as premium and subject to premium pricing. These names are available on first-come, first-served basis subject to fTLD’s Registrant Eligibility and Name Selection Policies.

Can fTLD Registrants sell/transfer their domain names?

Yes, domain names can be sold/transferred. However, the new/gaining Registrant must meet fTLD’s Registrant Eligibility and Name Selection Policies for the domain name and must also successfully be verified by fTLD. If fTLD does not approve of the transfer, Registrars will need to work with fTLD to restore the domain name ownership to the original verified Registrant.

Where can I find the lists of fTLD’s Reserved Names in .BANK and .INSURANCE?

The list for .BANK is accessible here and .INSURANCE here.

fTLD Verification

Who is responsible for verifying requests for domain names?

fTLD is responsible for verifying and approving requests for domain names.

When will the annual verification be done for each domain name?

fTLD verifies registration data on an annual basis based on the last time that a verification was successfully completed. At that time, all domain names held by the Registrant will also be verified.

How does the fTLD verification process work?

Registrants must be verified by fTLD to ensure that registrations are made only to organizations that meet and maintain the eligibility requirements (.BANK eligibility requirements; .INSURANCE eligibility requirements)  per the Registrant Eligibility and Name Selection Policies accessible here before their Registrars are permitted to register domain names for them.  To get verified by fTLD, Registrants for .BANK domain name must complete the Verification Application available here and for .INSURANCE here. fTLD’s Verification Process Overview is accessible here and in the Registrar Web Portal.

What additional information (application fields) is required for .BANK and .INSURANCE Registrant Verification Applications and how is it provided to fTLD?

In addition to the standard Registrant information, the following details are required for fTLD to process the application:

  • Government Regulatory Authority Name and ID Number – This information is required unless it is not applicable to the Registrant type (i.e., Association, Government Regulator, Service Provider).
  • Verification Contact name, email, and phone number – Contact information to verify the employment and authority of the Registrant contact to register the domain name(s) requested.
  • Supporting Information – This information may be requested to support how a domain name complies with fTLD’s Name Selection Policy available here. The information may include websites, documents (e.g., advertising or marketing materials; pictures demonstrating use; a copy of the trademark, trade name or service mark registration) or trademark registration number and jurisdiction information.
Is there a limit to the number of domain names that can be requested in a Verification Application?

No, Registrants may apply for as many domain names as they like in one Verification Application. All approved domain names will be included in the registration token.

If a Registrant applies for domain names at different times, will they need to be verified each time?

If the applications are more than 10 business days apart, fTLD will complete a verification. Otherwise, if a Registrant applies for domain names within 10 business days, fTLD will confirm the Registrant information exactly matches the previously verified information and verify the new domain name(s) comply with the relevant Name Selection Policy to complete the verification.  Upon completion of the verification, fTLD will issue a registration token to the Registrant contact and its Registrar of choice (if selected).

If a Registrar becomes aware the Registrant is no longer at an organization or the organization name has changed, should fTLD be contacted about the change?

The Registrar should work with the Registrant to ensure that the data is updated in the Registrar system and submitted to the Registry System as quickly as possible. A change to the Registrant Organization, Registrant Name, and/or Registrant Email will prompt a new verification.

What data is used for domain name annual verifications? Does a Registrar need to submit a transaction to trigger an annual verification?

The data used is the current Whois information. No, fTLD will initiate the process with a verification email to the Registrant to review the registration data.

What does the Registrar do to support annual verification? Who is responsible for verifying updates to the Registrant data initiated by the annual verification?

Upon receiving the annual verification email from fTLD, if the Registrant reports the registration data needs to be updated, fTLD will in most cases request the updated information from the Registrant and pass it to their Registrar. fTLD will complete the verification using the updated registration information.

How long will fTLD verification take?

The verification process is usually completed within a few business days. If there are items pending from the Registrant contact or the employment/authority verification is taking a while to confirm/respond to fTLD’s request(s), there may be delays in the verification process.

Is fTLD verification the same as Whois (RDDS) verification?

No, the verification process is mandated for all .BANK and .INSURANCE domain registrations.

In contrast, the Whois verification process is required by ICANN to be conducted annually by Registrars to confirm accurate contact information. Registrars are required to contact their Registrants to conduct this verification.

Registrants may risk having their domain name suspended or cancelled for failure to respond to either type of verification request. If you want to confirm whether the request is legitimate, please contact fTLD at verify@fTLD.com

Registration Token & System

What is a registration token?

A registration token is used to provide Registrants and their Registrar of choice (if selected) with the information fTLD has verified. The token will include Registrant contact information and the domain name(s) that have been approved for registration.

How is the registration token used by the Registrar to submit a domain registration to Verisign?

Once fTLD completes the verification process and approves the application, fTLD will issue the registration token to the Registrant and its Registrar of choice (if selected). The Registrant will then present the registration token to its Registrar of choice. The Registrar validates the token and extracts the Whois data, then submits the registration data via EPP to the Registry System and the domain name(s) is automatically put into a pendingCreate status.

How does the Token Validation System work?

The Token Validation System (the “Token System”) is how Registrars validate .BANK and .INSURANCE domain registration tokens issued by fTLD for verified domain applications. A key goal of the Token System is to ensure that Registrars use the validated token results when processing a domain name registration. The registration token encodes data identifying Registrant information and the associated domain name(s), and this ensures that domain registration information EXACTLY matches what was verified by fTLD. The Token Validation System Guide (available to approved Registrars on the fTLD Registrar Web Portal) covers the two mechanisms for token validation, API and Web-Based (“Manual”), and identifies other information available through the system.

Does Verisign have any role in accepting/processing registration tokens?

No, and unlike other TLDs that may have Registrars pass tokens to the registry service provider, this does not happen in .BANK and .INSURANCE. The purpose of the registration token is for Registrars to submit registrations using the exact information fTLD has verified.

Do registration tokens have an expiration date and what happens if they expire?

Registration tokens are valid for 15-calendar days. If the token is not used and expires, the Registrant will need to contact fTLD at verify@fTLD.com and request a new token be generated.

Costs

What is the cost for the fTLD verification process to Registrars?

There is no separate cost for the verification process. fTLD’s wholesale domain name fee to Registrars includes the charge for verification services. There are no additional costs for annual verifications that are performed during the term of the registration.

Where can I find information about fTLD’s Registration Fees?

fTLD’s Pricing Addendum will be provided to Registrars that have completed step one of the onboarding process available here.

Is there a difference in the cost between standard and premium domain names?

Yes, there is a difference in the cost. fTLD’s Registration Fees Schedule is available to Registrars that have completed step one of the fTLD Registrar application process here.

When is a Registrar charged for a domain name by Verisign?

The Registrar is charged for a domain name as soon as it passes all EPP edits and is put in a pendingCreate status. If a domain name is rejected because of EPP errors, then there is no charge to the Registrar. If a domain name is rejected by fTLD while in the pendingCreate status (e.g., because the registration information does not match what was verified) then the registration fee is refunded to the Registrar by Verisign. If fTLD does not process the approval or rejection within the 90-day pendingCreate period, then the domain name will be automatically deleted (auto-delete) on the Verisign system and the registration fee is refunded to the Registrar by Verisign.

Who prepares the statement or invoice for fTLD registrations fees for both standard and premium names?

A monthly statement or invoice is prepared by Verisign for registration fees.

When will a refund be provided for a domain name registration?

Refunds for domain name registrations will be provided to Registrars by Verisign under the following conditions:

  1. The domain name is deleted by the Registrar before the end of the five-day (5) Add Grace Period.
  2. The domain name is rejected by fTLD while in pendingCreate status. (Note: Registrars must coordinate the rejection in the Verisign system with fTLD; if the Registrar rejects the domain then Verisign will NOT provide a refund.)
  3. The domain name is automatically deleted by Verisign because it has been in pendingCreate status for more than 90 days.
Is a fee charged to change data in a registration?

There are no fees charged by fTLD for changing any registration information. fTLD requires Registrants to maintain accurate information to ensure a trusted, verified and more secure environment. Although a verification is performed when certain Whois data  changes (e.g., Registrant Organization, Registrant Name, Registrant Email) there is no additional fee for this.

Is there a fee for a transfer of a domain name between Registrars?

Although there is a charge for a mandatory one-year renewal, there are no additional fees for transfers in the Registry System.

What is Sync? What is the Sync fee?

Sync is used when a registrant, with multiple registrations made at different times, desires to have a common expiration date for all, which makes managing them much simpler. The Sync fee is charged for resetting the expiration date for a domain name. This fee is charged based on the number of months between the original expiration date and the new expiration date. The entire fee is charged at the time the Sync transaction is processed by Verisign. There is no related registration token for a Sync operation with Verisign.

Security & Implementation

What are the fTLD Security Requirements?

fTLD requires compliance with a set of requirements that are not currently mandated by operators of other commercially available gTLDs. Please review the Security Requirements information for specific requirements for fTLD, Registrars and Registrants.

Do any of the fTLD Security Requirements apply to Registrars?

Yes, the fTLD Operations Pledge accessible here outlines the policies and procedures fTLD and our Registrars must follow to ensure the secure, stable and reliable operations of the .BANK and .INSURANCE domains.

Who is responsible for enforcing the Security Requirements and Policies for fTLD?

fTLD is ultimately responsible for enforcing the Security Requirements and Policies in .BANK and .INSURANCE. Registrars will play a role in enforcement of Registrant Security Requirements, as they have a direct relationship with the Registrant and fTLD will communicate with the appropriate Registrar on any enforcement actions. fTLD retains the right to take action if the Registrar or Registrant fails to do so.

If there is a violation of a Security Requirement, how will this be handled? Will the Registrar be involved?

fTLD will work with the Registrant and Registrar to address the violation. Repeated violations of any requirements may lead to suspension or termination of the registration. Failure of the Registrar/Registrant to provide a timely response and a remediation plan to fTLD can result in the domain name being removed from the .BANK or .INSURANCE zone or more significant actions.

Does fTLD permit Proxy/Privacy Registrations?

No, these services are prohibited for fTLD registrations. This is specifically noted in the RRA and is part of the fTLD Operations Pledge.

What information is available to Registrars and Registrants to assist in the activation of .BANK and .INSURANCE domain names?

fTLD has incorporated the lessons learned and implementation solutions from early adopters into guides, tools and resources that are designed to help Registrants transition to their .BANK or .INSURANCE domain name:

(rev. 2019.05.09)
Privacy Settings