Since 2011 fTLD Registry Services (fTLD) has collaborated with experts in the financial services, security and domain name industries to develop Security Requirements that mitigate, and in some cases prevent, many of the malicious activities propagated on the internet such as phishing, spoofing, cybersquatting and man-in-the-middle attacks. fTLD has continued to modify the Security Requirements over time to include new technologies and practices that address the changing needs in security and the evolving threat landscape, with the goal of providing more secure online interactions for all users of .BANK and .INSURANCE domains.
There are two components of the Security Requirements:
Registrant Security Requirements (Domain Name Owners): Registrants that use their domain names (i.e., they resolve on the internet) are required to implement security technologies such as Domain Name System Security Extensions (DNSSEC), Encryption/Transport Layer Security (TLS) and Email Authentication.
fTLD Operations Pledge: fTLD and its approved registrars are required to comply with policies and procedures to ensure the secure, stable and reliable operations of the .BANK and .INSURANCE domains for Registrants.
The following information is provided for Registrants:
- Third-Party Providers that can assist in meeting the Security Requirements
- Implementation Guidelines – Email Authentication and TLS/Encryption Security Requirements
- Implementation Hub for guidance on meeting the Security Requirements
- Security Requirements Exemptions during Emergency Situations
Archived Security Requirements