A Guide to Your Move to .Bank

Table of Contents

Security Implementation

When you’re ready to begin using your .Bank domain, you can choose to implement the security requirements yourself or use a vendor. For technical support, consult your registrar, core provider or other relevant vendors. Each requirement for launching your domain is listed below.

Security Requirements

Your .Bank domain is more secure because of the Security Requirements. These requirements are regularly monitored, with findings reported to banks and their registrars.

For compliance questions, write to compliance@fTLD.com.

Security Technical Details

Preliminary: Verification


A verification is completed by fTLD Registry before any .Bank domain is registered. This includes confirming the domain aligns with your organization’s legal name or branding, ensuring eligibility, and verifying the authorization of the requesting employee. These steps safeguard against cybersquatting and impersonation.

1: Zone – Name Servers


Maintaining authoritative name server host names within the .Bank domain zone is paramount. In-zone name servers must meet the same security standards as the .Bank domain, ensuring a secure online presence.

2: Zone – DNSSEC

Implementing Domain Name System Security Extensions (DNSSEC) with robust cryptographic algorithms is vital. DNSSEC verifies user access and prevents redirection to malicious sites.

3: Encryption – Certificate Requirement


Obtain a digital identity certificate to enable HTTPS, securing data in transit for your .Bank domain.

4: Encryption – Secure Connections


Implement TLS 1.2 or higher for encrypted connections, enhancing website and email security.

5: Email Authentication

Publish DMARC and SPF records in DNS for email authentication. These measures protect against phishing, boost email deliverability, and enhance email communication security, and this is enhanced when combined with DKIM.

Migration

Planning your move to .Bank

Click graphic to enlarge view.

  • Set a timeline for the transition.
  • After implementing Security Requirements, point your existing website to your .Bank domain and set up a 301 redirect. This ensures traffic from your old site flows to your new .Bank domain, preserving SEO value.
  • For technical support, consult your registrar, core provider or other relevant vendors.
  • Confirm DNS provider supports DNSSEC and vanity name servers.
  • Secure your .Bank domain with TLS certificates from your trusted provider or registrar.
  • Ensure your hosting provider meets .Bank requirements (TLS v1.2+ and secure cipher suites).
  • Implement SPF & DMARC (at “p=reject”) in your DNS to prevent phishing and spoofing. It enhances email deliverability. Explore email authentication vendors.
  • Promote your .Bank on the site with a pop-up welcoming users to a more secure experience.
  • Update customer communications, FAQs, and templates. See the .Bank Communications Guide for sample templates.
  • Review and update internal communications.

Technical considerations

Using URL redirection

You’ll want to put a 301 redirect in from your current domain to .Bank to preserve your SEO value and ensure no web traffic is lost.


Email aliases

You’ll want to create email aliases so your current and .Bank emails come into the same mailbox, and create the setting that all replies come from your .Bank email address.

Marketing & Communications

We recommend beginning to educate customers, employees, and vendors two to three weeks ahead of launch via one or two emails and a banner on your existing website. You can link to our Customer FAQ in your email(s) and website banner to provide customers, employees, and vendors with all the information they need to know about .Bank. Our .Bank Communications Guide provides templates for emails, banners, email signatures, etc., for use in educating your customers.

Need help or have questions? Talk to our team.

How can we help? Whether you’re looking for support with your existing registered .Bank domain or completely new and ready to take the first steps, we’re here to talk.