ICANN Plan for Industry Domains Blasted by European Banks

The European Banking Authority (EBA) has come out against plans by web domain body ICANN to introduce new top level domains for the financial services industry, claiming they could lead to increased fraud through phishing attacks and other threats.

In June last year ICANN approved the use of the ".bank" and ".fin" domains, which could be assigned to companies or individuals claiming to be financial intermediaries or banks.

In response the EBA says the plan should be dropped as it says it has "many supervisory concerns" surrounding the operation of the proposed top level domains by ICANN.

The EBA claims there is the "great potential for misuse by unscrupulous individuals," and that any plans for the introduction of the new domains "should ideally be discontinued."

ICANN has proposed mitigating the risks potentially posed by the domains by creating a separate entity for the registration and control of the domains, or using other "technical ways" to ensure the security of the system.

But this has not appeased the EBA. "The potential for consumers of financial services to over-rely on what might be perceived as 'regulatory endorsement' of the companies operating under such domains is immense, and the risk for new types of fraud and phishing could be enormous," it said.

The EBA also claimed that there was the "danger for confusion regarding the operation of legitimate websites by 'true' financial institutions and regulated entities." This could lead to the need for established brands to endure costly and complex legal or commercial initiatives in order to safeguard their trademarks "from frauds and abuses," the EBA said.

While ICANN will take on board the EBA's concerns, it has the power to introduce the new domains regardless. Earlier this year ICANN defended its wider introduction of new top level domains for various industries.

Subscribe to the Security Watch Newsletter

Comments