‘If It’s Not .bank, It’s Not My Bank’

By Drew Schiff

“Imposter email attacks aimed at financial services organizations have increased more than 60% year-over-year”

“92%+ of all breaches last year stemmed from phishing attacks.”

Headlines like these, flooding our news feeds daily, have banks looking for change: a new way to further secure their internal communications, communications with vendors and customers and their websites from phishing and spoofing.

To date about 500 pioneering banks have left the prevailing, open .com domain, where bad actors can act with anonymity via $10 lookalike domains, for the verified, gated and more secure space of .bank. These banks are changing how they speak to their customers about security, and, through more secure communication channels, are looking to enhance their relationships with their customers.

These banks have seen how their customers are using visual authentication on popular sites such as Facebook and Twitter, via little blue checkmarks for verified accounts, and are using .bank to give their customers, employees and vendors a similar visual authentication cue. By moving from .com to the .bank domain they’ve enabled easy and immediate authentication of their communications, simplifying their security message into something that resonates and is actionable for all customers regardless of their technical savvy. “If it’s not .bank, it’s not us.” They’re reclaiming their email channels from the fear of phishing as a trusted space to communicate internally and with their customers.

With enhanced security and visual authentication in place, innovative “.bank’ers” are capitalizing on the trust and increasing email engagement with their customers. They’re using their verified email for everything from customer relationship interactions, to cross-selling and upselling, to financial education and advice, as well as rich, actionable information from the tools they’ve built internally or partnered with fintech firms to provide.

These banks left .com for .bank to address the security challenges faced by all banks, but they are ultimately responding to the evolution in their customers’ banking needs. Their customers are looking to them as a trusted resource for information on the many financial products they’ll need throughout their lives, and for guidance on budgeting and financial planning decisions. Simultaneously, their customers are relying on new platforms, outside of their brick-and-mortar locations, for this guidance. Those using .bank have found a practical, efficient way of maintaining and enhancing their relationships with customers as the banking industry continues to evolve. Stepping away from the comfort of their familiar .com domain has proven to be just the foundation that these banks needed in order to re-engage their customers through their existing, preferred, email channel in a more secure manner.

Banks that have implemented their .bank domains are daily learning new and deeper ways to serve their customers by bringing the trust and comfort of their branches to their digital presence. By taking that first step, out of the old and into the new, their customers now know: “If it’s not .bank, it’s not my bank.”

Drew Schiff is director of engagement services at fTLD Registry Services, which the American Bankers Association co-owns and co-founded to manage the .bank and .insurance top-level domains on behalf of the financial services industry.