All banks are verified and authenticated by fTLD, the .BANK administrator, prior to registering their .BANK domain, and re-verified annually thereafter. This ensures everyone using a .BANK domain is an eligible organization. Eligible organizations include Retail Banks, Savings Associations, National Retail Banks, Retail Bank or Savings Associations Parent/Holding Companies, and Government Regulators. Hackers and bad actors can't get a .BANK domain to create lookalike domains for phishing and spoofing, as they can in '.com' and other publicly available domains.
With the '.BANK' visual authentication cue in place you can quickly confirm emails and websites of ours are real, and avoid interactions that could lead to identity theft and financial fraud. This authentication is also an additional layer of protection for internal and vendor communications, helping to secure against potential breaches.
All banks within the .BANK domain must also implement additional Security Requirements to help secure their sites and email, and protect them, their vendors and their customers from phishing, spoofing and other cyberattacks. These security requirements include the implementation of DNSSEC on their domain host, obtaining a digital identity certificate, utilizing TLS 1.2 to create encrypted connections, and configuring a DMARC in conjunction with DKIM and SPF records to prevent spoofing of institution email. All banks using .BANK are monitored for compliance with these security requirements on an ongoing basis.
Our email addresses and website URL now end in .BANK. From now on, before interacting with emails from us, and before you enter your username and password on our website, simply look for the '.BANK' to authenticate the email or website is ours.
Our .com email addresses are forwarding to our new .BANK email addresses, and our .com website redirects to our new .BANK site, but over time you should update your address book and bookmark for our site.
all fields required