NCC Group brings .trust to the internet

[news release] NCC Group has today announced its plans for .trust, a unique generic top-level domain (gTLD) that aims to provide a safer and more trustworthy internet for both businesses and consumers.
A .trust domain will help protect an organisation’s brand, reputation and sensitive customer information by enforcing the highest level of security and reliability. For consumers, it will provide a clear signal that a site is what it claims to be and is a safe place to do business, interact and share information.

Responding to the demands of the world’s online community, ICANN is currently operating a program to add thousands more gTLDs over the next few years. The majority of these new domains will be used to categorise companies and individuals into physical locations, industry segments or brands. In contrast, .trust has been created as a gated community to make the internet more secure.

Rob Cotton, CEO at NCC Group said: “The internet is a lawless world – ungovernable, unmanageable and insecure. Consumer confidence has gone, and businesses are at a loss at how to combat the risks.

“The new rollout of gTLDs is further changing the shape of the internet. Cybersquatting and phishing were big issues with just 22 gTLDs, but with over 1,400 set to be introduced these problems are set to get exponentially worse. The cost for a business to protect its online presence and purchase all possible domain combinations will also be extortionate.

“The benefits to businesses of having a .trust gTLD are immediately obvious. It will act as a key differentiator, bringing back consumer confidence by protecting customers as they transact and interact online.

“The internet is set to change forever, and at NCC Group we are committed to changing it for the good, making it a safer place and introducing trust.”

Applicants for a .trust domain will have to verify their identity, ensure their organisation is secure by complying to a strict and specific code of security policies, and assure their infrastructure remains safe by undergoing regular compliance scanning.

The policies have been developed by a coalition of industry and NCC Group experts, and adhering to them will help provide comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy.

Rob continued: “End users will come to recognise .trust as an island of trusted brands in a new confusing namespace.”

Pioneer businesses in San Francisco have been involved in the process of developing the security protocols for .trust for several months and some of these will be among the first to take up the .trust domain when it is available for registration towards the end of Q3. Ultimately, brands with high customer data security needs – including banks and retailers – are expected to find .trust most appealing.
About .trust

NCC Group acquired from Deutsche Post the rights to the .trust gTLD application, for an undisclosed fee in February 2014.

What is .trust? .trust is a unique gTLD that will provide a safer and more trustworthy Internet. The .trust gTLD signals that a site is a safe website to interact and do business with. Organisations using .trust domains will be required to comply with rigorous security policies in order to prevent the use of .trust domains for malicious activity. A continual process of security review and improvement will help ensure those sites stay in compliance with .trust requirements.

Why use .trust? Under the .trust domain, organizations will be able to protect their brand, reputation and sensitive customer information with the highest level of security and reliability. Those who wish to join this online gated community will commit to rigorous security policies and procedures and NCC Group will work with applicants to help them achieve these policies. These policies have been developed by a coalition of industry and NCC Group experts, and adhering to them provides comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy. The technical policies that shape .trust will ensure that members of the .trust community will be recognized as leaders in secure, trustworthy online transactions.

How does .trust work? The .trust gTLD creates a more trustworthy Internet through the application of three core principles by which we require applicants to abide:

verify. All applicants must submit identity documentation and proof of intellectual property and naming rights to help prevent misleading, abusive and malicious registrations. Organisations are verified so consumers know that .trust domains are representative of the brand they know and trust.

secure. All registrants must abide by the security control policies and procedures, giving consumers confidence that their online transactions conducted via .trust domains will be secure and trustworthy.

assure. Organisations within the .trust domain will be continually monitored for compliance with the .trust technical policies and will actively work with NCC Group experts to remediate identified issues.

How is .trust different from other TLDs? .trust websites will be differentiated by a high level of security and reliability, unprecedented on the internet. Consumers will come to recognize .trust as an island of trusted brands inside a new, confusing namespace.

How is .trust more secure than other TLDs? Registrants of .trust domains will be required to adopt rigorous security policies that strictly prohibit malicious activity or the creation of vulnerabilities. The .trust service uses a unique, technology-driven process to automatically monitor domain owners for compliance with NCC Group’s best-in-class security policies. This process incentivizes and helps domain owners to quickly restore security when their sites exhibit web application flaws, network misconfigurations and other security violations.

To improve the end-to-end security experience for users of .trust and other domains, we are working with major Internet companies to implement new technologies into web browsers, email servers and operating systems. The end goal of our security policies is to create a seamless and safe experience whenever a user browses a website or emails someone on a .trust domain.

How are these rules enforced? Registrants in the .trust space agree to follow the security policies that we strictly enforce via monitoring .trust domains for network, web application, email and malware threats.

About NCC Group
NCC Group is a global information assurance firm, passionate about making the internet a safer place and revolutionising the way in which organisations think about cyber security.

Through an unrivalled and unique range of services, the company provides organisations across the world with freedom from doubt that their most important assets are protected and operational at all times.

Listed on the London Stock Exchange, NCC Group is a trusted advisor to more than 15,000 clients worldwide.

Headquartered in Manchester, UK, NCC Group has 20 offices across the world and employs over 1,000 of the brightest minds in information security, assurance and technology.

NCC Group delivers security testing, software escrow and verification, website performance, software testing and domain services.

This NCC Group news release was sourced from:
https://www.nccgroup.com/en/news-and-events/news/2014/06/ncc-group-brings-trust-to-the-internet/