Banks in the Netherlands are the lowest adopters of technology that prevents visitors to their websites being redirected to fraudulent addresses, according to a study from internet registry SIDN .
The study of Dutch organisations’ adoption of domain name system security extensions (DNSSEC) security, a set of standards created to address vulnerabilities in domain names, found that only 6% of banks are using it. In total, 46% of .nl domains are protected by the technology.
Internet service providers (ISPs) in the Netherlands had the next lowest adoption of DNSSEC at 22%.
“Banks should be the main users of DNSSEC security, but they scored the worst of all investigated domains for the second time in a row,” said Roelof Meijer, CEO at SIDN. “With the closing of the physical bank branches and to reduce the number of ATMs, the online front door of the banks is becoming increasingly important.”
“Without DNSSEC, there’s a risk that, despite entering the right domain name, people will end up on a fake site set up to trick them,” said SIDN.
“DNSSEC also forms the basis for new applications, such as systems for making email safer and easily sharing cryptographic keys for securing internet communications.”
The study found that Dutch government organisations were the most improved when it comes to domain-protecting security. The previous study in 2014 found only 11% of government websites to be secure, but now 59% are.
Meijer said it was hard to think of any good reason not to implement DNSSEC protection. “We believe that it’s now up to the big internet service providers to act,” he said.
“It is important they get behind DNSSEC, because the protocol is only effective if ISPs commit to validating domain names’ digital signatures.”