Feeds

Dot Pharmacy: New web weapon in war on duff drug peddlers

gTLD bid to tackle bogus treatment biz

Security and trust: The backbone of doing business over the internet

An American trade group wants to create top-level domain name .pharmacy to stem the sale of bogus medicines online.

The National Association of Boards of Pharmacy (NABP) will file the application with internet policymaker ICANN, according to FairWinds Partners, a domain name consulting firm.

"The goal of .pharmacy is to provide pharmacists, doctors, nurses, caregivers, patients and others a secure space in which to search for information about or purchase prescription drugs online without having to worry about cybercrime or receiving counterfeit drugs," FairWinds said in a blog post.

The news comes as the NABP wages war against a small number of domain name registrars it says are not doing enough to fight the sale of counterfeit treatments online.

Before getting a .pharmacy web address, companies would be vetted to ensure that they are in fact legitimate and licensed, according to FairWinds. It's a model similar to the one used by the rarely troubled .aero and .museum gTLDs, and one proposed by applicants for other new gTLDs representing regulated industries, such as .bank.

FairWinds said the .pharmacy gTLD would be subject to ongoing monitoring for compliance via LegitScript, a US-based pharmacy certification programme provider.

LegitScript and the NABP both run kite-mark schemes under which approved pharmacies can display a logo on their websites boasting of their authenticity. But this is easily gamed by criminals simply copying the logo, according to FairWinds.

A heavily restricted .pharmacy gTLD would therefore make it much easier for consumers to identify safe online pharmacies.

The NABP's Verified Internet Pharmacy Practice Sites scheme only accredits pharmacies located in the US and its territories, as well as eight Canadian provinces, Australia and New Zealand. LegitScript appears to be US-only.

Similar moves to regulate industries via gTLDs have come under scrutiny in Europe due to a perceived North American bias. The European Banking Authority expressed concern that a globally available .bank domain might give European punters a false sense of security as they bank online.

Under ICANN's new gTLD programme, organisations have until Thursday, 12 April to file an application – and a $185,000 fee – for the new gTLD(s) of their choice. The deadline for registering for an application is Thursday, 29 March.

New gTLDs are not expected to be approved until early next year. During a lengthy evaluation process, anyone will be able to chip in with comments or file a formal objection. National governments will have special powers to object via ICANN's Governmental Advisory Committee. Some have already indicated a special concern about gTLDs purporting to represent regulated industries – naming .bank and .pharma specifically.

Registrar in pharmacy domain probe spat

The NABP and LegitScript are taking the fight against drug peddlers to domain name registrars that are seen to be lax about letting criminals set up bogus pharmacies using their services. They've singled out Internet.bs, a Bahamas-based registrar, for special concern.

Internet.bs was found by a LegitScript investigation to be the registrar of choice for 44 per cent of "rogue" pharmacies listed by the NABP.

Following an undercover operation, LegitScript alleged that it was able to register and use domain names such as cure-your-cancer.co.uk and legitimate-uk-pharmacy.co.uk even after informing Internet.bs executives explicitly that it planned to sell counterfeit drugs.

Internet.bs executives allegedly told investigators, who were "posing as an international cybercrime network", that they would resist efforts to shut down their rogue pharmacies unless they received complaints from their own legal jurisdiction.

In response, Internet.bs suspended 175 domain names that were registered by LegitScript, which used bogus Whois information, due to a breach of its terms and conditions and ICANN rules. It went on to accuse LegitScript of "dirty tricks" and said it always abided by relevant laws.

"Internet.bs Corp is always making it clear that the domain name has to comply with applicable laws," CEO Marco Rinaudo said in a statement. "The fact that a Canadian pharmacy domain is not subject to FDA [US Food and Drug Administration] regulations is a clear example."

He added that the LegitScript investigators did not set up websites associated with the domains it registered, making it impossible to tell if any criminal activity was taking place.

LegitScript noted that Internet.bs "hasn’t suspended any of the thousands of real rogue online pharmacies using its platform". ®

Beginner's guide to SSL certificates

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.