Feeds

Dot Pharmacy: New web weapon in war on duff drug peddlers

gTLD bid to tackle bogus treatment biz

3 Big data security analytics techniques

An American trade group wants to create top-level domain name .pharmacy to stem the sale of bogus medicines online.

The National Association of Boards of Pharmacy (NABP) will file the application with internet policymaker ICANN, according to FairWinds Partners, a domain name consulting firm.

"The goal of .pharmacy is to provide pharmacists, doctors, nurses, caregivers, patients and others a secure space in which to search for information about or purchase prescription drugs online without having to worry about cybercrime or receiving counterfeit drugs," FairWinds said in a blog post.

The news comes as the NABP wages war against a small number of domain name registrars it says are not doing enough to fight the sale of counterfeit treatments online.

Before getting a .pharmacy web address, companies would be vetted to ensure that they are in fact legitimate and licensed, according to FairWinds. It's a model similar to the one used by the rarely troubled .aero and .museum gTLDs, and one proposed by applicants for other new gTLDs representing regulated industries, such as .bank.

FairWinds said the .pharmacy gTLD would be subject to ongoing monitoring for compliance via LegitScript, a US-based pharmacy certification programme provider.

LegitScript and the NABP both run kite-mark schemes under which approved pharmacies can display a logo on their websites boasting of their authenticity. But this is easily gamed by criminals simply copying the logo, according to FairWinds.

A heavily restricted .pharmacy gTLD would therefore make it much easier for consumers to identify safe online pharmacies.

The NABP's Verified Internet Pharmacy Practice Sites scheme only accredits pharmacies located in the US and its territories, as well as eight Canadian provinces, Australia and New Zealand. LegitScript appears to be US-only.

Similar moves to regulate industries via gTLDs have come under scrutiny in Europe due to a perceived North American bias. The European Banking Authority expressed concern that a globally available .bank domain might give European punters a false sense of security as they bank online.

Under ICANN's new gTLD programme, organisations have until Thursday, 12 April to file an application – and a $185,000 fee – for the new gTLD(s) of their choice. The deadline for registering for an application is Thursday, 29 March.

New gTLDs are not expected to be approved until early next year. During a lengthy evaluation process, anyone will be able to chip in with comments or file a formal objection. National governments will have special powers to object via ICANN's Governmental Advisory Committee. Some have already indicated a special concern about gTLDs purporting to represent regulated industries – naming .bank and .pharma specifically.

Registrar in pharmacy domain probe spat

The NABP and LegitScript are taking the fight against drug peddlers to domain name registrars that are seen to be lax about letting criminals set up bogus pharmacies using their services. They've singled out Internet.bs, a Bahamas-based registrar, for special concern.

Internet.bs was found by a LegitScript investigation to be the registrar of choice for 44 per cent of "rogue" pharmacies listed by the NABP.

Following an undercover operation, LegitScript alleged that it was able to register and use domain names such as cure-your-cancer.co.uk and legitimate-uk-pharmacy.co.uk even after informing Internet.bs executives explicitly that it planned to sell counterfeit drugs.

Internet.bs executives allegedly told investigators, who were "posing as an international cybercrime network", that they would resist efforts to shut down their rogue pharmacies unless they received complaints from their own legal jurisdiction.

In response, Internet.bs suspended 175 domain names that were registered by LegitScript, which used bogus Whois information, due to a breach of its terms and conditions and ICANN rules. It went on to accuse LegitScript of "dirty tricks" and said it always abided by relevant laws.

"Internet.bs Corp is always making it clear that the domain name has to comply with applicable laws," CEO Marco Rinaudo said in a statement. "The fact that a Canadian pharmacy domain is not subject to FDA [US Food and Drug Administration] regulations is a clear example."

He added that the LegitScript investigators did not set up websites associated with the domains it registered, making it impossible to tell if any criminal activity was taking place.

LegitScript noted that Internet.bs "hasn’t suspended any of the thousands of real rogue online pharmacies using its platform". ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T dangles gigabit broadband plans over 100 US cities
So soon after a mulled Google Fiber expansion, fancy that
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
EE & Vodafone will let you BONK on the TUBE – with Boris' blessing
Transport for London: You can pay, but don't touch
Turnbull gave NBN Co NO RULES to plan blackspot upgrades
NBN Co faces huge future Telstra bills and reduces fibre footprint
NBN Co plans fibre-to-the-basement blitz to beat cherry-pickers
Heading off at the pass operation given same priority as blackspot fixing
NBN Co in 'broadband kit we tested worked' STUNNER
Announcement of VDSL trial is not proof of concept for fibre-to-the-node
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.