Brand Names in Blockchain Domains: New Frontier for Brand Owners
By Alex Deacon
Brand Names in Blockchain Domains: New Frontier for Brand Owners
While the internet runs on a single “root” for domain name resolution, overseen by ICANN, there have always existed alternative DNS roots (a.k.a alt roots). Blockchain domains, based on blockchain technology, are the latest flavor of “alt roots”. Like most alternative root systems, blockchain domains are usable by a tiny fraction of internet users as they have not been tightly integrated into the major web browser or OS platforms. Thus their impact, be it positive or negative, is debatable. Despite that, they are an interesting new development in the naming space and are in my opinion worthy of further scrutiny and study.
For the third Exploring DAP article, I thought I would take a closer look at the blockchain domain data sources. Data associated with domains registered on both the Ethereum and Unstoppable domain name services are two of the newest data sources available via the DAP.LIVE data platform. For a nice primer on these two new data sources see the excellent video “Exploring Blockchain Domains in DAP.LIVE” with my colleagues Georgia and Nathan.
Summary of Conclusions: A summary of our findings indicates that while it is still very early days for blockchain-based naming systems – registrants are registering domains for multiple brands and trademarks. This data point alone should be a concern for brand owners and indicates some attention to this technology is warranted. In addition, many of the domains we see are quite “phishy”, in that they include spaces, special characters, emojis, and strings that look like “real” domain names. This indicates both security researchers and brand owners should keep an eye on developments given the opportunity for abuse in this space. Finally, only a quarter of a percent (0.23%) of registered blockchain domain names contained one of the 12 brands we searched. While this percentage is low, the potential impact on users could be severe. Moving forward additional monitoring and research into the true impact on consumers is required, as a single domain can be used to mount a large number of scams or online fraud incidents.
As of March 8, 2023, there were 6,226,663 domain name registrations in the DAP blockchain data sets.
Figure 1 - Blockchain registrations in the DAP blockchain datasets.
The details shown in Figure 1 above show the total number of registrations in the three blockchain name services currently supported by DAP.live. For our analysis in this article, we focused on the twelve large brands listed in Figure 2.
Figure 2 - Count of Blockchain Registrations with Brand in Domain Name, by Brand
Searching the combined Ethereum and Unstoppable datasets for these brands we find that 14,448 registered domains contain an exact match of one of these brands. This number represents a very small quarter of a percent (0.23%) of registered block domain names. Not surprisingly the brands we see at the top of the list are large and well-known: Apple, Amazon, and Google.
Now that we have a better understanding of the brands found in these data sets, what other details can we discover using the DAP?
As the data set includes specifics of both the Blockchain and the “Top Level Domain (TLD)” associated with each domain name we can ask the DAP to visualize the counts of brand registrations by TLD.
Figure 3 - Blockchain Registrations by Brand and TLD
Again we see that most of the registrations are associated with Apple, Amazon, and Google. But we can also see registrations for those brands appear in multiple TLDs with .eth representing the most registrations followed (roughly) by .crypto, .nft, .wallet, .zil and, .x.
Registrant ID Analysis
Another useful data point associated with each blockchain registration is the Registrant Identifier. This identifier is a 20-digit hexadecimal value that uniquely identifies the entity that registered the domain but does not directly identify who the registrant is. Unlike standard domain names, blockchain naming services do not offer a “WHOIS”-like service. However, using this identifier we can determine who was the most “prolific” registrant across our data set of blockchain domains that contain one of the 12 brands.
Figure 4 - Top 3 Registrant Identifiers
The top two prolific registrants registered 246 and 236 domains respectively. The third most prolific registrant registered 139 - half as much as the top two. And now that we know the top 3 registrants we can dive deeper into the data and analyze, using a reverse search, what other brands they registered. This data is visualized in Figure 5 below.
Figure 5 - Brands Registered by Top 3 Registrant IDs
It is interesting, but not surprising, to note that the top two registrants have registrations spread over a large number of brands instead of focusing on a single (or small number) of brands. This is in contrast to the third registrant who seems to have focused their registrations on the Brands that sit at the top of our list of most registered brands.
Position of Brand in Domain
Finally, when looking at the domain names in our query we noticed that the position of the brand name in the domain varied. For a majority (73%) of the domains the brand string appeared at the front of the domain. While 19% appeared at the end and 8% in the middle.
Figure 6 - String Position Analysis
Taking a look at the strings where the brand name appears in the middle or at the end of the domain name, a cursory search found that several contain spaces, special characters, emojis, and in some cases strings that resemble domain names. We see these techniques used in cases of cybersquatting and phishing in the standard DNS space, which should raise some eyebrows. However, while it is difficult to say for sure if any of these domains are used, or can be used in the future, for abusive purposes they sure look quite sketchy and phishy.
The use of leading blank spaces, emoji, and the apparent seamless support for domains containing Unicode characters do present a novel threat, not seen in the regular DNS space. While Unicode support would be a major improvement on the rather clunky and still unsatisfactory support for IDNs in the regular DNS space, in the blockchain space there appears to be no policy or any regard for the threat of deception posed by the use of mixed scripts. This may result in the abuse of users in ways we don’t currently see in the non-blockchain naming space.
- We can see from the data that registrants are registering domains for several brands and trademarks. This data point alone should be a concern for brand owners and indicates some attention to this technology is warranted.
- Several of the domains we see are quite “phishy”, e.g. the use of spaces, special characters, and emojis indicate that the opportunity for user abuse exists and both security researchers and brand owners should keep an eye out for potential use cases for user abuse. We note however that abuse reporting and mitigation by the naming service for these domains is difficult at best and impossible at worst given the immutable nature of blockchain technology.
- Currently only a very small percentage (0.23%) of blockchain domains contain one of the 12 brands on our list. We will configure the DAP to track this percentage over time and report back in the future if any interesting trends emerge. Also, as this technology is still relatively new, we are unable to say how much abuse of users, if any, exists. This would be an interesting study for the future.
Finally, this Exploring DAP exercise highlighted several basic but useful DAP features:
- The ability for DAP users to import and manage their own private data sets (“Bring Your Own Data”), and join this data to data sets managed by DAP.
- The ability to filter and summarize data to extract insights from the data.
- The ability to easily visualize this data into dashboards displaying tables, charts, and key metrics
- The creation of custom formulas allowing the creation of new/derived columns based on existing data. For example, in this analysis, we created a custom formula that calculated when a brand string was in the beginning, end, or middle of a string.
Notes on methodology
- The process and methodologies I used have not been rigorously defined or vetted. They are simply a means to shine a light on both the data and capabilities that the DAP brings to the table.
The 12 brands used in this analysis were chosen as they are at or near the top of the top 100 most valuable brands for 2022 used in previous blogs. The use of different brands may result in different findings.