Brand monitoring among domain names (Brand Alert)
Do you own a registered trademark? To protect it, you need to monitor it on the Internet. Solidnames offers Brand Alert, its trademark monitoring solution for domain names. Every day, you’re alerted by email to any domain name cybersquatting.
Trademarks are registered with a national registry. In France, trademark registration is carried out at theINPI (Institut national de la propriété industrielle).
To register a trademark, applicants (natural or legal persons) must meet certain criteria. First, a search must be carried out to determine whether the trademark is available.
Trademarks are protected when they are distinctive, have no anteriority and are not contrary to public policy.
Register your brand to protect it
Trademarks are protean signs. The application for registration can be for a word mark such as a patronymic, a company name, a trade name or a slogan. The shape of a protected trademark varies according to its graphic representation. Thus, a trademark application for a logo differs from that for a design.
Generally speaking, a trademark is registered with the INPI in three classes of goods and services for which the brand name is protected. Each class describes a field of activity. Each additional class is subject to additional fees from the trademark register.
A French trademark gives an exclusive operating monopoly on French territory. Property rights are extended with the registration of a Community trademark. Registering a trademark at European level is done at the European Union Intellectual Property Office(EUIPO). In addition, international trademark protection is handled by the World Intellectual Property Organization(WIPO).
Monitor your brand to defend it
Your name is now registered as a trademark! To protect your trademark, you need to set up a monitoring system.
National trademark offices do not carry out trademark clearance searches. Technically, similar trademarks can be registered without the trademark owner’s knowledge.
To preserve your intellectual property rights, you need to monitor your trademark. Monitoring will detect trademark applications that are identical or similar to yours, and may create a risk of confusion.
An opposition procedure exists against a trademark application that infringes your exclusive rights. You can take action within two to three months of publication of the trademark application.
The monitoring of protected trademarks must therefore be reactive. It is advisable to entrust it to Industrial Property Attorneys (IPAs ) or to a lawyer specialized in trademark law.
Why monitor your registered trademark?
Surveillance identifies a trademark that is identical or similar to your prior rights. If the new trademark is registered for services identical to your existing trademark, you can take action for trademark infringement.
Trademark monitoring detects illicit use. A third party may try to appropriate the company’s registered trademark, or even misappropriate it. Customers may make a mistake and contact your competitor who applied for trademark registration.
To protect your brand, your investments and your intellectual property rights, you need to keep an eye on it. This monitoring also makes it possible to organize a competitive watch.
Monitoring your brand on the Internet
When you become the owner of a trademark, you are obliged to defend it. Trademarks are protected via Internet monitoring.
Trademark monitoring of domain names is an obvious way of detecting online abuse. Malicious third parties will then use a domain name incorporating a trademark to do various kinds of damage online.
The most frequent abuses concern attempts at fraud and swindling via phishing operations or identity theft by e-mail. Others concern the sale of counterfeit goods. It affects all sectors of activity, from fashion to toys and health products.
Other cybersquatters try to damage a brand’s image. Some practice unfair competition by trying to divert a company’s customers to a competitor via a parking page, for example. Others try to sell their brand’s domain name back to the company at a higher price in a speculative cybersquatting operation.
Detecting abuse as well as legitimate deposits
Sometimes, the registrations detected also concern legitimate namesakes. Editions Nathan, the wine merchant Nicolas, or the baker Paul cannot prevent legitimate third parties from registering domain names featuring their brands, which are also common first names.
Other registrations detected are sometimes cases of ” Shadow It “. These are rarely malicious registrations made without the approval of the entity in charge of domain names.
Within a large structure, this may be a deposit made by another department of the company or a foreign subsidiary. It may also be carried out by a distributor. This “Shadow It” repository is also often the work of a communications or web agency working for the company.
Be alerted to Shadow IT repositories
A “Shadow IT” registration is characterized by the fact that it is carried out by a person who is not in charge of domain names. As such, he or she often uses a registrar other than that of the company. He or she will also often enter the employee’s name in the whois.
Brand monitoring among new domain name registrations detects these “Shadow IT” registrations linked to the corporate environment.
Finally, Solidnames’ Brand Alert monitoring will also detect company registrations under its own name. In particular, this enables us to check whether the registrations were actually carried out by the company’s service provider. The monitoring service also verifies the correct use of the new domain name registration (e.g. implementation of the requested redirection).
Faced with these different types of registration, Solidnames has developed a dynamic daily trademark monitoring solution. A counterfeiter doesn’t wait a month to illegally use a disputed domain name.
Reactivity in detection is a lifesaver in the face of unfair use. Solidnames alerts holders of existing trademarks as soon as a domain name incorporating their name is registered.
Brand monitoring among domain names
Solidnames’ “Brand Alert” service is a daily alert of new domain name registrations using registered trademarks.
Customers of the “Brand Alert” service for Solidnames domain name monitoring are notified daily by e-mail when a new Internet address is registered.
White-label email notification includes :
- the domain name detected in the associated ;
- the domain name holder with the number of domain names associated with the holder’s email address (“registrant email”);
- identification of a mail server;
- the site page title ;
- screenshot of the site detected;
- the post-GDPR (General Data Protection Regulation) whois available;
as well as a reminder of the daily alert setting (Brand Alert) and the contract expiry date.
Brand Alerts are available in English and French.
Brand Alerts can be ordered on a “prorata temporis” basis, according to the subscription duration selected by the user. Law firms appreciate this feature, which enables them to adjust the contract to the calendar year, for example.
In addition to the daily alerts, Solidnames provides a monthly summary of the domain names detected by its “Brand Alert” service. This email allows users to download deliverables in common formats (Excel, Word).
Our domain name trademark monitoring service is available from €1 excl. tax per day.
Extranet for managing brand monitoring among domain names
The results detected by Solidnames are also accessible via the customer extranet. It is accessible 24 hours a day, 7 days a week. Access to the Solidnames customer extranet is via a double authentication system (2FA), in accordance with the recommendations of the French National Agency for Information Systems Security(ANSII).
In the “Brand Alert” section of the Solidnames customer extranet, users can find all reported cases. Results can be exported in Excel format.
Various sorting options are available. Sorting by term in the registered domain name (e.g. group) is possible. A further sort by extension (“TLD”) is available to find, for example, all domain names registered in .FR. Finally, a search by notification date is also available.
Detecting domain name cybersquatting
Solidnames experts help their customers set up their trademark watches among domain names.
The appropriate monitoring perimeter is scalable throughout the subscription period, and can include domain names written as :
- Identical: to identify new registrations that are strictly identical to the watched trademark.
- On the container: to identify new warehouses containing exactly the same label as the monitored brand.
- On the container: with exclusions or additional terms to limit the number of irrelevant results for labels generating too many results.
- Typosquatting: addition, deletion or inversion of letters.
- Homoglyphs (often called “homograph squatting” in English): writing the domain name with internationalized characters (International Domain Names, IDN) close to our Latin alphabet.
Extended global brand monitoring
Solidnames’ Brand Alert service is not limited in its coverage. Detection of domain name cybersquatting is carried out in over 2,000 Internet extensions (TLDs), including :
- historical generic extensions (e.g. .COM, .NET, .ORG…) ;
- new Internet “nTLDs” (e.g. .CLUB, .PARIS, .XYZ…) and recent ones such as .ZIP;
- country extensions (e.g. .BE, .CN, .FR…) including the main SLDs (Second Level Domains such as .NET.BR, .COM.PL or .CO.UK) and non-Latin character extensions (e.g. .??, .??, .???).
Completeness of domain name monitoring results
To be able to offer comprehensive, reactive monitoring, the database or zone files of all global registries would need to be updated daily.
Note the distinction between the zone file (which contains a list of all active domain names) and the registry database (which also contains domain names registered but not registered in the DNS).
Solidnames aggregates several sources, with different update frequencies, to create its own database of active domain names.
Solidnames uses :
Complete zone files for generic extensions under ICANN supervision
ICANN requires all registries of generic extensions (“gTLD” and “nTLD”) to publish their zone files on a daily basis. By 2024, this will represent more than 260 million domain names, including over 160 million .COM domains.
Solidnames collects its files daily via ICANN’s Centralized Zone Data Service. The other advantage of generic extensions is that they provide standardized whois information that can be consulted online.
Country-code Top-Level-Domain (ccTLD) zone files for paid access or “open data
Each country-code Top-Level Domain (“ccTLD”) is managed by a registry which determines the commercial, legal and technical rules without interference from ICANN. Whois information is not standardized. It is sometimes incomplete, or even absent (e.g.: German domain names in .DE, Europe’s 1st extension in terms of number of registrations).
ICANN cannot force national ccTLDs to publish their lists of domain names. A few registries make an exception by making their lists available on a paid daily basis, such as AFNIC for .FR or Nominet for .UK. In these cases, Solidnames subscribes to these paid subscriptions. Solidnames has a paid subscription to the Platinium offer of .FR Performance from AFNIC (registry of .FR domain names). “Brand Alert can use the FR Watch and SQUAW services provided by AFNIC.
Other registries, such as ISS for .SE and .NU, provide their zone files updated daily and free of charge. Finally, other registries, such as Spain’s, publish a monthly list of new .ES domain names in open data.
In addition to these sources, Solidnames has access to partial zone files. These are irregularly updated lists of domain names. They are collected by various methods (web crawling, passive DNS data).
These lists partially cover a few dozen of the most important “ccTLDs” (e.g. .CN, .DE, .EU, .IT, .NL, .RU…) and represent more than 50% of the domain names registered in country-code extensions.
Another source is open root DNS servers. For example, some national registries have DNS servers that can be used to obtain a copy of the zone file. Access to these sources is very limited, random and undocumented.
Detection via SSL certificate flow
Since 2022, Solidnames has enhanced its sources to include Certificate Transparency Logs (CT Logs). This makes it possible to detect domain names created using SSL certificates. The abuses identified via this source are often quickly significant. Indeed, the creation of an SSL certificate is often associated with an active website that could be used for a phishing or counterfeiting site.
This source of CT logs also enables brand monitoring among sub-domains.
With its methodology, the Solidnames database guarantees daily and complete updating of zone files for “gTLDs” and “nTLDs”. This guarantees exhaustive, reactive monitoring for these generic extensions.
Detection of domain names registered in country extensions
Although it is not possible to guarantee the same performance for ccTLDs, methods are deployed to maximize detection in country extensions.
It is thus common for a wording to be registered in several extensions over a period of a few days. This may be a new trademark registered defensively in several extensions. In another case, a cybersquatter observes recent high-potential registrations and reserves them for his own use in different extensions.
To identify these cases and complete Brand Alert’s level of exhaustiveness, Solidnames checks on a daily basis whether the labels present in the database are also active for a “ccTLDs” selection.
This is possible because it’s a DNS query, which is available regardless of the extension. For the same Brand Alert watch, we are thus able to identify recently activated ccTLDs by comparing the lists of 2 consecutive days. This approach makes it possible to identify the activation of a domain name in any ccTLD as soon as possible, without the need for zone files. This is reactive but not exhaustive monitoring for ccTLDs. This limitation applies to all providers of trademark monitoring among domain names.
There are also extensions based on blockchain technology, such as .ETH and .CRYPTO. Trademark registrations among these NFT domain names can be monitored with SOLIDNAMES’ “NFT Alert” offer.