While this is neat, IDNs are particularly prone to spoofing attacks which can be taken advantage of by phishers (phishermen?). To mitigate this, NIXI plan to block all variations of an IDN once it is registered.
“The same letter may exist both in Tamil and Hindi. Also, within a language it can be represented visually through different set of Unicode characters. We are trying to make the IDNs phishing and spoofing proof,” Aggarwal added.
Currently, any letter in a Devanagiri, Gurmukhi or any other regional script font can be created visually using different codes.
Simply put, if Ram.com is created using one script, the same can be created visually by using a different set of codes. It may lead to a rise in phishing or spoofing of identities.
But NIXI is drafting a counter policy on the same. “To counter this, we will block alternate identities of the same name, which can be created by different codes, except the original identity for every user. We will have a scientific formula on how the visual representation of each character in the domain name will be made. Also, we will have a simple dispute resolution policy,” he adds.