Menu Go to the top

Domain names are vital in a modern society

The domain market: Are the rules of the game changing?

Norwegian domain names more secure with DNSSEC

Online presence – where and how?

The domain market: Are the rules of the game changing?

Published: september 2016. Updated: september 2018

Fundamental changes are taking place in the domain name market. A thousand new top-level domains have been introduced in the last few years, and competition has increased considerably. At the same time, there are certain indications that the general demand for domain names is decreasing, and the use of mobile devices and apps is making domain names less visible. Also, new players with potentially disruptive ideas are entering the domain market.

In 2012, after more than a decade of stability in a domain market where the number of actors and top-level domains remained relatively constant, ICANN 1 chose to make a change. They opened up registration of top-level domains to anyone, provided applicants met certain financial and technical requirements. The objective of this liberalization of the market was to give customers a wider range of options and to contribute to increased competition and innovation.

Domains and top-level domains

All devices connected to the Internet have their own unique IP addresses, which consist of a long sequence of numbers. The Domain Name System links unique domain names to the IP address.

Examples of domain names many interact with daily include,,, and

The last part of the domain name—its “last name”—is the top-level domain the domain name is registered under. There are two different types of top-level domains: country code top-level domains (such as .no or .se) and generic top-level domains (such as .com or .org).

After processing the first round of applications, currently ca. 1200 new top-level domains have been registered2. Plans for a new round of applications are under way, but it is not yet clear when the application window for the next round will open.

So, what has happened in the domain market in recent years? Are players competing on the same terms as before, or have the rules of the game changed? And what does this all mean for end customers and others in the market?

Marked increase in the number of competitors

So far, there are now five times as many top-level domains in the market, compared to 2012. This means increased competition for both new and established actors.

Domain: .amsterdam
New top-level domains with geographical references.

Most new top-level domains have distinct, meaningful names. Among them are generic descriptions (.top, .club, .global, .app), names of cities and other geographical references (.berlin, .amsterdam), descriptions of industries (.lawyer, .doctor, .ceo), interests (.horse, .cooking), group identities (.mormon) and brand names (.statoil, .gucci, .bbc).

Domain: .horse
New top-level domains that represent interests.

It will take time for the newcomers to establish themselves in this market. As of July 2016, the new generic top-level domains have a market share of approx. 6.4 percent 3. Certain top-level domains dominate in terms of size, both among well-established top-level domains and new domains. The world’s largest top-level domain, .com, alone has a market share of approximately 39 percent 4. However, the largest newcomer, .xyz, has managed to carve out a place among the world’s ten largest top-level domains.

Global market share
New generic top-level domains (6,4 %)
Established top-level domains (48,8 %)
Country code top-level domains (44,7 %)
Source: CENTR, DomainWire Global TLD Report, ed. 16

For many top-level domains, however, total number of domain names is not a relevant measure of success. The business concept behind .luxury, for example, is to be an exclusive product for the select few, which is not compatible with rapid growth. Another example includes top-level domains that have not been registered for the purpose of resale, such as .statoil and .bbc.

The world’s largest top-level domains
.com(126,6) .tk(28,6) .cn(19,5) .de(16,1) .net(15,6) .org(10,8) .uk(10,7) .xyz(6,2) .nl(5,6) .info(5,5)
Based on the number of domains (millions). The number of domains registered under .tk is based on data from September 2014, which is the most recent information publicly available. Other figures are from August 2016. (Source: CENTR)

Is the market becoming saturated?

For decades, actors in the domain market have seen a stable increase in the demand for domains. Recently, however, there are some indications that the market is maturing. Long-term trends for established top-level domains show growth in demands slowing down. The exception is a short-term spike in late 2015, which was caused by Chinese investors registering a large number of domains. The growth has begun to return to its previous level. The new top-level domains are growing faster than established domains 5, but for these domains, too, Chinese investors has been buying up domains in large numbers over the last year. For example, in April 2016, .xyz reported that more than 50 percent of registrations came from Chinese customers 6.

Growth in total domains
-0,4 % 0,0 % 0,4 % 0,8 % 1,2 % Jan-13 Jan-14 Jan-15 Jan-16
European ccTLD Median
Established top-level domains Median
Source: CENTR

If this trend of slowing growth in new registrations under established top-level domains continues, several top-level domains may soon experience zero growth. A saturated domain market will, in turn, lead to more fierce competition.

One additional explanation for the slowing demands may be that domain names have become less visible. Increased use of mobile devices means increased use of apps and clickable links, where the user does not have to relate to the domain name behind the content. At the same time, however, domain names are a central part of Internet infrastructure, and there is no competing technology in sight.

Branding is still the most common competitive strategy

Technically speaking, all domain names work the same way. As a result, top-level domains must use other means to differentiate themselves from competitors and create value for their customers. The most common strategy is to build an identity for the top-level domain, which, in turn, adds value for customers registering their domain names there. One example in this regard is .com, whose brand is so strong that many prefer a longer and more complicated .com domain over a shorter domain under a lesser known top-level domain. Similarly, .no has built a distinct identity as a Norwegian, high-quality domain; .no is the obvious first choice for companies and private individuals with a connection to Norway.

.no is the obvious first choice for companies and private individuals with a connection to Norway

Building a strong identity, however, is not achieved overnight. With more than a thousand new players now entering the field, it is going to take considerable resources and long-term marketing to just be visible in the crowd. New top-level domains need a strong business concept and a solid foundation for income generation to succeed, and the same could also be said for established top-level domains that haven’t been able to build a clear identity before newcomers flooded the market. 7

Can .Club truly be called a successful gTLD? Certainly it has reasonable registration volumes (at time of writing 156,000 names) compared with other gTLDs. These registrations were achieved through hard work and good marketing, but at what cost? With the larger registrars retailing .CLUB domain names at below $10, the total first year revenue (excluding premium domains) will be a maximum $1.5 million even if all registrars were selling at cost. In order to obtain these hard won registrations, .CLUB has reportedly spent way over $5 million on marketing and will be spending an additional $3.5 million next year.

There is no denying the quality and quantity of the marketing efforts expended by .CLUB to date, and as a marketer I applaud the professionalism of their campaigns. However, looking at these (admittedly speculative) figures, would a financial director consider .CLUB to be a successful business at the moment?

- Andy Churley, CMO at Famous Four Media (Source: Laursen)

In addition, the identity of a top-level domain is more than just branding. Its identity also reflects the “neighbourhood” its customers become a part of. A top-level domain where the majority of domains function as its customers’ primary site on the internet, is more attractive to new customers than if the majority of domains there serve no other purpose than to redirect visitors to other top-level domains 8. The value of a good “neighbourhood” also manifests itself when some security organizations recommend that companies block all traffic leading to specific top-level domains, because more than 90 percent of domains there are used for unwanted activities, such as spam, fraud and malware. 9

Identity is a central aspect in the competition between top-level domains, but they do, of course, also compete in terms of price. For example, .tk (Tokelau) has built one of the world’s largest top-level domains by ignoring the aspect of identity altogether, and instead offering .tk domains for free for the first year. If the customer at the end of the year does not wish to keep the domain, the organization managing .tk takes over, earning money by directing traffic from the domains to advertising sites. The new top-level domain with the highest number of registrations, .xyz, also climbed to this position by offering domains for free when starting up the top-level domain.

.tk built one of the world’s largest top-level domains by offering domains for free for the first year
28 million out of 326 million domain names
Source: Verisign 2016

New players may change the rules of the game

Even though the number of top-level domains has doubled many times over, the way the domain market works has remained relatively unaffected. Market liberalization often lead to changes in the fundamental “rules of the game” over time, however, as seen in other markets. The telecom market is one example in this regard. In principle, disruptive changes can come from any player, but in the domain market, perhaps the greatest potential for disruption lies with major players like Google and Amazon.

Both have a history of disrupting established markets by introducing new business models and new technology. Today, they hold approximately 40–50 top-level domains each 10, and more will follow as the last pending applications are processed. These players control many links in the value chain, and they also control a number of products that may be used with domains. This could give them the opportunity to take full control of the customers’ experience, giving customers a seamless, streamlined solution, provided they use their products. So far, not much has happened with their top-level domains, but one would be wise to keep an eye on these players in the domain market in the time to come.

Competition may also be external. Increased use of social media, such as Facebook and Instagram, offers alternatives to dedicated websites and e-mail. Unlike domain names, this option locks customers to a single provider and this provider’s terms and conditions for use. In exchange, these services are free, easy to use, and offer attractive added functionality, including the ability to connect users in a community with other users.

Where are these changes leading?

Operating a top-level domain has become more challenging. Increased competition is placing more and more exacting demands on established and new top-level domains; they have to generate tangible value for customers, either by the top-level domain’s identity or by additional services. There will most certainly be casualties. .doosan was the first new generic top-level domain to be discontinued, but it will probably not be the last 11.

All top-level domains are facing increased competition, regardless of whether the organization managing it aims to make a profit for owners and investors, or whether it is a non-profit organization tasked with a social mission. Norid’s vision is to run the registry for .no domains to the betterment of Norwegian society, and this still applies in the face of increased competition. The Norwegian top-level domain has a good reputation as a high-quality domain, but the work to keep up with society’s needs will remain a primary concern for us in the future.

For customers, increased competition and the large number of new players in the market mean they have a wider selection of options to choose from. For example, registering domains under several different top-level domains could open up new possibilities for profiling, and reflect an affiliation with specific groups.

The challenge with endless choice, of course, is that it may be difficult to find the right one. Nobody wants to set up the company’s new site under a top-level domain with a reputation for spam and malware. At the same time, this situation is no different from other industries; customers should always look into the reputation of those providing their critical services.

Norwegian domain names more secure with DNSSEC

Published: december 2016. Updated: september 2018

As the Internet assumes an ever more critical role in society’s infrastructure, it is becoming increasingly more important to ensure that information is not falsified or ends up in the wrong hands. DNSSEC is an important contribution to more secure communication online.

DNSSEC fraud

Why is DNSSEC important?

The Internet has become a key platform for value-creation in modern society. Online retailers in Norway had a total turnover exceeding NOK 21 billion in 20171. Three percent of all Norwegian domain names with a website has shopping basket functionality built in2 and for many businesses, online sales is the primary sales channel. The Internet is also a primary channel of communication between public agencies and the nation’s inhabitants and businesses, e.g. in connection with tax returns, employer's contributions and access to public services. In all these circumstances, it is extremely important that users actually end up on the website they intended to reach.

Domains and top-level domains

All devices connected to the Internet have their own unique IP addresses, which consist of a long sequence of numbers. The Domain Name System links unique domain names to the IP address.

Examples of domain names many use daily:,, and

The last part of the domain name—its “last name”—is the top-level domain the domain name is registered under. There are two different types of top-level domains: country code top-level domains (such as .no or .se) and generic top-level domains (such as .com or .org).

A website can be accessed in different ways: Clicking a link, via an app, via hits from a search engine, or entering the URL into a browser. All these methods of access entail looking up a domain name. The lookup initiates a search for an IP address used to contact the server operating the service the user is requesting access to. Originally, the domain name system was not designed to ensure that the return for a lookup actually came from the right source. This means it is possible for attackers to falsify returns and direct a user to another IP address than the one associated with the domain. For example, a user may be directed to a website that looks like the online retailer they intended to visit, but instead, the website is located on a server controlled by scammers.

What happens behind the scenes when you look up a domain?
1 2 3 4 5 root .no Resolver

Each domain name has a set of servers handling queries about addresses under the domain in question. These servers are called name servers.

A small application in your device contacts a dedicated server set up to handle queries in the domain name system, a so-called recursive resolver. This server is often operated by your Internet service provider.
The recursive resolver is tasked with finding the IP address of It forwards the query to one of the name servers for the top level of the domain name system (called the root). Root name servers only know the level below them in the hierarchy, and therefore returns a list of name servers for the top-level domain .no.
The resolver then forwards the query to one of the name servers for .no. These servers also only know the level below them, and therefore return a list of name servers for
The resolver repeats the query to one of the name servers for, which returns the IP address for
The resolver then forwards the IP address to your device. Once your browser is provided with the IP address, it contacts the web server at this address, and downloads the website you requested.

The resolver normally accepts the first response to its query, and does not verify that it comes from the right source.

DNSSEC (DNS Security Extensions) is a security mechanism that offers a solution to this problem. When a domain is secured by DNSSEC, all returns to domain queries will be signed cryptographically. This makes it possible to verify both that the response comes from the right source, and that it has not been changed along the way.

The signature is created by a private key accessible only to the operator of the domain name. The signature is validated by the device making the query in the domain name system retrieving a public key for the domain. It then pairs the key and signature to validate the answer. Given the hierarchy of the domain name system, a scammer cannot enter false keys in addition to false responses. The public key of a domain is part of an unbroken chain of keys validating each other, all the way to the top level. In order for DNSSEC to work, all levels have to be secured by DNSSEC. A chain is only as strong as its weakest link.

DNSSEC solves the problem of false responses to queries. It is important to be aware, however, that DNSSEC is only a small piece in a large puzzle of security measures needed to keep us safe online. DNSSEC ensures that we reach the address we wanted to reach, not that the contents of the site are safe.

Norway a world leader in securing the domain name system

Norid considers DNSSEC to be a key security component in the domain name system, and believes that the technology should be standard for Norwegian domain names.

Norid introduced DNSSEC as an infrastructure upgrade, and did not require domain holders to be aware of the technology or to actively order it to get the security upgrade for their domain. This approach to DNSSEC, however, required sufficiently sophisticated technology and a considerable effort on the part of domain name traders (registrars). Norid could facilitate for the implementation of DNSSEC, but the registrars had to do the job of signing and maintaining the domains for their customers.

Key DNSSEC milestones

2007: .se is the first top-level domain in the world to allow use of DNSSEC to secure its domains. Because the top level of the domain name system had not yet been secured, .se had to create a temporary solution to compensate for this.

2010: The top level of the domain name system is secured by DNSSEC.

2014: Support for the technology is available in the most common software for domain name system queries. DNSSEC is implemented for Norwegian domain names.

Despite the need for sophisticated technology and limited room for errors, many registrars quickly came on board. In May 2015, six months after Norid introduced the technology, the Norwegian top-level domain was among the world’s leading top-level domains regarding percentage of secure domains, where it has remained since 3. As of 1 September 2018, 439,109 .no domains have been signed using DNSSEC 4, which accounts for 57.9 percent of all domains under .no. Three other European country code top-level domains also stand out, with a large percentage of secured domains 5: Czech Republic (.cz), at 52.8 percent 6, the Netherlands (.nl), at 52.7 percent 7; and Sweden(.se), at 46.6 percent 8.

Norwegian domains secured with DNSSEC
500 100 000 200 000 300 000 400 000 Jan-15 Jan-17 Aug-18 31 August 2018 439 109
Development in the number of Norwegian domains secured with DNSSEC (source: Norid)

Even though .no has a very high percentage of secured domains overall, the degree of implementation among registrars varies considerably. As of September 2018, 94 of 350 registrars offering Norwegian domain names offer secure domains through DNSSEC. Only 21 of these have signed more than 10 percent of their domain portfolio. Consequently, the majority of secured domains are associated with a small number of registrars.

Distribution of signed .no domains across registrars
The ten registrars with the highest number of signed domains account for 98.4 percent of all signed domains.
Domeneshop AS (66,3 %) A/S (12,6 %) AS (7,8 %)
Digital Garden AS (6,3 %)
Syse AS (3,5 %)
ISPHuset Nordic AS (0,8 %)
Domenia Norge AS (0,4 %)
Active Data Norge (0,3 %)
Pro ISP AS (0,2 %)
NordkappNett AS (0,2 %)
Others (1,4 %)
Source: Norid

Key domains still not signed

With more than half of all Norwegian domain names secured with DNSSEC, this technology has become a new standard here. Even so, only ten percent of the twenty most popular Norwegian domains 9 are signed, whereof one domain is among the ten most popular domains.

The ten most popular Norwegian domain names
1. Ikke signert not signed
2. Ikke signert not signed
3. Ikke signert not signed
4. Ikke signert not signed
5. Ikke signert not signed
6. Ikke signert not signed
7. Ikke signert not signed
8. Signert signed
9. Ikke signert not signed
10. Ikke signert not signed

(Source:, Norid)

We see that public agencies lag behind in securing their domains. Less than half (47.3 percent 10) of domains registered by public administrative agencies have been signed using DNSSEC. It is a concern that the governmental domain categories ( and and the domain category reserved for the Armed Forces ( have not implemented the new technology. This means that domains under one of these domain categories, e.g., cannot choose to secure their site using DNSSEC, because the links above them in the chain are not secured. However, the degree of signing within public administration varies; while only 22 percent of state domain names have been signed, the municipalities have signed 54 percent of their domains.

At the forefront of validation as well

The large share of DNSSEC-secured Norwegian domains means many domain lookups yield signed returns. In order for this to protect the individual user, however, the server retrieving the return for the domain query must check (validate) it, ensuring that returns containing false or inadequate signatures are rejected. This is handled by dedicated servers (recursive resolvers), which are often operated by Internet service providers, hosting providers and service supervisors of internal networks within an organization. In order to fully utilize the potential of DNSSEC, as many as possible of these providers must secure their users by enabling validation.

The degree of validation in Norway has increased considerably since DNSSEC was introduced for Norwegian domains in 2014. As of 30 August 2018, approx. 80 percent of domain lookups in Norway are validated 11. The degree of validation for .no is high on a world-wide basis 12.

DNSSEC validation percentages by country
World map
Source:, 30 August 2018

The high degree of validation in Norway can be attributed to the fact that some major providers, such as Telenor Norge, Altibox, Nextgentel and Get, whose combined customer base is relatively large, have enabled validation. However, there are still some major providers, including Broadnet, that have not enabled validation.

The Norwegian Communications Authority is concerned with ensuring that users of electronic communication services have access to robust, secure and reliable electronic communications networks. DNS response validation is one of several tools to prevent users and systems from being directed to the wrong addresses, e.g. by scammers falsifying responses to domain queries. Most major top-level domains world-wide have implemented DNSSEC, and ICANN now requires all new generic top-level domains to implement the standard. In this context, it is encouraging to see .no leading the way, being at the top of the class world-wide for implementing DNSSEC. This will further contribute to reinforcing .no’s standing as a national top-level domain among the best in the world in terms of security and stability.

Ørnulf Storm, Section Director, Norwegian Communications Authority

DNSSEC in the future—what is possible with a secure infrastructure?

The immediate effect of DNSSEC is to safeguard users from false responses from the domain name system, but a secure domain name system also serves as a foundation on which we can build a whole new set of security features.

We are accustomed to being able to securely send e-mail, even at airports, in Internet cafés and using guest networks, because our devices exchange data with the e-mail server using a secure, encrypted connection that third parties cannot tap into or change. Similarly, we look for the green padlock symbol and HTTPS before transferring data such as credit card numbers, user names and passwords on websites we visit.

In order for these connections to be secure, our device must authenticate that it is communicating with the right service, and exchange the necessary cryptographic data. The authentication process largely relies on certificates issued by certificate authorities.

The problem is that there are very many certificate authorities, and the level of security they offer varies considerably.

The problem is that there are very many certificate authorities, and the level of security they offer varies considerably. Meanwhile, there has been a shortage of good mechanisms to inform users of which certificate authority is authorized to issue certificates for a given services, or which certificate or key the service in question uses. Google is among those who have experienced problems with this issue. In some cases, certificates have been issued for Google’s domains that have not been authorized by Google 13. Such unauthorized certificates make it possible for someone to hijack or tap into traffic to the service.

The domain name system offers a possible solution to this problem. The system’s main purpose is to respond with the IP addresses of a service under a given domain, but the system can also provide certain types of additional information, such as which certificate authority is authorized to issue certificates for a given service 14. DNSSEC enables the user’s device to trust this information, instead of having to accept certificates from every certificate authority.

This application is particularly relevant in Norway, seeing as we have already implemented DNSSEC to a relatively large degree, and most social critical services are available online. Public authorities have a large number of online services for communication with the nation’s residents. So far, approx. 30 percent15 of these web sites use HTTPS, but the Norwegian National Security Authority recommend that all these should be secured with this technology, using certificates issued by certificate authorities subject to Norwegian law 16. The need for public websites to securely be able to communicate which certificate authorities they use is therefore quite pressing.

In the future, the distribution of secure information about services through the domain name system may extend the use of certificates to services that currently do not have that option, e.g. e-mail. Software for mail servers implementing this functionality is already underway.

From theory to practice—some tools to check your DNSSEC status

Check to see if a Norwegian domain is secured using DNSSEC.
Enter the domain and see if it has been secured by DNSSEC, or enter an organisation number to see the DNSSEC-status of all the domain names of the organisation.

Find a registrar that can secure your domains with DNSSEC.
Choose to show only registrars that offer DNSSEC.

Check the validation status of your domain lookups.

Online presence – where and how?

Published november 2018

The internet is our primary arena for communication and branding, as well as a rapidly expanding marketplace for buying and selling goods and services. This means that anyone offering anything needs to be conscious of how they build their online identity.

Identity online

The internet has completely changed society. Over the course of a regular week in 2017, 96 percent of the population aged 9 to 79 used the internet1 . In 1995, only 5 percent did. These numbers both reflect the tremendous development that has taken place in a very short time period and indicate how important this infrastructure is in today’s society.

The internet is an important source of news, information and entertainment, and people use the internet as part of their jobs, in school, and in their personal lives. 71 percent of the people who use the internet over the course of a day, use it to send or receive e-mail. People who go on Facebook every day account for roughly the same percentage. More than half the population use the internet daily to look up facts or find background information. In addition, video, TV and music, usually in the form of streaming services, fight for people’s attention online2.

Usage of traditional and internet media an average day
53 13 9 9 51 36 71 12 73 57 62 36 Watched movies, TV, videos Public services Order/buy goods Book travel/tickets Banking services Info about events, restaurants, etc. Email Read blogs Facebook Other social media Facts/background information Watched ads
Source: Norwegian media barometer 2017

Our online habits mean the internet is a key platform for value-creation. Online retailers in Norway had a total turnover exceeding NOK 21 billion in 20173, and this figure keeps growing. Three percent of Norwegian domain names have shopping basket functionality built in4, and for many businesses, online sales are the primary sales channel. The internet has also become a primary channel of communication between public agencies and the nation’s inhabitants and businesses, e.g. for tax returns, employer's National Insurance contributions, and access to public services. When the public sector goes digital, an increasing number of services will be available online.

This development means that anyone offering anything, be it goods, services or information, must be online. There are many ways to establish an online presence, from your own domain to free services to a multitude of social media. In order to be perceived as professional – someone people can trust – it’s important to be conscious of how you choose to present yourself. Your choice of channel and the profile of your content will affect the identity you create for yourself and your business.

Email and websites are key channels

For Norwegian businesses, their own website is the most frequently chosen channel for one-to-many communication5. In addition, email is among the most common forms of communication online; most of us send or receive email daily.

There are several different ways to access these two channels. Your business may choose to register its own domain name and create a website and email using that domain, such as and Or you can choose to use one of the many free email providers, such as or There are also providers who let you create a free website using their service. and are just two examples.

Domain names and top-level domains

All devices connected to the Internet have their own unique IP addresses, which consist of a long sequence of numbers. The Domain Name System links unique domain names to the IP address.

Examples of domain names many use daily:,,, and

The last part of the domain name – its “last name” – is the top-level domain the domain name is registered under. There are two different types of top-level domains: country code top-level domains (such as .no or .se) and generic top-level domains (such as .com or .org).

The drawback of using free services is that your business will have an email address or a website that is linked to that specific service provider, such as and, and you have to comply with the provider’s terms of use. If the provider changes its terms of use or close the service, your business is forced to find a new address and inform all of its customers, suppliers and partners about the new contact information.

It is also important to keep in mind that not all addresses are created equal; customers and others have more faith in some than others. For example, businesses who rely on free email addresses is perceived as less professional than those whose email addresses are on their own domain.6

A free email address makes a less professional impression than an email address on a business’ own domain
Disagree Neither agree nor disagree Agree Don’t know Population Businesses 0 % 25 % 50 % 70 % 100% 53 19 23 5 69 9 21 1
Businesses who rely on free email addresses, such as ‘’ seem just as professional as businesses whose email addresses use their own domain, such as ‘’.

Source: Survey on the use of domain names in Norway (performed by Ipsos on behalf of Norid, September 2017)

With its own domain name, the business itself – the domain holder – is free to set the rules for the content and decide what the domain is to be used for. The domain holder is free to choose which provider to use for website, email and other services, and can take the domain name and its content to another provider if they want. Most Norwegian businesses (83 percent)7 have registered at least one domain name.

Your choice of neighbourhood means a lot for your reputation

Norwegian domain names are domain names ending in .no, which is the Norwegian country-code top-level domain. As of August 2018, there are approx. 300 country-code top-level domains and 1250 so-called generic top-level domains8 worldwide. Most are open to anyone who wants to register a domain, so there are plenty of options.

Technically speaking, all domain names work the same way, regardless of which top-level domain they are registered under. Most top-level domains have chosen roughly the same level of pricing. For customers, that means that the choice of top-level domain primarily becomes one of identity; what do they want to be associated with? The identity of a top-level domain – its brand – gives value to any domain name registered under it.

One example of the importance of top-level domain identity is .com, which is a popular top-level domain. It is getting crowded, but its brand is so strong that many prefer a longer and more complicated .com domain over a shorter name under a lesser known top-level domain. One of the first top-level domains to try to build a competing brand was .biz, which was launched in 2001. 10 years later, however, only one .biz domain was among the 500,000 most popular websites worldwide, while there were 323,000 .com domains9 on the list.

Another top-level domain with a strong brand is .no. There is a clear consensus in Norway that .no is the most recognizable in the Norwegian market10, and it has a definite identity as Norwegian and as a quality domain. Of Norwegian businesses that have registered domains, 95 percent have chosen to register one or more under .no. They list .no being easy to find for customers, that .no indicates it’s a Norwegian business, and that .no signals that they are professional as important factors in choosing a .no domain.11

The top-level domain .no is associated with quality
.no signals we are professional .no shows we are aNorwegian business 0 % 25 % 50 % 70 % 100% 70 10 15 4 83 8 8 1 .no is easiest to findfor our customers,users or members 80 7 10 3 Important Somewhat important Not important Don’t know
‘How important are the following factors in your business’ choice to register one or more .no domains?’.

Source: Survey on the use of domain names in Norway (performed by Ipsos on behalf of Norid, September 2017)

The identity of a top-level domain is more than pure branding, however. It also reflects the “neighbourhood” its customers become a part of, i.e. which other domains have been registered within the top-level domain and what they are used for. A top-level domain where the majority of domains are used as the domain holders’ primary home on the internet, is more attractive to new customers than if the majority of domains serve no other purpose than to redirect visitors to other top-level domains12, or worse, are registered for activities such as spam, fraud and malware.

One of the factors influencing the type of neighbourhood a top-level domain fosters, is the requirements imposed on those seeking to register domain names. Top-level domains with few or no identification requirements, and which also offer free registration, tends to attract questionable activities13.

Spammers must rotate the domain names in their call-to-action URLs as they get filtered as spam, and having a limitless pool of free domain names lowers their costs. Even a cost of a few dollars per domain name adds up if the domain name can only be used for tens of messages before being rendered useless.

Source: Cloudmark Security Blog, 2013

It’s no coincidence that top-level domains like .tk, for example, who has minimal requirements for its applicants and offers free domain names the first year, long has been regarded as such a top-level domain. In 2013, one of the largest providers of anti-spam solutions reported that 90 percent of .tk domains they had encountered were used to send spam14. The same trend can be found in several of the top-level domains established in recent years.15

At the other end of the spectrum, we find the Norwegian top-level domain, where anyone who wants to register a domain name must identify themselves, by providing either an organization number registered in the Register of Business Enterprises, or a national identity number registered in the National Population Register. This means there is a real person or business behind every Norwegian domain name. This is a requirement that has strong support among Norwegian businesses and in the general population.16

In Norway, we have also decided to put a cap on the number of domain names each domain holder can register. The idea behind this requirement is to make sure there are good names available for future domain holders, too, but it also serves as an obstacle for those who want to register a large number of disposable domains to spread spam or malware. Of course, these requirements don’t necessarily mean you can trust everything that comes from a Norwegian domain name, but they contribute to making .no a good neighbourhood. This, in turn, add value to all Norwegian domain names, something which is reflected in how people prefer to shop from a Norwegian domain name if all other factors are equal.17

Prefer to buy from online stores with Norwegian domain names
4 9 87 1 12 86 Other Other Population Businesses
‘If you were to buy something online, which of these websites would you prefer to shop from?’

Source: Survey on the use of domain names in Norway (performed by Ipsos on behalf of Norid, September 2017)

A domain name is the business’ own little corner on the internet, and so becomes a central part of the digital identity of the business. Knowing that, it’s important to choose a top-level domain that reflects the identity the business is trying to build. Nobody wants to set up the company’s new site under a top-level domain with a reputation for spam and malware. This is no different online than in other contexts; customers normally look into the reputation of those providing critical services.

Social media

Social media are applications that help you create and share content and participate in social networks. A large amount of people use these channels daily. With 2.2 billion active users, Facebook is the most popular social medium worldwide, followed by YouTube and WhatsApp.18

There are considerable differences from country to country in terms of which social medium is most popular. In Norway, Facebook is the most popular, with around 3.4 million Norwegians having their own profile, followed by Snapchat and Instagram.19 Their popularity, however, is in stark contrast to the level of trust people have in these channels as a source of information. As much as a third of the population indicate that they have low or very low trust in Facebook, whereas around a quarter say the same of Snapchat and Instagram.20

Social media use in Norway
83 63 54 44 29 29 21 Facebook Snapchat Instagram YouTube Twitter LinkedIn Pinterest
Share of Norwegian population over the age of 18 with a profile on various social media services.

Source: Social media tracker Q2’18 (Ipsos)

Social media invites interaction and participation to a much greater extend than conventional websites do. The threshold for two-way communication is low, and it is easy for users to establish a basic relationship as a “follower” etc. of businesses or events they are interested in.

Because the success of a social network is entirely dependent on how many people use it, most social media have chosen a business model that focuses on growth. Having a user profile is free. The service is financed by running ads in various forms.

Different social media are used in different ways. Platforms like Facebook focus on creating constant interaction, primarily between family and friends. They achieve this by facilitating for users to share status updates, photos, social games, etc., while mechanisms like likes, comments, and sharing functions as social rewards for active users. Other types of social media, like Twitter, are about fast mass communication. There are also some social media that benefits the user even if they don’t create a profile and actively connect with other users in the network. YouTube is one example. You can see content shared on YouTube without creating a profile. 71 percent of the Norwegian population over the age of 18 use this service every month, but only 44 percent have their own profile.21

Seeing as the different social media attract different user groups, you can reach specific groups by strategically choosing where and how to communicate. This makes it possible to reach those most interested in your message. In addition, some social media also offer the opportunity to segment users by behaviours and characteristics, making it possible to home in on the desired target audience based on the purpose of your message.

One drawback to using social media is that you are using a channel where the provider sets the terms of use. The provider will likely have some restrictions on the type of content one is allowed to post, for example, and these do not necessarily comply with Norwegian law or Norwegian expectations. This is what happened in 2016, when Facebook removed a photo of a naked child fleeing a napalm attack during the Vietnam War22, or when they blocked the instructional photos posted by Ammehjelpen, a breastfeeding help group.23

The social media provider is also the one to decide if and when to change the terms of use, and if so, what these changes will entail. Facebook, for example, has changed the algorithms for how a post shows up in people’s news feeds24 several times, and the chances of a business reaching a wide audience by posting a regular status update (organic reach) have been severely reduced. Naturally, changing the terms in turn also affects the strategy businesses apply in their use of the channel.

It’s important to be aware that most social media channels require quite broad authorizations from users in terms of exploiting the content produced and uploaded by users. For example, the terms of use for Facebook, Google, Snapchat, Twitter and LinkedIn include the right to use, copy, distribute, display, publish, make available and create derivative works of user content.25 In addition to covering most forms of commercial and non-commercial use of the content, several social media services also require that any rights acquired by them be transferable to third parties. As a result, users lose control of the content they produce.

What does this mean for end-users? A broad license may be used to do something as innocent as making a thumbnail out of your profile picture and making it accessible to your friends; or something as unnerving as printing out your chat messages and selling them to the highest bidder. What is important to note is that this decision – what kind of content use the platform providers will engage in – is completely out of the user’s hands: by giving an all-encompassing license, they relinquish control over their content. It is now up to the platform providers to decide what they want to do with it – depending on which features they want to introduce. Of course, it is quite likely that they will not actually do everything that they may do under the license. Yet, this does little to alleviate serious concerns about potential abuses.

Source: Novovic, 2018

A stable identity in an ever-changing landscape?

One of the challenges of being online is the difficulty of building a stable identity customers recognize and trust in a landscape that is forever changing. Social media come and go, and it’s hard to know which channels will be relevant in the future.

Having your own domain makes it possible to build a stable presence online, with content under the company’s control and ownership. 79 percent of Norwegian businesses believe their domain name is important for their brand, and most use it as a gateway to their products or services.26

In addition, a conscious approach to social media can create increased visibility and interaction in connection with important messages from the business. Around 14 percent27 of Norwegian websites have integrated a Facebook module (widget) on their site. After the business’ own website, Facebook is the most popular channel of communication.

Important communication channels for Norwegian businesses
Business website Facebook 0 % 25 % 50 % 70 % 100% 57 17 10 16 44 17 17 23 To a large degree To some degree To a limited degree Not at all
‘To what degree does your business use different channels of communication? Would you say you use the following channels...?’

Source: Survey on the use of domain names in Norway (performed by Ipsos on behalf of Norid, September 2017)

Which types of social media a business chooses to use will depend on where its target audience is and which social media give the best value for money.

In today’s information jungle it can be difficult to present a clear and recognizable profile. In order to build a uniform digital identity, it can be a good idea to use the same profile name in several channels. If your domain name – be it your company name or the name of a product – is used in email addresses and as profile names in social media, it’s easier for people to remember and recognize your business across different channels.

From theory to practice – the name is key to building your digital identity

It can be hard to decide on a name when establishing a new business, service or product. The Norwegian Industrial Property Office has some tips to choosing a good name:

Check to see if the name is available for registration and free of encumbrances or restrictions (the service checks the Domain Register, the Central Coordinating Register for Legal Entities and Trade Mark Register in one go):