Step 1
Declare assets
Publish domains, email domains, social accounts, and apps in company.json.
ODAR - Official Digital Assets Registry
Know what is real.
Stop what is not.
Namesec helps companies publish and protect their official domains, emails, social accounts, and apps. It gives users, partners and systems a verifiable source of truth to detect impersonation and phishing.
DNS verified
HTTPS proof
Signed record
Machine-readable
The problem
Phishing wins when official is unclear
Companies run dozens of domains, multiple social accounts, and fragmented identities across products, regions, and campaigns. Attackers exploit that ambiguity.
- No single source of truth for official assets.
- No machine-readable standard to verify legitimacy.
- No browser-native way to evaluate brand identity.
A fake support handle can trigger account takeovers. A lookalike domain can collect passwords in hours.
The solution
A standard for official identity
Namesec introduces a verifiable record at .well-known/company.json to declare official assets, prove ownership, and power browser and API trust checks.
{
"company": "Brand",
"domains": ["brand.com", "brand.io"],
"socials": {
"facebook": "brand",
"instagram" : "brandoffocial",
},
"apps" : {
"android": "com.brand.android"
},
"email" : ["security@brand.com"]
}Key insight
The internet verifies servers, but not brands.
TLS secures connections. DMARC secures email. Namesec secures identity across the entire attack surface.
How it works
Step 2
Verify ownership
Bind records to DNS, HTTPS, and signatures so every listed asset is provably yours.
Step 3
Detect and protect
Use browser signals and API checks to flag impersonation and reduce phishing risk.
Product features
Asset registry
Publish your official domains, email domains, social accounts, and apps in one canonical record.
Signed verification
Prove ownership through DNS, HTTPS, and signatures so declared assets are trustworthy by default.
Impersonation monitoring
Track typosquatting domains, fake social profiles, and lookalike properties before they scale.
Browser warnings
Show users clear legitimacy signals and warnings when a destination does not match verified identity data.
Verification API
Integrate asset trust checks into onboarding, support workflows, and customer-facing security surfaces.
Comparison
Not another point solution
| System | What it secures | What it misses |
|---|---|---|
| DMARC | Secures email channels | Does not verify websites, socials, or apps |
| SSL/TLS | Secures server connections | Does not verify brand identity |
| Namesec | Unifies official assets | Verified, signed, and machine-readable across the attack surface |
Social proof
Built for high-trust teams
- Used by security teams at fast-growing startups.
- Protecting thousands of domains and social handles.
- Adopted by fintech, crypto, and SaaS operators.
Positioning angles
Message tests
Stop phishing at the root
A trust layer for the internet
Know every official asset your company owns
Publish what is official. Block what is fake.
Namesec is the trust infrastructure layer for startups, fintech, crypto, and modern SaaS companies. Make your official asset graph verifiable and machine-readable today.