Domain Name Security Measures To Keep Your Online Property Safe
You may be able to protect your tangible property with security guards, CCTV surveillance and electric fences, but what about protecting your domain name? If you thought that domain names don’t need protection, then you are mistaken. Every domain name which is in use is continuously appreciating in price. This means that if the wrong person gets a hold of it, they may be able to make big money. This article explains the security measures introduced by ICANN to allow you to protect your property and ensure that your intellectual property is safe online.
This is one of the simplest security measures which every domain owner must implement. Locking your domain prevents any person from transferring it. There are also various other locks which registrars implement to prevent unauthorized Name Server changes or deletion requests. Till the lock is enabled, there is complete safety of the domain from unauthorized transfers. Even a legitimate transfer cannot be initiated when the domain is locked.
Authorization Code / EPP Code
Before a person can transfer a domain name to another registrar, he must obtain a secret code or password from the old registrar, which he must provide to the new registrar. This code establishes that the person with the code had access to the domain control panel and it also establishes that the domain in question is the same one being transferred. Failure to provide a correct code will prevent the domain from being transferred. Although most popular tlds like.com provide this service, not all tlds follow this practice.
WHOIS Details Verification
As of January 1, 2014 the Internet Corporation for Assigned Names and Numbers (ICANN) has mandated that all ICANN accredited registrars begin verifying the Registrant WHOIS contact information for all new domain registrations and Registrant contact modifications. This means that if you change the domain Registrant details, an email alert will be sent asking you to verify the changes. Similarly for new domain registrations, if the email address is not verified the domain name is suspended after a few days. DMARC policy
Transfer Approval Email
When a domain is being transferred, a transfer approval email is sent to the WHOIS registrant of the domain, asking them to click a link to approve the transfer. When the link is clicked, the registrant can either approve the transfer or reject it. This adds a second layer of protection so that even if the Auth Code has been leaked or stolen, unless the email address of the Domain Owner is compromised, the domain cannot be transferred away.
Renewal Grace Period
Even after expiry of the domain name, registrars must allow upto 30 days for the domain owner to renew the domain name. This helps domain owners who have forgotten to renew or were unable to renew their names on time, some grace duration, during which they can still renew at the same price.
Even after the renewal grace period if the domain owner has not renewed the name, a further period of about 15 days is allowed to give him a last chance to renew the name. However, the renewal during this period is charged at an exhorbitant price, mostly 10 times the price of the domain names ordinary renewal price. This is like a penalty for the domain owner but still gives him the exclusive option of renewing the name at a premium.
Public WHOIS database
ICANN has made it mandatory for domain name registrars to make the contact details of every domain owner publicly visible, so that any person who wants to know these details can do so by simply doing WHOIS lookup. This allows domain owners to monitor their own domain’s contact details as well as allow a trademark owner to collect information on the ownership details of a domain mark which they may have an interest in.