The Registrant Verification (RV) process is a 15-day window during which a registrant must provide an affirmative response to an email that OpenSRS sends to them. The verification process applies to all generic TLDs.
Registrant Verification overview
The domain owner must confirm their contact details via an email sent by OpenSRS. Failure to confirm the elements results in the domain becoming suspended and services being disabled. The verification process applies to all gTLDs. Registrant verification does not affect domain renewals.
The registrant
The registrant in OpenSRS is the organization contact record found in the Reseller Web Interface (RWI) or the owner contact record in the Reseller Control Panel (RCP).
Note: Only the owner contact is subject to verification, not the administrator, billing, or technical contact.
Verification process
The verification process is a 15-day window during which a registrant must provide an affirmative response via an email sent to them.
The email displays a link the registrant must click to take them to the verification page. The verification page shows the email address and first and last name used to register the domain. The page also includes a link to the domain registration terms and conditions and a checkbox the registrant must click to confirm that they agree to the terms and conditions.
Failure to respond to this email results in domain suspension. Services on the domain cease working while under suspension.
Data sets
OpenSRS verifies three pieces of registrant contact data: first name, last name, and email address.
When a registrant purchases, transfers, or updates a domain's registrant contact information, OpenSRS first checks to see if a previously verified record exists for that combination of first name, last name, and email address.
The domain is automatically verified when an exact match exists, and no further action is required. When an exact match does not exist, the registrant receives an email asking them to confirm their data. For example, John Doe john@example.com differs from Johnathan Doe john@example.com, requiring independent verification.
Verification status
Locate the registrant verification status in the RCP on the domain list or when viewing the domain details. A list of all domains and their RV status is available as a report to download manually or automatically send daily.
To find the status in the RCP:
- Login to the RCP.
- Enter the domain name in the quick search field and click Search.
- The registrant verification status is in the domains overview section.
Statuses
| Unverified | The verification process is not in progress. The domain does not need to be verified. |
| Pending | The verification process is initiated. |
| Verifying | The verification process is in progress and is waiting for the registrant's response to the email. |
| Verified | The registrant is verified. |
|
Suspended |
OpenSRS interrupts the DNS and prevents the domain from resolving. The domain is set to ClientHold status. |
| Manual review | The registrant data has been submitted and undergoing manual verification by the Tucows compliance team. |
Reports
The CSV file available is a spreadsheet including the current email address for the domain name, the date the verification began, the suspension date, and the registrant's first and last names.
To obtain a report:
- Login to the RCP.
- Click on Download daily registrant verification CSV file.
Verification triggers
Any new registration, transfer in, contact updates, WDRP bounce, or mandatory renewal reminders bounce triggers the verification process.
Changing any registrant contact details initiates the verification process for unverified domains. Changing the registrant's first name, last name, or email address on verified domains triggers the verification.
When WDRP messages bounce, the domain enters the verification process.
Owner changes
Completing the ICANN trade process completes the registrant verification process. Registrants must verify the new contact info as part of the process. Only the new address receives the registrant verification request.
Messaging
The registrant receives an email to verify their contact information on days one, five, ten and 13. On day 16, when a registrant hasn't verified their data, they receive an email informing them that we have set the domain to suspended status.
Note: Messages take up to 24 hours to go out.
On days 10 and 13, the admin and billing contacts for the domain receive emails notifying them of the upcoming suspension. These admin/tech notification messages do not include the link to verify the domain details.
Timing
All verification emails are sent out immediately except for suspensions, and the five, 10, and 13-day reminders go at 04:00 UTC. When manually sending the email, it goes out within minutes.
Resending messages
When verification is required, the message may be resent. The option to resend the verification email is available for sub-resellers in the RWI.
Resend via RCP
- Login to the RCP.
- Enter the domain name in the quick search field and click Search.
- Click Resend verification email from the domains overview section.
Resend via RWI
- Login to the RWI.
- Enter the domain name in the view domain field under the domain registration administration section and click Query.
- Click Resend registrant verification email from the domain management section.
- Click Ok.
Toggle registrant verification messaging.
Resellers choose whether their daily notice is enabled or not through the RCP or the RWI.
Toggle reseller messaging via RCP
- Log into the RCP.
- Click Messaging and confirmation.
- Toggle the switch for the registrant verification status report.
Toggle reseller messaging via RWI
- Login to the RWI.
- Click View message templates.
- Toggle the checkmark from the box beside Registrant verification message to RSP under the registrant validation messaging section.
- Click Submit at the bottom of the page.
Customization
Logos uploaded to the branding page are displayed instead of the OpenSRS logo. Resellers can change the link registrants see in the RV message, and add custom header and footer texts. It is possible to specify a custom domain as well.
The text of the message body cannot be modified, but resellers can add text above and below the existing text using snippets.
Modify the verification hostname and URL through the RCP and RWI.
Note: When setting up a custom hostname, configure the CNAME record on the address pointing to approve.domainadmin.com and allow it to propagate fully.
Customization via RCP
- Login to the RCP.
- Select Account settings.
- Click the Branding tab.
- Click Edit in the registrant verification page section.
- Modify the available options as needed.
- Click Submit in the bottom right corner.
Customization via RWI
- Log in to the RWI.
- Click Branding. from the profile management section.
- To modify the hostname, update the customized data quality and ICANN registrant verification hostname and URL section as needed. Click Save.
- To modify the RV landing page, update the customize ICANN registrant verification page section as needed.
API
Two API commands are directly related to registrant verification.
get_registrant_verification_status |
The response provides the current state of the verification request for a domain. |
send_registrant_verification_email |
This triggers the verification email to the registrant when verification is required. |
63 Comments
Hi Emerge - Thanks for sending in a ticket with the domain in question. The issue here was that the .ORG domain being verified had Domain Locking enabled. Like any change to a .ORG domain, you must unlock the domain first before you can make the update. The registrant validation process does not add any locks to the domain name and the information can be edited normally to update the contact information if it is out of date.
Hi Eric,
If you manage a domain, you should see an option in the last pull down menu to allow you to modify your contact information.
Thanks, Michael:
But there's no option to verify the WDRP information through the clients' domain area of WHMCS (WHMCS, ver 5.2.15 + DomainsPro, ver. 1.0).
Is this a new feature of the OpenSRS DomainsPro, ver. 1.1?
Eric Pretorious
Technical Operations Manager
Rocket-Powered.com
Hi Eric,
WDRP notices are only asking you to verify the contact information is correct. If you notice something is incorrect, you'll need to update the contact information in the area I specified in the previous post.
I'm getting a report daily on two domains that need verification, however each of these domains are scheduled to expire naturally, so no verification is not necessary. Can notification be suppressed for domains that are no longer in use and set to expire?
"... so no verification is not necessary ..." ignore the double negative: I think you know what I meant :^)
Item #1:
I just received the email after registering a new domain for myself. However, unlike the above example, my name is not capitalized. Now I registered it using the "retrieve data" function from a previously registered (at opensrs) domain. I checked the information on the OpenSRS Control Panel and it's correct. According to what's been stated previously, this domain name should have not needed verification as the registrant name and email are current (and used for many domains). How can I change the capitalization of the name so that it's correct?
Item #2:
In checking the "Domains" control panel, the listings of recently auto-renewed names show a mix of "Verified" and "Unverified". In checking the details page, however, the "Unverified" names show as "Verified", I never received any email requesting verification, and there was no menu item available to resend the email. When I went back to the "Domains" page, the name showed (suddenly) as "Verified". This happened with 12 domain names that have auto-renewed since the 1st of the year. I visited the details page for each of them, it showed as "Verified" there, and when I went back to the control panel, the name showed as "Verified".
I'm concerned more about Item #1 - I just wanted to report Item #2, as it seems to be a little glitch in the system, perhaps having to do with default display labels and database updates.
Hi Michael,
Yes, even if a domain is expiring in the future, the verification is required. If the verification is not complete, the domain will be suspended. If you or your client are not using he domain and are fine with it being suspended, please ignore the reminders but there is no way to stop them. The reason we cannot turn off verification for domains which are set to expire is because there could be an active website running in the meantime and second, ICANN requires us to follow the policy. Hope that helps!
Hi Terry,
Item #1: Please send us an email (help@opensrs.com) or call (1-888-511-7284 ) us as we would need examples to look at.
Item #2: Yes, we did have a few reports of this and our development team have implemented a fix recently.
Thanks,
Amrinder
Regarding the last Tucows statement by "Amrinder Lubana"...
"Item #2: Yes, we did have a few reports of this and our development team have implemented a fix recently."
We recently updated an invalid email address for a Registrant's domain record, went to the domain details page in the OpenSRS Control Panel, selected the "Actions" drop-down where the "resend the verification email" to the registrant had been located in previous instances, but it's not there as expected. So I can't resend the verification email to the Registrant so they can verify, and remove their domain from the verification process. Oddly, the domain's "Registrant Verification Status" shows "Verified", even thought the Registrant hasn't actually done so since we updated the email contact.
Is there some bug in the system? It's not entirely clear, since this has not been the case for several other domains we've already gone through the verification process for.
Regards, Derek
Hi Derek,
This would mean that the information entered has been previously verified in the past, so there is no need to reverify.
Michael, I'm not sure that makes sense. From what I understand of this verification process, a domain needs to be verified after the contact info changes. In this case, we updated the old invalid contact email, to a new valid one. We changed this. It was my understanding that after each change to name or email, it needs to be verified. Contrary to every other domain we've had to do this for so far, this domain was not verified after the contact change, it was not possible, I could not resend the verification email. This appears to be inconsistent with the other domains we've updated the same way so far. I donlt see how "he information entered has been previously verified in the past", since it was updated with a new email address.
Hi Derek,
If you've previously verified a fname/lname/email address combination, then any future domains with that same information are automatically verified. If you would like us to double check the domains and contact info status, please open a ticket and we can clarify exactly what happened.
That's what I'm trying to explain, it's not the same "fname/lname/email address combination", because we updated the email address to a new, completely different one. No other action was taken after we updated the email address, yet somehow the status is "verified". On every other occasion where we updated a domain's contact email address, it required that a) we resend the verification email to the Registrant and b) the Registrant got the email, clicked the link, and completed the verification process. However this time, neither a) nor b) were required/possible/done.
Hi Derek,
Can you please send us the details via help@opensrs.com? We will investigate the issue and get back to you.
-Amrinder
Thanks for your update, I'd like to use it.
But with Vietnamese language, we can not update it correctly. All characters shown as error. Please ensure your page has support "Unicode language".
Regard,
Khoi Nguyen
You wrote:
"Note: You cannot change any of the wording on the Registrant Verification page, but you can add text above and below the existing text."
If you see a page containing both English and non-English text, would you trust that page? Would you click anything on that page?
It is unfortunate to see OpenSRS fails to understand this so far. Both in e-mail and webpage.
Hi Arthur,
While the not-editable content is in English only, we do allow for all reseller to add their own paragraph in the footer or header in what ever language they would like. We do this because of ICANN's policy, and really the main reason why we do this is for auditing reasons. ICANN requests us to send those messages in the language of our registration agreement with the registrant this is in English, so we are required by our contract to send those messages in English.
-Amrinder
@Amrinder Lubana
Assuming what you say is true, then we must be able to find this requirement in the ICANN RAA 2013 or one of the ICANN Concensus policies on which your accreditation depends. Let us check:
https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en
Nowhere is language mentioned, except
_ 7.8 Language. All notices, designations, and Specifications or Policies made under this Agreement shall be in the English language._
To be clear, this does not refer to notices sent by Registrars to end users. I understand where the OpenSRS Tucows confusion comes from, as there is 1 (one) policy where it actually is specified:
https://www.icann.org/resources/pages/policy-2012-03-07-en
The FOA shall be communicated in English, and any dispute arising out of a transfer request, shall be conducted in the English language.
From this we can draw 2 conclusions about the registrant verification e-mails. If they need to be communicated in English, then:
they would have_ specified_ you to do so, yet ICANN hasn't;
you are already in breach because you are allowing resellers to customize in other languages, yet Tucows OpenSRS is not in breach.
The problem is that the OpenSRS e-mails look like spam. If you will accept that you are misinterpreting ICANN, then please have your developers stop including english text in your variables. If not, let us know why and how you interpret the complexity that is ICANN.
where i can register ?
Hi Azarias,
Please see the how-to video below for domain registration:
https://opensrs.com/resources/video-library/
How to register a new domain
For reseller account sign up, please see
https://opensrs.com/join/
Could I please ask why we need to verify the email address used in WHOIS .. AND ... we still get those annoying "WHOIS Data Confirmation for example.com" emails?
Hello Markus,
The emails you are speaking are part of the whois data reminder policy established by ICANN. It is my opinion that the policy is in place to ensure that registrants keep their information up to date as it can often be forgotten when a change of address or mail provider occurs. The policy states the following requirement for registrars:
"At least annually, a registrar must present to the registrant the current Whois information, and remind the registrant that provision of false Whois information can be grounds for cancellation of their domain name registration. Registrants must review their Whois data, and make any corrections."
You can read more about this this policy here:
https://www.icann.org/resources/pages/registrars/consensus-policies/wdrp-en
Yeah great rewording of what I said, but why have two systems?
Isn't the ICANN one a bit pointless as some time may have past since registration and as domain owners, we, get tons of other crap in our mailboxes too.
Either confirm the email at the point of registration but ICANN FFS stop the pointless "WHOIS Data Confirmation for example.com" especially if the information is wrong, the email doesn't magic itself into the inbox of the correct user.
Hello Markus,
If you aren't satisfied with this ICANN policy you are welcome to contact them and let them know your feelings on the matter. As an ICANN accredited registrar we are obligated to follow the rules and policies set out by ICANN. That is to say we cannot choose to stop sending the WDRP emails.
If you have more questions it maybe easier to talk about them over live chat or phone. You can find our contact details here:
https://opensrs.com/why/contact/
@Markus Schrijver
The first e-mail is sent to make sure e-mail is received (and traced) by the domain owner. This allows use by Law Enforcement and though disputable, they are part of the ICANN process and something had to be included for them. They care more about this at registration than a bounce at a later stage, by the way.
The WDRP is a consensus policy between old gTLD registries and the registrars at the time (~2000) and has been for more than 10 years. Registrant data can change and needs to be updated if the WHOIS is to provide accuracy. The false assumption is that the e-mail address is somehow a constant, while your address and phone number are expected to change. Nowadays, rather the reverse is true. This will become even worse with registrant updates in 1 August 2016, where even updating an e-mail address requires a secure confirmation.
ICANN policies are not regularly measured for effectiveness or user friendliness. Sometimes they are evaluated by an independent review to see if the goals of the policy (safety, compliance, responsibility to the community) are met. Invariably policies satisfy such constraints simply by their nature.
To influence ICANN, I'd say give your input for policy goals to the GNSO council members and give your support for the DMPM working group (statistics), and hope that common sense, objectivity and user friendliness will increase at ICANN.
@OpenSRS
The e-mails are still mixed in English and non-English half-way. Will the new e-mail platform provide a solution to this problem?
Hello Arthur,
We are currently working on an update to the account messaging platform. Multi-language support is being added. So far I can say that what is being allowed is to have a message template in multiple languages. The project is still under development and all of the features haven't been finalized. There is no ETA for completion.
I don't know for sure what is being done with the "controlled" portions of the email... that is to say the parts that aren't allowed for edit by resellers and it may be too early to say for sure what the plan is.
In summary know that we are looking to add multi-language support for messaging templates in an upcoming release.
Regards,
Aaron
I seem to remember being able to upload the control now only available, AFAIK, at manage.opensrs.net
Could we not be responsible for sending the verification email and be able to upload the verification code to https://mycompany.domains for an example?
We are under a legal obligation to provide emails in English and another language, think of yourselves as being in Canada and having to provide your emails in English and French.
If I get asked WTF is http://approve.domainadmin.com/
What seems to be confusing customers is that we call you OpenSRS and anything related to http://approve.domainadmin.com/ says Tucows and for years people have been told never to click on confirmation emails in case they validate their email address is in use and you can get more spam
Hello Markus,
I have created a help request and sent you a private email regarding your questions. The reply was large and to properly format it I felt email was a better communication medium. Please check your mailbox for that.
Regards,
Aaron
I mentioned this in my email above from February 23, 2014:
#2
In checking the "Domains" control panel, the listings show a mix of "Verified" and "Unverified". In checking the details page, however, the "Unverified" names show as "Verified", When I go back to the "Domains" page, the name showed (suddenly) as "Verified".
This bug is still occurring 2 years later, and when you have more than a few domains registered, it's a waste of time to have to go through the process of opening each individual domain page and then navigating back to the "Domains" tab to see the name show up as "Verified". Is this ever going to be fixed? I really don't want to spend a couple of hours every year dealing with this bug, just so I can see accurate results on the "Domains" tab.
Thank you.
Hello Terry,
Thank you for bringing this to my attention. I am going to follow up with you via email with more details on what I am doing to get this looked at.
Regards,
Aaron