Registrant Verification FAQs

This article answers common questions questions about the how OpenSRS will handle Registrant Validation.

 

 

Q1: Who is the Registrant?

A: The Registrant in OpenSRS is the Organization Contact Record (RWI) or Owner Contact Record (RCP).  Please note that the verification process is only for the Owner contact, not the Administrator, Billing, nor the Technical contact.  

 

Q2: What exactly is the validation process?

A: The validation process is a 15 day window during which a Registrant must provide an affirmative response to an email that OpenSRS will send to them. The email contains a link that the Registrant is asked to click. When they click this link, they are taken to a page that displays the email address, first and last name that they used to register the domain. The validation email message also includes a link to the domain registration terms and conditions and a checkbox that they must click to indicate that they agree to those terms and conditions. Failure to respond to this email will result in the domain being suspended.  The website and the email service for the domain will stop working.  The validation page looks something like this:

registrant_validation_email_message2.gif.jpg

Q3: Can I change what my customers see so that they don't know that registrant verification is done through OpenSRS?

A: Yes. Some customers may be suspicious of a link that takes them to an OpenSRS page instead of one owned by their Reseller. In order to avoid confusing your customers, you can customize what they see so that it appears that verification is done through you. If you have uploaded your logo to the Branding page, they will see your logo at the top of the page instead of the OpenSRS logo. In addition, you can change the link that your customers see in the Registrant Verification email, you can add custom text that will appear above and below the text of the Registrant Verification page, and you can specify the page to which you want them to be sent once they verify their contact information.

Note: You cannot change any of the wording on the Registrant Verification page, but you can add text above and below the existing text.

Before you begin: If you want to specify your own hostname, you need to set up a CNAME record that points to approve.domainadmin.com. Be sure to allow time for it to propagate before adding it to the registration verification branding.

You can customize the verification hostname and URL through the RCP or RWI. Both options are outlined below.

RCP

 1. From the gear icon dropdown menu, select Account Settings.


2.
Scroll to the Registrant Verification Page section and select Edit.

3. Switch your Link Hostname from Default to Custom.

4.Enter your HTML in the appropriate Header or Footer Field.

Note: You have the choice to customize your header and footer content for ICANN Registrant Verification Page or .UK Domains Data Quality Registrant Verification

5. Select Preview to view your newly customized header of footer.

6. Select Submit to save these changes.

 

RWI

  1. In the Profile Management section of the RWI, click Branding.
  2. Scroll down to the section called Customize Registrant Verification hostname and URL.
  3. In the URL field, enter the URL to which you want customers to be sent when they click Verify Information on the verification page.
  4. In the Hostname field, enter the URL that you want your customers to see in the verification email  message.
  5. Click Save.

Customize_Registrant_Verification_hostname.gif

 

To add your own text to the verification page

  1. In the Profile Management section of the RWI, click Branding.
  2. Scroll down to the section called Customize Registrant Verification Page.
  3. Enter your text in the Section - Header and Section - Footer sections.
  4. Optionally, click Preview Text Changes to see what the page will look like.

Customize_Registrant_Verification_Page.gif

 

Q4: What does "suspended" mean?

A: Suspended means that we interrupt the DNS and prevent the domain from resolving. The domain will be placed on ClientHold.

 

Q5: Can I check the validation status of my domains through the API?

A: Yes. There are two new API commands that are related to registrant validation. You can use the get_registrant_verification_status command to see the current state of the verification request for a domain. In addition, you can use the command send_registrant_verification_email to send or resend the verification email to the registrant. You can find details about these two commands in the API guide.

 

Q6. Can I get a report through the Control Panel?

A: Yes. On the Dashboard page of the Control Panel, under Reports, you can click Download Daily Registrant Verification CSV File. You can choose to open or save the file.   The CSV file is a full list of domains in your Reseller account that are in the Registrant Verification process.  The CSV file is a spreadsheet where you will see the current email address for the domain name, the date the Verification began, the Suspension date if the domain is Suspended as well as the first and last name of the Registrant.  You can use this information to reach out to the customer and update the contact information.  A new Verification email is sent out immediately when the contact info is updated.

 

Q7: What do the other statuses mean?

A: When you view domains in the Control Panel or through the API, in addition to Suspended, you could see the following verification statuses:

  • Unverified--The validation process has not been initiated.  The domain does NOT need to be verified.
  • Pending--The validation process has been initiated, and the validation email will be sent.
  • Verifying--The validation process has been initiated and is waiting for registrant response.
  • Verified--The registrant has been validated.
  • Manual Review--The registrant data has been submitted and is being validated manually by the Tucows Compliance team.

 

Q8: What information does the registrant need to validate?

A: OpenSRS will be validating three pieces of registrant contact data: First name, Last name and Email address. When a registrant purchases, transfers, or updates a domain's registrant contact information, OpenSRS first checks to see if a previously validated record exists for that combination of First name, Last name, and Email Address.  If an exact match exists, the domain will be considered validated and no further action is required. If an exact match does not exist, the registrant will be sent an email asking them to validate their First name, Last name, and Email Address. For example, John Doe john@doe.com is different from Johnathan Doe john@doe.com, and both will require separate validation.

 

Q9: Which TLDs does this process apply to?

A: The validation process applies to all gTLDs. This also includes the new gTLDs.

 

Q10: What action will trigger the validation process?

A: Any new registration, transfer in, contact updates, WDRP or mandatory renewal reminders bounce-back will trigger the validation process. 

 

Q11: What change will trigger the validation process for an existing domain?

A: For an unverified domain, any change to the contact information (registrant/admin/tech/billing) will trigger the validation process.  For an already verified domain, any change to the registrant's first name, last name, or email address will trigger the validation process. 

 

Q12: What else will trigger the validation process for an existing domain?

A: If the WDRP or ERRP (Day 30 and Day 5 Renewal Notices) bounce, the domain will enter the validation process.

 

Q13: Will previously registered domain names require validating as of Jan. 1/2014?

A: No, we do not have to retroactively validate domain names.

 

Q14: How many emails will a Registrant receive once the validation process has started?

A: A Registrant will receive an email to validate their contact information on day 1, day 5, day 10 and day 13. On day 16, if they haven't validated their information, they will receive an email informing them that their domain name has been suspended. 

On day 10 and 13, the Admin and Billing Contacts on the domain will also receive emails notifying them that the domain will soon be suspended. These emails, however, do not include the link to verify the domain registration details (that is only sent to the registrant email address).

 

Here is a diagram showing the timelines:

 

Q15. How do I resend the email?

A. In the Control Panel, find and display the domain, and then from the Actions drop-down menu, choose Resend Registrant Verification Email. If you do not see this option, check the registrant status to see if it says "Unverified".  An unverified state means that the verification process has not been triggered for the domain so you do NOT need to verify it. 

In the RWI, find and display the domain, and then in the Domain Management section, click Resend Registrant Verification Email.

If you're using the API, you can issue the send_registrant_verification_email command.

 

Q16: It's day 80, and the Registrant wants to validate their name. What do they do?

A: Instruct them to contact their reseller, who can then resend the validation email. If you are the reseller, you can resend the email via the API or the Control Panel. In the Control Panel, display the domain details, and then, from the Action drop-down menu, choose Resend Registrant Verification Email. If you are using the OpenSRS API, the command is called send_registrant_verification_email. The domain will remain suspended until the Registrant visits the link included in that email. 

 

Q17. Can a Sub-reseller resend the verification emails to their customers?

A. Yes, we now added the option to resend the verification email in the RWI (reseller web interface). So sub-resellers can now resend the verification emails. 

 

Q18: How long will it take for my domain to come back online after I validate my information?

A: Your domain should come back online instantly, but some caching issues may delay that by a few hours. 

 

Q19: My domain is suspended due to a bounced WDRP or ERRP notice so I can't receive the validation email. What do I do?

A: Registrant or reseller should login to their applicable interface (RWI, MWI, RCP, custom billing system, etc) and update the email address. This will trigger the validation process if necessary. 

 

Q20. If a domain is suspended, will it still auto-renew?

A: Yes it will.

 

Q21: One of my domains WDRP or ERRP notice has bounced. Does that mean all my domains with the same contact information will enter the validation process?

A: No, the validation process only applies to that specific domain name where the WDRP and ERRP notice bounces. However, we would recommend that the registrant check their email address on all other domains to prevent any future WDRP or ERRP bounces.

 

Q22: How does the validation process work if a Registrant purchases/manages domain names from different resellers?

A: If a Registrant buys or manages domain names from multiple resellers, validating their contact info at one reseller, will automatically validate their contact info with all other OpenSRS resellers.  However, the Registrant will receive separate notifications to validate their contact info from each reseller.

 

Q23: If the Registrant updates their address via the MWI or other interface, does the validation email only go to the new address? Is the previous address notified or required to do anything?

A: Registrants will be required to validate the new email address only and only the new address will receive the validation emails.

 

Q24: When are the validation emails sent out?

A: All verification emails are sent out immediately except for suspensions and 5/10/13 day reminders which are sent out at midnight (EST time). If a reseller manually resends the email through the control panel, it gets sent out immediately. 

 

Q25. I don't need you to send me a list of suspended domains every day. How do I stop the messages?

A: You can disable the message through the Control Panel or through the RWI.

In the Control Panel, click the gear icon on the upper right, then on Account Settings, then Account Messaging. Scroll down to the Registrant Validation messages, and remove the checkmark from the box beside Registrant validation message to RSP.

In the RWI, click View Message Templates, scroll down to the Registrant Validation Messaging section and remove the checkmark from the box beside Registrant validation message to RSP.

Have more questions? Submit a request

62 Comments

  • Avatar
    Frank L.

    Hi Emerge - Thanks for sending in a ticket with the domain in question.  The issue here was that the .ORG domain being verified had Domain Locking enabled.  Like any change to a .ORG domain, you must unlock the domain first before you can make the update.   The registrant validation process does not add any locks to the domain name and the information can be edited normally to update the contact information if it is out of date.

  • Avatar
    Michael Levine

    Hi Eric, 

    If you manage a domain, you should see an option in the last pull down menu to allow you to modify your contact information.

  • Avatar
    Eric Pretorious

    If you manage a domain, you should see an option in the last pull down menu to allow you to modify your contact information.

    Thanks, Michael:

    But there's no option to verify the WDRP information through the clients' domain area of WHMCS (WHMCS, ver 5.2.15 + DomainsPro, ver. 1.0).

    Is this a new feature of the OpenSRS DomainsPro, ver. 1.1?

    Eric Pretorious

    Technical Operations Manager

    Rocket-Powered.com

  • Avatar
    Michael Levine

    Hi Eric,

    WDRP notices are only asking you to verify the contact information is correct. If you notice something is incorrect, you'll need to update the contact information in the area I specified in the previous post. 

  • Avatar
    Michael Ursitti

    I'm getting a report daily on two domains that need verification, however each of these domains are scheduled to expire naturally, so no verification is not necessary.  Can notification be suppressed for domains that are no longer in use and set to expire? 

  • Avatar
    Michael Ursitti

    "... so no verification is not necessary ..."     ignore the double negative: I think you know what I meant :^)

  • Avatar
    Terry Schilling

    Item #1:

    I just received the email after registering a new domain for myself. However, unlike the above example, my name is not capitalized. Now I registered it using the "retrieve data" function from a previously registered (at opensrs) domain. I checked the information on the OpenSRS Control Panel and it's correct. According to what's been stated previously, this domain name should have not needed verification as the registrant name and email are current (and used for many domains). How can I change the capitalization of the name so that it's correct?

    Item #2:

    In checking the "Domains" control panel, the listings of recently auto-renewed names show a mix of "Verified" and "Unverified". In checking the details page, however, the "Unverified" names show as "Verified", I never received any email requesting verification, and there was no menu item available to resend the email. When I went back to the "Domains" page, the name showed (suddenly) as "Verified". This happened with 12 domain names that have auto-renewed since the 1st of the year. I visited the details page for each of them, it showed as "Verified" there, and when I went back to the control panel, the name showed as "Verified".

     

    I'm concerned more about Item #1 - I just wanted to report Item #2, as it seems to be a little glitch in the system, perhaps having to do with default display labels and database updates.

  • Avatar
    Amrinder L.

    Hi Michael, 

    Yes, even if a domain is expiring in the future, the verification is required. If the verification is not complete, the domain will be suspended. If you or your client are not using he domain and are fine with it being suspended, please ignore the reminders but there is no way to stop them. The reason we cannot turn off verification for domains which are set to expire is because there could be an active website running in the meantime and second, ICANN requires us to follow the policy. Hope that helps! 

    Hi Terry,

    Item #1: Please send us an email (help@opensrs.com) or call (1-888-511-7284 )  us as we would need examples to look at. 

    Item #2: Yes, we did have a few reports of this and our development team have implemented a fix recently. 

     

    Thanks,

    Amrinder

     

  • Avatar
    domain

    Regarding the last Tucows statement by "Amrinder Lubana"...

    "Item #2: Yes, we did have a few reports of this and our development team have implemented a fix recently."

    We recently updated an invalid email address for a Registrant's domain record, went to the domain details page in the OpenSRS Control Panel, selected the "Actions" drop-down where the "resend the verification email" to the registrant had been located in previous instances, but it's not there as expected. So I can't resend the verification email to the Registrant so they can verify, and remove their domain from the verification process. Oddly, the domain's "Registrant Verification Status" shows "Verified", even thought the Registrant hasn't actually done so since we updated the email contact.

    Is there some bug in the system? It's not entirely clear, since this has not been the case for several other domains we've already gone through the verification process for.

    Regards, Derek

  • Avatar
    Michael Levine

    Hi Derek,

    This would mean that the information entered has been previously verified in the past, so there is no need to reverify.

  • Avatar
    domain

    Michael, I'm not sure that makes sense. From what I understand of this verification process, a domain needs to be verified after the contact info changes. In this case, we updated the old invalid contact email, to a new valid one. We changed this. It was my understanding that after each change to name or email, it needs to be verified. Contrary to every other domain we've had to do this for so far, this domain was not verified after the contact change, it was not possible, I could not resend the verification email. This appears to be inconsistent with the other domains we've updated the same way so far. I donlt see how "he information entered has been previously verified in the past", since it was updated with a new email address.

  • Avatar
    Michael Levine

    Hi Derek,

    If you've previously verified a fname/lname/email address combination, then any future domains with that same information are automatically verified. If you would like us to double check the domains and contact info status, please open a ticket and we can clarify exactly what happened. 

  • Avatar
    domain

    That's what I'm trying to explain, it's not the same "fname/lname/email address combination", because we updated the email address to a new, completely different one. No other action was taken after we updated the email address, yet somehow the status is "verified". On every other occasion where we updated a domain's contact email address, it required that a) we resend the verification email to the Registrant and b) the Registrant got the email, clicked the link, and completed the verification process. However this time, neither a) nor b) were required/possible/done. 

  • Avatar
    Amrinder L.

    Hi Derek,

    Can you please send us the details via help@opensrs.com? We will investigate the issue and get back to you. 

    -Amrinder

  • Avatar
    HostVN

    Thanks for your update, I'd like to use it.

    But with Vietnamese language, we can not update it correctly. All characters shown as error. Please ensure your page has support "Unicode language".

    Regard,

    Khoi Nguyen

  • Avatar
    Arthur Zonnenberg

    You wrote:

    "Note: You cannot change any of the wording on the Registrant Verification page, but you can add text above and below the existing text."

    If you see a page containing both English and non-English text, would you trust that page? Would you click anything on that page?

    It is unfortunate to see OpenSRS fails to understand this so far. Both in e-mail and webpage.

     

  • Avatar
    Amrinder L.

    Hi Arthur,

    While the not-editable content is in English only, we do allow for all reseller to add their own paragraph in the footer or header in what ever language they would like. We do this because of ICANN's policy, and really the main reason why we do this is for auditing reasons. ICANN requests us to send those messages in the language of our registration agreement with the registrant this is in English, so we are required by our contract to send those messages in English.

    -Amrinder

  • Avatar
    Arthur Zonnenberg

    @Amrinder Lubana

    Assuming what you say is true, then we must be able to find this requirement in the ICANN RAA 2013 or one of the ICANN Concensus policies on which your accreditation depends. Let us check:

    https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en

    Nowhere is language mentioned, except

    _ 7.8 Language. All notices, designations, and Specifications or Policies made under this Agreement shall be in the English language._

    To be clear, this does not refer to notices sent by Registrars to end users. I understand where the OpenSRS Tucows confusion comes from, as there is 1 (one) policy where it actually is specified:

    https://www.icann.org/resources/pages/policy-2012-03-07-en

    The FOA shall be communicated in English, and any dispute arising out of a transfer request, shall be conducted in the English language.

    From this we can draw 2 conclusions about the registrant verification e-mails. If they need to be communicated in English, then:

    • they would have_ specified_ you to do so, yet ICANN hasn't;

    • you are already in breach because you are allowing resellers to customize in other languages, yet Tucows OpenSRS is not in breach.

    The problem is that the OpenSRS e-mails look like spam. If you will accept that you are misinterpreting ICANN, then please have your developers stop including english text in your variables. If not, let us know why and how you interpret the complexity that is ICANN.

     

  • Avatar
    Azarias Rafael Beltre Perez

    where i can register ?

  • Avatar
    Li Cheng

    Hi Azarias,

    Please see the how-to video below for domain registration:

    https://opensrs.com/resources/video-library/
    How to register a new domain

    For reseller account sign up, please see

    https://opensrs.com/join/

  • Avatar
    Markus Schrijver

    Could I please ask why we need to verify the email address used in WHOIS .. AND ... we still get those annoying "WHOIS Data Confirmation for example.com" emails?

  • Avatar
    Aaron Bailey

    Hello Markus,

    The emails you are speaking are part of the whois data reminder policy established by ICANN. It is my opinion that the policy is in place to ensure that registrants keep their information up to date as it can often be forgotten when a change of address or mail provider occurs. The policy states the following requirement for registrars:

    "At least annually, a registrar must present to the registrant the current Whois information, and remind the registrant that provision of false Whois information can be grounds for cancellation of their domain name registration. Registrants must review their Whois data, and make any corrections."

    You can read more about this this policy here:

    https://www.icann.org/resources/pages/registrars/consensus-policies/wdrp-en

  • Avatar
    Markus Schrijver

    Yeah great rewording of what I said, but why have two systems?

    Isn't the ICANN one a bit pointless as some time may have past since registration and as domain owners, we, get tons of other crap in our mailboxes too.

    Either confirm the email at the point of registration but ICANN FFS stop the pointless "WHOIS Data Confirmation for example.com" especially if the information is wrong, the email doesn't magic itself into the inbox of the correct user.

  • Avatar
    Aaron Bailey

    Hello Markus,

    If you aren't satisfied with this ICANN policy you are welcome to contact them and let them know your feelings on the matter. As an ICANN accredited registrar we are obligated to follow the rules and policies set out by ICANN. That is to say we cannot choose to stop sending the WDRP emails.

    If you have more questions it maybe easier to talk about them over live chat or phone. You can find our contact details here:

    https://opensrs.com/why/contact/

  • Avatar
    Arthur Zonnenberg

    @Markus Schrijver
    The first e-mail is sent to make sure e-mail is received (and traced) by the domain owner. This allows use by Law Enforcement and though disputable, they are part of the ICANN process and something had to be included for them. They care more about this at registration than a bounce at a later stage, by the way.

    The WDRP is a consensus policy between old gTLD registries and the registrars at the time (~2000) and has been for more than 10 years. Registrant data can change and needs to be updated if the WHOIS is to provide accuracy. The false assumption is that the e-mail address is somehow a constant, while your address and phone number are expected to change. Nowadays, rather the reverse is true. This will become even worse with registrant updates in 1 August 2016, where even updating an e-mail address requires a secure confirmation.

    ICANN policies are not regularly measured for effectiveness or user friendliness. Sometimes they are evaluated by an independent review to see if the goals of the policy (safety, compliance, responsibility to the community) are met. Invariably policies satisfy such constraints simply by their nature.

    To influence ICANN, I'd say give your input for policy goals to the GNSO council members and give your support for the DMPM working group (statistics), and hope that common sense, objectivity and user friendliness will increase at ICANN.

    @OpenSRS
    The e-mails are still mixed in English and non-English half-way. Will the new e-mail platform provide a solution to this problem?

  • Avatar
    Aaron Bailey

    Hello Arthur,

    We are currently working on an update to the account messaging platform. Multi-language support is being added. So far I can say that what is being allowed is to have a message template in multiple languages. The project is still under development and all of the features haven't been finalized. There is no ETA for completion.

    I don't know for sure what is being done with the "controlled" portions of the email... that is to say the parts that aren't allowed for edit by resellers and it may be too early to say for sure what the plan is.

    In summary know that we are looking to add multi-language support for messaging templates in an upcoming release.

    Regards,

    Aaron

  • Avatar
    Markus Schrijver

    I seem to remember being able to upload the control now only available, AFAIK, at manage.opensrs.net

    Could we not be responsible for sending the verification email and be able to upload the verification code to https://mycompany.domains for an example?

    We are under a legal obligation to provide emails in English and another language, think of yourselves as being in Canada and having to provide your emails in English and French.

    If I get asked WTF is http://approve.domainadmin.com/

    What seems to be confusing customers is that we call you OpenSRS and anything related to http://approve.domainadmin.com/ says Tucows and for years people have been told never to click on confirmation emails in case they validate their email address is in use and you can get more spam

  • Avatar
    Aaron Bailey

    Hello Markus,

    I have created a help request and sent you a private email regarding your questions. The reply was large and to properly format it I felt email was a better communication medium. Please check your mailbox for that.

    Regards,

    Aaron

  • Avatar
    Terry Schilling

    I mentioned this in my email above from February 23, 2014:

    #2

    In checking the "Domains" control panel, the listings show a mix of "Verified" and "Unverified". In checking the details page, however, the "Unverified" names show as "Verified", When I go back to the "Domains" page, the name showed (suddenly) as "Verified".

    This bug is still occurring 2 years later, and when you have more than a few domains registered, it's a waste of time to have to go through the process of opening each individual domain page and then navigating back to the "Domains" tab to see the name show up as "Verified". Is this ever going to be fixed? I really don't want to spend a couple of hours every year dealing with this bug, just so I can see accurate results on the "Domains" tab.

    Thank you.

  • Avatar
    Aaron Bailey

    Hello Terry,

    Thank you for bringing this to my attention. I am going to follow up with you via email with more details on what I am doing to get this looked at.

    Regards,

    Aaron

Please sign in to leave a comment.
Powered by Zendesk