ICANN ICANN Email List Archives

[gnso-rap-dt]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: What about unauthorized registrations? Re: [gnso-rap-dt] Updated document and wiki pages

  • To: gnso-rap-dt <gnso-rap-dt@xxxxxxxxx>
  • Subject: Re: What about unauthorized registrations? Re: [gnso-rap-dt] Updated document and wiki pages
  • From: "Mike O'Connor" <mike@xxxxxxxxxx>
  • Date: Sat, 18 Jul 2009 09:44:08 -0500


sounds just right.

m

On Jul 17, 2009, at 3:51 PM, Greg Aaron wrote:


So, this sounds like an item to be added to the WG's list of topics. Shall
we call it "use of stolen/fraudulent credentials"?

With best wishes,
--Greg


-----Original Message-----
From: Frederick Felman [mailto:Frederick.Felman@xxxxxxxxxxxxxxx]
Sent: Saturday, July 11, 2009 11:28 AM
To: martinsutton@xxxxxxxx; Rod Rasmussen; gnso-rap-dt
Subject: RE: What about unauthorized registrations? Re: [gnso-rap-dt]
Updated document and wiki pages


Rod - It is great idea and thanks for this. I think that your idea is good for criminal abuse of the domain name system but does not address the bulk of registration abuse by percentage which includes brand rights own abuse.

Applying this idea will be effective for criminal abuse, especially if the registrar is a bad actor. However, for all the legitimate registrars there is already a strong incentive not to take registrations from fraudulent
cards/payments.  Registrars most often are not paid for fraudulent
registrations. And, adding insult to injury, they incur ICANN and Registry
fees for the registration.

Moreover, I'd bet that the bulk of all abusers including brand and other
criminal activity use valid cards/payments for the bulk of brand abuse
because they can actually make "legitimate" revenue from ads and affiliates on sites registered. I'd bet the folks at retail registrars like Demand
Media/Enom or some of the registries could tell us about registration
cancellation percentages due to financial fraud to tell us the exact scale.

With respect to account takeover, that's being addressed by SSAC and others
directly.

While the form of registration abuse you've identified is new to this group and remediation will help mitigate some financial fraud, it doesn't help
brand rights owners for the other forms of abuse.

Consequently, please lets not dismiss other abuse just yet.

- Fred

-----Original Message-----
From: owner-gnso-rap-dt@xxxxxxxxx on behalf of martinsutton@xxxxxxxx
Sent: Sat 7/11/2009 2:47 AM
To: Rod Rasmussen; gnso-rap-dt
Subject: Re: What about unauthorized registrations?  Re: [gnso-rap-dt]
Updated document and wiki pages

Rod,

Prevention rather than cure - that's a novelty :-)

I like your thoughts on this Rod.

It would be useful to get some metrics on this to illustrate the scale of the problem and how it affects Registries and Registrars. I fear that in isolation, these may not appear significant and are absorbed within costs of doing business, whereas combined data would show a more worrying picture.

Make sure you get out in the sun more often...

Kind regards,

Martin

Martin Sutton
Manager, Group Fraud Risk and Intelligence
Ph:  ++44 (0)20 7991 8074
Mob:  ++44 (0)777 4556680
Sent from my BlackBerry

*********************************

HSBC Holdings plc
Registered Office: 8 Canada Square, London E14 5HQ, United Kingdom
Registered in England number 617987

*********************************



----- Original Message -----
From: Rod Rasmussen [rod.rasmussen@xxxxxxxxxxxxxxxxxxxx]
Sent: 10/07/2009 15:48 MST
To: gnso-rap-dt@xxxxxxxxx
Subject: What about unauthorized registrations? Re: [gnso-rap-dt] Updated
document and wiki pages



So perusing this list again, it struck me that we've done a great job
capturing what potentially abusive things people are doing with
domains they do register, but not how they're actually registering
them, outside of perhaps front running and a kind of "side effect"
abuse of false whois data.  I could argue (but won't get drawn into
that with this post) that the other two "registration" abuses we have
listed are really post-registration abuse (mis)use (cybersquatting,
inappropriate use of whois), as that's where the harm is really felt.

The thing we're missing is the use of stolen/fraudulent credentials to
obtain the registration in the first place!  This is the enabling
force behind all (other than really stupid) criminal abuse of the
domain registration process.  A criminal will use one of three methods
to obtain a new domain name: a stolen credit card/bank/payment
account, a fake financial instrument (card, check, transfer), or
unauthorized access to someone else's domain management account.  If
you kill this problem, most of the criminal uses of fraudulently
registered domains (i.e. post registration abuse) disappear.  There
are certainly many methods out there to use to verify the authenticity
of the domain applicant, screen fraudulent credentials, score
transactions, and the like.  That seems like a very fruitful area of
pursuit to putting a real dent in all domain abuse issues to me.

Soooo...  am I just missing something here, or should we make this a
major part of the work of this group - how to curtail the abuse of the
domain registration system by people registering domains using stolen/
unauthorized credentials?  Seems to me that's certainly an abuse AT
THE POINT OF REGISTRATION and it directly affects registrar and
registry operations at that time, and will affect everyone else in the
food chain eventually.

Just food for thought on a beautiful Friday afternoon.

Cheers!

Rod

On Jul 10, 2009, at 3:52 AM, Marika Konings wrote:

Dear All,

As discussed on our last call, I have updated the definitions
document to add a category to capture the discussion on potential
recommendations (see attached). I have also added this column to the
relevant wiki pages. In addition, I have moved the comments and
notes related to the abuse definition discussion to a separate wiki
page (see https://st.icann.org/reg-abuse-wg/index.cgi?abuse_definition)
, to focus the document on our current discussion.

With best regards,

Marika



-----------------------------------------
SAVE PAPER - THINK BEFORE YOU PRINT!

This E-mail is confidential.

It may also be legally privileged. If you are not the addressee you
may not copy, forward, disclose or use any part of it. If you have
received this message in error, please delete it and all copies
from your system and notify the sender immediately by return
E-mail.

Internet communications cannot be guaranteed to be timely secure,
error or virus-free. The sender does not accept liability for any
errors or omissions.


- - - - - - - - -
phone   651-647-6109
fax             866-280-2356
web     www.haven2.com
handle OConnorStP (ID for public places like Twitter, Facebook, Google, etc.)




<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy