<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] Draft Anti-Phishing Best Practices Recommendations for Registrars
- To: Ross Rader <ross@xxxxxxxxxx>
- Subject: Re: [ga] Draft Anti-Phishing Best Practices Recommendations for Registrars
- From: Danny Younger <dannyyounger@xxxxxxxxx>
- Date: Thu, 25 Oct 2007 08:37:43 -0700 (PDT)
Re...and what exactly are you basing this misguided
opinion on?
The testimony of Mr. Rick Wesson, President and Chief
Executive Officer, Alice's Registry, Inc., before the
Subcommittee on Courts, the Internet and Intellectual
Property, of the Committee on the Judiciary, U.S.
House of Representatives --
http://commdocs.house.gov/committees/judiciary/hju91605.000/hju91605_0.HTM
"We launched the service Fraudit, as in Fraud Audit,
for registrars to increase their data accuracy at the
ICANN ? at the 2002 ICANN meeting in Shanghai, China.
To our surprise, registrars were somewhat angered to
learn that someone had come up with a solution to the
Whois data accuracy problem.
Registrars appeared to believe that as long as no
solution existed, there was no good reason to audit
their registrant data. In fact, the only time that
they performed self-audits was when the registrar was
faced with a financial loss.
Registrars have been hit hard with credit card fraud,
and one large registrar had a rather embarrassing
incident by nearly losing their merchant account,
removing their ability to take credit cards over the
Internet, all because of fraud.
Although all registrars experience some credit
card fraud and most have invested in mitigating that
risk, they have not attempted nor invested in the
ability to prevent the introduction of fraudulent
registrant data. As long as a domain is paid for and
the registrar is not hit with a credit card
charge-back, there is no business reason to prevent
invalid registrant data from the Whois system.
My ultimate realization that ICANN, gTLD
registries, and accredited registrars had no
intention, desire, or incentive to audit their
registrant data caused us to withdraw the product from
the Whois accuracy space."
As I understand Rick's comments, unless there is a
compelling business reason, most registrars won't
spend a dime just to do "the right thing". APWG
recommendations on data collection won't be supported
for exactly the same reason that Fraudit was never
supported -- it will cost some money.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|