ICANN: Most web domain registrations are faulty

A new report on the accuracy of domain registrations has found 77 per cent of records have information that is missing, incorrect or deliberately falsified.

web

Three out of every four web domains is registered with information that is either false or incomplete, according to domain oversight body ICANN.

The organisation has just released a 35-page report (PDF) into the accuracy of WHOIS registrant contact information, and just 23 per cent of the 1,419 records sampled were found to be completely accurate, although around double that amount met a slightly relaxed version of the criteria.

In compiling the report, ICANN looked at an internationally representative sample of records across five generic top level domains (.com, .org, .net. .info and .biz).

In each case, the address was checked against postal records and mapping data for deliverability, searches were conducted in phone listings for a link between name and address, and contact was attempted with the named registrant using the supplied phone number.

And while it found that many oversights were clearly innocent, ICANN said it was clear that some applicants had no intention of being completely accurate. "There is no question that there are people who register domains without disclosing their full or real identity," the report said.

"While we didn't find any cases where an identity had been stolen... given the latitude that people have in choosing what information to provide when registering a domain name, identity theft may not be necessary; it is all too easy for registrants to enter any or no name, along with an unreliable or undeliverable address."

The report also concluded that it would be hard to guarantee a higher degree of accuracy without passing some costs on to the consumer: "The cost of ensuring accuracy will escalate with the level of accuracy sought, and ultimately the cost of increased accuracy would be passed through to the registrants in the fees they pay to register a domain."

ICANN has opened a 60-day public comment on the report, at the end of which it will prepare a summary analysis of the submissions received.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021
What is public key infrastructure (PKI)?
Security

What is public key infrastructure (PKI)?

12 Jan 2021

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021
BT faces £600m class-action lawsuit for 'overcharging'
Policy & legislation

BT faces £600m class-action lawsuit for 'overcharging'

18 Jan 2021