If you are a reader of DotWeekly.com, you know this is not the first time that I have written about the whois domain name database system and how it is broken! The biggest problem is, it’s not getting any better and something needs to be done about it!

Why is the whois system broken? Because domain name registrars allow it to happen! It all starts at domain name registrars and the lack of verification upon an individual creating an account.

No hard evidence is needed to create an account. Nothing to really verify who you really are. This is a problem!

Since you really can be who you want to be when you create an account, that same data is shown in the public whois data records.

This is a problem! Why? The internet is strongly known for fraud. This can come in many ways and I do not need to list the full list of potential things that can happen. When one of these things does happen, the people with knowledge of the whois system nearly instant do a whois query on the specific domain name.

The mind set on the person doing the whois query, is that the data provided is correct! Not always the case.

Blame!

So some type of fraudulent activity has taken place. A whois query is done and displays what the person thinks is valid data in the whois database and puts blame based on this data.

What if that data is YOU but you do not own the domain name? What if the data used in the whois information is YOUR data. Name, mailing address, phone number etc….

Maybe the fraud that took place on the domain name / website is stealing credit card data. According to whois data, people would paint YOU as the person doing it!

What if the domain name in question infringed on trademark laws? Who would be named in the lawsuit? YOU and who would have to pay the legal bills to defend your good name? YOU!

Even though you may not own a specific domain name or have anything to do with emails going out from it, the site that is up or any tactics used with a specific domain name, your details may be associated with it in the domain name owners whois database and paint the picture that it is you!

All 1,100 + domain name registrars need to fix the broken whois system! ICANN.org clearly needs to get involved and put in a verification process. The "who do you want to be" whois system needs to be fixed!

A domain name is like a loaded gun. Domain names are extremely powerful. Put in the wrong hands, a lot of damage can be done and no "real" system is in place to show who REALLY owns it!

I think the verification process needs to be something like this. It can be done. Will it cost money, yes, but it will also lower fraud drastically!

2 or 4 Forms of verification~ (this may need some tweaking, but you get my point)

1.) You must provide a registrar a copy of a Valid State issued Driver Licenses/ State ID.  Information would be verified here using a system like this. If it’s a New Sign up, they would need to provide there ID number and last 4 digits of their social security only!

2.) A recent copy (2 months or newer) of a Utility Bill showing your Name, Address, City, State, Zip and Account Number. (Same if you are a business)

3.) A recent copy of a Telephone Bill (land line or cellular) showing your Name, Address, City, State, Zip and the Phone Number for that account. (Random calls will be placed for verification)

4.) The last 4 digits of your social security number.

The Whois would house the information provided once these things were Approved and you would become Verified.

For those who trust whois data currently, you should not be so trusting! Secondly, it is likely, without you even know it, that your data might be in use for domain names you do not own Right Now! I wish there was an easy way for you to check this, but there is not. What would fix it, is a better verification process at registrars and the data to go along with the account that later turns into whois data.