Hi,

My registrar put my domain on lock against my will without me knowing. Do you know I way I can have my domain name back ?

Thanks,

Arkad

log in and unlock it.

The unlock option ask me for the last 4 digits of my SS# I have no idea what an SS# is ???. Since I didn't lock my domain, I can't know what the SS# 4 digits are :(

It stands for "Social Security #".

They are asking for the last digits of your SS# to identify you.

Seems unusual though. Who is the registrar?

Hi,

the registrar is itsyourdomain dot com
I don't have a social security number, I 'm not american and I don't live in the USA.

:bawling: :(

Contact user "True-IYD" here. His name is Nick Starai, and he's
with ItsYourDomain.com.

If you're truly new here, use the Search option above and search
via username "True-IYD". But you have to make at least 5 posts
before you can at least PM Nick.

FYI, many registrars have to lock their domain names with or even
without notifying their customers (but better if they do notify) due
to the new ICANN transfer policy (http://www.icann.org/transfers/policy-12jul04.htm) .

Meanwhile, perhaps you can input screenshots of how it looks
like if you're inside your domain account with IYD? Maybe we can
try figuring things out...

I think I can't post an URL yet, so I will have to wait before I can post a screenshot. I just see a form for their TransferShield with the question: What are the last 4 digits of your SS#?

Now, I e-mailed their support :( and here is what they replied .

We will first need a written request to provide access to the domain. This request MUST contain the following information- the domain(s) in question, the request for access to said domain, as well as your contact address, preferably email. Accompany this request with a valid photo ID (passport, drivers license, etc.) If the domain is registered to a company, we will need the signatory page of the articles of incorporation for that company. All of this information is required for security reasons. If you cannot provide any or all of this information, you will not be able to get access to this domain. Please fax all of this information to (847) 895-4123

Well, this has no sense, I didn't lock my domain and why they want my photo ?

Originally posted by Arkad
I think I can't post an URL yet, so I will have to wait before I can post a screenshot. I just see a form for their TransferShield with the question: What are the last 4 digits of your SS#?

Now, I e-mailed their support :( and here is what they replied .



Well, this has no sense, I didn't lock my domain and why they want my photo ?

That is quite unreasonable. I recommend you to contact ICANN or fax one of those documents to get your domain transferred out.

Originally posted by Arkad
Well, this has no sense, I didn't lock my domain and why they want my photo ?

From that reply, it appears you actually can't access your domain
name account with IYD. If so, that means they want to be able to
authenticate you somehow, preferably fax.

If the domain name is registered under your personal name, then
they definitely need some form of state-issued ID. Chances are,
they're after the address in your ID rather than the picture, but
fax the whole thing just the same.

Some "honest" registrars do require such because: 1) they want
to ensure only the "right" individuals regain access, and 2) they
want to cover their butts in case something goes wrong. But re:
no. 2: they can rectify that if it indeed turns out to be a mistake,
though I can't authoritatively say all registrars will be that helpful.

I suggest you do as you say. It won't do you any good disputing
it with them, and you'll only delay things.

Just make about one more post, then PM or email Nick Starai thru
here (WHT username: True-IYD) before faxing. Ask him about this.

If Nick insists a fax be sent, ask him about if the address in your
ID (i.e. driver's license) matters. I have a feeling it might.

Arkad, from IYD's viewpoint, just give them a chance, however
unreasonable it appears to some people. But make sure to get it
right the first time around so it won't haunt you.

Originally posted by xplora03
That is quite unreasonable. I recommend you to contact ICANN or fax one of those documents to get your domain transferred out.

Nope, ICANN won't interfere in individual customer complaints.

Originally posted by davezan
From that reply, it appears you actually can't access your domain
name account with IYD. If so, that means they want to be able to
authenticate you somehow, preferably fax.

If the domain name is registered under your personal name, then
they definitely need some form of state-issued ID. Chances are,
they're after the address in your ID rather than the picture, but
fax the whole thing just the same.

Some "honest" registrars do require such because: 1) they want
to ensure only the "right" individuals regain access, and 2) they
want to cover their butts in case something goes wrong. But re:
no. 2: they can rectify that if it indeed turns out to be a mistake,
though I can't authoritatively say all registrars will be that helpful.

I suggest you do as you say. It won't do you any good disputing
it with them, and you'll only delay things.

Just make about one more post, then PM or email Nick Starai thru
here (WHT username: True-IYD) before faxing. Ask him about this.

If Nick insists a fax be sent, ask him about if the address in your
ID (i.e. driver's license) matters. I have a feeling it might.

Arkad, from IYD's viewpoint, just give them a chance, however
unreasonable it appears to some people. But make sure to get it
right the first time around so it won't haunt you.



Nope, ICANN won't interfere in individual customer complaints.

why not? ICANN just helped me to solve my problem with my registrar.

Originally posted by xplora03
why not? ICANN just helped me to solve my problem with my registrar.
Mind sharing the story, or perhaps start a new thread? Thanks. :)

Originally posted by nameslave
Mind sharing the story, or perhaps start a new thread? Thanks. :)


Sure, i will post it. The problem is solved, but i am on the way waiting the process. I will definately post it once everything is sorted out :)

Originally posted by davezan

Nope, ICANN won't interfere in individual customer complaints.

Another option is to find out which registrar IYD uses and complain to them about IYD's unreasonable behavior.

Sometime ago I had a problem with Powerpipe (who wanted a fee to release the domain to another registrar) and I complained to ENOM (which was the ultimate registrar). The problem was resolved the next day.

Its time that these errant registrars learnt that bullying tactics do not work!

IYD is an actual icann accredited registrar(itsyourdomain.com). There is no parent registrar

Usually the first thing a registry does to confirm a change is to send email to the address listed in the whois.
Arkad, is your whois-listed address correct and functional?

Hi,

I think I will submit this problem to the ICANN.
I do not believe in the good will of Itsyourdomain.com
You do not ask an american social security number to a
belgian citizen, this is something I can't have.
And as far as I know you don't give your SS# when you buy
a domain name. They are the faulty company and they want me
to repair their own fault.

In my country this registrar behaviour will be considered illegal.

Now, yes, my email is functional, I never ever received an email from them about registry change.

Regards,
Arkad

I can understand the last 4 digits of a credit card for verification but your SS#? How did you initially pay for the domain names? Did you use a credit card? How come they cannot verify against that?

Originally posted by Arkad
I think I will submit this problem to the ICANN.
I do not believe in the good will of Itsyourdomain.com

I'm sorry to hear that, Arkad. But for me, complaining to ICANN is
being too hasty because you just didn't give IYD a chance to air
their side of the story.

Originally posted by Arkad
You do not ask an american social security number to a
belgian citizen, this is something I can't have. And as far as I know you don't give your SS# when you buy a domain name.


More often than not, the only time a registrar will ask for your SS#
is if that's the security question you chose at the time the domain
name was being registered. If you don't have an SS#, there must
be other questions you could've chosen from.

But this one sounds like it's system generated. It's too bad IYD
didn't give other options (but from what I saw in their site, it looks
like you can have your password sent to the email address on
record).

Originally posted by Arkad
They are the faulty company and they want me to repair their own fault.

Many people will feel that way no matter what. It's just too bad
you didn't bother asking IYD why they did this and such. (or did
you?)

Originally posted by Arkad
In my country this registrar behaviour will be considered illegal.


Maybe, maybe not. I'll let you be the judge of that.

Originally posted by Arkad
Now, yes, my email is functional, I never ever received an email from them about registry change.

Now this is where I'd agree that IYD should've informed you re:
locking the name. But there's a chance your email was down,
their email was filtered, anything can happen.

You said in an earlier thread that your email is working? If so, can
you request for your password to be sent there from IYD's site?

It's actually a good thing your domain name is locked up. But
again, I'll let you be the judge.

All in all, I'm sure you feel that way because you don't really know
how it works in the domain registrar business. Then again, from
what I read before, the customer doesn't have to understand or
even care, either. (and that's quite unfair. But then again, life's
unfair either, sometimes...)

BTW Arkad, since you made at least 5 posts already, why not try
contacting True-IYD here and tell him your problem? Give him and
IYD a chance.

Hi,

Yes, I paid with a credit card, and I can update my credit card through their interface, it does mean that they have my credit card info on file.

So you can log inside your account there. Can you post a screen-
shot of that locked portion asking for your SS#, Arkad?

I don't believe it is legal for anyone but the government or banks to use your SS# for identification. That's how it is in Canada.

If they have no way to verify your SS#, how could it be useful as ID, especially only the last 4 digits?

Originally posted by Arkad
Hi,

Now, yes, my email is functional, I never ever received an email from them about registry change.



If the whois-listed email address were wrong or non-functional, I could understand them being extra, extra cautious about approving changes. Since the whois-listed email address is okay, their behavior seems hard to justify.
If the Social Security number were part of the identification you provided at the time you created the account (and that would have been highly unusual), it might make some sense for them to ask for it as a part of supporting the claim that you're the same person. It makes no sense for them to demand it now.

Here is whois data on itsyourdomain.com:
INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM
1005 W. Wise Road Suite 201
Schaumburg, IL 60193
US
+1.8478954301
+1.8478954123 (FAX)

Here is data from Better Business Bureau (bbb.org):
ItsYourDomain.com
1005 Wise Rd., #201
Schaumburg, IL 60159
Telephone: (847) 895-3601
Fax: (847) 895-4123
Mr. James T. McKenzie, President/CEO

I think you should include BBB among your complaint recipients. This can be done online.

Hi guys, I haven't had much time to cruise WHT to make sure there are no outstanding problems with any of our customers until today. Davezan, I got your PM the other day, I'll respond as soon as I get a chance!

Arkad, first, let me explain how and what the 'Identification Question' is used for. I am not sure you clearly understand how it is setup, and what it is used for. Please note: we DO understand that non-US customers do not possess a Social Security Number!

We offer 4 separate questions that the customer can choose as an extra security layer.

The 4 questions are as follows:

1. What are the last 4 digits of your SS#?
2. What is your pet's name?
3. What is your mother's maiden name?
4. What is your Grandfather's first name?

When a customer first signs up their name, this question is mandatory on the original user account signup form. You are able to select one of the 4 questions from the dropdown, and provide an answer. This utility never emails the info, and is used in case someone hacks or guesses your user/pass, they still cannot transfer your names etc.. There is no disputing the fact that you or whoever created your account actually choose or left 'What are the last 4 digits of your SS#' and entered in some data. It is not fair to state we are 'asking' you for your SS# (we understand you may not have one). We are not just assigning questions to your account randomly, and asking for your SS#. In the case such as yours, the only thing we can do is receive a fax that proves ownership, and we will allow you to reset your security question -- simple as that, and in our opinion, could not be fairer to the customer. So basically, you locked yourself out by choosing an invalid question, and not remember the answer…I can clearly see the data that you entered, and it is not at all possible that we have entered one character of it.

When a customer needs to recover their security question, we take such matters very seriously. We simply cannot give or reset the security question simply because someone requests it through email. As Davezan states -- we absolutely do NOT need a picture ID, but valid ID's such as passport all generally have the information we need to match the original account holder's details. Please feel free to black out any pictures, driver's license numbers, etc ..

Also, please feel to email me directly at true@iyd.com if you need more assistance. If you would like to include your ticketID I would be happy to look it up and confirm that the support technicians are handling these issues properly. If you have any other comments or questions, please let me know. Thanks.

P.S.

More often than not, the only time a registrar will ask for your SS#
is if that's the security question you chose at the time the domain
name was being registered. If you don't have an SS#, there must
be other questions you could've chosen from.


Yes, that is exactly the way our system works. There are the 4 questions above, and whether Arkad or someone else meant it or not, this is what they choosen, and there was data entered as an answer. Thanks again.

Hi,

Ok, I have a program that is able to retrieve what I enter in any forms even years after. If this is correct I should be able to retrieve what I entered in that form.

In case, I don't retrieve info I will fax my ID.

Great to see you check by, Nick! No need to respond since my
original intent was to inform you about this thread.

Arkad, I wish you success on having this resolved!