Must Stop “Call In” Practice by March

Transfer authorization code process will be easier under new ICANN policy.

Under ICANN’s new Policy on Transfer of Registrations between Registrars, which goes into effect March 15, will no longer be able to require customers to call the company to request transfer authorization codes. These codes are used to transfer domains to a different domain registrar. (See’s Customer Service Lie)

The policy states “Registrars may not employ any mechanism for complying with a Registered Name Holder’s request to obtain the applicable “AuthInfo Code” that is more restrictive than the mechanisms used for changing any aspect of the Registered Name Holder’s contact or name server information.”

In other words, if a registrar allows customers to change contact information or name server information online, it must allow them to request and receive transfer authorization codes online.

I could see a registrar trying to require a call to change the registered name holder’s contact information under the guise of security. But the policy says “OR” name server information, so unless a registrar requires customers to call in to change name servers, they will have a difficult time finding a loophole in this provision. is the only major registrar I know of that forces its customers to call to get a transfer code. Smaller registrars — including many of those participating in expired domain sites — sometimes have arduous procedures as well.


  1. Josephine says

    Do not put it past sleazy management to require customers to call in for DNS changes too under the guise of security.

    Completely unable to sell via their web site, it seems like wants all transactions handled on the phone. How sustainable is this bizarre business model?

  2. dcmike77 says

    It’s a used-car-salesman tactic and it’s annoying as hell. always tries to upsell you when you call and counter-productive in my opinion.

    I’ve moved all my domains away from them for that sole reason and everyone else should too. I’m glad this new rule is in effect.


  3. California Dude says

    Well that CEO over there Larry does act as weaselly as a used car salesmen.

    Put a nice coat of paint on those “value added services” and over charge people for sub-par products.

  4. says

    Anybody analyze’s balance sheet?

    Any chance they might just go away altogether?

    I mean really, who uses them? I know I’ve seen small and medium sized businesses use them but I think a company like can only gain so much trust with a small/medium business and can only offer so many services.

    Let’s see how they react to this change.

  5. NYC_Domainer says

    re: Rob #4 above, remember, it’s not domainers that run the registrar business on the big scale. For every $100 worth of value-added services RCOM can sell they can afford to lose 10 domains that don’t have anything added to them at all.

  6. says

    Maybe you guys should read the new regulations. They have to make it as easy as, for example, changing DNS settings. That means all they have to do is add a request link so the auth code can be email to you. However, the new regulations also state that they have to send it to you “within five(5) calendar days”. That means they have to email you or call you first to confirm that you are in fact the person who is authorized to obtain it. I think most of you will opt to call and wait for the next available rep rather than going back and forth via email. Anything can happen in that 5 days so they can say they didn’t get proper confirmation.

  7. Legion says

    So, what exactly is it about that you do not like? That they charge too much for their service? Every company in the world will sell the same product for different prices, are you going to start a crusade against every business that sells higher than the lowest seller? What can we expect than, the lowest possible service of course.
    What is it about their services that you do not like. You say their value added services just have a “fresh coat of paint” for sub-par products… what makes them sub par, can you even tell me?
    Somehow I suspect ya’ll are just mad because you didn’t get something the way you wanted. didn’t do “this and that” for you but this other company did and now you just want to rant about it.

  8. says

    @ coupestar – “That means they have to email you or call you first to confirm that you are in fact the person who is authorized to obtain it”

    That is incorrect. They can just automatically email you the code or display it on screen, just like 99% of registrars do. If they requested additional authorization, then it would be “more restrictive”.

    Registrars have always had 5 days to provide the auth codes. But I’ve never heard of a registrar not providing them instantly except if someone requested a large amount of codes.

  9. says

    @ Legion – there’s no problem with charging whatever the company wants for its services. The problem is the hoop it makes customers jump through to leave the company’s services.

    But again, it will become a moot point on March 15.

  10. says

    Quote: “They can just automatically email you the code or display it on screen, just like 99% of registrars do.”

    Andrew – You’re correct. They could do that. My apologizes! It would be nice if the ICANN rules would just say that the auth code has to be displayed in the account with the domain. However, I’m saying there is room for interpretation and I guess we will have to wait and see. I only have two domains with and domains with three other registrars. However, the added security at does not bother me. I get a lot of emails from other registrars (no names mentioned) who are trying to get me to renew my domains with them, in affect transfer to them. I think a lot of the non-domainers would agree because knowing that their domain(s) that they are attempting to make a living with are that much more secure against fraud and other unwanted activities. I find that domainers keep a much closer eye on what they have, where it’s at, and who wants to take it away from them. -thanks

  11. says

    @ coupester – yes, there’s a little bit of room for interpretation. Security is important, as is ease of use. A registrar can always offer a value-added service that requires second level authentication for authorization keys.

  12. says

    I think that requiring an authorization code to be displayed on screen at the click of a button is a bad idea, consider the number of people who have lost or will lose their domain name because “webmasters” or “friends” log into their account and transfer their name without the registrants knowledge. I don’t agree with policy either but sometimes, just sometimes a little security goes a long ways

  13. jp says

    What’s up with Enom not letting me transfer out names I win at Namejet for 45 days or whatever it is. Is that “technically” legit?

Leave a Reply