Identity verification for .eu - recent requirement?

wankel · May 5

Hi all,

I registered a .eu via Dynadot last week.

Now I got an email from eurid.eu, on the email address I use for Dynadot.

The email writes that my domain will be suspended if I don't register with Eurid, which requires upload of ID or other means of identification.

I have a handful of other .eu domains with other registrars, but never had this requirement.

Seeing the mail comes from Eurid, it seems legit enough, but I'm not very happy about either the requirement nor Dynadot leaking my email address.

Any idea whether it is something new?

somik · May 5

Identity verification for .eu domains is managed by EURid (the European Registry for Internet Domains) to ensure the accuracy of registration data, comply with NIS2 Directive requirements, and prevent abusive registrations.

Verification can be triggered during initial registration or at any time during the domain's lifespan, often randomly, through EURid’s data quality check process.

If your domain is chosen, you will receive an email from EURid (or your registrar) asking you to log into the My .eu platform. You typically have 14 days to complete the verification before the domain is suspended.

You must be an EU/EEA citizen (regardless of residence), a non-EU citizen residing in an EU/EEA state, or a business/organization established in an EU/EEA state.

More info on: https://eurid.eu/en/manage-your-eu/welcome-to-my-eu/

havoc · May 5

@wankel said: Any idea whether it is something new?

Always been the case & has nothing to do with the current wave of age BS

Nyr · May 5

@wankel said:
Dynadot leaking my email address.

Nothing is being leaked... Dynadot, as the registrar, needs to provide registrant information to the registry. It is operationally necessary.

titus · May 5

I have five .eu domain name at the moment (oldest one registered in 2008) from two EURID accredited registrar. I provided valid data of course (whois data). I never received any Identity verification request from EURID. But if You log in to the "myEURID" account (my.eurid.eu) there is an option for 'validate my registration data'. I always thought it's an 'optional' thing (because there is no any indicator at the whois records about the domain validation status), or maybe it will be a default requirement in the future (but not yet). I can imagine, in some cases they request it automatically if something is suspicious for their 'risk control', "fraud check" solutions.

You can log in directly on my.eurid.eu with "yourdomain.eu" + "contact mail and with a one-time access code (they will sent to the registrant's contact email), and You can do the process. Registrar (Dynadot) provided Your data to EURID (Registry) when You registered the domain name (it's normal), and they want to verify the previously provided data for some reason.

It can be uncomfortable feeling, If You provided valid data with the domain registration process , and don't do any "bad". If You provide them the requested data (ID, etc) via the EURID official interface, You don't need to worry, I think.

Anyway I think, this "myEURD" interface is a good idea because the Registrant/owner can request transfer code directly from EURID too, if the Registrar or reseller refuse the co-operation.

wankel · May 6

@titus said: Anyway I think, this "myEURD" interface is a good idea because the Registrant/owner can request transfer code directly from EURID too, if the Registrar or reseller refuse the co-operation.

Yes, there is a benefit in that.

With leaking data being the order of the day, I provided only a minimal set of personal data (ie, the first letter of name, street name, city name etc), that may have triggered something.

Thanks all for your insights!

somik · May 6

@wankel said:

@titus said: Anyway I think, this "myEURD" interface is a good idea because the Registrant/owner can request transfer code directly from EURID too, if the Registrar or reseller refuse the co-operation.

Yes, there is a benefit in that.

With leaking data being the order of the day, I provided only a minimal set of personal data (ie, the first letter of name, street name, city name etc), that may have triggered something.

Thanks all for your insights!

Sounds like you triggered their "fraud" detector.

If you care about your "personal data", the solution is to register a business in your country and use the business data instead. EU usually have very strict policies with regards to this.

Back in 2006 I got a EU server from a reputable provider and I had to send them scanned copies of my passport, ID card, proof of address (any bill with my full name & address), as well as a picture of me holding my ID card...

Nyr · May 6

@somik said:

@wankel said:

@titus said: Anyway I think, this "myEURD" interface is a good idea because the Registrant/owner can request transfer code directly from EURID too, if the Registrar or reseller refuse the co-operation.

Yes, there is a benefit in that.

With leaking data being the order of the day, I provided only a minimal set of personal data (ie, the first letter of name, street name, city name etc), that may have triggered something.

Thanks all for your insights!

If you care about your "personal data", the solution is to register a business in your country and use the business data instead. EU usually have very strict policies with regards to this.

EU has strict PII protection policies for personal data, but information about people involved in a company is always accessible via the commercial registries of each region. It is public, and intended to be public.

xaoc · May 9

I had to verify, but I'm outside the EU. I kind of assumed that's why they asked for verification, I guess it's the case for EU residents as well.

Identity verification for .eu - recent requirement?

Comments