“We’re not just looking at the domain name itself,” explains Iparraguirre, whose role at EURid is to lead the development of new products and services so as to better serve .eu users. “We’re looking at lots of metadata around that domain. The system is fed with lists of domains that, for instance, have been used for spam or phishing in the past.”
This kind of historical data helps the system to tag a registration as potentially abusive – even if the domain is not the same as a previous offender. In most cases further checks are necessary, says Iparraguirre, but “when you see sites that are selling counterfeit products, you can be almost certain. Or a clone of a bank webpage – we’ve seen that – or the tax office, then that’s clear.”
Some cyber criminals make amateurish attempts to prove their identity by submitting expired ID cards or retouching dates and information – “We’ve seen masters of Photoshop sending very interesting ‘proof’,” says Iparraguirre – but the people behind most suspicious registrations disappear and the registrations are subsequently suspended.
EURid is setting up systems so registrants can self-validate their identification using eIDAS (a European-wide system for electronic identification) or a credit card, as well as other methods. EURid does not keep personal data, it simply checks whether the registrant’s identity has been validated by these trusted ID schemes.