Is there a specific reason why Enom registrations are not fully automated and require manual interaction from an admin?

Chris

so incase you get hacked, you don't want all these domains to be registered for a penny and not be able to get a refund?

That's my opinion.

Is the software not secure that I have to be worried?

Chris

It's definately safe, nothing to worry.

My concern is what happens if a domain name is registered by somebody else while it is sitting on hold in my admin panel.

I do see your point. Less because of being hacked, but more because of credit card fraud.

Chris

The reason they are not fully automated - ie. registered as soon as they are ordered is to prevent fraud. Say for example you were using 2CheckOut, often you would want to wait 24 hours and check it doesn't get flagged as fraud by the 2CO Fraud Department. The same applies to other gateways and credit card processors. Having domain registrations automated leaves your business vulnerable and could result in a lot of lost income.

Regards,

Matt

The reason they are not fully automated - ie. registered as soon as they are ordered is to prevent fraud. Say for example you were using 2CheckOut, often you would want to wait 24 hours and check it doesn't get flagged as fraud by the 2CO Fraud Department. The same applies to other gateways and credit card processors. Having domain registrations automated leaves your business vulnerable and could result in a lot of lost income.

Regards,

Matt

Is this still true?

No, that is you can choose to have them fully automated or review them before approval

i think the reason this progressed to full automation was firstly, fraud prevention measure have improved vastly, secondly, probably less of a reason more of an assumption, pressure from the whmcs community to do it.

I can see the benefits of both ways of operating.

Audited: you get to check the order, run fraud checks etc, this can save trouble later but as one of the earlier responder stated, it does leave the domain open for registering.

I think its time that the registrars/registries caught up and allowed for placing a "pre-registration hold" on a domain name. if a client submits and order, we instigate a hold whilst we do validation of orders. there is a lot to work out in this manner, but it would prevent ordering a domain elsewhere, the pracilities of it are way beyond the scope here.

Automated: This should ideally only be used with other automated fraud checking measures, maxmind is one such measure, i am sure there are a ton more. This way submission is immediate after your fraud checks are completed.

There is no simple answer to it at all to be fair, both have pros and cons, but i will say, if you want to be competitive as a small business in an industry of giants, you need automation, but not at the cost of security or loss to your company. Large companies can afford to take a hit on the chin say one in every few thousand orders. we cant and would be penalised if our service was being abused by fraudsters.

Completely agree with the "pre registration hold" idea, or at least a 1-2 hour refund period.

Completely agree with the "pre registration hold" idea, or at least a 1-2 hour refund period.


I think a 1 - 2 hour hold is sufficient, enom uses credit so they could hold it for the registration easily enough too. in this case it does give you time to vet the order and refund if required. If the registrar/registry does not receive your authorisation to proceed then the domain is released as well as your held credit.

Very simple, yet very effective.