Table of contents
What are you building exactly?
I am planning to build a Domain selling service that primarily focuses on keeping the customer data private while still allowing them to use their favorite domain registrar.
Why are you building this?
Many domain registrars collect a large amount of personally identifiable information from their customers and make it publicly accessible by anyone on the internet. This information can be seen by anyone using
whois search tool. This problem is exacerbated by some archiving tools that continuously scan the internet and record this information, this makes it impossible to delete your data once it is released on the internet - the only way to prevent this is by using a privacy focused service.
How is your service different from existing solutions?
There aren't many great options to chose from when it comes to privacy focused domain selling services. The market is not competetive as there are only a handful of providers who have the following major problems:
- They don't provide competitive pricing
- They don't support new and popular top level domains
- They have diverted their focus to expanding their ecosystem and selling other services like email servers and cPanel hosting.
My service will address all of these issues and it will also allow users to transfer their domain from one registrar to another without any downtime.
How will this service work?
I plan to build an abstraction layer on top of a few reputed domain registrar's services. Users will interact with this abstraction layer and I will communicate all the changes to the domain registrar at their behest, thereby, keeping their privacy intact. The customers will be ultimately using the services of an established and reputed domain registrar, this will allay any concerns regarding reliability or the SLA of the service.
Will this service be accessible through dark web?
I don't think that only cyber-criminals use dark web, there are plenty of legitimate reasons for people to use it, for example, bypassing censorship or avoiding getting tracked. That being said, I will not have a .onion variant of my service at launch but maybe I will add it later.
I plan to develop the service in multiple phases, adding small features in every increment would allow me to collect customer feedback and build on that.
Will you support cryptocurrency payments?
No, I don't see my service accepting cryptocurrency payments in the foreseeable future. Although I do see the appeal of using an anonymous payment system, the inherent volatility and lack of laws in this space is keeping me at bay. Web3 is evolving at a very fast pace and lawmakers are struggling to catch up, I would hate to promise a service to my customers that I won't be able to provide satisfactorily. So for the time being, customers will have to use traditional payment services.
How will the users stay anonymous if you collect personally identifiable payment information?
It is necessary for me to collect some information in order to provide a functional service but this will be non-identifiable and deleted upon request. Any payment information will be processed by payment gateway providers, they will only know the amount of transaction and not the items purchased - no single entity will ever know both things about you. Moreover, any data stored will be purged immediately after it is no longer necessary to store it.
What information will you collect from your customers?
I will require users to submit only a username and a password. Users can optionally submit an email to receive occasional alerts about renewal dates, however this is not required and using services like SimpleLogin and AnonAddy to masquerade your identity is encouraged. Any other information such as geographical location, IP address, etc. will not be stored.
What unique payment option will you provide?
Most eCommerce providers give users 10-15 mins to complete the payment, I plan to provide a unique payment link that can be accessed for much longer by anyone on the internet. The idea is to allow customers to share the payment link with their friends who will make the payment on their behalf. This flexibility is not provided by any other company.
How will you respond to compliance requests by law enforcement authorities?
As I mentioned earlier, any information I store will be non identifiable and this would be of no use to anyone. In extreme cases, I will comply with discovery requests if it is necessary to do so. I plan to communicate this to customers by using a Warrant Canary.
Will you provide any special features?
I intend to provide a dynamic DNS service and a beginner friendly one-click domain setup for popular hosting providers like GitHub and Vercel. This would be useful for hobby users who want to host something on a dynamic IP address.
Due to my unique approach to this problem, my users will also be able to transfer their domain from one registrar to another without needing to reveal their identity to another provider or deal with downtime associated with transfer requests.
Why did you chose to sell domains from other registrars instead of making one of your own
I think there are plenty of established sellers in the market already who cater to the needs of a wider audience pool. The market is very competitive; If I were to launch my own registrar, I can't think of any reason why someone will chose it over a well established provider. Reselling their services will allow me to cater the needs of a niche audience who value thier privacy.