ZISPA & web entrepreneurs, here’s how we can simplify domain registration

advertisement

We’ve spoken to the Zimbabwe Internet Service Providers Association (ZISPA) about the difficulties of registering a .co.zw domain name. In an interview, Troy Prinsloo the current ZISPA chairman explained to us that they are working to address one of the main problems with domain registration in Zimbabwe, which is that it takes too long. Two to three days, even more sometimes.

We also had the opportunity to speak to one executive at one of the bigger ISPs locally and he told us their company is also working on a system to make domain registrations faster.

We welcome all this and we’re glad ZISPA and the individual ISPs know we need this addressed. We’d also like to come in and throw some suggestions for web entrepreneurs, ISPs and ZISPA itself to consider.

Why don’t we link the domains to mobile phone numbers?

A mobile phone number is the one thing that anyone registering a domain name has. The great thing here is that, thanks to POTRAZ’s SIM registration exercise that was completed earlier this year, mobile numbers can identify individuals almost accurately. At least they can be traced to a single individual. The mobile operators already have subscriber identification documents, so ZISPA doesn’t need to collect this information all over again; they can get it from POTRAZ when they need to.

The registration process can go something like this:

  • A customer visits domain registrars website and checks if a domain is available
  • If available, they click to buy the domain
  • Website requests the customers details including mobile phone number
  • Website sends an SMS text message to the customer with a verification code, which the customer must immediately enter on the website to verify their identity.
  • Once verified the customer makes payment (physically, or by whatever other means) and as soon as the registrar verifies payment, the domain is registered. The actual process of registering the domain can just be by a click on button by the registrar.

As it is, it’s just the payment process that will make the domain registration process last longer than a few seconds. Now, considering companies like ZimSwitch are working on internet payment gateways for Zimbabwe, this part of the problem will most likely be dealt with in the coming months.

We think the opportunity is more for web entrepreneurs than ZISPA. ZISPA is non-profit and doesn’t charge ISPs for domain registration, the solution needs to come from the entrepreneurs themselves and they can approach ZISPA to implement it. We’re sure ZISPA would happily accept.

Our suggestion is not new or unique. You will probably find examples of solutions where phone numbers have loosely replaced heaps of paperwork. It also not exhaustive; there are some issues that developers of such a solution will need to look at which we don’t mention here. We just know that a huge part of the problem is this:

… and that mobile phone numbers can help.

If you have more suggestions on how the process can improve, please share in the comments below.



advertisement

30 Comments

  1. Magneto

    Techzim you need to understand a domain name is a legal issue. You cant have every Jack and Jill registering domains that they can use to defraud pple. I can register a domain under a false company and seem legitimate. This process is long and involving for a very good reason

    Reply
    1. L.S.M. Kabweza

      And this is why mobile phone numbers can help. If anyone is defrauded on a website, there is clear identity of who owns the website. 

      I’I be happy if you point out how mobile phone numbers, as explained in the article, cannot reliably replace the “long and involving” process without compromising the legalities.

      And no, I do not agree. Every Jack & Jill, Chipo & Tawanda, should be able to register a domain. if they use the domain to defraud people then that’s a different matter altogether and can be dealt with. If the SIM registration exercise is working like it should we can track Jill using the mobile phone number he provided.

      Reply
      1. Anonymous

        I was in Zim about 2 months ago, i bot a sim card from the guys outside who operate right in front of the Econet shop in First St for $2, registered the number without anyone verifying my details and within 5minutes i was mobile, this was to avoid the long queue. This is eveident at every border post in Zimbabwe and its an open secret.
        Now if the cellphone registration is this flawed i say ZISPA continue requiring certified ID papers and company registration forms, this will keep our webspace clean, as Zimbabwean business we have a reputation to protect and this is one of the best ways of doing it. Thank you ZISPA

        Reply
        1. Jack

          Dude, certified copies arent as secure. I have a 300rand photocopier pa den. I can hook you up with a fake copy quick quick. Certifying is not a problem. ZRP will happily stamp it (without even asking for the orig) or if you can afford, some cops will ask for a dollar or two to do it for ya.

          Reply
      2. Magneto

        SIM registration in Zimbabwe is in shambles. It cannot be reliably used to verify a person’s details. Maybe Banking Details and A Proof of Adress. Let me also conclude a lot of our public systems need to be automated in Zimbabwe that will be a good place to start. E.g. our birth, ID, Passport and death records etc… 

        Reply
      3. tinm@n

        Unfortunately, I do not agree with making it this easy. As much as we want it to be less painful, we need to prevent cybersquatting which has plagued the better part of the developed world. We dont want to be so open that people can speculatively register any and every domain for resell.

        Reply
    2. Developer

      @Magneto, you got it all wrong there. Anyone can register any domain as and when they wish so. I dont know any part of our constitution that restricts a name for your domain. What you do with the domain is what our constitution addresses, not the domain name.

      Reply
  2. Tendekai Muchenje

    Although I think the method in the article would work, i think it would be tedious. I don’t see the reason why we should have a separate technique for payment and authentication online. If payment channels such as Zimswitch and Ecocash are government approved, then the use of such should eliminate the need for further verification because these are supposed to be secure and verified at sign up right?

    So why not just kill two birds with one stone? Just get the payment channels online, like Zimswitch is doing, and whoever is supposed to do verification for domain registration be granted access to those databases. That way, you solve both the registration problem and the online payment problem. 

    Wishful thinking maybe, but i can tell you for one that it’s attainable… if only entities like Econet Wireless would at least release a public API, let developers access or even know their SMS/USSD gateways so that they can build apps that can clear it. Even today they won’t tell you the info. it would be so easy to integrate stuff like Ecocash especially given that people like the venture I work with have the frameworks in place, approved to meet international security and transparency standards for payment gateways.

    Reply
    1. L.S.M. Kabweza

      great suggestion, esp on killing with 1 stone. maybe only problem is that those platforms (EcoCash & ZimSwitch) are owned and controlled by companies who may have their own rules on who to let in. Also, not everyone uses ZimSwitch EcoCash.

      Reply
  3. Anonymous

    Kabweza, l have known people who register simcards with a fake ID number, now if that same simcard number is used to register a domain name and used for fraud, how then is this going to be traced and pinned to those who commited the fraud?

    Reply
    1. L.S.M. Kabweza

      Indeed. Ideally, the network operator should get a copy of subscriber’s national ID when they register. 
      If enough people are getting away with using fake IDs, it points to a bigger problem; that SIM registration is not working. That problem can be resolved, no?

      Reply
        1. L.S.M. Kabweza

          I think the fraudulent numbers issue can be resolved. And like any collection of records I don’t expect it to be 100 percent accurate. 

          Even with the current system, there’s a good number of domains that are being registered without the required documentation.

          Reply
  4. Developer

    The use of information obtained from SIM card registration without the owner’s consent brings in serious privacy issues….its a no go area. 

    Why question is WHY should they validate who wants to create a certain domain? Why???? For what business is that kind of info to them? I know people can “reserve” domain names for speculative purposes, but i don’t see anything wrong there, its business. In SA we can register a domain and be on the net in less than 20 minutes. Try it on http://www.gridhost.co.za….and should i mention the cost is waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaay below what our bros in Harare want to charge.

    Reply
    1. Anonymous

      Please dont mislead people, when you register your domain online in SA, they require you to supply them with your banking details and they register the domain for u. So without a bank account u cant register a domain online. The bank account ties the account to the owner of the domain which means its easy for them to track you. Should u pay using fradulent bank details, they will activate and deactivate the domain. Simple. So everywhere the transaction is watertight.

      Reply
  5. Jack

    mmmm, I remember in High school when we forged our birth certificates so we could play for under 16s. Since they want a certified copy, I can cook up one in 5minutes. get it certified (most commissioners of oaths dont require the original, fact!). So this security issue pple are talking about is nonsense, the current system is already flawed.  

    Reply

Post a Comment

Both Name and Email are optional.
Even if entered, your Email address will not be published. It will just be used for discussion notification.