Discuss your Epik Experience!

[dande]

I think Epik is building the best ever Domain Lander in the history of domaining, and it really needs to be talked about extensively. That's why I am creating this discussion thread. A lot of thought process really goes into the project. And I can see (for the first time) a landing page that is built from the stand point of domainers rather than for just the marketplace itself.

Everything you have ever dreamt of getting or seeing in a professional landing page can be found in the new Epik marketplace landing page design.

Some of my Favorites Features:

1. The ability to optimize your "domain for sale" landing page to actually rank on Google, displaying your sales pitch/domain description. I just did that with few of my generic domain names such as ASAP.TV, targeting certain keywords, and they are showing pretty well on Google. That's a huge plus in my marketing effort.

2. Being able to change background image is another huge one for me. If you are good with pictures and images, you will surely find this very useful. I did that with Nagasaki.org and the result was truly amazing, showing the city of Nagasaki right at the background.

There are too many positive features and I don't want to mention all of them, all alone

So I am leaving you guys to share and discuss what you loves most or dislike about the new Epik marketplace and the landing pages.

The only negative for me is the checkout process. There are too many terms and conditions buttons to tick before checking out. It will be nice if they can streamline those into one beautiful big button

They also need to place the checkout button directly under the payment options. Right now it is awkwardly place somewhere below at the sidebar, which I don't find cool at all.

Sales experience is also welcomed in this discussion. I haven't had any sells so far at Epik because I started using the marketplace just recently, but the future is looking so bright.

 

[twiki]

Quick question:

Can you add to the Epik Marketplace, domains from other registrars?

X

 

[Rob Monster]

Quick question:

Can you add to the Epik Marketplace, domains from other registrars?

X

You can. We just have to approve you for it but then you can list domains as Make Offer or BIN. The lease/finance domains have to be on Epik first.

 

[Cal2]

Regarding account security, You can enable 2FA from here :

I don't know if it's possible, but is there a way that only certain names in one's account could be set up to require 2FA before being able to do something like transfer them out, instead of 2FA to access one's account? I'm thinking about the convenience of not always needing 2FA to get into one's account, but still offering 2FA security for those domain names that one considers especially valuable, for various reasons.

Or could/should one have a separate Epik account for more valuable domains, and enable 2FA for that account?

 

[Rob Monster]

I don't know if it's possible, but is there a way that only certain names in one's account could be set up to require 2FA before being able to do something like transfer them out, instead of 2FA to access one's account? I'm thinking about the convenience of not always needing 2FA to get into one's account, but still offering 2FA security for those domain names that one considers especially valuable, for various reasons.

Or could/should one have a separate Epik account for more valuable domains, and enable 2FA for that account?

It is a good idea.

Crypto exchanges like Coinbase work the same way. Security is relatively light for accepting funds and for browsing activity, but if you want to transfer a balance on-chain, you have to validate with your private key -- in effect that is your 2FA. So, I like the idea of being able to allow a 2FA for selected domains.

This also does prevent the case of a customer doing a bulk update and inadvertently changing DNS on a strategic domain.

I think we'll start with the notifier feature since apparently that is a dealbreaker for a few folks who want that activity noted even if their account is totally locked down.

I should add that we have yet to lose a customer domain and mind the store mighty closely when it comes to domain security.

 

[Not a robot]

You can. We just have to approve you for it but then you can list domains as Make Offer or BIN. The lease/finance domains have to be on Epik first.

How does that work? I listed some domains I have on NameBright but I never received verification mail...

 

[Cal2]

It is a good idea.

Crypto exchanges like Coinbase work the same way. Security is relatively light for accepting funds and for browsing activity, but if you want to transfer a balance on-chain, you have to validate with your private key -- in effect that is your 2FA. So, I like the idea of being able to allow a 2FA for selected domains.

Thanks for giving it consideration, Rob. For myself, I've a few domain names with Epik I'm wanting to spend a lot of time building, and wouldn't like to see any disappear.

I'm thinking it could help make Epik more attractive to those with portfolios that have some valuable names. And I could see it helping Epik maintain its zero domain name theft record, if those valuable names were made harder to steal because people were more willing to use 2FA when it came to those domains.

 

[Rob Monster]

How does that work? I listed some domains I have on NameBright but I never received verification mail...

I sent you a PM. We just have to approve your account for listing non-Epik domains.

We are working on additional feature that will allow verified domains to be added by anyone. That is part of a larger initiative called WHOQ (universal whois) and an expanded marketplace initiative for selling integrated digital brands. Details coming soon.

 

[Rob Monster]

The IP whitelisting is nice but it is true most internet users have have dynamic IPs. Could be cool if I could put a hostname from a dynamic DNS provider on the whitelist which would treat whatever IP that resolves to as whitelisted.

Also as far as 2FA personally I really like to see support for hardware security keys (U2F) as that's more convenient and secure than even TOTP (the 6 digit code from an app) and as pointed out way more secure than SMS based two factor which is almost trivial to intercept by someone who knows what they are doing.

And certainly l would hope there is a robust secure practice around dealing someone who can no longer get in to their account because of the IP restriction or 2FA. Like make me send in a copy of my driver's license that has to match the name/address on the account.

To Rob's point about the email, once they are in it's already too late so I am actually glad to see an emphasis on preventing them from getting in at all. That said yes email notifications are trivial to add.

I have been following Fido, U2F and Yubikeys for YEARS. I never figured a hardware solution would go mainstream but here we are.

I actually met with Clear (airport biometric) 3 times in 2018 to explore a cooperation with them in the identity space. I have been working on Federated Identity projects since way back in 2007.

I do believe single sign on for the world is coming. That said, I think it is still a wide open race. Our Toki project may have a dog in that hunt by the time all is said and done.

The key thing nobody else has solved is the challenge of local authentication in tribal communities like you find in many emerging economies.

As we work to bring another 1 billion folks online in the next 5 years, the issue of identity verification becomes a challenge. Some nations like China and India have national biometric schemes. Most don't.

 

[Rob Monster]

Where did you get that info from?
Have you ever did independent security audit?
Which company did that?

I think all you know about your security comes from your developers. Right?

You load at least 3 resources from 3rd party domains - is what i see on my dashboard page:

2 json files from federatedidentity.com
1 js file from zendesk.com

not mentioning a gif from domaining.com

all above are security holes.
because you don't control those domains.
that's 101 of online security.
i would question your devs competence.


PS. jquery in 2019, really?? do you outsource development to 3rd world countries??

FWIW, nice witty commentary there. I actually appreciate it. That is actually why I love NamePros. I get to banter with folks with different skills and ideas.

As for Jquery, most has been ported to more current frameworks. Check out this one for example:

https://marketplace.epik.com/

As for FederatedIdentity.com, that is actually ours. There will be a really big identity update coming in January based on KeyCloak. You might be aware that there is a long list of Epik projects:

- Anonymize.com: Privacy solutions, e.g. VPN (live)

- Armored.net: Secure Cloud storage (live)

- CloudChase.com: Resilient OpenStack Hosting (Dec 2019)

- BitMitigate.com: CDN and DDoS Mitigation (live)

- DNEncrypt.com: Free SSL certificates (Jan 2020)

- DNProtect.com: Domain Insurance (Jan 2020)

- DomainGraduate: Online training course (relaunching Nov 2019)

- DropElf.com: Tools for online expiry stream discovery (live)

- Epik Registrar: Our flagship product! (live)

- Epik Escrow: Our fast-growing service for domain transaction processing (live)

- Epik Marketplace: Domain name marketplace (live)

- FullVenue.com: Online event booking (beta)

- NameBrokers.com: Online broker network (Jan 2020)

- Masterbucks.com: Cloud Wallet (live - relaunching Jan 2020)

- Sibyl Systems: Resilient cloud hosting (live)

- Toki.com: Decentralized smart search engine (Jan 2020)

- TrustRatings.com: Online trust score (beta)

- Us.Tv: Online video publishing (live)

- Watchmask.com: Online video privacy (live)

- WhoQ.com: Universal WHOIS/RDAP/Blockchain name search (Dec 2019)

So the intent is implement secure SSO based on the latest protocols. The reason why Identity upgrade is so important is because Identity will be used for upgrading Masterbucks. I gave a hint about it here:

Toki will also have its own crypto, worked into existence by operating Toki servers.

As for Domaining.com's logo, I think we'll drop that one. We get more traffic than they do at this point.

Anyway, will PM you.

@vitigo

 

[Rob Monster]

Our sms providers are quite reliable, and in case one provider is not able to send the sms in a proper time frame, the request is sent to the other provider.
In case of any issue, our support team is available 24/7, there is always someone to help if needed

Gube

On the SMS delivery topic, we use top-of-the-line Twilio. They deliver to every country. Sometimes that is done at nosebleed prices but it is mission critical so we do use them. There are cheaper alternatives, yes.

 

[7363824]

I have been followup Fido, U2F and Yubikeys for YEARS. I never figured a hardware solution would go mainstream but here we are.

I actually met with Clear (airport biometric) 3 times in 2018 to explore a cooperation with them in the identity space. I have been working on Federated Identity projects since way back in 2007.

I do believe single sign on for the world is coming. That said, I think it is still a wide open race. Our Toki project may have a dog in that hunt by the time all is said and done.

The key thing nobody else has solved is the challenge of local authentication in tribal communities like you find in many emerging economies.

As we work to bring another 1 billion folks online in the next 5 years, the issue of identity verification becomes a challenge. Some nations like China and India have national biometric schemes. Most don't.

I for one really like yubikeys. I use my for everything that supports it including to login to my windows computers.

I really want to see more services support it. I find it to be one of the easiest and most secure 2FA schemes arounds. I personally have a strong dislike of SMS based 2FA as it has problems with being susceptible to SIM swapping/jacking attacks. TOTP is better but still not the best solution. I find U2F to be the easiest no typing in codes and more secure too. I really do hope to see Epik support it in the future.

 

[NicTraders]

...and what happens if i lose my phone with all that 2FA sms/authenticator stuff?
what about non-US phone numbers - can you guarantee timely SMS delivery, ...or will they be delivered at all? not really, lets face it

Works 100% for me (non-US).

 

[4pm]

Works 100% for me (non-US).

happy for you
..but there are 195 countries in the world

 

[Gube]

happy for you
..but there are 195 countries in the world

If you receive the first sms to enable 2FA, you should receive the next ones
We also can check SMS logs to see if an sms reached a given user
And in case of any issue, our support team is online 24/7 to help

Gube

 

[Blitzpotz]

2FA works perfectly for me (Germany), it forces me to enter a code provided by SMS, which I prefered against E-Mail, when I login to my account.

Today I had my first Epik internal domain name push and it was very easy. I am a bit surprised that I did not receive another 2FA code to confirm the push. My online banking works this way: login needs 2FA, additionally every outgoing money transfer needs 2FA.

I just want to contribute to the discussion, not sure yet what I´d prefer.
It seems to be logical that after I logged in with 2FA it is me pushing the domain. Or - if a hacker controls my 2FA SMS device he will not only control my Login 2FA code but any other 2FA code I receive. Could a second 2FA gadget provide better security or will it drive users crazy? E.g. Login with a 2FA Smartphone SMS and outgoing domain orders with a 2FA E-Mail to your PC.

I never have been a victim to domain theft and am not afraid regarding the quality of my portfolio. But I am German and so a master of bureaucracy.

Opinions?

 

[Gube]

2FA works perfectly for me (Germany), it forces me to enter a code provided by SMS, which I prefered against E-Mail, when I login to my account.

Today I had my first Epik internal domain name push and it was very easy. I am a bit surprised that I did not receive another 2FA code to confirm the push. My online banking works this way: login needs 2FA, additionally every outgoing money transfer needs 2FA.

I just want to contribute to the discussion, not sure yet what I´d prefer.
It seems to be logical that after I logged in with 2FA it is me pushing the domain. Or - if a hacker controls my 2FA SMS device he will not only control my Login 2FA code but any other 2FA code I receive. Could a second 2FA gadget provide better security or will it drive users crazy? E.g. Login with a 2FA Smartphone SMS and outgoing domain orders with a 2FA E-Mail to your PC.

I never have been a victim to domain theft and am not afraid regarding the quality of my portfolio. But I am German and so a master of bureaucracy.

Opinions?

In the event someone gained access to your 2FA, having a second different 2FA authentification would be the only way to keep your name secure against a push or transfer. Since if it was the same, the "hacker" could just get a new code. (Don't share the key of your 2FA and make sure your device is up to date without any malicious app having access to your sms, you can check the app authorizations setting page)

We are open to other 2FA methods, but most importantly, I think the best solution would be to let everyone choose its preferred method and choose when to enable it (Only to login, or also when pushing (a) name(s))

Gube

 

[blockhead]

Where do I go to manage/respond to an inbound offer for a domain at Epik?

In my account, I don't see anything about responding to the offer. In the email, there is a button that says Accept Offer. Not a chance I'm clicking that. No idea if it's an instant "Accept", or if it's a false "Accept" that might bring up further negotiation options. This button should be changed to Respond To Offer.

 

[DanSanchez]

Where do I go to manage/respond to an inbound offer for a domain at Epik?

In my account, I don't see anything about responding to the offer. In the email, there is a button that says Accept Offer. Not a chance I'm clicking that. No idea if it's an instant "Accept", or if it's a false "Accept" that might bring up further negotiation options. This button should be changed to Respond To Offer.

The backend does not include the inbound offers YET. We are working on a crazy CMS that will turn your leads into more sales.

For now, respond manually by email. I can respond for you if you forward the lead to me daniel @ epik. Will CC or BCC if you prefer.

 

[Rob Monster]

happy for you
..but there are 195 countries in the world

We do cover all -- we use the Twilio premium SMS delivery network. PM us if you are seeing any SMS delivery issue. Their support has been solid in the rare case of needing to chase down an issue.

 

[MasterOfMyDomains]

I am checking out some things at epik tonight, and noticed some names where you put the google tracking code, were blank, others were showing tracking id none i could find were displaying global site tag in that section
When I first joined, I was told to use the global site tag code, not the tracking id code. And i did
One domain was not showing in GA and i added tracking id, and withing 30 seconds it showed up in goog analytics
Did Epik change something so that only UA-XXXXX-X tracking id is only needed for goog analytics to work and not global site tag?

Also, i see at example TangledHemp dot com a $100 domain it says start a payment plan for $100 which is incorrect,First Installment: $150. I pointed this error out in pm a while back. Member @Grilled brought it up here more recently. Why does a payment plan domain show the future installments price to start a payment plan,on landing page not the first installment, when it is an odd number like $750 as thats the price of tangledhemp dot com? $150 + 6x $100
It's deceiving to have a potential client land on my page and have it say start a payment plan for $100 when they click details it says Start a payment plan should display the cost of first instalment not future installments.First Installment: $150
I would use payment plan much more if it displayed proper info. I leave one domain with payment plan and odd number just to see if it changes.

 

[Rob Monster]

I am checking out some things at epik tonight, and noticed some names where you put the google tracking code, were blank, others were showing tracking id none i could find were displaying global site tag in that section
When I first joined, I was told to use the global site tag code, not the tracking id code. And i did
One domain was not showing in GA and i added tracking id, and withing 30 seconds it showed up in goog analytics
Did Epik change something so that only UA-XXXXX-X tracking id is only needed for goog analytics to work and not global site tag?

Also, i see at example TangledHemp dot com a $100 domain it says start a payment plan for $100 which is incorrect,First Installment: $150. I pointed this error out in pm a while back. Member @Grilled brought it up here more recently. Why does a payment plan domain show the future installments price to start a payment plan,on landing page not the first installment, when it is an odd number like $750 as thats the price of tangledhemp dot com? $150 + 6x $100
It's deceiving to have a potential client land on my page and have it say start a payment plan for $100 when they click details it says Start a payment plan should display the cost of first instalment not future installments.First Installment: $150
I would use payment plan much more if it displayed proper info. I leave one domain with payment plan and odd number just to see if it changes.

This update was deployed recently:

You only need to put in the code ID and not the full block of Javascript.

@vitigo should confirm that there are no backwards compatibility issues.

We also published a how-to for showing reports by domain:

https://www.epik.com/support/knowle...alytics-in-bulk-to-premium-ssl-landing-pages/

The how-to article is correct and current.

 

[Chris Hydrick]

Why does a payment plan domain show the future installments price to start a payment plan,on landing page not the first installment, when it is an odd number like $750 as thats the price of tangledhemp dot com? $150 + 6x $100
It's deceiving to have a potential client land on my page and have it say start a payment plan for $100 when they click details it says Start a payment plan should display the cost of first instalment not future installments.First Installment: $150

Ahh normalcy is finally starting to seek in around here. A much better use of our time rather than that other distracting thread though that doesn't mean I'm not still grilled about the 15 day expiration policy by default grrrr.

 

[vitigo]

I am checking out some things at epik tonight, and noticed some names where you put the google tracking code, were blank, others were showing tracking id none i could find were displaying global site tag in that section
When I first joined, I was told to use the global site tag code, not the tracking id code. And i did
One domain was not showing in GA and i added tracking id, and withing 30 seconds it showed up in goog analytics
Did Epik change something so that only UA-XXXXX-X tracking id is only needed for goog analytics to work and not global site tag?

Also, i see at example TangledHemp dot com a $100 domain it says start a payment plan for $100 which is incorrect,First Installment: $150. I pointed this error out in pm a while back. Member @Grilled brought it up here more recently. Why does a payment plan domain show the future installments price to start a payment plan,on landing page not the first installment, when it is an odd number like $750 as thats the price of tangledhemp dot com? $150 + 6x $100
It's deceiving to have a potential client land on my page and have it say start a payment plan for $100 when they click details it says Start a payment plan should display the cost of first instalment not future installments.First Installment: $150
I would use payment plan much more if it displayed proper info. I leave one domain with payment plan and odd number just to see if it changes.

Hi MasterOfMyDomains,

We are ready to help you with an issue due to absent tracking id. Could you contact [email protected] with details and we research the case.

Kind regards,
Vitaliy

 

[MasterOfMyDomains]

Hi MasterOfMyDomains,

We are ready to help you with an issue due to absent tracking id. Could you contact [email protected] with details and we research the case.

Kind regards,
Vitaliy

Thanks for the offer. I managed to add the code myself, it was pretty basic. My concern was what would happen when i got to select your parking page template, as I didnt want same generic lander.
Someone thought of that though, and at that step it says
Skip this step
You can skip this step if you want to keep current
theme selection for each of the selected domains. Time to change some more NS as i see a couple parked at sedo
Thanks for the epik help

 

[4pm]

not sure if it's a right place to ask but anyway...

Epik has 25+ representatives here on NP (excluding @Rob Monster) proudly wearing this badge:

​

Source: this section of NP Member directory


Most of them though are freshly regged in 2019 accounts with 0-20 posts.
None has their role at Epik clearly indicated, if any.

Who are these random people from random countries?

just curious..