advice Domain sold on Afternic but its on 60 day lock

I think the registrars and registry should do something to remove the locking period. a 2FA can be placed for such removal of the lock period.

Recently I sold domain with Afternic and faced the same issue. In my case, my domain was 48 days old so Afernic agent asked me to wait for 12 days.
After 12 days I submitted the code and the domain got transferred.

Contacting Afternic agent is the best option at the moment.

TauseefKhan said:

I think the registrars and registry should do something to remove the locking period. a 2FA can be placed for such removal of the lock period.

Click to expand...

Yes we are in 2020 - and a 2FA is quite sufficient to rule out fraudulent Domain Transfer.
60 day lock rule is like
You can open a Bank Account - but cannot withdraw/transfer your Money for the first 60 days.

https://www.icann.org/resources/pages/transfer-policy-2016-06-01-en
https://www.icann.org/resources/pages/ownership-2013-05-03-en

I have contacted the Transaction Assurance team and their reply was that they could ask the buyer if they would accept the push at my registrar. If not, we'd wait for after the 60 day lock.

We will give the buyer the option to receive the domain at the current registrar. We will inform you if we hear back from the buyer, otherwise we will continue with the transfer once the lock is lifted. Please hold the domain in your account until further notice.

Click to expand...

A lot of 60 locks can be unlocked if you give them the information,
If you can't unlock the 60-day lock,
You can contact the buyer,
See if he also has the account of the registrar,
If he does you can just PUSH him on that registry,

krishmk said:

Yes we are in 2020 - and a 2FA is quite sufficient to rule out fraudulent Domain Transfer.

Click to expand...

Not even close, and there are levels of fraud deeper than the ocean.

For example, there was a recent thread on here where a scammer bought a pile of premium domains with stolen credit cards, then sold them using the "push". Then a few weeks later, they were all taken back by the registrar for non-payment.

The "new owners" were out their money and because they foolishly accepted a "push" they had absolutely no recourse.

GoDaddy has done the exact same thing, and taken away purchased domains because the original owner defaulted in a payment, as have DynaDot, Netsol, Snap, Namejet, etc. for many different types of fraud, from theft to non-payment. As a buyer, if you accept a "push" then you're essentially vouching for the behavior of the previous owners(s) and taking responsibility for their past and future actions,

NO THANKS!

I never accept a push for a domain purchase of any value, and with all the fraud out there, you'd have to be a knothead to purchase a $50K pushed domain from someone youo didn't know very closely, which could be immediately taken back for any reason. Bye bye $50K!

Always get a transfer code and take that domain as far away as possible from the old registrar and you'll likely never have a problem.

DomainRecap said:

Not even close, and there are levels of fraud deeper than the ocean.

For example, there was a recent thread on here where a scammer bought a pile of premium domains with stolen credit cards, then sold them using the "push". Then a few weeks later, they were all taken back by the registrar for non-payment.

The "new owners" were out their money and because they foolishly accepted a "push" they had absolutely no recourse.

GoDaddy has done the exact same thing, and taken away purchased domains because the original owner defaulted in a payment, as have DynaDot, Netsol, Snap, Namejet, etc. for many different types of fraud, from theft to non-payment. As a buyer, if you accept a "push" then you're essentially vouching for the behavior of the previous owners(s) and taking responsibility for their past and future actions,

NO THANKS!

I never accept a push for a domain purchase of any value, and with all the fraud out there, you'd have to be a knothead to purchase a $50K pushed domain from someone youo didn't know very closely, which could be immediately taken back for any reason. Bye bye $50K!

Always get a transfer code and take that domain as far away as possible from the old registrar and you'll likely never have a problem.

Click to expand...

That level of fraud can still be committed beyond the 60 day period. The 60 day lock only delays the process of fraud and does not absolutely stops it. Some Credit Card Companies or in some Countries they have 90 day or even 120 day chargeback rule. I believe even Paypal offers 180 days buyer protection.

My point was - for a fraud that occurs once or twice out of 1000 transactions (not sure about the exact stats though) - why punish genuine parties?
Because of 60 day lock multiple parties get affected:

a) A genuine customer who isn't happy with the Current Registrar's Service and wants to move the domain right away.
b) A genuine Seller who loses his most expected Sale just becoz Buyer doesnt want to go with the current Registrar and 60 days rule hinders his sale.
c) A Seller who could not enjoy the benefits of Sedo MLS or Afternic Fast Transfer for the first 60 days
d) Reseller partners of Sedo MLS and Afternic Fast Transfer - losing prospective Sales for domains locked within the 60 day period

On the other hand - if I ran a Registrar Company - not sure if I too would be concerned about the above parties Most likely will protect my risk.

Also transferring away a domain from a fraudster to a remote Registrar may only give a sense of security at that point. Consider if the fraud happens to be of a mass level or on a big scale - the Registrar can approach law enforcement agencies - and the last buyer who transferred away still carries the risk of being a party or suspect of the crime until proven guilty. We read this in news every now and then - where someone commits a fraud and the victim faces the hassles of interrogation.

As a buyer - its always necessary to exercise due diligence before buying a high value domain.

krishmk said:

Yes we are in 2020 - and a 2FA is quite sufficient to rule out fraudulent Domain Transfer.
60 day lock rule is like
You can open a Bank Account - but cannot withdraw/transfer your Money for the first 60 days.

Click to expand...

I'm not sure the analogy is good because new owner can use the domain as intended.

Domains weren't conceived to be assets that are sold and transferred.

They exist to be used as domain space addresses.

krishmk said:

That level of fraud can still be committed beyond the 60 day period. The 60 day lock only delays the process of fraud and does not absolutely stops it. Some Credit Card Companies or in some Countries they have 90 day or even 120 day chargeback rule. I believe even Paypal offers 180 days buyer protection.

Click to expand...

The point is, that scammers clearly use the "push" to sell locked domains that are at risk of being taken back due to non-payment or other fraud, and also (I work in financial systems) the vast majority of chargebacks due to stolen CC numbers are sent in 60-days. 45-days from the transaction date is the standard limit with VISA/MC for initiating most chargebacks, though there are exceptions.

So by not accepting a "domain push" then you take away about 98% of the buyer risk, and if you are hit with the 2% and the original registrar/registrar partner gets a 90-120-day chargeback, then by transferring far away from them, you are greatly mitigating your risk.

If the originating registrar has an outstanding bill from Mr XYZ and they come to your registrar asking for the domain back, there is no legal reason for them to comply. You are not Mr XYZ, you used a transfer code for an unlocked domain, and unless they go to court to force the issue, you and your registrar are not responsible for Mr XYZ's outstanding bills.

Of course, your registrar could agree with the disputed transfer and send the domain back, but it's certainly not as easy as Netsol hitting a few buttons and just swiping the domain from your Netsol account. Always try to make it harder for a registrar like Netsol to take the "easy road" and steal your domain, rather than actually pursuing the original buyer for his unpaid balance.

Only buying with a transfer code is like installing a nice alarm system. It's not going to stop the very cream of the thievery crop (court order) but it will either dissuade or help stop the other 98% (registrar clawback, etc.), and that is its main purpose.

DomainRecap said:

The point is, that scammers clearly use the "push" to sell locked domains that are at risk of being taken back due to non-payment or other fraud...

Click to expand...

DomainRecap said:

So by not accepting a "domain push" then you take away about 98% of the buyer risk...

Click to expand...

Totally agree!

Time is much more valuable than money. For the fear of 1 fraudulent transaction - you have lost what you could do in 60 days + denied the advantage of the other points mentioned earlier.
And you still got what - a 98% risk protection. You are still at a mercy of 2% risk and 1 big transaction can overshadow the real benefit of what the 60 day rule offers.
From Registrar's point of view - its an added protection for them.
I am talking from the Domainers' point of view.

If you still feel 60 day rule personally helps you - stay with it.
I would leave the topic here - to not deviate from the OP's actual issue.

krishmk said:

Time is much more valuable than money. For the fear of 1 fraudulent transaction - you have lost what you could do in 60 days + denied the advantage of the other points mentioned earlier.
And you still got what - a 98% risk protection. You are still at a mercy of 2% risk and 1 big transaction can overshadow the real benefit of what the 60 day rule offers.
From Registrar's point of view - its an added protection for them.
I am talking from the Domainers' point of view.

If you still feel 60 day rule personally helps you - stay with it.
I would leave the topic here - to not deviate from the OP's actual issue.

Click to expand...

I understand the domainers perspective you are approaching this from, but the system is organised to protect the people who buy domains for their intended purpose - which is to use them

krishmk said:

If you still feel 60 day rule personally helps you - stay with it.

Click to expand...

Agreed, and people are totally free to do whatever they want with their money. When buying, I prefer 98% protection over 0% protection, and also choose to give up the "potential deals" that I might miss, along with the "potential fraud" that comes with it.

I just sleep better at night knowing that Netsol, GD, et al won't be raiding my domain account for the "unpaid bills" of some idiot.

More than for customer security, the 'locking' system seems to be there to try and avoid the domains from moving out of the registrar to another. There should be a way to use 2FA and other security measures to move domains around to avoid the 60 day 'locking'... people move millions of dollars within minutes in 2020, domain industry needs to keep up with the times.

Although, isn't it true that some registrars are not that strict about these 60 day locks? Is this an ICANN policy or something 'suggested' but left up to the registrars to apply/enforce?

Update:
Explained my situation, got this as a reply

Thank you for the notice. We will give the buyer the option to receive the domain at the current registrar. We will inform you if we hear back from the buyer, otherwise we will continue with the transfer once the lock is lifted. Please hold the domain in your account until further notice.

Click to expand...

To which I replied, asking if I could push to AN's Dynadot account

Thank you. Please do notify the buyer that creating a Dynadot account is free and pushing the domain to him/her would ensure immediate possession of the name, instead of waiting about 1 month more. Alternatively, if the buyer truly does not wish to receive the domain immediately through a push, is it possible for me to push the name to Afternic's Dynadot account? So that Afternic would hold both the domain and the payment amount, and release both when available?

Click to expand...

And received this reply 5 days ago, which I didn't reply to.

We must talk to the Buyer first, Please hold the domain in your account until further notice. Thank
you again. Have a good one.

Click to expand...

ShawnTeo said:

Update:
Explained my situation, got this as a reply



To which I replied, asking if I could push to AN's Dynadot account



And received this reply 5 days ago, which I didn't reply to.

Click to expand...

Yeah... no.
Protect yourself and the buyer and don't push it.
You may even get a better offer in the meantime.

You think you have 98% less risk???

The Twitter hack that just happened should show that 2fa authentication can be circumvented.... that 98% risk free I think is probably more like 50/50, even if it doesn't include 2fa.

Not to say that you shouldn't want to avoid risks, but if you really were avoiding all possible risks, you wouldn't be getting a push from a shoddy registrar in the first place.

Email addresses, phone numbers, all this can be spoofed depending on the effort put in for success.

I just had a problem with my credit card (Godaddy charging me with no authorization) so I looked up info online and instead found a bunch of big money companies who literally put their bank statements online. All I would need is a little more information, and if that same business account info that's posted matches their Godaddy account billing info, I could have access to lots of Godaddy accounts online through those companies own websites and corporate filings that they left public.

Of course this is illegal, but I don't doubt one bit that if I put the time and effort into this idea, that I could access multiple accounts daily... and not just any domain holder's account, but big corporate entities are at risk there. It's not easy to get last 4 of someone's credit card number as far as statistical risks go, but I just told you how it was easy.

You might think it's a lesser risk to do business this way, but if the person on the other end of the transaction means to do you harm, do you still consider yourself 98% safe to do business with them? I wouldn't think so.

equity78 said:

I said let me clear not waiting 55 days, the rep cancelled the transaction, refunded buyer. told me my account was suspended. I said you just committed fraud saying you cancelled and reason could not verify the owner.

Contacted Paul Nicks, he had the suspension removed immediately. Said they should have done better.

Click to expand...

LOL, it's 2020 but Godaddy's support quality is still very poor.. you ask them to make the sale go and you got your account suspended. Sound like a joke.
Luckily there are still people like Joe and Nick. Godaddy should improve the support quality to make the greatest jump. That's the main reason because i prefer to avoid them when i can.

ShawnTeo said:

Update:
Explained my situation, got this as a reply



To which I replied, asking if I could push to AN's Dynadot account



And received this reply 5 days ago, which I didn't reply to.

Click to expand...

Any update?

“Safe” they say.

“Safe” bet kills liquidity.

Only thing more furstrating is 5-7 day xfer.
Good luck, OP.

Samer said:

“Safe” they say.

“Safe” bet kills liquidity.

Click to expand...

Everyone loves the Wild West... til the guns come out and the dyin' starts.

Shawn T said:

Update:
Explained my situation, got this as a reply



To which I replied, asking if I could push to AN's Dynadot account



And received this reply 5 days ago, which I didn't reply to.

Click to expand...

Whatever happened here? Did buyer accept the push or wait? I am wondering the same for some domains still in 60 day lock. If they sell within 60 days does it put our account in some sort of suspension?

Shawn T said:

Yes all of the things said here are right from what I have read from the forums and research.
Newly hand-regged domains have a 60 day lock that cannot be removed.
Domains that were freshly transferred but are more than 60 days from the date of fresh registration can have the lock period removed by some registrars.

Correct me if I am wrong on what I've said above.

I have explained the situation to the sales team, let's see what they can do. Really hope for this sale to push through!

Click to expand...

Based on my experience, the sale will happen but you will need to wait out the 60-day registry lock. Sedo, again based on my experience, will encourage or at least be open to an immediate push at the current registrar. AfterDaddy likes names to flow to GoDaddy. 100% if that is where the sale originated.

For the benefit of the buyer, I offer to set NS or a URL forward during the wait but I don't remember that happening for GoDaddy/Afternic sales with the wait.

Hi,
I sold a domain to them within 60 days via afternic and I registered the domain on DYNADOT, now I sent the authorization code and asked to wait until April 9th which will be the day of unlocking, I tried to force the unlocking but they said that these people from Dynadot can't do it