Domain holder verification

General information

Legal Basis

Since the NIS 2 Directive came into force and was transposed into the BSI Act, DENIC, as the registry for .de domains, has a legal obligation to ensure that the registration details of all domain holders are complete, accurate and verifiable.

This obligation applies not only to newly registered domains, but also to existing domains — including those that have been in existence for many years without any issues.

How does DENIC verify?

DENIC automatically checks all domain and contract orders for anomalies and cross-checks the stored address data against external sources (e.g. public address databases). If DENIC cannot verify the data independently, the DENIC member (your provider) is asked to clarify the situation with the holder record and to submit the result of the verification.

What data must be verified?

How to find your provider

Enter your domain in our webwhois.

Under ‘Domain management information’, you will see the DENIC member that manages your domain.

 

 

Learn more

Reseller structure: The webwhois service always shows the DENIC member at the end of the contractual chain. If you have registered your domain through a reseller, this member is not your direct contractual partner.

Your direct contractual partner is the provider who invoices you for the domain — and verification is also handled through them.

Methods of identity verification

Please contact your provider for this: Depending on the type of identification, e.g. ID card or passport, various procedures are available for verifying your identity details:

eIDAS

EU regulation for legally secure digital identities, signatures, and the EU ID wallet

PostIdent procedure

Deutsche Post identification procedure via ID verification, e.g., via video chat or at a branch office

Electronic and paper documents

Official documents with verifiable identification data

Transaction records

Documented payment data that serves as proof of a transaction

Photo-Ident/Video-Ident

Method for identity verification using biometric features or video verification with ID card

Availability

Proof of identity through active confirmation via postal address or email

Communication with the domain holder

How to recognize genuine e-mails from DENIC

To ensure that this e-mail really comes from DENIC:

  • The sender domain is always denic.de
  • DENIC will never ask you to send passwords, payment details or the login by e-mail.
  • All verification steps are carried out exclusively via your provider.
  • If in doubt: Call DENIC Direct Services (+49 69 27235-275).
  • If something seems suspicious, please forward the e-mail to info[at]denic[dot]de.

Typical phishing scams relating to domain holder verification:

  • A request to click a link and enter the login details or passwords there
  • A demand for payment (the verification itself costs nothing)
  • Threats of immediate deletion (e.g. “within 24 hours”); genuine DENIC deadlines are always 5 days or 83 days

Frequently asked questions

DENIC-E-Mail

In most cases, your provider will have already asked you to verify your account around 24 days ago. Please first check your inbox and spam folder for an e-mail from your provider — this will contain specific instructions. If you cannot find it, please contact your provider. You can find detailed steps at the top of this section.

Please check the information in the section How to recognise genuine e-mails from DENIC. If in doubt, please call DENIC Direct Services (+49 69 27235-275).

5 days. If your provider has not completed the verification process by then, your domain will be taken offline the day after the deadline. The exact deadline is stated in the DENIC e-mail.

Provider

Your direct contractual partner is usually the provider who invoices you for the domain. You can find the name of the DENIC member who administers your domain in the DENIC system in the DENIC e-mail under ‘Your point of contact’ or via webwhois.denic.de → ‘Domain management information’. In reseller arrangements, these may be different.

In this case, you have probably registered your domain via a reseller — that is, via a hosting provider or a web agency that is itself a customer of a DENIC member. In this scenario, neither the DENIC e-mail nor the webwhois service will show your direct contractual partner, but rather the DENIC member at the end of the chain.

Procedure:

  1. Contact the provider with whom you actually registered your domain — usually identifiable from your invoices, contract documents or customer account.
  2. Mention the member named in the DENIC e-mail. Your reseller will forward the verification request down the chain to this member.
  3. If your reseller does not respond or is unable to help: Contact the DENIC member named in the e-mail directly — they can refer you to the correct point in the chain.

DENIC has been providing its members with comprehensive information on the new legal requirements for over 18 months; such cases are the exception. Please ask your provider to contact the department responsible for DENIC verifications internally. In reseller scenarios, it may help if your provider enquires with their own upstream provider (the DENIC member). DENIC is in constant communication with its members and actively addresses any difficulties that come to light; however, it cannot take over the members’ responsibilities or independently access their databases.

No. Verification can only be carried out via your provider — or, in the case of reseller arrangements, via the chain of contracts up to the DENIC member. This also applies in urgent cases and when contacting us by telephone.

Data

DENIC is legally obliged to check all domain and contract orders for irregularities and to verify address details. To this end, external sources such as address databases are used to identify any potential discrepancies. Even long-standing domains in the portfolio may be affected. If DENIC is unable to verify the data independently, your provider will be asked to clarify the situation with you.

In accordance with the legal requirements under NIS 2 and the BSI Act, DENIC automatically checks the registered owner details for completeness and plausibility. If any discrepancies are found, additional verification is required — regardless of how long the domain has been in existence.

Simply updating or visually checking the data is not sufficient once your domain is undergoing the verification process. The data must be actively verified with supporting documents using one of the permitted methods (e.g. e-mail confirmation, address confirmation, PostIdent, Video-Ident), and the result must be submitted to DENIC by your provider. Please contact your provider and expressly request that they carry out the verification.

Section 49 of the BSIG consists of two paragraphs which must be read separately: Paragraph 2 lists only the minimum information that must be included in the database — but this is not an exhaustive list of all the data that is processed. Paragraph 1 further requires that all registration data be maintained accurately and in full. At DENIC, the address has been part of this registration data from the outset, as otherwise a holder record cannot be uniquely identified — particularly in the case of common names or company names. Consequently, the address is also subject to the statutory duty of care and must be verified.

Domain

One possible cause is that the owner details have not been verified. However, there may also be other configuration issues. Please contact your provider immediately. You can view further details about your domain and the DENIC member responsible for its administration in webwhois.

Some providers offer the option of proactively verifying a domain. Please contact your provider for further details.

Once the 83-day period has expired, the domain contract will be terminated and the domain will be released after a short grace period. It may then be re-registered by a third party.