Skip to main contentSkip to footer
NIS2 Resource
1. Map Requirements per TLD
Build an internal knowledge base of each ccTLD’s verification obligations and categorize TLDs by stringency level.
Step 1

Key Considerations:

  • Identify high, moderate, and light stringency TLDs.
  • Understand specific verification needs for each category.
  • Document findings for internal reference.

Implementation Tip:

Use the provided matrix as a starting point and keep it updated with registry communications.

2. Adopt a 'Maximal Compliance' Baseline
Design registration workflows to meet the toughest common requirements by default, making stricter steps conditional based on TLD.
Step 2

Key Considerations:

  • Implement capability for all verification types (Email, Phone, Address, ID/KYC).
  • Use conditional logic to trigger steps based on TLD rules.
  • Ensure the baseline covers the strictest requirements (e.g., .be, .dk, .ie).

Implementation Tip:

Build the strictest flow first, then add flags/conditions to bypass steps for less strict TLDs.

3. Implement Multi-Channel Verification
Integrate systems for Email, Phone (SMS/IVR), Address (API/DB checks), and ID/KYC verification.
Step 3

Key Considerations:

  • Automate email confirmation for all TLDs.
  • Use SMS/IVR for TLDs requiring phone verification or for high-risk cases.
  • Validate address format/existence, check against TLD eligibility (e.g., EU address).
  • Integrate a document/biometric verification module (in-house or third-party).

Implementation Tip:

Select verification partners (like Veriff, Onfido, Sumsub) that cover required checks and document types.

4. Risk Scoring & Conditional Checks
Implement an internal risk scoring system to evaluate registrant data quality and trigger enhanced verification for high-risk signups.
Step 4

Key Considerations:

  • Check for disposable emails, invalid phones, proxy IPs, suspicious names/addresses.
  • Use fraud detection services (e.g., IPQualityScore).
  • Define risk thresholds for escalating verification (e.g., require ID upload).
  • Align with risk-based approaches of registries like .dk, .de, .pl.

Implementation Tip:

Start with basic checks (email/IP quality) and gradually add more complex scoring rules.

5. Localization & National ID Integration
Integrate with national eID systems (MitID, Itsme, SPID, etc.) where possible and support country-specific ID formats.
Step 5

Key Considerations:

  • Allow users to verify via national eID login for relevant TLDs.
  • Add fields for national ID numbers (Codice Fiscale, PESEL, etc.) where applicable.
  • Validate format of national ID numbers.
  • Aligns with local registry practices and improves user experience.

Implementation Tip:

Prioritize eID integrations for countries with the highest volume or strictest requirements.

6. Workflow for Document Collection & Review
Establish a secure process for collecting and reviewing required documents (ID scans, proof of address, company papers).
Step 6

Key Considerations:

  • Use a secure portal for document uploads.
  • Define clear document requirements per TLD.
  • Have a trained team (internal/outsourced) for manual review.
  • Streamline submission to registries requiring direct approval (e.g., .ie).

Implementation Tip:

Use checklists and clear instructions for users during the upload process.

7. Real-Time Registry Compliance Updates
Maintain system configurations with the latest registry policy changes and manage post-launch compliance notices.
Step 7

Key Considerations:

  • Monitor registry news/feeds (CENTR, individual registries).
  • Use versioned rules in software to adapt to policy changes.
  • Build backend tools to handle registry notices about inaccurate data (e.g., for .pl fines).

Implementation Tip:

Assign responsibility for monitoring specific TLDs to relevant team members.

8. Reseller and Customer Education
Provide clear documentation, training, and communication to resellers and end-users about verification requirements.
Step 8

Key Considerations:

  • Update reseller documentation/training materials.
  • Explain *why* information is needed during the user signup flow.
  • Offer multi-language support in communications.
  • Build trust through transparency.

Implementation Tip:

Use tooltips and contextual help in the registration form.

9. Testing and Audit
Thoroughly test the verification workflow for different TLDs and scenarios, and maintain audit trails.
Step 9

Key Considerations:

  • Simulate registrations for various TLDs and user types.
  • Ensure conditional logic triggers correctly.
  • Verify that domains are only registered after meeting TLD requirements.
  • Keep detailed logs of verification steps, results, and evidence.

Implementation Tip:

Use a staging environment connected to registry OT&E systems for end-to-end testing.

10. Cooperate with Registries & Authorities
Establish communication channels with registries, participate in data accuracy programs, and respond promptly to authority inquiries.
Step 10

Key Considerations:

  • Utilize registry support channels.
  • Explore integrations for flagging verified data (e.g., via EPP).
  • Maintain procedures for responding to official data requests.
  • Demonstrate due diligence through clear processes and logs.

Implementation Tip:

Attend industry events and webinars hosted by registries to stay connected.