Security & Responsible Disclosure

1. Our Security Approach

Domaintico applies reasonable technical and organizational safeguards to protect accounts, domain operations, billing processes, and infrastructure.

• Access controls and role-based permissions
• Encrypted connections (HTTPS)
• Monitoring and logging of critical operations
• Protection against common web vulnerabilities

2. Account Security

Customers are responsible for protecting their account credentials.

• Use strong, unique passwords
• Do not share login credentials
• Monitor renewal dates and domain changes

3. Domain Protection

Domain services follow registry and ICANN security standards.

• Registrar lock mechanisms
• Authorization (EPP) code requirements for transfers
• Audit trails for domain operations

4. Infrastructure & Providers

Some components of our platform rely on trusted third-party providers (e.g., registries, payment processors, hosting infrastructure).

We work with reputable providers and apply secure configuration practices to minimize risk.

5. Responsible Disclosure

If you discover a security vulnerability related to Domaintico services, we encourage responsible disclosure.

How to report

Please email: security@domaintico.com

Include:

• A clear description of the vulnerability
• Steps to reproduce the issue
• Any supporting screenshots or logs

Disclosure expectations

• Do not exploit the vulnerability beyond necessary testing.
• Do not access, modify, or delete other users’ data.
• Allow reasonable time for investigation and remediation before public disclosure.

6. Abuse vs Security Reports

For phishing, malware, or domain misuse, please use our Abuse Reporting page instead.

7. Policy Updates

This Security page may be updated periodically to reflect improvements or policy changes.