Have a question? Contact us
Importance of Registrars
The Registry-Registrar model is one of the universal practices in the field of domain names. It allows accredited Registrars to provide domain name registration services. Accredited Registrars bundle domain registration services with various other add-on services (e.g. hosting, email, and other important services) and provide them to end-users (Registrants). This allows Registrants to manage everything related to domain names via a single platform (one stop shop), as well as receive continuous customer support locally and internationally.
This page outlines some important details on the procedures and processes for Registrar accreditation for Saudi domain names (السعودية.، .sa), which are based on the Registrar Regulation. This is the second application phase during which an unlimited number of registrars will be accredited.
To apply for accreditation, the following eligibility criteria must be fulfilled:
- The applicant must be registered in Manassa Tech
- The applicant must be working and expert in technical fields related to hosting services and providing e-services.
Preparing a detailed proposal about the entity which includes the following:
i) The entity's experience in hosting and e-services, domain names and add-on services (web hosting, email, apps, cyber security services, etc.)
- That should include a website under Saudi domain name (.sa) which contains description of the entity's services.
ii) The entity's experience in hosting services, digital marketing, and add-on services (web hosting, email, apps, cyber security services, etc.)
iii) • A technical plan to interface with domain registration systems, which includes:
- The entity's applications, services and databases that are going to be used during the integration phase should be hosted in Saudi Arabia with a Cloud Service Provider or an Internet Service Provider that is accrediated by CITC.
- The entity's technical ability to connect with the systems.
- The entity's familiarity with Extensible Provisioning Protocol (EPP) as detailed in the operational manual (which can be requested by sending us a request using this link).
iv) The mechanism of providing domain registration services to the end user:
- The method of providing services shall be fully electronic.
- Channels that will be used to provide the services (app, website, etc.)
- The security measures that will be taken to ensure the protection of users' privacy.
- The measures that will be taken, and tools that will be used to ensure that changes in registered domains are only done by authorized users. This might include: access and login auditing and monitoring, ensuring the accuracy and validity of entered emails and mobile numbers, etc.
- The tools and methods that will be used to preserve (user information, service requests, and additional documents) in a persistent manner for the purpose of providing them to SaudiNIC when needed.
v) The marketing plan for Saudi domain names registration services:
- The entity's expertise in launching marketing campaigns in the field of digital/electronic services and other related fields.
- The targeted number of domain registrations during the first 6 months of service.
- The marketing style and channels used for marketing Saudi domain names.
- Promotions, deals, or offers provided to end users. (The results of reviewing an application request does not include inherent acceptance or approval for such offers).
vi) Technical customer support services for Registrants:
- Technical support channels for users (app, website, call center, etc.)
- Support availability periods (during work hours, 24hrs, etc.)
- The size of the team assigned to provide tech support and the percentage of Saudization in it.
- The targeted average response time for responding to clients.
- Methods and tools used to monitor customer satisfaction rates.
- Languages available for tech support.
vii) The procedures and methods that will be implemented to ensure Registrant compliance with Saudi Domain Name Regulations and Registration Rules:
- Methods used to ensure the user's eligibility to register Saudi domain names (as pointed in section 2/5 of registration regulation). As well as the eligiblity to register for the desired 2nd level domain SLD) (as described in section 3 of registration rules).
- Methods used to ensure that a user has the right to use a domain name (as stated in section 4/4 of the registration regulation).
- Methods used to verify and validate the user's identity when registering or modifying.
- Methods used to ensure that the administrative contact's info is accurate and in accordance with registration regulation.
- Must integrate with Saudi government entities to ensure that the user's info is valid and correct. E.g. (commercial record, national ID, etc.)
Registrar Accreditation Process
- This process highlights the steps that will be followed:
1) Accreditation Application Submission
- Submission of the accreditation application and detailed proposal showing fulfillment of eligibility through the electronic form (https://wakeel.nic.sa/signup).
2) Review of Applications
- SaudiNIC shall review the received applications that have met both the eligibility criteria and application requirements and shall inform the applicant if there is any information to be completed.
- If the applicant fails to meet the necessary requirements, the accreditation application will be rejected and the applicant may reapply after three days.
3) Integration in testing environment and carry out technical tests
- The entity shall initiate integration with the testing environment and carry out necessary technical tests within 4 weeks maximum.
4) Registration Systems Development
- In case of passing the technical tests, the entity shall develop registration systems and link them with the pilot environment according to procedural and security requirements ((which can be requested by sending us a request using this link, within 12 weeks maximum as of notification date of passing the technical tests.
- Upon completion of development, SaudiNIC will check systems to ensure application of procedural requirements.
5) Integration in production environment and security scanning
- The entity shall do security scanning and send the final report according to cybersecurity requirements.
6) Payment of Fees and Accreditation
- When the above requirements are met, the entity is notified of the final accreditation.
If the applicant could not pass any step, then the request will be rejected. The applicant can resubmit a new request again after 45 days of the rejection.