IP Authentication with IP Geolocation and Proxy Detection

IP geolocation technology can be used to reduce fraud by authenticating online visitors. By determining the geographical location of online visitors, businesses and organizations can block or restrict access from areas where they do not do business. For example, businesses that serve only U.S. customers can block orders originating from abroad. While IP geolocation can be useful for authentication, it can be circumvented by fraudsters with the use of proxies.

Analysis of minFraud transactions with known high risk e-mail addresses.

Percentage Category
7% High Risk Countries
25% Country Mismatch
39% Proxies

Category Definitions

High-Risk Countries are countries from which a disproportionately large number of fraudulent orders originate. Our list of high-risk countries includes Ghana, Nigeria, and Vietnam.

Country Mismatch are transactions where the IP geolocation country data does not match the billing address country of the user.

Proxies are typically compromised "zombie" computers which are running a proxy service that was installed by a computer virus or other such means. The owner of the computer is typically unaware that their computer is being used as a proxy, thus enabling fraudsters to use the legitimate owner's Internet connection to send spam, commit credit card fraud, and engage in other illegal activity. These open proxies change frequently, as home users cycle through IP addresses and as anti-virus software clean up infections. This category also includes legitimate anonymizing services (listed above as anonymous proxies) that cycle their IP addresses frequently in an effort to help their clients get around restricted sites or services that block known anonymous proxies.

Given the rate of change of open proxies, this dataset is currently not packaged into the GeoIP databases. The GeoIP databases only contains data on the anonymous proxies and satellite providers. To obtain the Open Proxy data, please use the minFraud or proxy detection services.

Because fraudsters can easily bypass IP geolocation with the use of the proxies, any sort of IP authentication via IP geolocation should be combined with a proxy check, especially one that detects open proxies. This way, if the fraudster is able to bypass a IP geolocation check, proxy detection offers an additional layer of protection for the business.

Back to main proxy page
Credit Card Fraud Prevention
Sample high risk IP addresses