MINFRAUD SERVICE TERMS OF USE

Last Updated: 2018/03/05

The "minFraud Service", a service offered by MaxMind, uses data from the GeoIP Databases, Open Proxy Databases, and BIN Databases combined with recognized fraud risks to help merchants identify potentially fraudulent online transactions.

The terms and conditions of the MaxMind GeoIP End User License Agreement (the "GeoIP EULA") apply in full to your use of the minFraud Service and are incorporated herein by reference. The terms in these minFraud Service Terms of Use are intended to create additional restrictions upon your use of the minFraud Service, beyond those restrictions set forth in the GeoIP EULA. In the event of a conflict between these minFraud Service Terms of Use and the GeoIP EULA, the latter shall control.

DEFINITIONS

(a) "Open Proxy Databases" refers to a data service that is provided by MaxMind and that provides open proxy information about IP addresses.

(b) "BIN Databases" refers to databases that are compiled and maintained by MaxMind and that list bank identification numbers and information (e.g., bank name, bank customer service number) associated with those specific bank identification numbers. Data available through the BIN Databases is referred to herein as the "BIN Data".

Unless otherwise noted, all other capitalized terms used in this minFraud Service Terms of Use Policy are defined as indicated in the MaxMind GeoIP EULA.

APPROPRIATE USES OF the minFraud SERVICE

Using the minFraud Service constitutes an agreement to restrict your use to appropriate uses of the service as outlined in this section.

(a) You may not use the minFraud Service in any way that violates federal, state, local, international law or the rights of others.

(b) You may submit data to the minFraud Service only for the purposes of (i) testing the minFraud Service; (ii) validating credit card transactions, other transactions for online and e-commerce payments, credit card applications, and user and account registrations for online forums and services you offer (each an "Online Transaction" and collectively "Online Transactions"); and (iii) other similar business purposes.

(c) Unacceptable uses of the minFraud Service include, but are not limited to, the following:

(i) submitting queries designed to extract information from the GeoIP Databases or the BIN Databases, if such information is not specifically to be used for the validation of an Online Transaction;

(ii) submitting false or fictitious input fields, including but not limited to, IP address, BIN number, and billing location (except for the limited purpose of testing the minFraud Service);

(iii) using a robot, spider, other automatic device, or manual process to monitor or copy the GeoIP Databases, GeoIP Data, BIN Databases, or BIN Data;

(iv) building derivative databases based on the information provided by the minFraud Service; or

(v) taking any action designed to compromise security or tamper with system resources and/or accounts.

(d) If MaxMind, in its sole discretion, finds or suspects that you are using the minFraud Service in an unacceptable manner, MaxMind may immediately restrict, suspend, or terminate your use of the minFraud Service. Activities that may trigger such a response by MaxMind include, but are not limited to, repeated discrepancies between credit card data (e.g., billing address, bank identification numbers (BINs), names or phone numbers) entered by you and the applicable information of record for the associated cardholders.

SECURITY

You are responsible for all activities that occur under your account and under your password, license key, and similar mechanisms for account access (collectively "Passwords"), and you shall keep your Passwords confidential. You shall immediately notify MaxMind of any unauthorized use of your Passwords or account or any other breach of security.

PERSONAL DATA

The minFraud Service helps you reduce the incidence of online fraud by scoring the likelihood of fraud associated with particular online transactions and account registrations. The minFraud service is a hosted solution that you access via an API. You pass to the minFraud Service certain information deemed to be personal data under the privacy laws of the European Union provided by your site visitors during online transactions and account registrations.

The minFraud Service requires the processing of IP addresses in order to function properly, but allows you as the customer to choose which additional personal data elements, if any, to share with the minFraud Service, to provide more robust risk scores. A list of the additional data elements that you may choose to provide can be found here: https://dev.maxmind.com/minfraud/api-documentation/requests#schema--request. Some minFraud customers may be using a legacy version of the product, in which case the data elements may be found here: https://dev.maxmind.com/minfraud/minfraud-legacy.

The minFraud Service analyzes this personal data and returns a risk score. The risk score is between 0.01-99 and represents the probability that a given transaction is fraudulent. MaxMind provides the risk score to you and you then determines in your sole discretion whether to accept, reject, or manually review the transaction, or send it to a complimentary fraud prevention service. Depending on the service level used, the minFraud Service may additionally return other information and scores which can be used in the analysis of transactions.

Some of the personal data elements chosen by you to pass to minFraud may be processed and aggregated to become part of a MaxMind GeoIP Database. The personal data elements shared may also be combined with personal data elements chosen and provided by other customers, which allows for more robust identification of potentially fraudulent behavior based on MaxMind’s flagging of particular data elements.

In accordance with the foregoing, you agree that MaxMind may collect, store, and share information generated through use of the minFraud Service in accordance with the GeoIP EULA and these Terms. MaxMind shall use personal data obtained through the minFraud Service to provide the minFraud Service. MaxMind will also use personal data obtained through the minFraud Service to augment its other databases used to provide anti-fraud and other services to its customers, including but not limited to, IP geolocation, IP organization designation, fraud detection, email and device risk assessment, and demographic targeting.

PRIVACY POLICY

MaxMind has posted on its website a privacy policy disclosing the privacy practices of MaxMind and providing appropriate mechanisms for consumers to control the use of their personal information. MaxMind requires its licensees to adopt and post a privacy policy explaining their own internal privacy practices and their use of the MaxMind Services.