Four ways to use geolocation to prevent online fraud

The average ecommerce site uses four risk-monitoring tools to help avoid falling victim to card-not-present (CNP) fraud, according to Quova, a provider of IP geolocation solutions. Geolocation monitoring, which identifies the geographic location of the computers visiting your website and placing orders, is often used to flag orders coming from high-risk locales (some countries, such as Ghana and Vietnam, account for a disproportionate amount of CNP fraud) and orders where the send-to address is suspiciously far from location of the computer. But geolocation tools can help identify potential fraud in other ways as well, according to the Quova white paper “Geolocation—Knowing Your Enemy”. For instance, they can

check for anonymous proxy servers and other location-masking solutions. Some people use anonymous proxy servers, which hide their IP location from the websites they visit, simply to maintain privacy. But anonymous proxies are also popular with online fraudsters. “Lists of anonymous proxies that are abusing the system, provided by a select few geolocation vendors, notify the e-merchant when an order comes from one of the proxy servers,” according to the white paper. 

check the distance between expected and actual user locations. If a customer generally orders from, say, Southwest England, you would probably be suspicious if he suddenly placed an order from a machine located in Latvia. Likewise, if a new customer is requesting that an order be shipped to Edinburgh but according to his IP address he is in Accra, you’d reconsider before despatching his package. Many merchants find that orders coming from a computer that is more than, say, 500 miles the expected location are much more likely to be fraudulent, according to Quova. Geolocation monitoring enables you to flag any orders that are submitted more than a specified number of miles from the expected locale. 

identify domain data. Geolocation services can sometimes provide domain information: “For example, an order placed on a work computer and passed through the company’s server will be tagged with the company’s website address, such as IBM.com. An order placed from a government office will come tagged with a .gov or .mil extension.” Some of these domains can confirm that certain orders are likely to be safe (if an order from a corporate domain has a different ship-to address, for instance, that may well be because the shopper is ordering from work but wants the item delivered at home). On the other hand, domains such as university servers or internet cafes may have higher rates of fraudulent activity and should be flagged.

enhance customer profiles. A customer’s IP domain can be added to other customer data, such as billing and email address. “Once a profile is built, e-merchants can look for changes—differences between the observed behaviours they see online and what they have on file,” according to Quova.