It always starts with an innocent observation. “We get a lot of traffic from Boston,” your boss remarks. You naturally throw out a guess or two and discuss why that might be. Until your boss drops the bomb —
“Can you dig into that?”
Darn it. You walked right into that one.
Now you’re in a predicament. You know Google Analytics has traffic by geographic location, but that’s not gonna cut it. If you want to report on those retention rates, lifetime values, or repeat behaviors by geo, you need something you can query with SQL, something that lives in your data warehouse. But you don’t have anything like that. You know there’s user IP addresses in your log data, you just need to turn them into locations. But Redshift doesn’t have a way to do that.
We get a lot of questions here at MaxMind about IPv6, and it’s not hard to imagine why. Accuracy is top of mind for every user of IP geolocation and this topic introduces questions about how effective geolocation can be for certain user segments. In this post, we explain a key reason for IPv6 addresses, how they’re allocated, and provide information about IPv6 geolocation accuracy.
MaxMind has always been committed to an individual’s right to privacy on the internet. We welcome the burgeoning privacy regulations, such as GDPR and CCPA, for the benefit they can provide to internet citizens. However, these new legislative measures place restrictions that impact our ability to continue distributing our GeoLite2 databases on a public page under the Creative Commons Attribution-ShareAlike 4.0 International License.
We recognize the impact of these changes on the open source community and we do not take these decisions lightly. We want to communicate these changes with transparency and ensure we are balancing your business needs with the privacy needs of individuals.
The California Consumer Privacy Act (CCPA) mandates that businesses honor valid “Do Not Sell” requests from California residents. In this context, complying with a valid request involves MaxMind removing IP addresses from the GeoLite2 data and communicating to GeoLite2 users that the IP addresses in question should (immediately) not be utilized for uses covered under the CCPA. Serving GeoLite2 database downloads on a public page simply does not allow us to communicate and honor valid “Do Not Sell” requests we receive from individuals.
The solution we have chosen is to introduce a new end-user license agreement containing the relevant data processing provisions that both we, as the business providing data, and you, as the third party user of the data, need to comply with applicable data privacy regulations. Additionally, by requiring a MaxMind account and contact information from you, we will be able to communicate all valid “Do Not Sell” requests to you as we receive them.
With this approach, we can continue to offer GeoLite2 databases, without charge, while remaining responsible stewards of data that improves the experience of countless users across the internet.
October 16, 2019: We retired support for TLS v1.0/v1.1 and unencrypted HTTP requests to minFraud services on October 16, 2019, as part of our commitment to securing and protecting your data. Please ensure you are using TLS v1.2+ to connect to MaxMind services.
In the coming months, we will be retiring the following:
TLS v1.0 and 1.1 support across MaxMind products and services (October 16, 2019);
Unencrypted HTTP requests to our legacy minFraud services (October 16, 2019); and
The legacy minFraud service SOAP API (January 31, 2020).
Read on below for more information. MaxMind is deeply committed to information security and protecting customer data, and taking these steps will allow us to ensure your data is as safe and secure as possible. If you have any questions, please do not hesitate to contact us.
MaxMind and Dosh will be presenting at the Merchant Risk Council’s annual fraud prevention conference, MRC Vegas, on Tuesday, March 19, from 4:15pm – 5pm. Read on below for the details and what you’ll take away from the session.
Anonymous IP addresses (sometimes incorrectly generalized as “proxies”) serve to hide a web user’s true IP address and obfuscate their geolocation. There are legitimate reasons, usually related to privacy or security, to use anonymous IPs, but many businesses find that fraudsters and other bad actors also use anonymous IPs in malicious ways that affect the bottom line.
After careful consideration, taking into account customer feedback, we have decided against removing latitude and longitude coordinates from the GeoLite2 databases. We are in the process of reviewing coordinates used in all of our GeoLite2 and GeoIP databases to ensure there is no risk of misuse.
Moving forward, we will still be discontinuing the GeoLite Legacy databases and will continue to support open source through our GeoLite2 databases. Please continue to check our blog, Support Center, websites, and ourTwitter andLinkedIn accounts for additional updates on our review of GeoLite2 database coordinates.
At MaxMind, “open communication” is one of our core values. We’re listening to you and we take your feedback seriously.
The global e-commerce market size grew to a record $2.2 trillion in 2017, and there areno signs of a slowdown in 2018, as more and more people turn to the virtual marketplace for their shopping needs.
But this tremendous exponential growth also has a dark side. As digital channels are opening, and international brands are diversifying their offerings, fraudsters are seeking new, or rediscovering old, ways to capitalize on global opportunities.
MaxMind will be presenting alongside Shopify at the Merchant Risk Council’s flagship fraud prevention conference, MRC Vegas, Tuesday, March 20, from 2:15pm – 3pm.
Jenn Sessler, MaxMind’s Director of Business Development, andWill Mowat, Shopify’s Fraud Operations Lead, will be discussing the growing problem of account takeover and what merchants can do to combat it. Jenn and Will bring years of industry insight and first-hand experience with fraud prevention and risk mitigation to this informative and timely presentation on account takeover.