Featured post

Come Visit the MaxMind Booth at MRC and
Learn How to Stop More Fraud!

2016 Vegas LogoMaxMind is looking forward to seeing you at the Merchant Risk Council (MRC) in Las Vegas. Come by Booth 131. Jenn Sessler, our Director, Business Development, will provide expert tips based on her many years of experience with fraud and manual review. Hear how we’ve helped our customers implement innovative methods to detect and stop card testing, triangulation fraud, and online ticketing fraud.

This informal presentation along with a follow on discussion will take place in the MaxMind booth at the following times:

  • Wednesday, March 9 – 10:30am and 2:30pm
  • Thursday, March 10  – 10:30am

If you can’t make it, just stop by Booth #131. We’re happy to share our expertise at any time!

Contact us today at mrc@maxmind.com to schedule a meeting during the event. We look forward to seeing you at MRC’s 2016 eCommerce Payments & Risk Conference – the largest professional development and networking event for eCommerce payments and fraud professionals in the Americas.

Remember, what happens in Vegas… can stop online fraud!

jenn-new

Jenn Sessler, MaxMind’s Director, Business Development, shares her expertise at MRC.

Case Study: Using Historical Transaction Data to Reduce Chargebacks

The new year has arrived. With transaction history from a busy holiday season on hand, this is a great time to take a look your historical transactions with a fresh and critical eye.

Reviewing your chargeback data to identify fraud patterns is a good way to get started. In this month’s blog post, we provide a case study of an online penny auction business, which improved their bottom line by doing just that. Continue reading

Where in the World?


Santa had a problem, and the problem was kids. Not that he didn’t love the children – far from it, their happiness was why he did what he did after all – but now there were more than ever of them. World population had grown to the point where there were 2.2 billion children that potentially wanted a gift, and that was a lot of mince pies to get through in one night!

To ensure that he’d have time to make all the deliveries, he’d taken the unprecedented step of installing agents in homes around the world – elves that sat on shelves – who were able to report on any problem, from waking children to adverse weather conditions, that might slow him down. Traditionally, a Shelf Elf would report by flying home each night leading up to Christmas, but on the big night itself the elf would have to report back in real time. Luckily for Santa, so many houses had internet connections that the Elf could use to report issues via a simple web form the Wise Old Elf had set up on the North Pole extranet. Continue reading

How to Protect Your Streaming Content from VPN & Proxy Traffic

As more and more TV, music, and movie content has moved online, a veritable industry has grown up around helping people to circumvent location based broadcast restrictions. Demonstrating the scale of the issue, GlobalWatchIndex reports that as many as 29% of VPN users globally accessed Netflix in one recent month. Tutorials for how to access this and other streaming services abound.

Streaming providers are required by content licensors to geographically restrict access to the content they license. Providers risk losing content licensors’ trust and ultimately risk losing their ability to license content from studios and other licensors if they are not able to restrict access based on where their customers are accessing this content from. This post describes the ways restrictions are being bypassed and offers some advice on solutions. Continue reading

Building Your Own MMDB Database for Fun and Profit

If you use a GeoIP database, you’re probably familiar with MaxMind’s MMDB format.

At MaxMind, we created the MMDB format because we needed a format that was very fast and highly portable. MMDB comes with supported readers in many languages. In this blog post, we’ll create an MMDB file which contains an access list of IP addresses. This kind of database could be used when allowing access to a VPN or a hosted application.

Tools You’ll Need

The code samples I include here use the Perl MMDB database writer and the Perl MMDB database reader. You’ll need to use Perl to write your own MMDB files, but you can read the files with the officially supported .NET, PHP, Java and Python readers in addition to unsupported third party MMDB readers. Many are listed on the GeoIP2 download page. So, as far as deployments go, you’re not constrained to any one language when you want to read from the database.

Following Along

Use our GitHub repository to follow along with the actual scripts. Fire up a pre-configured Vagrant VM or just install the required modules manually.

Continue reading

manual review data inputs

Manual Review Best Practices:
Get More Data for a More Informed Decision

Thus far, our Best Practices Series has discussed how you can use the data provided by the minFraud service for better decision making during manual review.

But actionable data from minFraud starts with the inputs you include with each query.

The minFraud service requires that each query include the IP address associated with the transaction at a minimum; as best practices, MaxMind recommends you send as many data points as possible.

The more data points you provide, the better the riskScore and the more information you make available to your fraud analysts as part of the manual review process. Continue reading

manual review data inputs

Manual Review Best Practices: What’s the Value of Assessing IP Address Risk?

In this blog post, we continue our discussion of best practices for manual review. Today’s topic is assessing IP address risk.

A fraudster (or indeed, anyone) placing an order on a website uses a device (computer, mobile phone or tablet) and this device is associated with an IP address.

In our last blog post, we discussed how the physical location of the IP address can be matched against other location information to see if anything looks suspicious. For example, it’s best to closely scrutinize orders where the location of an IP address is in one country and the billing address in another.

Fraudsters recognize the power of geolocation in identifying fraud, so they act to hide their actual IP address and, by extension, their geographic location. The best way for them to take cover is to connect to the Internet using a proxy server. Popular hiding places include open proxies, hosting providers and VPNs. Continue reading

manual review data inputs

How to Use Geolocation to Identify Higher Risk Transactions

In our last blog post, we discussed how you can use a risk score to automate fraud screening, saving you time and money.

In this blog post, we begin our discussion of manual review best practices.

Studies show that, in North America, one in four orders on average receive extra scrutiny through the manual review process. The goal is to prevent the expense of chargebacks and customer issued credits associated with fraud. At the same time, you need to ensure that legitimate orders are not rejected unnecessarily, and estimates suggest that this is the case with up to 10% of orders. Rejecting good orders negatively impacts the bottom line, and drives away good customers.

During manual review, fraud analysts examine data associated with an order to assess how likely it is to be fraudulent. One key area of data points to consider is that of geolocation. Continue reading

How a Risk Score Saves You Time and Money

Welcome to a new installment of MaxMind’s Best Practices Blog Series!

In discussing best practices, our focus is on efficient fraud screening methods which stop fraud while providing a positive customer experience.

Key to efficient fraud screening is automating as many decisions as possible.

In this post, we discuss the crucial role of minFraud’s riskScore to automated decision making. Continue reading

Reverse Geocoding for the Masses – Apache Nutch

The Apache Nutch community has been hard at work developing an open source web crawler. Nutch is a mature, production ready web crawler powering data acquisition, search and discovery for a broad spectrum of organizations over a broader spectrum of use cases. The Nutch 1.x branch enables fine grained configuration and relies on Apache Hadoop™ data structures, which are great for batch processing.

This post documents how reverse geolocation features were added to Nutch via MaxMind’s GeoIP2-java API, making good use of server IP addresses acquired within a Nutch crawl. Readers will take away:

  • insight into why geocoding is appealing in today’s markets,
  • practical code examples from the Nutch 1.x branch, showing how to use the GeoIP2-java API in order to geocode based on server IPs.

Continue reading