When a user or customer claims to be in London but their IP location shows Lagos, that's a red flag. In the world of e-commerce and online platforms, these inconsistencies are often the first sign of fraud. The ability to spot and block these fake users in real time is no longer a luxury; it's a must.
This guide will show you how to integrate IPgeolocation.io's IP Security API to get real-time threat intelligence, allowing you to spot fraud before it happens and build a more secure platform.
The Threat Intelligence You Need, Instantly
The IP Security API goes beyond simple location data. It provides a full list of threat intelligence, giving you a complete picture of who is interacting with your platform and whether they're a potential risk.
Threat Scoring: The API gives a risk score from 0 to 100. This score is measurable, so you can instantly check a user's risk level and build rules around it.
Anonymizer Detection: Stop fraudsters from using common tricks. The API can detect if an IP is associated with a VPN, a proxy, Tor usage, or a known bot.
Provider Details: Get specifics on the hiding tool, including the proxy type (e.g., residential, data center) and the provider's name (e.g., NordVPN).
Detailed Data: For a full view, the API adds to its threat data with detailed geolocation, ASN, and ISP/company information.
Up-to-Date Network: The API is backed by an always-updated global IP information network, making sure you're always using the latest details to protect your users.
Putting It to the Test: A Code Example
Let's look at a quick example using Python to show how easy it is to integrate the API into your work. This script will check a given IP address for a security threat and print the results. You can easily change this to fit your specific application's needs.
Input
This is the Python script used to make the API call. The IP_ADDRESS variable is set to a known Tor exit node to show how the API identifies a security threat.
import requests
# Replace with your actual API key from Ipgeolocation.io
API_KEY = 'YOUR_API_KEY'
# The IP address to check.
IP_ADDRESS = '85.239.127.126'
# The API endpoint for IP geolocation and security data
URL = f'https://api.ipgeolocation.io/ipgeo?apiKey={API_KEY}&ip={IP_ADDRESS}&security=1'
def check_ip_threat(ip_address):
"""
Checks an IP address for security threats using the IPgeolocation.io API.
"""
try:
response = requests.get(URL.replace(IP_ADDRESS, ip_address))
response.raise_for_status() # Raise an exception for bad status codes (4xx or 5xx)
data = response.json()
print(f"--- IP Security Report for {ip_address} ---")
print(f"Country: {data.get('country_name', 'N/A')}")
print(f"City: {data.get('city', 'N/A')}")
print(f"ISP: {data.get('isp', 'N/A')}")
print("-" * 35)
security_data = data.get('security', {})
if security_data:
print(f"Threat Score: {security_data.get('threat_score', 'N/A')}")
print(f"Is VPN: {security_data.get('is_vpn', False)}")
print(f"Is Proxy: {security_data.get('is_proxy', False)}")
print(f"Is TOR: {security_data.get('is_tor', False)}")
print(f"Is Bot: {security_data.get('is_threat', False)}")
print(f"Provider: {security_data.get('proxy_provider', 'N/A')}")
else:
print("Security data not available for this IP.")
except requests.exceptions.RequestException as e:
print(f"An error occurred: {e}")
except ValueError as e:
print(f"Error parsing JSON response: {e}")
if __name__ == '__main__':
check_ip_threat(IP_ADDRESS)
API Response
This is a sample of the JSON response you would receive from the ipgeolocation.io API for the IP address 85.239.127.126. Notice the high threat_score and the is_tor: true flag, which indicates that this IP is a security risk.
{
"ip": "85.239.127.126",
"location": {
"continent_name": "Europe",
"country_name": "Germany",
"city": "Frankfurt am Main"
},
"network": {
"asn": {
"organization": "Server-Service"
},
"isp": "Server-Service"
},
"security": {
"threat_score": 90,
"is_tor": true,
"is_proxy": false,
"proxy_type": "TOR",
"proxy_provider": "",
"is_anonymous": true,
"is_known_attacker": false,
"is_spam": false,
"is_bot": false,
"is_cloud_provider": false,
"cloud_provider": ""
},
"time_zone": {
"name": "Europe/Berlin"
}
}
Real-World Use Cases
The IP Security API provides security that scales with your platform. Here’s how you can implement it:
E-commerce: Use the API in your checkout process. If a high risk score is found or a user is on a known proxy, you can flag the transaction for a closer look or block it to stop payment fraud.
Fintech: During user sign-up, implement the API to check a user's location and connection type. This helps with confirming who the user is and spotting suspicious new accounts.
SaaS Platforms: Prevent bots from creating fake accounts. By checking the is_threat or is_bot flags during sign-up, you can greatly reduce spam and keep your data clean.
Conclusion
IP information is a powerful set of tools for your security. By integrating the IP Security API, you move from handling fraud after it happens to a forward-thinking, real-time security model. It's a simple, effective way to get deep insights into your users and protect your platform from a wide range of threats.
Ready to get started? Sign up for your Free API Key and secure your platform today.
Top comments (0)