Sponsored By

Using Geolocation to Prevent Fraud

Xsolla clients are protected against online and wire fraud because we are using more than one method to combat it. Today, we will be talking about one of the most effective tools you can use to detect suspicious transactions - geolocation.

Ulyana Chernyak, Blogger

May 27, 2014

7 Min Read

Xsolla clients are protected against online and wire fraud because we are using more than one method to combat it. Today, we will be talking about one of the most effective tools you can use to detect suspicious transactions - geolocation.

Earlier, we have shared some details of what parameters are used to identify user location. This time, Xsolla experts explain how information about a user’s geographical location allows us to identify a suspected fraudster .

Location-based services provide information about any user’s location, connection speed, domain, localization, and language browser. This information is used to determine where the user is at the time of purchase. Once you know this information, you can start working to prevent fraud.

Geolocational info is used by a number of large companies. For example, just this past February,MasterCard announced a partnership with Syniverse, hoping to improve the ways they prevent and combat fraud through check geolocation. This spring, they also led a campaign that ensured that customers who wished to pay online by credit card could only do so when their cell phone was activated. This way, they can store and transmit data about a user’s location via network.

How to use the geolocation to avoid possible fraudulent payments in online gaming, we inquired with Xsolla’s experts, Elena Musinova and Vladimir Karnishin.

Learn to Identify and Look Beyond Proxy Servers

Proxy servers help conceal customer information and reroute data through another location. For example, a payment system can notify you when player makes a purchase from a place that is extremely remote from a user’s billing address.

Xsolla once found a Chinese fraudster who routed a payment from Mexico while posing as an American. How did this happen? People were able to steal a user account, create a new account with fake data and then continue to use a stolen card. According to Xsolla’s support manager, Elena Musinova, it’s possible to identify fraudsters using proxy simply by carefully analyzing their requests:

“Most of the questionable calls in regards to operating stolen cards come from the CIS, China, South America and Africa. Criminals often use a proxy and try to pass themselves off as Americans, and pay with credit cards that have been stolen from the United States. If they contact customer support, often we will notice that their requests are significantly misspelled. These are not mistakes that native speakers would make. Most likely, the support tickets have been translated into English using an online service. With such clues as this, we can catch fraudsters who are using the best proxies.”

 

Follow User Language

Make sure to take a look at what the language or localization of the site is that the user chooses. It’s a different case if a user says that he is on a business trip to China from the US and therefore pays from that location, but why would a business traveler choose Chinese as their primary language and not English? When a person goes on vacation, they may choose to set their watch or phone clock to a local time zone, but they hardly ever change their main computer. If you notice such discrepancies, it’s a red flag.

Require All Possible Payment Parameters

Head of Risk Management and Acquiring Vladimir Karnishin says that to be sure you are successfully combating fraud is to offer the maximum amount of payment parameters possible. To effectively use geolocation, you must be able to gather as much information as you can to nail down a user’s location.

This does not necessarily mean requiring this parameters from a user, but rather being able to identify them based on the information provided. Some useful parameters to pay attention to include:

Billing Address
- The physical address when a user registers a payment account
Postal Code Number
- The region in which the bank or financial institution that issued the card is located
Regional IP Addresses
The IP addresses of the computer or device that uses the account
Browser Language
-The language that a user has set their computer’s browser to as a default
Time Zone of the Computer
-You can identify a user’s area by how their computer has been set to identify their time zone.

Get Familiar with Analysis Algorithms

The process of comparing user data to identify a potential fraudulent user will vary and depends on each situation and market. Sometimes it is enough to compare a bank address and an IP address and refuse a transaction service if they don’t match up. However, more often than not, fraud charges are initiated within more complex algorithms than that.

“Sometimes you are able to notice fraudulent activity by tracking an address change made by a user, even when the other attributes of payment remain the same. Address changes within a certain time frame are extremely suspect. For example, payment from the U.S. and then a subsequent payment from the CIS within a few minutes indicates a high probability that the first payment’s data has been compromised and the user is trying to make a payment from a stolen card.” says Vladimir Karnishin.

Summary

Thanks to geolocation checks, developers can rest assured that orders from users will be paid out. Special techniques and filters can be used for analyzing location information to help avoid transactions from suspicious customers. Maintaining and analyzing data about a user’s location supports the creators of games to add significant additions to their marketing as well as security opportunities, as well.

Read more about:

Blogs

About the Author(s)

Ulyana Chernyak

Ulyana Chernyak

Blogger

See more from Ulyana Chernyak
Daily news, dev blogs, and stories from Game Developer straight to your inbox
Stay Updated

You May Also Like

Latest News

Xbox series S and series X consoles against a green backdrop
Business
Report: Xbox planning to make Call of Duty a core part of Game PassReport: Xbox planning to make Call of Duty a core part of Game Pass
byDanielle Riendeau
May 17, 2024
2 Min Read
Key artwork for GTA VI
Business
Take-Two narrows GTA VI release window, records $3.74 billion annual lossTake-Two narrows GTA VI release window, records $3.74 billion annual loss
byChris Kerr
May 17, 2024
2 Min Read
Get daily news, dev blogs, and stories from Game Developer straight to your inbox
Subscribe to Game Developer Newsletters to stay caught up with the latest news, design insights, marketing tips, and more
Stay Updated

Trending

thumbnail
Design
Book Excerpt: Ultima and Worldbuilding in the Computer Role-Playing GameBook Excerpt: Ultima and Worldbuilding in the Computer Role-Playing Game
byCarly Kocurek, Matthew Thomas Payne
May 16, 2024
15 Min Read
The logo for Ironwood Studios.
Production
What it means to direct a game that was someone else's creative visionWhat it means to direct a game that was someone else's creative vision
byBryant Francis
May 16, 2024
10 Min Read
The doors at GDC on day one, 2024
Business
Behind the GDC scenes with Beth Elderkin and Sam Warnke: Game Developer Podcast ep. 43Behind the GDC scenes with Beth Elderkin and Sam Warnke: Game Developer Podcast ep. 43
byDanielle Riendeau
May 15, 2024

Featured Blogs

A colorful character poses with fiery friends
Production
Language, loot, and localization: how to ready MMORPGs for release in more regions
Language, loot, and localization: how to ready MMORPGs for release in more regions

May 16, 2024

Art
From ASCII to Pixel Art and Back
From ASCII to Pixel Art and Back

May 15, 2024

Audio
The Game Show Interview: Game Music & Game Design
The Game Show Interview: Game Music & Game Design

May 14, 2024

Latest Podcasts
See all

Game Developer Essentials

A series of matches burning out.
Production
What the game industry must do to prevent occupational burnout
What the game industry must do to prevent occupational burnout
Chris Zukowski at the GDC mic
Marketing
The secret to using Steam as a developer is to make Valve earn their 30 percent
The secret to using Steam as a developer is to make Valve earn their 30 percent
Design
The key to future employment in games dev is diversifying your skill set
The key to future employment in games dev is diversifying your skill set
stylized image of a person at a computer with 3D post it notes and architecture
Design
How To: Write a Game Design Document
How to write a Game Design Document