Skip to content

Platform_

Threat & fraud signals

Datacenter, VPN and Tor detection, plus BIN-vs-IP mismatch.

The network posture of an address — ASN, ISP, datacenter, VPN and Tor exit — folded into a composite risk score. Plus the signal nobody else offers: the card BIN’s issuing country against the IP’s. Card from Nigeria, IP in Pakistan: that is a signal.

Why it works_

See the risk before you take the payment

01

The BIN mismatch

IP and card-issuing country compared directly. No geo API offers this because none understand payments.

02

Transparent scoring

A documented additive 0–100 score you can reproduce by hand — no black box.

03

A signal, not a verdict

You keep your own policy and your own party-level screening; we give you the inputs.

The data behind it

One call, these response blocks.

This page maps to these blocks of the same response every other page reads:

  • Network & fraud
threat-signals.sh
curl -X POST "https://api.localesense.com/v1/fraud/check" \
  -H "Authorization: Bearer ls_live_..." \
  -d '{"ip":"203.135.62.10","bin":"539983"}'
In practice

What your code sees, per request.

The sample on the right is the shape of the real response for a visitor in Karachi — every value attributable, nothing guessed. Point the same call at any of the 197 markets.

Try it live in the docs
GET /v1/self 200 OK · sample
  • Risk 12/100 · no VPN · BIN match

Keep exploring_

Related platform

FAQs

Threat & fraud signals — frequently asked

What is a BIN-versus-IP mismatch and why does it matter?

A card's first digits (the BIN) identify its issuing country. When that country differs from where the request's IP is located — a Nigerian card paying from a Pakistani IP — it is a classic fraud signal. Most geo APIs cannot offer this because they do not understand payments; we compare the two directly.

How do you detect VPNs, Tor and datacenter traffic?

We resolve the address's ASN and ISP and match it against known hosting providers, commercial VPN egress ranges and live Tor exit nodes, then fold those into a composite risk score. Datacenter origin is the strongest of these signals.

Is the risk score a decision I can rely on outright?

No — it is a transparent, additive 0–100 signal you can reproduce by hand, meant to feed your own rules, not replace them. You keep your policy and your own party-level screening; we supply the inputs.

Get started

Try it free

10,000 requests a month, no card. Every tier includes live FX and the full formatting engine.

Get your API key