Rotating IP addresses: A big problem for ecommerce websites

How rotating IP addresses affect ecommerce

Every Internet connected device like computers, laptops, mobile phones and so on, is assigned an IP address which uniquely identifies that device for the purpose of data communication. When someone browses a website on their computer or phone, that involves data communication between their device and the web server. Rotating IP addresses refer to the practice of periodically changing the IP address associated with a particular device or network connection. Websites are able to read the web visitor’s IP address and this can be used to identify the corresponding user.

Ecommerce sites find it tough to deal with fraud from rotating IP addresses

Ecommerce websites accept online payments from customers who buy things from them. As part of the order fraud screening process, they will usually check the IP geolocation based on the IP address being used by the customer’s device.

With the IP geolocation data, merchants can check if the geolocation country match the shipping or billing address. If the countries matched, then the order should be legitimate, right?

Wrong! Thanks to proxy servers, fraudsters can masquerade using the IP geolocation of the proxy servers. A scammer in Nigeria, can use a proxy server based in the United States when buying things online using a stolen American credit card. To the ecommerce website, it would appear that the scammer is actually located in the United States based on his IP geolocation.

Assuming that the merchant notices that this is a fraud order, they can block that proxy server’s IP address. However, there are proxy providers out there that offer rotating IP address proxies. This means that the scammer can change his IP address at any time. The ecommerce site will have a hard time to find and block all of the IP addresses that can be used.

Proxy server detection in the fraud screening solution

Fortunately, fraud order screening solutions like FraudLabs Pro includes detection of proxy servers. Online merchants protected by such a service can easily discern if the user is using a proxy server. Often, the use of a proxy server when making a purchase screams FRAUDSTER in big bold letters. If a proxy server is being used, merchants should either reject the order or perform a manual identify verification.

Proxy server IP addresses change very frequently

Due to the fact that proxies change their IP addresses very frequently, it is impossible to be able to detect their use all of the time. For online stores, this can result in fraud orders slipping through. Any fraud that gets through means either refund or chargeback, neither being a good outcome for the merchant.

In addition to the above, some proxy providers are using IP addresses from residential users. Being real IP addresses that home users use for their day-to-day task, it makes the job of identifying them as proxies that much harder. These proxy providers pay the home users a small amount of money in exchange for routing proxy traffic through their network.

Since the IP addresses for residential users belong to real individuals, ecommerce sites are unable to differentiate a valid customer from a fraudster. To fight such cases of fraud, another approach is needed.

Using device fingerprinting to identify users

An advanced technique called device fingerprinting can be used to track a particular user even if the IP address changes. When a fraud screening solution incorporate this feature, it does not matter if the fraudster uses a different email or a different IP address. They still can be identified and tracked which makes this a great way to fight order fraud on online stores.

This technique relies on JavaScript code on the web store page which detects various settings from the user’s machine. All of these settings is then compiled into a fingerprint of sorts. FraudLabs Pro has such a feature built into their plugins for the various ecommerce platforms like WHMCS, Magento, OpenCart, WooCommerce and PrestaShop.

Using multiple fraud detection techniques: The best chance of catching fraud orders

Fraudsters can bypass every single fraud detection technique if they are used by themselves. IP geolocation data may provide the physical locations for the supplied IP address. However, the use of proxies will muddy the waters somewhat.

Then, proxy detection data will alleviate that by allowing merchants to know if someone is trying to checkout via a proxy server. Alas, the use of residential proxy server can sideline the usefulness of proxy detection, unless the merchant uses the IP2Proxy PX10 or higher proxy database from IP2Location. The IP2Proxy PX10 or higher can detect most residential proxies.

But, even if a residential proxy can be detected, how does the merchant decide if that person behind that IP address is a fraudster? As you can see, every technique only provides a small glimpse of the fraud picture. Combining them though with the device fingerprinting, can be a great way to catch more fraudulent orders.


A comprehensive fraud screening solution like FraudLabs Pro can provide all of the above detection features and more. FraudLabs Pro also incorporates machine learning to unveil new fraud patterns that can predict possible fraud. The use of numerous blacklists like email, name, credit card blacklists provide valuable data to the final fraud detection result. Merchants can be assured that most fraudulent orders are being caught if they’re using FraudLabs Pro.

Secure Transactions, Seamless Business

Say goodbye to fraud worries! Secure your online store with FraudLabs Pro now.

Was this article helpful?

Related Articles