minFraud Release Notes

November 8, 2019

Effective November 12, 2019, we will return -001 as the last 3 digits for all 7 digit postal codes in Lisbon, Portugal. Our postal code resolution in Portugal is accurate for the first 4 digits and we include the -001 at the end for backwards compatibility for customers to join the data with 7 digit Portuguese postal code databases. We may extend this convention to other large Portuguese cities in the future.

October 16, 2019

We retired support for TLS v1.0/v1.1 and unencrypted HTTP requests to minFraud services today, as part of our commitment to securing and protecting your data. Please ensure you are using TLS v1.2+ to connect to MaxMind services.

October 15, 2019

The following output has been added to the GeoIP2 Precision Insights web service, and minFraud Insights and Factors web services:

  • static_ip_score – An indicator of how static or dynamic an IP address is. The value ranges from 0 to 99.99 with higher values meaning a greater static association. For example, many IPs with a user_type of cellular have a lifetime under one. Static Cable/DSL IPs typically have a lifetime above thirty.

    This indicator can be useful for deciding whether an IP address represents the same user over time.

The static_ip_score output is present in the traits object.

October 14, 2019

This is a reminder that we are retiring support for requests using TLS 1.0/1.1, and unencrypted HTTP requests to MaxMind minFraud services on October 16, 2019. After October 16, 2019, these types of requests will always fail with an error. Please update to TLS 1.2+ to avoid service disruption. You may need to upgrade your technology stack to a later version, or make code changes to do so.

Contact us for support or if you have questions.

October 3, 2019

We have made improvements to how we identify cellular IPs for the connection_type field provided in the GeoIP2 Connection Type database, and the user_type field provided in the GeoIP2 Precision Insights web service and minFraud services. Accuracy for cellular identification should now be about 95% accurate globally.

October 2, 2019

You can now view a log of your MaxMind account activity, which includes a time stamp, requester, and subject, for the each of the following actions:

  • Creation of a new user
  • Deactivation of a user
  • User password changes
  • Email address / username changes

Account administrators can see activity across the whole account, while non-administrators will only see their own activity. You can find the account activity log in your account portal under ‘Account Information’ or here [login required].

September 30, 2019

We’ve deprecated the /ip_address/country/is_high_risk output in minFraud Insights and minFraud Factors (and highRiskCountry output in legacy minFraud services) because it provides limited value. You can find the IP country in the /ip_address/country/names output.

September 19, 2019

The following outputs have been added to the GeoIP2 Precision Insights web service, and minFraud Insights and Factors web services:

  • network – The network in CIDR notation associated with the record. This is the largest network where all of the fields besides ip_address have the same value.
  • user_count – The estimated number of users sharing the IP/network during the past 24 hours. For IPv4, the count is for the individual IP. For IPv6, the count is for the /64 network.

Both of these outputs are present in the traits object.

September 16, 2019

8-hour interruption of old TLS and unencrypted minFraud requests on September 25, 2019

There will be a planned service interruption for all requests to MaxMind services that use TLS versions 1.0 and 1.1, and for unencrypted HTTP requests to MaxMind legacy minFraud services (e.g. minFraud Standard, minFraud Premium, Proxy Detection web service, IIN service). This will take place for up to 8 hours from 14:00-22:00 UTC on September 25, 2019.

During the interruption, requests using TLS v1.0 and v1.1 and unencrypted HTTP requests to legacy minFraud endpoints will fail with an error.

To avoid service interruption, you may need to upgrade some part of your technology stack to a later version, or you may need to make code changes. If you have any questions, please do not hesitate to contact us. Additional info is available on our blog.

August 29, 2019

Effective August 29th, 2019, we have deprecated the /subscores/ip_tenure and subscores/email_tenure subscore outputs in the minFraud Factors service because they provided limited value. The subscores will default to 1 and will be removed in a future release. The IP tenure is reflected in the overall risk score. The user tenure on email is reflected in the /subscores/email_address output.

August 21, 2019

We have made improvements in how we detect business IPs for the user type field provided as part of the GeoIP2 Precision Insights web service and minFraud services. Approximately 1% of residential IPs were recently corrected to the appropriate business user type as a result of these improvements.

August 20, 2019

8-hour interruption of old TLS and unencrypted minFraud requests on August 28, 2019

There will be a planned service interruption for all requests to MaxMind services that use TLS versions 1.0 and 1.1, and for unencrypted HTTP requests to MaxMind legacy minFraud services (e.g. minFraud Standard, minFraud Premium, Proxy Detection web service, IIN service). This will take place for up to 8 hours from 14:00-22:00 UTC on August 28, 2019.

During the interruption, requests using TLS v1.0 and v1.1 and unencrypted HTTP requests to legacy minFraud endpoints will fail with an error.

To avoid service interruption, you may need to upgrade some part of your technology stack to a later version, or you may need to make code changes. If you have any questions, please do not hesitate to contact us. Additional info is available on our blog.

August 5, 2019

We are discontinuing the legacy IIN (BIN) API on January 31, 2020 in order to focus development and maintenance efforts on our core services. This means that the service will no longer function if you are querying the URL below:
https://minfraud.maxmind.com/app/bin_http

Please note that we continue to support the IIN (BIN) look-up form on our website [login required], so that remains an option for your use. If you require an API because of volume considerations, we recommend either using our minFraud Insights API (IP address is a required input field) or integrating an alternative commercially available solution.

July 24, 2019

There will be a planned service interruption for all requests to MaxMind services that use TLS versions 1.0 and 1.1, and for unencrypted HTTP requests to MaxMind legacy minFraud services (e.g. minFraud Standard, minFraud Premium, Proxy Detection web service, IIN service). This will take place for up to 2 hours starting at 14:00 UTC on the three dates below:

  • Monday, July 29, 2019
  • Wednesday, July 31, 2019
  • Friday, August 2, 2019

During the interruption, requests using TLS v1.0 and v1.1 and unencrypted HTTP requests to legacy minFraud endpoints will fail with an error.

To avoid service interruption, you may need to upgrade some part of your technology stack to a later version, or you may need to make code changes. If you have any questions, please do not hesitate to contact us. Additional info is available on our blog.

July 22, 2019

You can now manage a list of IP addresses and networks that you want to exempt from IP risk scoring. This is helpful when the IP address is known to be unrelated to the end-customer, such as when you have transactions coming from a call center or agent. Adding an IP address or network to the exclusion list will ensure IP risk is neither calculated nor considered when determining the riskScore for transactions associated with excluded IPs. Learn more.