minFraud Release Notes - 2019 Archive

Toggle minFraud Transactions Access

December 11, 2019

Account administrators can now enable or disable access to the minFraud Transactions page [login required], which is accessible from the account portal. You can manage account access to this feature here [login required].

The minFraud Transactions page is used for review, dispositioning, tagging, and exporting transactions. See our guide for more info.

Changes to Portugal Postal Codes

November 8, 2019

Effective November 12, 2019, we will return -001 as the last 3 digits for all 7 digit postal codes in Lisbon, Portugal. Our postal code resolution in Portugal is accurate for the first 4 digits and we include the -001 at the end for backwards compatibility for customers to join the data with 7 digit Portuguese postal code databases. We may extend this convention to other large Portuguese cities in the future.

New static_ip_score output in web services

October 15, 2019

The following output has been added to the GeoIP2 Precision Insights web service, and minFraud Insights and Factors web services:

  • static_ip_score – An indicator of how static or dynamic an IP address is. The value ranges from 0 to 99.99 with higher values meaning a greater static association. For example, many IPs with a user_type of cellular have a score under one. Static Cable/DSL IPs typically have a score above thirty.

    This indicator can be useful for deciding whether an IP address represents the same user over time.

The static_ip_score output is present in the traits object.

October 14, 2019

This is a reminder that we are retiring support for requests using TLS 1.0/1.1, and unencrypted HTTP requests to MaxMind minFraud services on October 16, 2019. After October 16, 2019, these types of requests will always fail with an error. Please update to TLS 1.2+ to avoid service disruption. You may need to upgrade your technology stack to a later version, or make code changes to do so.

Contact us for support or if you have questions.

Account activity log

October 2, 2019

You can now view a log of your MaxMind account activity, which includes a time stamp, requester, and subject, for the each of the following actions:

  • Creation of a new user
  • Deactivation of a user
  • User password changes
  • Email address / username changes

Account administrators can see activity across the whole account, while non-administrators will only see their own activity. You can find the account activity log in your account portal under 'Account Information' or here [login required].

New network and user_count outputs in web services

September 19, 2019

The following outputs have been added to the GeoIP2 Precision Insights web service, and minFraud Insights and Factors web services:

  • network – The network in CIDR notation associated with the record. This is the largest network where all of the fields besides ip_address have the same value.
  • user_count – The estimated number of users sharing the IP/network during the past 24 hours. For IPv4, the count is for the individual IP. For IPv6, the count is for the /64 network.

Both of these outputs are present in the traits object.

Planned warning interruption (September 2019)

September 16, 2019

8-hour interruption of old TLS and unencrypted minFraud requests on September 25, 2019

There will be a planned service interruption for all requests to MaxMind services that use TLS versions 1.0 and 1.1, and for unencrypted HTTP requests to MaxMind legacy minFraud services (e.g. minFraud Standard, minFraud Premium, Proxy Detection web service, IIN service). This will take place for up to 8 hours from 14:00-22:00 UTC on September 25, 2019.

During the interruption, requests using TLS v1.0 and v1.1 and unencrypted HTTP requests to legacy minFraud endpoints will fail with an error.

To avoid service interruption, you may need to upgrade some part of your technology stack to a later version, or you may need to make code changes. If you have any questions, please do not hesitate to contact us. Additional info is available on our blog.

IP and email tenure deprecation

August 29, 2019

Effective August 29th, 2019, we have deprecated the /subscores/ip_tenure and subscores/email_tenure subscore outputs in the minFraud Factors service because they provided limited value. The subscores will default to 1 and will be removed in a future release. The IP tenure is reflected in the overall risk score. The user tenure on email is reflected in the /subscores/email_address output.

Planned warning interruption (August 2019)

August 20, 2019

8-hour interruption of old TLS and unencrypted minFraud requests on August 28, 2019

There will be a planned service interruption for all requests to MaxMind services that use TLS versions 1.0 and 1.1, and for unencrypted HTTP requests to MaxMind legacy minFraud services (e.g. minFraud Standard, minFraud Premium, Proxy Detection web service, IIN service). This will take place for up to 8 hours from 14:00-22:00 UTC on August 28, 2019.

During the interruption, requests using TLS v1.0 and v1.1 and unencrypted HTTP requests to legacy minFraud endpoints will fail with an error.

To avoid service interruption, you may need to upgrade some part of your technology stack to a later version, or you may need to make code changes. If you have any questions, please do not hesitate to contact us. Additional info is available on our blog.

Retirement of legacy IIN (BIN) API service

August 5, 2019

We are discontinuing the legacy IIN (BIN) API on January 31, 2020 in order to focus development and maintenance efforts on our core services. This means that the service will no longer function if you are querying the URL below:
https://minfraud.maxmind.com/app/bin_http

Please note that we continue to support the IIN (BIN) look-up form on our website [login required], so that remains an option for your use. If you require an API because of volume considerations, we recommend either using our minFraud Insights API (IP address is a required input field) or integrating an alternative commercially available solution.

Planned warning interruption

July 24, 2019

There will be a planned service interruption for all requests to MaxMind services that use TLS versions 1.0 and 1.1, and for unencrypted HTTP requests to MaxMind legacy minFraud services (e.g. minFraud Standard, minFraud Premium, Proxy Detection web service, IIN service). This will take place for up to 2 hours starting at 14:00 UTC on the three dates below:

  • Monday, July 29, 2019
  • Wednesday, July 31, 2019
  • Friday, August 2, 2019

During the interruption, requests using TLS v1.0 and v1.1 and unencrypted HTTP requests to legacy minFraud endpoints will fail with an error.

To avoid service interruption, you may need to upgrade some part of your technology stack to a later version, or you may need to make code changes. If you have any questions, please do not hesitate to contact us. Additional info is available on our blog.

Disable IP Risk

July 22, 2019

You can now manage a list of IP addresses and networks that you want to exempt from IP risk scoring. This is helpful when the IP address is known to be unrelated to the end-customer, such as when you have transactions coming from a call center or agent. Adding an IP address or network to the exclusion list will ensure IP risk is neither calculated nor considered when determining the riskScore for transactions associated with excluded IPs. Learn more.

April 18, 2019

In order to ensure your data is as safe and secure as possible, we will be retiring support for TLS v1.0 and 1.1, unencrypted HTTP requests to our legacy minFraud services, and our legacy minFraud SOAP API in the coming months. Please see our blog for more info.

2FA release

April 8, 2019

To enhance the security of your MaxMind account, Chrome users can enable two-factor authentication (2FA). You can now add and require a (FIDO U2F) security key on top of your account credentials for a more secure log-in. See our support center user guide for information on how to set up 2FA.

This page was last updated on June 17, 2021.