Web Sessions Now Have a Location Signal Worth Acting On with Trusted Location
Subscribe to Incognia’s content
Web fraud is harder to catch than mobile fraud. Every fraud team knows it.
Account takeover (ATO) rates are higher on web. Friction designed to stop bad actors ends up catching good users at a disproportionate rate. For years, the industry treated this as a structural limitation of the web environment.
The real constraint was simpler: there was no location intelligence worth using.
Mobile gives fraud teams something to work with. Device data, behavioral patterns, location intelligence grounded in real-world usage.
Web gives an IP address.
The gap between those two things is where fraud lives, and where too many legitimate users get blocked.
Now, Trusted Location for Web gives fraud teams location intelligence on web they can actually use.
Why the web location signal was broken
IP is the only location proxy the web provides natively.
But IPs rotate, VPNs mask the actual origin, and NAT rerouting means thousands of distinct users can share a single address at any given time.
Static geolocation databases reflect ISP assignment, not device location, so the address that looks like it's coming from São Paulo might actually be a shared corporate gateway, a VPN exit node, or a data center running automated traffic.
The fraud industry spent years patching around this. Velocity checks, device fingerprinting, behavioral signals stacked on top of one another. None of it produced a location signal you could make confident decisions with.
IP-based location got treated as better than nothing. For risk logic that matters, “better than nothing” isn't enough.
Laying the groundwork
Before you can run location-based risk logic on web, you need a location signal worth running it on.
That’s why we built Verified IP Location.
Instead of relying on ISP assignment records, it infers IP location dynamically from real-world device observations across Incognia's global network. When a device sends a relevant signal alongside its IP, that observation updates the inferred location tied to that IP. The more devices that contribute to the network, the sharper the signal gets.
VPN and proxy detection is built in, so masked origins get flagged rather than passing through undetected. NAT rerouting is accounted for in the inference model. Coverage is now approaching 90% of IPs observed across the platform, with a clear path to 99%.
What Trusted Location for Web does
At login, the system asks one question: should this browser be accessing this account right now?
It compares the current session's location against the browser’s frequent locations. A distance score measures how far the current session is from known access points. An age score reflects how long the account has been active from those locations.
Together, they produce a risk signal that tells the difference between a user logging in from home and a device logging in from an unknown location.
Web and mobile operate at different location precision scales by design. Mobile is GPS-grounded, while web is mostly IP-inferred.
Trusted Location for Web is built for that reality, not around it.
The early results are concrete. In testing, 92% of sessions with full location data were correctly classified as low risk. Bots and cloud hosting traffic were correctly flagged as high risk. Known devices in familiar locations passed through without friction.
What this changes for fraud teams
Fraud teams have always had to accept more uncertainty on web than on mobile. Not because the problem was inherently harder, but because the inputs were worse.
IP alone isn't a risk signal. IP combined with network-verified location inference, device recognition, and location history is.
Trusted Location for Web brings location-based risk decisioning to web sessions, stopping fraud before it lands and reducing friction for users who belong there.
