Data you can put in a fraud decision
IP intelligence is only as useful as it is accurate. This page documents how ipOptic sources, validates, and refreshes its data — and the benchmarks we hold ourselves to. Stats marked as targets reflect our current engineering goals; we publish actuals in our status page.
Coverage & availability
Accuracy benchmarks
Benchmarks measured against independently verified ground-truth samples. Country accuracy follows ITU-T E.164 region definitions. City accuracy uses a 50 km radius threshold. VPN/proxy recall measured on a held-out set of confirmed residential and proxy addresses.
Data provenance
Our enrichment pipeline fuses multiple authoritative and commercial sources. No single feed is treated as ground truth; conflicts are resolved by a weighted consensus model that favours primary registry data.
ARIN, RIPE NCC, APNIC, LACNIC, and AFRINIC publish authoritative allocation records. We ingest daily delegation files as the primary source of IP → ASN → organisation mappings.
Route collectors from RouteViews and RIPE RIS provide real-time prefix announcements. Active BGP data confirms which blocks are reachable and how traffic is actually being routed.
Curated lists of VPN provider exit nodes, Tor exit relays, known datacenter CIDR ranges, and abuse-reported addresses are merged and deduplicated on a rolling basis.
Where permitted, lightweight probes validate claimed geolocation against network round-trip topology. Aggregated, anonymised telemetry from API consumers surfaces emerging proxy ranges faster than static lists.
We commission periodic blind accuracy audits against ground-truth datasets (e.g. carrier-billed subscriber location, device GPS consensus) to independently validate our geolocation claims.
Update cadence
BGP routing table snapshots and Tor exit-relay lists are ingested in near-real-time. VPN provider exit nodes are checked every 15 minutes.
RIR delegation files, abuse-feed updates, and datacenter CIDR lists are processed and merged once per day, with emergency out-of-band pushes for critical changes.
Geolocation accuracy regression tests run on a weekly benchmark corpus. Any degradation beyond threshold triggers an automated review and pipeline re-calibration.
Security posture
TLS everywhere
All API endpoints enforce TLS 1.2+ with HSTS headers. Internal service communication is encrypted at the network layer.
API key scoping
Keys are issued per-integration with configurable IP allowlists and rate limits. Rotation and revocation are self-service via the dashboard.
SOC 2 Type II (roadmap)
We are on the path to SOC 2 Type II attestation. Controls are implemented and evidence collection is underway. Audit target: 2026.
Vulnerability disclosure
We maintain a responsible disclosure programme. Security researchers can report findings to security@ipoptic.io. We commit to acknowledging reports within 48 hours.
Privacy stance
IP addresses in isolation are not personal data under most legal frameworks when processed for network-routing purposes. However, where IP addresses are combined with other identifiers they can become personal data subject to GDPR, CCPA, and equivalent regimes. We take that boundary seriously.
Our enrichment pipeline operates on address blocks and ASN prefixes — not on individual subscribers. We do not build profiles of end-users. Query logs are retained for a maximum of 30 days for abuse-monitoring purposes and are not used for any commercial profiling.
For detailed rights, retention schedules, and data-processing agreements, see our Privacy Policy and GDPR Addendum.
Evaluate ipOptic data quality
Request a sample dataset or run a benchmark against your own ground-truth addresses.