Prove where a device really is
from the networks around it.
fraud.xxx turns the Wi-Fi and cell environment a device observes into a hard location signal — so you can verify a claimed location, catch geo-spoofing, and enrich an address in one call.
Three primitives. One radio truth.
Every device sees a unique fingerprint of nearby radios. fraud.xxx knows where those radios live — so it can answer three questions.
Verify
Send the BSSIDs a device observes. Get back whether they are consistent with the claimed location, with a confidence score and the spread of evidence.
POST /v1/verify
Locate
Reverse lookup: from a coordinate or ZIP, get the access points expected in a tight radius — with a machine-readable precision contract.
GET /v1/aps/nearby
Enrich
Each AP carries vendor & device class, randomized-MAC detection, freshness (first/last seen), ZIP, city/state and phone area codes.
POST /v1/aps/lookup
An API your engineers will actually enjoy.
Predictable envelopes, honest precision, RFC-7807 errors, and an X-API-Key away from production. ZIP is supported as a convenience — and always labelled as coarse, never dressed up as street-level truth.
- →Honest precision. Responses carry
precision.mode(coordinate|zip_centroid) andest_accuracy_m. A ZIP query never pretends to be a GPS fix. - →Freshness built in. Every record exposes
first_seen,last_seenand observation confidence, so stale data can't masquerade as fresh. - →Scoped keys.
verify,aps.nearby,aps.lookup— least privilege by default, per-key rate & quota.
# Does the device's claimed location match what it sees? curl -s https://api.fraud.xxx/v1/verify \ -H "X-API-Key: rw_live_•••" \ -H "Content-Type: application/json" \ -d '{"bssids":["aa:bb:cc:dd:ee:ff","12:34:56:78:9a:bc"]}' # → 200 OK { "claimed_location_consistent": true, "confidence": 0.91, "signals_matched": 7, "centroid": { "lat": 40.7414, "lon": -73.9893 }, "spread_m": 38, "precision": { "mode": "coordinate", "est_accuracy_m": 12 }, "freshness": { "median_last_seen_days": 9 } }
See it think.
Enter a US ZIP or a coordinate. fraud.xxx returns the expected network footprint and a consistency verdict.
Where teams plug it in
Stop geo-spoofing
A login claims it's in Chicago but the Wi-Fi it sees lives in Lagos. /v1/verify flags the mismatch before the session opens.
Harden KYC
Cross-check the address a user typed against the radio environment their device actually reports during onboarding.
Verify delivery & field work
Confirm a courier or technician was physically on-site, independent of easily-spoofed GPS.
Account-takeover defense
Add a network-environment factor to your risk engine that attackers can't fake with a VPN exit node.
Geo-compliance
Enforce geofenced products (gaming, lending) with a signal that survives location-faking apps.
Address enrichment
Resolve a coordinate or ZIP to the surrounding network footprint, vendor mix and area codes.
Honest about precision.
Most location vendors quietly pass off a ZIP centroid as a fix. We don't. Every answer tells you exactly how precise it is, and how fresh.
Use fraud.xxx as one strong signal in a risk decision — never as sole proof of a person's location. The acceptable-use policy spells out the boundaries.
| Query mode | Typical accuracy | Use for |
|---|---|---|
| coordinate | 5–30 m | Verification, on-site proof |
| zip_centroid | ~2–10 km | Coarse enrichment only |
| observed bssids | spread-scored | Consistency / anti-spoof |
Simple, usage-based pricing
Start free. Scale when your risk engine does.
Sandbox
for evaluation
- 1,000 calls / month
- Verify + nearby
- Coarse precision
- Community support
Growth
volume tiers from 100k
- All endpoints + enrichment
- Full coordinate precision
- 99.9% uptime SLO
- Usage dashboard
Enterprise
for regulated workloads
- Dedicated throughput
- DPA, audit logs, indemnity
- Private deployment option
- Solutions engineering
Ship location trust this week.
Request a key and you'll get a sandbox token, the integration guide, and a verify recipe you can paste into your risk engine.
B2B use only. Access is reviewed. See the acceptable-use & privacy policy.