FraudGuard.io FAQ

Answers for developers, security teams, fraud teams, and business buyers evaluating FraudGuard.io for IP reputation, malicious IP lookup, bot defense, geoblocking, and real-time threat intelligence.

What is FraudGuard.io?

FraudGuard.io is an IP reputation and threat intelligence platform built to help applications, security teams, and infrastructure teams identify risky IP addresses before they become a bigger problem. FraudGuard combines real-world attack telemetry, honeypot signals, infrastructure attribution, geolocation context, and the FraudGuard Attack Correlation Engine, also known as ACE, to return practical risk decisions through APIs, dashboards, exports, and integrations.

What can I use FraudGuard for?

Common use cases include malicious IP lookup, login protection, signup abuse prevention, checkout fraud reduction, bot detection, anonymous proxy and VPN detection, geoblocking, blacklist and whitelist enforcement, API abuse prevention, SIEM enrichment, firewall blocklists, cloud access monitoring, DNS-layer security, and offline threat intelligence workflows.

How is FraudGuard different from a basic IP blacklist?

FraudGuard is not just a static list of bad IP addresses. ACE correlates signals over time, weighs recent activity, considers threat classifications, analyzes infrastructure context, and produces risk scores designed to support real decisions such as allow, challenge, or block. This makes FraudGuard useful for modern applications where context matters and a simple yes/no blacklist is not enough.

What is the FraudGuard Attack Correlation Engine?

The FraudGuard Attack Correlation Engine, or ACE, is the system that analyzes attack activity, IP behavior, infrastructure metadata, anonymization indicators, geolocation, and historical signals to produce risk scores and threat classifications. ACE helps identify patterns such as repeated abuse, anonymous proxy usage, VPN infrastructure, bot activity, suspicious hosting providers, and IPs seen interacting with FraudGuard’s honeypot and telemetry network.

What is ACE v2?

ACE v2 is FraudGuard’s newer intelligence layer for decision-grade IP reputation. It is designed to provide clearer risk scoring, richer context, and more explainable results for developers and security teams. ACE v2 responses can help teams understand not only whether an IP address is risky, but why it was flagged and what action may be appropriate.

Can I look up a single IP address?

Yes. FraudGuard supports single IP intelligence lookups for IPv4 and IPv6 addresses. Developers can use the API to check an IP address during login, signup, checkout, password reset, MFA, account recovery, API access, admin access, or any other high-risk event.

Do you support bulk IP lookup?

Yes. FraudGuard supports bulk IP lookup for customers who need to enrich logs, review security events, analyze abuse patterns, process firewall data, investigate incidents, or score many IP addresses efficiently. Bulk lookups are especially useful for SOC workflows, SIEM enrichment, WAF analysis, and large application logs.

Can I try FraudGuard before choosing a paid plan?

Yes. The public IP lookup supports up to 10 free checks per day, and the sign-up flow is the right next step when you are ready to test authenticated API access against your own integration. This lets you evaluate FraudGuard using real IP addresses from your own logs, alerts, application traffic, or security tools.

How do I get an API key?

Create an account at app.fraudguard.io/register, then use the API documentation at docs.fraudguard.io to make your first request. The documentation includes examples for integrating FraudGuard into applications, scripts, security pipelines, and infrastructure workflows.

What kind of data does a FraudGuard IP lookup return?

Depending on the endpoint and plan, FraudGuard can return risk level, recommendation action, threat classification, country, ISP, organization, ASN, connection type, proxy or VPN indicators, blacklist status, whitelist status, geoblock status, and other context useful for fraud prevention and security automation.

What risk scores does FraudGuard use?

FraudGuard uses risk scoring to help customers decide how aggressively to respond to an IP address. Lower risk scores can support allow decisions, while higher risk scores may indicate a need to challenge, monitor, rate limit, block, or escalate. The best action depends on your application, tolerance for friction, and the sensitivity of the protected workflow.

Does FraudGuard detect VPNs, proxies, Tor, and anonymizers?

Yes. FraudGuard tracks anonymous infrastructure such as proxies, VPN services, Tor-related activity, hosting providers, suspicious infrastructure, and other anonymization signals. These signals can be used to add friction to risky activity without automatically blocking every privacy-related connection.

Can FraudGuard help stop bots?

Yes. FraudGuard offers BotGuard, a lightweight bot and automation defense layer that combines IP intelligence from ACE with client-side signals and route-specific protection. BotGuard is designed for high-risk areas such as login, signup, checkout, password reset, and other workflows where automated abuse can cause financial, operational, or security damage.

Can FraudGuard help with geoblocking?

Yes. FraudGuard supports geoblocking workflows that let customers apply country-based access rules alongside IP reputation, custom blacklists, custom whitelists, and ACE intelligence. This is useful for applications that need to reduce exposure from regions where they do not operate or where they see unusual abuse patterns.

Can I maintain my own blacklist and whitelist?

Yes. FraudGuard supports customer-managed blacklist and whitelist workflows so teams can combine their own business rules with FraudGuard threat intelligence. This is helpful when you need to explicitly allow trusted partners, block known abusers, or enforce organization-specific security decisions.

Can FraudGuard enrich SIEM, WAF, firewall, or cloud security logs?

Yes. FraudGuard can be used to enrich logs and alerts with IP reputation context so analysts can prioritize suspicious activity faster. Common enrichment targets include SIEM tools, WAF logs, load balancer logs, application logs, firewall events, CloudTrail-style cloud activity, VPN logs, and authentication events.

Do you offer downloadable or offline threat intelligence?

Yes. FraudGuard offers offline threat intelligence options for customers who need downloadable CSV or SQLite-style data for internal pipelines, air-gapped environments, firewall tooling, batch analysis, or systems that cannot call a live API for every decision.

Can I use FraudGuard data in AWS WAF, firewalls, or security groups?

Yes. FraudGuard data can be used to support firewall, WAF, DNS, and cloud security enforcement workflows. Customers commonly use IP intelligence and exported lists to enrich or update security controls such as AWS WAF IP sets, Linux firewall rules, SIEM detections, access policies, and internal security automation.

What is DNS Shield?

DNS Shield is FraudGuard’s ACE-powered DNS enforcement concept for egress protection, sinkholing, and threat-aware resolution. It can help organizations apply FraudGuard intelligence at the DNS layer to reduce exposure to known or suspicious infrastructure.

What is AccessGuard?

AccessGuard is a FraudGuard product concept focused on AWS-native access protection using FraudGuard whitelists, geoblocking, and threat intelligence signals. It is designed to help organizations make cloud access decisions using more context than a static IP allowlist alone.

What is TrailGuard?

TrailGuard is a FraudGuard product concept for CloudTrail-style monitoring that applies FraudGuard geoblocks, blacklists, whitelists, and threat feeds to cloud activity. It is intended to help teams identify suspicious cloud access patterns and risky source IPs faster.

What is the Offline Threat Database?

The Offline Threat Database is a downloadable threat intelligence option for customers who need FraudGuard data outside the live API path. It is useful for offline analysis, air-gapped environments, firewalls, internal security tooling, and bulk enrichment workflows.

Which plan should I start with?

Starter is best for core IP reputation lookups. Professional is the best default for production applications that need ACE v2, lists, geoblocking, rate limiting, BotGuard, or AccessGuard. Business is for bulk workflows, alerts, TrailGuard, BotGuard, and offline feeds. Enterprise is for raw feeds, advanced lookup, automation, custom volumes, data licensing, procurement needs, and custom integration requirements.

What happens if I exceed my limits?

Monthly quotas and request-per-second limits are enforced by plan. If you expect bursty traffic, seasonal spikes, high login volume, large batch jobs, or traffic above the published limits, contact us before launch so we can scope the right plan and avoid surprises.

Is pricing per user or per API request?

Published plans are based on product access, monthly API request volume, and rate limits. They are not positioned as per-seat plans, which makes FraudGuard easier to evaluate for engineering teams, applications, SaaS platforms, and infrastructure workflows where many systems may rely on the same intelligence layer.

Do you offer annual billing or custom enterprise terms?

Yes. Annual terms, invoicing, custom volumes, support expectations, security review, data licensing, procurement paperwork, and enterprise integration requirements can be discussed for business and enterprise customers.

Does FraudGuard collect PII?

FraudGuard is focused on IP reputation, security telemetry, abuse prevention, API usage, account operations, and support. Data handling details are described in the Privacy Policy, and customer-specific data-processing requirements can be discussed during enterprise review.

Can FraudGuard guarantee that every attack or fraud attempt will be blocked?

No threat intelligence provider can guarantee that every attack, bot, fraud attempt, or abusive request will be stopped. FraudGuard is designed to provide strong IP intelligence and decision support that customers can combine with authentication controls, rate limits, MFA, WAF rules, monitoring, application logic, and incident response processes.

How current is FraudGuard threat intelligence?

FraudGuard is designed around active threat intelligence and operational security workflows. Freshness can vary by product, endpoint, and dataset, but the platform is built to support real-time API lookups, recent activity analysis, derived intelligence, and offline exports for customers that need different integration patterns.

Do you have API documentation?

Yes. FraudGuard API documentation is available at docs.fraudguard.io. The docs cover available endpoints, authentication, request examples, response fields, and integration patterns for developers and security teams.

Do you have a public status page?

Yes. Service status is available at status.fraudguard.io.

Can I redistribute FraudGuard threat data?

Not under standard public plans. Redistribution, resale, public republishing, model training, or embedding FraudGuard data into a customer-facing product requires written approval or a separate data license.

Can I use FraudGuard to build my own IP reputation product?

Standard FraudGuard plans are intended for internal security, fraud prevention, application protection, infrastructure defense, enrichment, and operational use. Building a directly competing commercial IP reputation product, republishing FraudGuard data, or embedding FraudGuard intelligence into a customer-facing data product requires written approval or a separate agreement.

What should I send when contacting sales or support?

Email hello@fraudguard.io or use the contact form on the homepage. Include your use case, estimated monthly request volume, expected request rate, integration type, required products, security review needs, SLA expectations, and any procurement requirements.

How do I get started?

Start with the public IP lookup for a quick malicious IP check, create an account when you are ready to test authenticated API access, then review the API documentation and choose the plan that matches your use case. For higher-volume, enterprise, data feed, or custom security integration needs, contact hello@fraudguard.io.