MaxMind
MaxMind, Inc. is an American data analytics company specializing in IP intelligence, geolocation services, and online fraud prevention tools, founded in 2002 by Thomas Mather and headquartered in Malden, Massachusetts.[1][2][3] The company is best known as the creator of the GeoIP brand, which provides accurate location data for over 99.9999% of IP addresses worldwide through databases and web services, enabling businesses to customize content, ensure regulatory compliance, and detect proxy or VPN usage.[1][4] Complementing this, MaxMind's minFraud services leverage machine learning to screen billions of online transactions annually, helping e-commerce platforms and enterprises reduce fraud losses, chargebacks, and manual reviews across one of the world's largest fraud detection networks.[1][5] Trusted by more than 100,000 businesses globally, MaxMind emphasizes security, accuracy, and affordability in its solutions, while committing over 60% of its profits to charitable causes.[1] With a focus on non-invasive data-driven insights, the company continues to innovate in digital risk management, maintaining 99.99% web service uptime for over a decade.[6][1]History
Founding
MaxMind was founded in 2002 by Thomas Mather, a software engineer who had previously worked at Longitude, where he contributed to the development of systems for parimutuel derivative auctions.[7][8] The company emerged during a period of growing demand for reliable internet-based services following the dot-com bust, with Mather recognizing the potential for tools that could enhance online security and personalization through data intelligence.[1] Established as a privately held company in Waltham, Massachusetts, MaxMind initially focused on delivering IP intelligence, geolocation, and related data services to businesses navigating the evolving digital landscape.[2][9] Its foundational vision centered on making the internet safer and smarter by providing non-invasive, accurate data solutions to empower individuals and organizations in addressing online challenges, including fraud risks.[1] A key aspect of MaxMind's early development was the creation of the GeoIP brand, which introduced IP geolocation databases designed to enable precise identification of users' approximate locations based on their IP addresses.[1][2] This product addressed a critical need for actionable location data in applications such as content localization and security verification, laying the groundwork for the company's expansion into broader fraud prevention capabilities.[1]Growth and milestones
Following its founding in 2002, MaxMind experienced rapid adoption of its GeoIP technology in the mid-2000s, particularly among e-commerce platforms and cybersecurity firms seeking reliable IP intelligence for visitor localization and threat detection, which positioned the company as a leader in the sector.[1][2] This early traction was driven by the growing demand for accurate geolocation data amid the expansion of online commerce, enabling MaxMind to build a robust customer base without relying on external capital. Key milestones in the company's evolution include the launch of the free GeoLite databases in 2002, which provided developers with accessible IP geolocation resources and fostered widespread integration into open-source projects and applications.[10] By the 2010s, MaxMind expanded its reach through partnerships with major cloud providers, such as its availability on the AWS Marketplace, allowing seamless deployment for scalable web services.[11] The company's organic growth culminated in an estimated $11.3 million in revenue by 2024, serving over 100,000 customers globally, all achieved through bootstrapping without venture funding or acquisitions.[12][1] In 2025, MaxMind appointed Rupert Young as Chief Data Scientist to lead advancements in data science and machine learning.[13] The company also partnered with Ateme to optimize streaming video services and ensure compliance in the Asia-Pacific region.[14] Technologically, MaxMind advanced its offerings by incorporating machine learning to enhance the precision of IP intelligence datasets, improving detection of proxies and anonymizers while maintaining high coverage of active IP addresses.[6] Database updates evolved from weekly cycles to more frequent schedules, with the majority of GeoIP and GeoLite databases now refreshed every weekday by 2025 to ensure real-time accuracy amid dynamic internet infrastructure changes.[15] This privately held status has allowed MaxMind to prioritize long-term innovation and partnerships over short-term investor pressures.[2]Kansas geolocation glitch
In 2002, MaxMind selected a rural farmhouse near Potwin, Kansas—owned by Joyce Taylor and located at approximately 38°N 97°W—as the default geographic location for unidentified or unmappable IP addresses within the United States, chosen for its proximity to the country's geographic center.[16] Due to errors in MaxMind's database handling of unknown or anonymized traffic, this default assignment erroneously mapped over 600 million IP addresses to the single property, far exceeding the intended use for imprecise geolocation data.[17] The issue persisted undetected for years, as MaxMind's GeoIP databases, used by thousands of companies for fraud detection, advertising, and security, propagated the inaccurate coordinates globally.[18] The consequences intensified after James and Theresa Arnold began renting the farmhouse in 2011, transforming their quiet home into a target for harassment and mistaken law enforcement actions.[16] The family endured repeated visits from the FBI, IRS agents, local police, and even ambulance crews, who arrived searching for suspects in crimes such as identity theft, fraud, child exploitation, and botnet operations, or to locate missing persons and suicidal individuals believed to be at that address.[17] Businesses bombarded them with angry calls accusing them of spam or scams, while online doxxing exposed their details, leading to threats including a broken toilet left on their porch as intimidation.[19] These intrusions created ongoing fear and emotional distress, with the Arnolds describing their situation as a "digital hell."[20] The problem gained public attention in April 2016 through an investigative article by journalist Kashmir Hill in Fusion (later republished on Splinter), which detailed the glitch's origins and impacts, prompting MaxMind to acknowledge the issue.[16] In August 2016, the Arnolds filed a lawsuit against MaxMind in federal court, alleging negligence in database management and seeking over $75,000 in compensatory and punitive damages for invasion of privacy, emotional distress, and humiliation.[18] MaxMind responded by updating its databases to reassign unmappable U.S. IPs to a neutral default location in the middle of a Kansas lake west of Wichita, reducing the risk of targeting specific properties.[19] The company also committed to enhancing accuracy protocols for handling unknown addresses, though full propagation of the fix depended on clients updating their systems, and the lawsuit's outcome was not publicly disclosed.[20]Products and services
GeoIP IP geolocation
MaxMind's GeoIP databases serve as a core technology for IP geolocation, mapping both IPv4 and IPv6 addresses to geographic locations including country, city, region, latitude, and longitude, as well as network details such as Internet Service Provider (ISP), autonomous system number (ASN), and connection type.[21] These databases are updated on weekdays through automated processes to reflect changes in IP allocations and network configurations, ensuring timely intelligence.[22] At the country level, GeoIP achieves 99.8% accuracy, with performance varying by region and IP type, such as lower precision for mobile or dynamic addresses.[23] The product lineup includes premium GeoIP2 databases, which offer high-precision data for city-level and subnational granularity, ideal for enterprise applications requiring detailed insights.[4] In contrast, the free GeoLite2 databases provide a less granular but functional alternative, optimized for development, testing, and non-commercial projects, with reduced accuracy compared to their paid counterparts.[10] Both variants are available for download in efficient MaxMind DB (MMDB) format or CSV, enabling local hosting on user servers to eliminate API latency and support high-volume lookups.[24] MaxMind compiles GeoIP data using proprietary methodologies that aggregate information from multiple providers, adhering to ISO standards for country assignments and incorporating public IP allocation records.[23] This approach is supplemented by partnerships with network operators for ISP and ASN details, alongside ongoing research to refine mappings.[25] A key component is the GeoIP Anonymous IP database, which identifies anonymizing technologies like VPNs, Tor exit nodes, public proxies, and hosting providers without tracking individual users, thereby supporting privacy-compliant operations.[26] In practice, GeoIP enables applications such as localizing website content to user regions, targeting advertisements based on inferred location, and verifying compliance with regulations like GDPR through country or regional checks.[27] To prioritize privacy, the databases provide approximate coordinates with an accuracy radius—often 50-100 km for city-level data—explicitly avoiding personal identifiers or precise tracking.[23] It also integrates briefly with fraud detection systems for enhanced risk evaluation based on location anomalies.[4]minFraud fraud detection
minFraud is MaxMind's transaction risk assessment service designed to detect and prevent online fraud in e-commerce and digital platforms by analyzing transaction data in real time.[5] It evaluates inputs such as IP addresses, device details, email information, billing and shipping addresses, and payment methods to generate a risk score ranging from 0.01 to 99, where higher values indicate a greater likelihood of fraud— for instance, a score of 20 suggests a 20% chance of fraudulent activity.[28] The service targets threats like account takeovers, payment fraud, and identity theft, enabling businesses to accept, review, or reject transactions accordingly.[29] Key components of minFraud include real-time API queries that deliver insights into potential red flags, such as proxy or VPN usage, email domain reputation, and mismatches between billing and shipping addresses.[5] These assessments draw on underlying IP geolocation data from MaxMind's GeoIP database to identify location inconsistencies or high-risk origins, though as of November 10, 2025, subdivision, city, and postal fields are blanked more frequently for dispersed end users in Austria, Denmark, Greece, Ireland, Norway, Spain, and Sweden to enhance privacy compliance.[30] Powered by one of the world's largest global fraud detection networks, minFraud processes billions of transactions annually, aggregating anonymized data to uncover patterns and adapt to evolving threats.[1] At its core, minFraud integrates ensemble machine learning models trained on vast sets of anonymized transaction data, incorporating heuristics that evolve based on customer feedback and emerging fraud trends.[5] These models consider factors like IP velocity—such as rapid successive logins from the same address—and anomaly detection in user behavior, including unusual device or session patterns. Businesses can implement customizable thresholds through custom rules to fine-tune risk evaluations, minimizing false positives while maintaining robust protection.[31] minFraud provides explainable outputs through risk score reasons, which detail contributing factors like high-risk IPs or suspicious email domains, aiding in forensic analysis and strategy refinement.[32] In terms of performance, the service's overall risk score enhances chargeback prediction by over 300% compared to random guessing, with IP-related inputs alone boosting accuracy significantly via metrics like precision-recall area under the curve (PR-AUC).[33] As of February 2025, enhancements to risk score reasons moved out of beta, improving transparency and enabling better handling of emerging threats such as synthetic identities, which involve fabricated user profiles using real and fake data elements.[30]Web services and APIs
MaxMind provides cloud-hosted web services and APIs that enable on-demand access to GeoIP and minFraud data, allowing users to query information without downloading or maintaining local databases. These services operate on a pay-per-query model, where requests are authenticated via HTTP Basic Authentication using a MaxMind account ID and license key, and all API calls must use HTTPS with TLS 1.2 or higher for security. Rate limits apply to prevent abuse, including a 20,000-byte limit on request bodies for minFraud services, and the APIs are designed for scalability to handle high-volume traffic from enterprise applications.[34][35] The GeoIP2 Web Service supports specific endpoints for geolocation queries, such as/geoip/v2.1/city/{ip_address} to retrieve detailed location data including continent code, city name, postal code, and latitude/longitude coordinates in JSON format. Similarly, the minFraud services offer endpoints like /minfraud/v2.0/insights for POST requests containing transaction details, returning JSON responses with a risk score (a decimal from 0.01 to 99 indicating fraud probability) and an insights array outlining contributing factors such as IP risk and device attributes. These responses draw from the underlying GeoIP databases for IP-related fields, ensuring consistency with downloadable data sources.[34][36][28]
Pricing follows a credit-based system, with costs varying by service; for example, a basic GeoIP Country query is priced at $0.0001 per lookup, while more detailed services like City or Insights incur higher fees per query. High-volume enterprise plans provide dedicated support, service level agreements (SLAs) guaranteeing 99.99% uptime—achieved consistently for over a decade—and options for custom integrations to support billions of annual requests. The services fully support IPv6 addresses alongside IPv4, covering nearly all public IPs worldwide.[37][38][39]
To facilitate integration, MaxMind offers official software development kits (SDKs) in multiple languages, including Python, Java, PHP, Ruby, Node.js, and .NET, which handle authentication, request formatting, and response parsing. Developers can test endpoints using sandbox environments and demo tools available on the MaxMind Developer Portal, with sample code for common use cases like IP geolocation lookups. Beginning in March 2024, MaxMind enforced stricter policies requiring HTTPS for all requests and proper hostname usage to enhance security and prevent deprecated endpoint access.[40][41][42]