Impossible travel detection is a sophisticated fraud prevention technique that identifies physically impossible location changes within a short timeframe, helping to detect account takeovers and shared accounts.

What is Impossible Travel?

Impossible travel occurs when a user appears to move between geographic locations at a speed that would be physically impossible. For example, if a user logs in from New York and then, 30 minutes later, logs in from Tokyo, this would be flagged as impossible travel since no commercial flight could cover that distance in such a short time.

How Impossible Travel Detection Works

Verisoul’s impossible travel detection system works through several key mechanisms:

Location Tracking

  • IP geolocation: Determining the geographic location of each session
  • Historical location data: Maintaining a record of previous access locations across all past sessions for an account
  • Time-stamped access logs: Recording when each access occurred

Travel Speed Calculation

  • Distance calculation: Computing the physical distance between consecutive access points across all historical sessions
  • Time differential: Measuring the elapsed time between access events
  • Speed determination: Calculating the implied travel speed between locations

Scoring System

The impossible travel score is calculated by analyzing:

  • Travel speed: The calculated speed between consecutive logins
  • Distance traveled: The physical distance between locations
  • Geolocation confidence: Adjustments for known imprecision in IP geolocation data
  • Historical patterns: Comparison with the user’s established location patterns

Our scoring algorithm is designed to minimize false positives by:

  • Applying confidence thresholds to IP geolocation data
  • Considering the margin of error in geolocation precision
  • Using adaptive thresholds based on regional IP mapping accuracy
  • Incorporating machine learning to improve detection accuracy over time

Risk Indicators

Several patterns in impossible travel detection can indicate different types of fraud:

High-Risk Patterns

  • Intercontinental jumps: Rapid movement between continents
  • Oscillating locations: Repeatedly bouncing between distant locations
  • Consistent impossible patterns: Regular occurrence of impossible travel
  • Correlation with other risk factors: Impossible travel combined with other suspicious signals

Common Fraud Scenarios

  • Account sharing: Multiple users accessing the same account from different locations
  • Account takeover: Unauthorized access from a location different from the legitimate user
  • Bot Activity: Automated scripts accessing accounts from distributed networks or cloud infrastructure
  • VPN/proxy hopping: Rapidly switching between different VPN exit nodes