Here is my situation. I am part of a project creating a P2P charity website, where users connect and can give money to one another. Because of the nature of the site, we know scammers are going to be rampant. We have several preventative measure ideas, and one idea that came up was tying an IP address to the user's account. The reason for this would be to be able to detect when someone from the same IP address creates several accounts.
Would this be reliable? Why, or why not? I have been googling and found many conflicting ideas on the subject. Thanks for any help you can give.
No, an ip address does not reveal personal information (like a name, social security number or physical address). Millions of devices, like modems and routers keep logs of ip addresses. Your modem at home, or the 4G antennae you connect to with your phone are logging your ip addresses.
Your IP address gives websites, and people that you have connected with online, more than just a number—more than your IP address. It also gives them the ability to trace that IP address back towards you if they wanted to. To be clear, they can trace it back to your geographical location.
IP-to-Location Accuracy IP-based geolocation services provide 55 percent to 80 percent accuracy for a user's region or state. And they provide 50 percent to 75 percent accuracy for a user's city. In practice, the actual accuracy may vary from provider to provider and depending on the location of the device.
A hacker can't know who you are through your IP address. They can use it to find who you are and see where you live. For example, your IP address is linked to your ISP, so criminals can use scams or network attacks to get your personal information from them.
Personally I don't think it'll be reliable.
The main reason will be for those using a shared IP. That includes most users connecting from inside a business and home users connecting through the same WIFI hub.
It's more than likely for multiple users to be coming to your site with the same IP address.
Adding to that the fact that IP addresses change over time and you're already losing track of your users.
It's also worth remembering that oftentimes multiple users will be using the same physical computer. Are you wanting to have only one member of a household able to signup etc?
There is a dicussion board I am part of that bans sock puppets ( that is, multiple accounts by the same user ). They have no means of automatically detecting them, becasue there is no means of definitively identifying them. IP addresses are captured, because they can be used to help identify sock puppets, but I know that the process of identifying these is laborious, manual, and error-prone.
This is only undertaken when there is suspicion that someone is using sock puppets for malicious or disruptive purposes. In your case, there is no real answer other than careful and manual monitoring of usage habits, using the information that you gather about users to attempt to identify suspicious habits. But you also have to accept that 80% of sock puppets will go undetected, and do what you can to warn other users of the possibility.
Your bigger issue, incidentally, may be Munchausen by Internet which we were also caught by.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With