One of my favorite tools in my API toolkit is ipapi.com. This REST API transforms raw IP data to valuable sets of information. The service automates IP address validation and geolocation lookup and offers more than 45 data references per processed IP address, such as location, connection, currency, time zone and security attached to a given IP address.
There are a lot of reasons I am recommending this tool. It’s developed by apilayer, a well-known name, and is trusted by more than 30,000 ventures around the world. The API is scalable, secure, resilient and accurate. However, the main reason I am thankful to the developers of ipapi.com is that they helped me understand my users and earn their trust.
Custom experiences and privacy, do they get along?
IP protocol is the backbone of the internet. Since the first data packet was exchanged between a source host and its destination, the concept behind the protocol remains largely the same. Designed strictly for utilitarian purposes, privacy was not a concern at that time.
Reasonable privacy and IPs
By the time we understood the privacy implications of sharing the host’s IP address to the open web, it was too late to address this issue at a fundamental level. In the last few months, I’ve noticed an increased awareness toward data privacy and the implications of using non-consensual acquired data in products and services.
However, there is also a lot of exaggeration. Yes, IP data is indeed a subset of private data and, inherently, a constituent element of data privacy. Yes, as a service provider you are obliged to take all reasonable efforts to ensure that you are guaranteeing the protection of any private data exchange and that you are using the byproducts of the transaction to provide an expected service to your users. To summarize:
- Yes, you can use IP data to deliver a user experience
- No, you can’t use IP data to trace users
- Yes, you can use IP data to target users IF YOU OBTAINED CONSENT
Let me clarify. When you send a mail via postal service, and you expect a reply, you share your name and address with the recipient. By doing so, you trust your recipient with your private data. You also trust the mailman. The same happens when a user connects to your service. He entrusts you with their IP address. In both cases, the interactions between parties are based on consent, benignity, reasonable interest and reasonable expectations.
For example, this means that I can use IP data to:
- Redirect the user to a regional website
- Use region specific currency to calculate taxes and delivery prices
- Deny access to the service to an IP or a range of IPs
- Offer a promotional offer to users coming from a specific region
- Use a weather widget to display forecasts
- Block an IP from a specific region
All these uses are reasonable and anonymous.
Can we track users and respect their privacy at the same time?
Let’s imagine I am the owner of a booking site. I am using an algorithm with IP data in conjunction with weather data to suggest vacation rentals. Let’s say that I can trace my user’s location to Finland and suggest that user, coming from that IP, a vacation to the Canary Islands. Would such a use fit the consent, benignity, reasonable interest and reasonable expectations scenario? While offering a chance to enjoy a surplus of vitamin D is a great idea, this is, in fact, non-consensual profiling. Don’t do that, or you may get an angry Viking at your doorstep.
Another example. Let’s say you sell coffee machines. Your algorithm noticed a returning user, coming from a specific IP address. And because you don’t have an order from that IP address, you’ve set your algorithm to lower the price after a certain number of visits. Is this fair? No! Stop doing that. Unless you have consent.
Privacy is not an excuse
Of course, these are barbaric and unfeasible scenarios. IP addresses alone are not sufficient for this kind of tracking. My point is that privacy is not an excuse for crappy experiences. At the same time, amazing experiences are not an excuse for any invasion of a user’s privacy.
Trust. This is what you should earn. It doesn’t matter if you are selling vacations or coffee machines. If you win user trust, obtain consent and commit to transparency, then I will look forward to your holiday recommendations and, without a doubt, I will accept any deal for your coffee machine. And you can achieve all that with ipapi.com. It’s that simple.
ipapi.com combines raw power with granular control
Here are the 45 data points that you can return in a lightweight JSON or XML format in milliseconds.
Location: Continent, Country, Region, City ZIP Code Latitude, Longitude, Geoname ID, Capital, Languages, Country Flag, Calling Code, EU Member Detection
Time: Time Zone ID, Time Zone Code, Current Time, GMT Offset, Daylight Saving Detection
Currency: Currency Code, Currency Name, Currency Name Plural, Currency Symbol International, Currency Symbol Native
Connection data: ASN, ISP, Proxy Detection, Crawler Detection, TOR Detection, Threat Evaluation
All the above data points can be deployed via a sleek JSON and XML API design. It takes less than 10 minutes to get started. The API is intuitive, but, if you need any help, detailed documentation is available.
Get to know ipapi.com with a free plan, with up to 10,000 lookups per month using location data. You can extend this limit to 50,000 searches per month using location, currency, time zone or connection data and HTTPS encryption with the Standard plan for $10 per month.
For intensive scenarios, the Business tier ($50 per month) offers up to 500,000 lookups per month using location, currency, time zone or connection data and HTTPS encryption with bulk lookups.
The Pro tier ($100 per month) goes up to 2,000,000 lookups per month using location, currency, time zone, connection or security data and HTTPS encryption with bulk lookups, or you can opt for a custom package for high-volume requests.