VPN services are a useful tool to protect internet users’ online privacy. In addition, they can also help to bypass geographical restrictions.
The latter can be helpful if people want to access the content library of a streaming service in another country. While this often goes against the terms of service, some VPNs openly advertise this feature.
This ‘geo piracy’ issue isn’t new. Netflix famously started blocking VPN users for this very reason seven years ago and other streaming providers have taken similar measures. These countermeasures are effective but far from perfect.
There are various ways VPN services have managed to circumvent these blocking efforts. Most keep the technical details private, but it’s commonly known that some are using residential IP addresses as proxies, to make it look like VPN users are regular ISP subscribers.
These residential IP addresses are used to establish the connection with the streaming service and because they are typically not associated with a VPN, they can effectively bypass traditional blocklists.
GeoComply Blocks Residential IPs
Rightsholders and streaming providers are aware of this trick, but it’s hard to do anything about it. This week, however, cybersecurity and VPN detection service GeoComply offered a solution. The company announced an “industry-first technology” for streaming providers that “tightens the net around pirate viewers.”
“The new technology enhancement to GeoGuard allows streaming providers to block the growing number of VPN users who spoof their location using hijacked residential IP addresses,” the company writes in a press release.
GeoComply uses the term “hijacked” IP addresses, which deserves some nuance. In reality, these addresses often belong to users of free VPNs or proxies who allow their connections to be resold to third parties. This reselling right is often hidden in the fine print of terms of service agreements, which most people don’t read.
“Free VPN providers profit by selling hijacked residential IP addresses to the highest bidder, usually a provider of ‘undetectable’ premium VPN services. These services give subscribers the ability to spoof their location using the hijacked addresses,” GeoComply notes.
For example, users of the free Hola VPN service agree to have their connections used by Bright Data, which offers access to residential IP addresses to third parties. This has been going on for several years already but most users are simply not aware of it.
GeoComply reports that its GeoGuard service can now spot these ‘hijacked’ residential IP addresses, which should make it harder for VPN services to evade blocking measures.
“To combat this problem, we can now accurately detect users accessing streaming services using hijacked residential IP addresses to help uphold the territorial licensing models our customers depend on,” GeoComply’s James Clark says.
According to GeoComply, an estimated 200 million internet users are the “victim of residential proxy IP abuse.” That implies that there’s a huge market for its new blocking capability but there are also downsides to consider.
Blocking residential IP addresses means that the unknowing ‘victims’ can also find themselves blocked by streaming services, even though they’re not doing anything wrong. This is what we previously saw when Netflix expanded its VPN blocking capability too far.
TorrentFreak reached out to GeoComply which informed us that its service can differentiate between VPN users who use ‘hijacked’ residential IP addresses and the actual owner of this address. While errors can never be ruled out completely, this should minimize overblocking.
All in all it’s clear that GeoComply takes VPN blocking very seriously. In addition to rolling out these new blocking capabilities, the company recently petitioned the US Government to make VPN detection tools a mandatory copyright protection measure under the DMCA.