Locance geolocation platform:
Frequently asked questions (FAQs)

Your end user’s experience will vary depending on the geolocation platform you use. Ideally, the process is seamless and works like this:

• No additional downloads or plugins required
• Compatible with all popular devices (e.g., mobile phones, tablets, desktops)
• Support for both mobile and Wi-Fi-based operations

Geolocation services like Locance prioritize user-friendly designs to minimize hurdles, which helps make compliance as transparent as using everyday location-enabled services like Google Maps. The goal is to balance regulatory compliance with a smooth user experience.

Yes. As long as the geolocation platform can confirm that the user is located in the appropriate jurisdiction, they can use services from their mobile phone browsers or apps. To ensure the best location results, users should:

• Enable all location sharing and location services options in device settings including precise or high accuracy location
• Ensure that Wi-Fi, GPS, Bluetooth and cellular data are all turned on
• Whenever possible, use a Wi-Fi connection
• Allow cookies and location sharing in browser settings or when prompted in the app
• Disable any mock location or location spoofing apps
• Disable low power or battery saving modes
• Disable remote access, proxies, anonymizers, or Virtual Private Networks (VPNs)
• Run anti-virus scans to verify that no malware is exploiting location services
• Avoid browser incognito modes or private browsing options
• Disable ad blockers and other settings that may interfere with website tracking

Without proper geolocation compliance, businesses risk significant legal penalties, loss of operating licenses, and reputational damage. Specifically, businesses need geolocation compliance for several key reasons:

• Regulatory requirements: Many industries must verify user location to comply with local laws and regulations.
• Fraud prevention: Verifying user location helps detect suspicious activities and prevent fraud.
• User verification: Confirms users are accessing services from authorized jurisdictions.
• Risk management: Helps businesses avoid penalties and legal issues by ensuring compliance.
• Personalized services: Enables the delivery of location-appropriate content and services.

Locance’s geolocation platform uses a multi-factor approach that combines:

• IP, GPS, device-based, cellular, and Wi-Fi location data
• Device profiling and behavioral biometrics
• Anti-spoofing measures like detection of VPN, proxy, and remote access

This layered approach ensures high reliability while identifying potential fraud attempts. It’s also ideal for users that are on the go or located in remote or rural locations.

Yes. The same principles apply to desktop computers and tablets as to mobile phones. Users can access location-verified services as long as the geolocation platform can confirm they are in an appropriate jurisdiction. The recommendations for ensuring accurate location detection on desktops and tablets are similar to those for mobile devices.

Yes, the Locance API supports both web and mobile applications through SDKs, JavaScript toolkits, and RESTful endpoints, ensuring compatibility across platforms. This enables businesses to implement consistent geolocation compliance across all their user touchpoints.

Flexibility is a must-have when it comes to geolocation compliance. Locance works with each customer to adjust compliance rule sets to fit their specific needs. For example, an iGaming provider may need to exclude certain areas within their jurisdictions.

Locance’s customizable approach enables operators to strike the right balance between security and user accessibility while maintaining full control over their end user experience. This customization extends to specific regional requirements, use cases, risk tolerances, and business models.

The benefits of the Locance geolocation platform include:

• High-accuracy location data
• Robust device profiling capabilities
• Seamless integration via SDKs and JavaScript toolkits
• Compliance with industry-specific regulations
• Scalability for high-volume usage
• Flexibility for various use cases, such as fraud detection and regulatory compliance
• Multi-factor approach to location verification
• Customizable rule sets for specific business needs
• Comprehensive SaaS reporting and forensics tools via the Locance Customer Portal

Scalability is critical for businesses, especially during high-traffic events. For example, the online gaming industry can see a 10x or higher increase in capacity during events like the Super Bowl or a large Powerball jackpot.

Locance’s cloud-based infrastructure provides virtually unlimited scalability and reliable performance, enabling your service use to scale up quickly during surges in demand. This also means that the platform will continue to meet your geolocation compliance needs as your business grows.

Locance offers several advantages over other geolocation providers:

• Reliability: Multi-layered approach to location verification ensures high confidence
• Accuracy: Optimized use of all available sources to deliver the best possible location
• Speed of implementation: Typical integration can be completed in as little as 2-3 days
• Customization: Flexible rule sets that adapt to your specific business needs
• Scalability: Cloud-based infrastructure that can handle significant traffic spikes
• Support: Dedicated Customer Success Manager and implementation assistance
• Data Protection: You maintain control over your users’ data, with no third-party access
• Experience: Extensive experience across multiple regulated industries

For more information on evaluating geolocation platforms, see our guide on 8 Questions to Ask When Evaluating a Geolocation Platform.

Locance API integration steps include:

1. Use the provided JavaScript toolkits in your web application
2. Configure your API keys and security settings
3. Make API calls to the appropriate endpoints for your needs (e.g., /locreq)
4. Test the integration thoroughly before full deployment
5. Partner with Locance’s support team to optimize your implementation

Locance has designed its solution to be as straightforward as possible to implement, involving:

• Restful APIs that provide JSON responses
• JavaScript integration for browser-based applications
• SDKs for iOS and Android apps

Locance provides comprehensive documentation and implementation guides so that your business can set up its systems quickly—sometimes as fast as 2-3 days.

The iOS and Android SDKs provide functions and methods to easily integrate them into your mobile app. Once your app is ready, you just follow the same simple steps as for a web application.

Refer to the integration guides for each mobile platform for detailed instructions on using them in your application. The documentation includes code samples, best practices, and implementation advice for various use cases.

Yes, the API provides real-time location data via the /locreq endpoint for Location Sessions, supporting use cases like asset tracking and fraud prevention. This real-time verification is essential for industries where location matters at the moment of transaction or service access.

The API utilizes OAuth 2.0 with the Client Credentials grant type. Clients must obtain an API bearer token (accessToken) by providing their client_id and client_secret, which are provisioned through the Locance Customer Portal. This token is then included in the HTTP Authorization header of each API request for authentication.

The access Token expires, with the expiration time provided in the ‘accessTokenExpiresAt’ field when the token is issued. Clients must refresh the token before it expires by making a new token request to maintain uninterrupted access.

The API supports geofencing by:

• Accessing pre-defined zones such as countries or states via /zone
• Defining and managing customer-specific zones via /zone
• Checking device locations against selected zones via /zonecheckreq

For example, businesses can detect if a device is within a restricted area, or ensure users are only accessing services from approved jurisdictions. This capability is particularly valuable for regulatory compliance and risk management.

The API verifies device location and compliance across borders by:

• Checking device location against jurisdictional boundaries
• Calculating travel speed, direction and distance to nearby boundaries
• Enforcing compliance rules during Compliance Sessions

For example, businesses can block transactions from users in restricted countries or apply different rules based on regional requirements.

Credentials (client_id and client_secret) are managed via the Locance Customer Portal, where clients can obtain, update, or revoke them. To ensure security, these credentials should be stored securely (e.g., in a vault or encrypted storage) and never exposed in client-side code. Server-side handling is recommended.

The API uses secure HTTP requests with JSON for both request and response bodies.

Here’s how to address common errors:

• Invalid Credentials (401): Verify the accessToken is valid and refresh it if expired.
• Rate Limit Exceeded (403): Pause requests and retry later, ideally with exponential backoff.
• Invalid Parameter (400 or statusCode: 48): Validate request parameters against the specification and correct errors.

Yes, endpoints include:

• Location Data Retrieval: Use /locreq with parameters like locationType (e.g., IP, HTML5, GSID).
• Geofencing: Use /zone to create, delete or manage geofences and /zonecheckreq to verify a device’s position relative to a zone.
• Location Sessions: Session-based location is supported via identifiers like sessionId for browser or app-based location requests.

The API returns HTTP status codes (e.g., 400, 401, 403, 404) and custom statusCode: StatusMsg values in the response body. Common examples:

• 0: Success
• 10: Unauthorized for location
• 13: Location timeout
• 19: System error
• 48: Invalid parameter

Service-specific error codes are also defined (e.g., 48 for invalid parameters in Device Profile services).

Yes, as a customer using Locance’s services, you maintain full control over your end users’ data, as covered in the Privacy Policy. Locance treats location data like your property—not something that the provider takes ownership of. This approach ensures:

• Your platform decides when data is sent and retrieved, and how it is used
• Unlike other providers, Locance does not grant third-party access to sensitive user information or location data without your knowledge and consent
• Locance does not sell location data

Store and transmit location data securely, comply with privacy regulations, publish clear terms of use, and obtain user consent where required (e.g., for app-based or browser-based location). Implement appropriate data retention policies and access controls to protect user privacy.

The Locance API ensures data privacy by:

• Using HTTPS for secure data transmission
• Using ephemeral session identifiers rather than personal identifiers
• Encrypting data at rest and in transit
• Requiring user consent for location services where applicable
• Minimizing data collection and providing transparency

Contact Locance for detailed compliance policies.

The API version is specified in the URI (e.g., /v4/locreq.json). Version 4 is current, with prior versions supported for at least one year after a new major release.

Regulators typically demand end-to-end testing of your unique application—not just the underlying geolocation platform. So, while Locance or any other geolocation provider may be used by other operators that are already certified in certain jurisdictions, your specific application will still require testing and certification to meet local requirements.

This means that every application needs to undergo its own certification process wherever required to ensure full compliance with local standards.

Locance provides guidance on the regional certification process to help ensure your application meets relevant requirements. Our Customer Success team works closely with customers to navigate compliance regulations and facilitate more seamless approvals.

Yes, the API helps prevent fraud by:

• Verifying user location to detect anomalies (e.g., transactions from unexpected regions)
• Profiling devices to identify suspicious behavior (e.g., via /deviceprofilereq)
• Providing risk scores based on location and device characteristics
• Detecting location spoofing attempts and unauthorized access

Example: Flag a transaction if the device profile indicates high risk or if the user’s location doesn’t match their typical pattern.

For online gaming, the geolocation API ensures players are within legal jurisdictions by:

• Verifying player location during a Compliance Session (e.g., via /compliancereq)
• Helping operators avoid legal penalties by enforcing geographic restrictions
• Supporting compliance with state-specific gaming regulations
• Enabling operators to expand into new markets confidently

Example: Confirm a player is in a permitted state, but not within a restricted aboriginal territory, before allowing gameplay, thus maintaining regulatory compliance.

The API provides real-time location data for physical assets, allowing businesses to:

• Monitor asset location on demand (e.g., via /locreq)
• Set up geofences to detect if devices are in or out of designated areas (e.g., via /zonecheckreq)
• Locate vehicles, high-value equipment, or other mobile assets in real-time

Example: Monitor the location of a fleet of vehicles in real-time for optimized logistics and security.

The API supports compliance by:

• Verifying user location for jurisdictional requirements (e.g., online gaming laws, financial regulations, etc.)
• Performing compliance checks during Compliance Sessions (e.g., via /compliancereq)
• Maintaining detailed audit logs for regulatory reporting
• Adapting to evolving compliance requirements through flexible rule sets

Example: Ensure a user is in a regulated area before approving a financial transaction to maintain compliance with regional regulations.