How accurate is location data?


Each month we are seeing location data come across that shows access devices being used from outside of the country. When we follow up with our users they usually tell us that they were not in that country at the time the VPN attempt was recorded. We even have the same IP being tied to different users. How reliable is the location information that we see in the Duo reports? Does anybody else also experience this same type of behavior?


Hi Darin,

At Duo we leverage a widely used geo location service called GeoIP. This service attempts to map IP Address to geographic locations like city and states. MaxMind, the creator of GeoIP tests the accuracy of the GeoIP2 and GeoIP Legacy Databases on a periodic basis. In their recent tests, the downloadable databases were 99.8% accurate on a country level, 90% accurate on a state level in the US, and 86% accurate for cities in the US within a 50 kilometer radius. (

When someone leverages a cellular or VPN network connection, it’s common for those locations to report inaccurately. Because GeoIP leverages the IP Address of the request origin a user accessing via VPN will report from the VPN’s origin server IP address, which is usually different from the users actual location.


Hi Taylor,

I’m curious as to why if I try my IP address at
I get a different location shown from the Duo App?
Is there an update frequency you can share?


We do regularly update our GeoIP database.

I encourage you contact support (Support | Duo Security) to further troubleshoot.


Do you plan to support IP2Location LITE or other free database?

We have problem with the accuracy of the GeoIP and do not want to buy the commercial one for better coverage.


I am presently unaware of any plans to support other geolocation services, but I will gladly put in a feature request for our development team to consider.


@Taylor_McCaslin Thank you. You can start with IP2Location LITE first because they are supporting large number of programming libraries.