Didit IP Analysis is an identity verification component that evaluates user network connections in real time to identify fraud indicators. The service analyzes IP addresses to detect VPN usage, proxy servers, Tor networks, hosting providers, and anomalous routing behavior during user verification and biometric flows. The system captures network signals when users initiate verification sessions and evaluates hundreds of network-level indicators including ASN reputation, routing behavior, and historical risk data. IP signals are correlated with geolocation data, document country information, device data, and biometric results to identify inconsistencies that may indicate fraudulent activity. The service operates automatically within Didit's verification workflows and can also be accessed directly via API. Risk indicators and confidence levels are returned through API responses, webhooks, and the Business Console interface. Organizations can configure custom rules, thresholds, and manual review processes based on their specific risk requirements. IP Analysis is designed to detect coordinated fraud patterns such as VPN rotation, proxy farms, and shared infrastructure commonly used in account farming and repeat abuse scenarios. The service runs in the background of verification sessions without requiring additional setup and is included at no extra cost within Didit workflows, with pricing of $0.03 per analysis after 500 free monthly uses. The platform maintains GDPR compliance and holds ISO 27001, ISO 27017, and ISO 27018 certifications for information security and cloud privacy protection.