An anti-fraud network acts as a data hub obtaining and/or capturing fraud-related or potentially fraud-related information from multiple products and installations. Once obtained and/or captured, the anti-fraud network analyzes the data, sanitizes portions of the data as necessary, and creates a unified feed for subsequent use by all installations. By way merely of example, fraud-related information might include a list of internet protocol (IP) addresses (or other identifiers) used to generate and/or further fraud-related activities. Additionally, fraud-related information can include a list of genuine IP addresses not associated with fraud-related activities. The anti-fraud network can obtain such lists from multiple providers such as various product installations and/or entities.
Unfortunately, the above-described approach suffers from at least one disadvantage in that a fraudulent transaction received from a particular IP address that is included on a list can affect future transactions from the same IP address for a very long time even though the future transactions may not be fraudulent. This can lead to a high level of false positives.