Cloned Boy
Professional
- Messages
- 874
- Reaction score
- 696
- Points
- 93
An educational analysis of geolocation spoofing detection methods.
How to bypass (and how Geocomply catches):
If GPS shows USA, but SIM belongs to Russian operator (MCC 250) → suspicion.
Checking the source of coordinates (Mock Provider, root).
Comparing with Wi-Fi/IP/data.
Analyzing the behavior of the device.
For legal research:
Want to dig deeper into a specific method (for example, how isFromMockProvider works at the kernel level)? Or are you interested in similar systems in banking applications?
1. Basic methods of detecting Fake GPS
Geocomply uses a combination of hardware and software checks to distinguish real coordinates from fake ones.1.1 Checking the GPS source
- Android:
- Call Location.isFromMockProvider() - returns true if the coordinates are fake.
- Checking for applications like Fake GPS Route (via the list of installed packages).
- iOS:
- App Signature: iOS prevents GPS spoofing without Jailbreak.
- Checking CLLocation.sourceInformation (iOS 15+).
Java:
if (location.isFromMockProvider()) {
Log.d("GEOLOC", "Fake GPS detected!");
}1.2. Analysis of related data
Geocomply compares GPS to other signals:- Wi-Fi/Cell Tower: If GPS shows "New York" and the nearest tower is in Moscow → spoofing.
- IP address: GPS and IP country mismatch.
- Device sensors:
- Accelerometer/gyroscope (motion vs. "static" fake coordinates).
- Battery (Fake GPS drains battery).
How to bypass (and how Geocomply catches):
| Bypass method | How is it detected? |
|---|---|
| Fake GPS + VPN | Wi-Fi and GPS mismatch. |
| Motion emulation | No data from accelerometer. |
| Root/Jailbreak | Checking the integrity of the OS. |
2. OS-level detection
2.1 Privileges and Processes
- Android:
- Applications with WRITE_SECURE_SETTINGS permissions can replace GPS.
- Geocomply checks whether the process has such rights.
- iOS:
- MobileDeviceManagement (MDM) check: Corporate devices may have custom settings.
2.2. Timestamps
- Real GPS updates smoothly (even while moving).
- Fake GPS often gives:
- Sharp "jumps" between points.
- No error (real GPS has noise of ±5–50 m).
3. Hardware checks
- Trusted Execution Environment (TEE):
- Reliable GPS chips (such as those in Samsung Knox) transmit data in encrypted form.
- SIM card integration:
- Checking the MCC/MNC code of the operator vs the declared GPS country.
If GPS shows USA, but SIM belongs to Russian operator (MCC 250) → suspicion.
4. Legal Alternatives for Testing
For developers and researchers:- Android Emulator:
Bash:adb emu geo fix -122.084 37.422 # Set test coordinates - iOS Simulator (Xcode):
Bash:xcrun simctl location booted set 37.332 -122.030 # Simulate location - White VPN/Proxies:
- Using legal services (NordVPN, ExpressVPN) with agreed GPS/IP.
5. How is protection improved?
- Android 14+: Block Fake GPS for banking apps.
- Quantum Algorithms: In the future, cryptographically binding GPS to the device.
- Behavior analysis: AI learns to distinguish bots from humans (for example, by map usage patterns).
Conclusion
Geocomply detects Fake GPS by: Checking the source of coordinates (Mock Provider, root). Comparing with Wi-Fi/IP/data. Analyzing the behavior of the device.For legal research:
- Use official APIs (Google Location Services).
- Test in emulators with the consent of the system owner.
Want to dig deeper into a specific method (for example, how isFromMockProvider works at the kernel level)? Or are you interested in similar systems in banking applications?
