60
submitted 1 year ago* (last edited 1 year ago) by supercheesecake@aussie.zone to c/privacy@lemmy.ml

Title.

Trying to buy an audiobook with my US account from Australia. Am using a VPN and a fresh log in using a private browsing window. Still getting the “not for sale in this country…”

How does Amazon/Audible still know my country?!

EDIT: Thank you everyone for your suggestions, but I feel like we’re no closer to figuring out how Amazon is detecting my physical country. If they have some new “trick” surely this is a privacy issue as well?!

EDIT 2: Important details, this is on my iPhone using both the Amazon and Audible apps, and via the web with Safari (mentioned below). Doesn’t work.

I gave up and went to my desktop and was able to complete the purchase following the same steps without issue. So 🤷‍♂️ ?!

Clearly Amazon is scraping some information from the phone to region lock the purchase. Still would love to know given VPN isn’t masking my location apparently.

top 49 comments
sorted by: hot top controversial new old
[-] kadu@lemmy.world 23 points 1 year ago

On what device? Android, iOS and Windows have a Region option where you select your country, the browser and any apps can read this trivially.

[-] supercheesecake@aussie.zone 4 points 1 year ago

On iOS. My VPN is set to USA and I’m logged into amazon.com (not .com.au).

Where would this setting be?

[-] ddnomad@infosec.pub 7 points 1 year ago* (last edited 1 year ago)
  • Settings -> General -> Language & Region -> Region
  • Settings -> YOUR NAME -> Media & Purchases -> Account Settings -> Country/Region

Both must be changed to a different region to fully switch. Requires a valid payment method from that region (e.g. a debit card from that region). There are consequences to changing regions too, so be careful.

From my experience, sometimes you also need to contact Apple support to finish the change process. Otherwise it may just revert back.

Overall, Amazon surely knows where you are now and it will be set in your Amazon account, I suspect there is nothing you can do.

The best way to achieve what you want is to boot something like TailsOS and create a new account while under the VPN in that region. With a payment method from that region.

VPNs are not magic. Most big companies nowadays have means of detecting actual user locations, which is pretty trivial if you use an app or an operating system that leaks data when under the VPN.

[-] InverseParallax@lemmy.world 3 points 1 year ago

Disable location services.

[-] supercheesecake@aussie.zone 3 points 1 year ago

Neither Amazon or Audible apps have any location services permissions.

Regardless, disabled it system-wide and didn’t make a difference. Thanks though.

[-] InverseParallax@lemmy.world 3 points 1 year ago

They could just have a VPN detector, that's harder to work around, sec.

[-] supercheesecake@aussie.zone 3 points 1 year ago

Yeah I wouldn’t be surprised if both apps and webpages have access to the phone date/time for logs and to time stamp purchases etc. And Amazon use that to decide you’re not in the place your VPN is telling them.

[-] gerbler@lemmy.world 3 points 1 year ago

It's definitely this. I often forget that my Amazon account is tied to Canada (even with a .com.au email address) and it's only when I see how cheap shit is that I realise I'm actually on amazon.com not amazon.ca

[-] skillissuer@lemmy.world 9 points 1 year ago

timezone + language settings is another option

[-] supercheesecake@aussie.zone 2 points 1 year ago

This might be it. I gave up and purchased from my desktop and the same steps worked straight away without issue. Maybe Amazon has access to phone info that I’m unaware of.

[-] maxprime@lemmy.ml 8 points 1 year ago

Do you have a credit card on your account?

[-] supercheesecake@aussie.zone 3 points 1 year ago

US credit card but am using an audible credit

[-] nieceandtows@programming.dev 1 points 1 year ago

They use your payment method to determine which country you are from

[-] supercheesecake@aussie.zone 1 points 1 year ago

Yeah my payment method is US credit card. But Audible members get a credit (book) each month to buy a book with in addition to use physical money.

Everything for that account is US.

[-] arthur@lemmy.zip 7 points 1 year ago

By "fresh login" do you mean "new account"?

[-] supercheesecake@aussie.zone 2 points 1 year ago

Open private browsing window, make sure I’m fully logged out of Amazon. Then log in.

Ie wasn’t previously logged in before the VPN started or private window was opened.

[-] StalksEveryone@lemmy.villa-straylight.social 2 points 1 year ago* (last edited 1 year ago)

so its your original account? the same one you started with before getting the vpn

[-] supercheesecake@aussie.zone 3 points 1 year ago* (last edited 1 year ago)

I have a US Amazon account linked to a US home address and credit card. But I now live in Oz.

Audible uses your Amazon account. And regardless, I’m using an Audible credit for this purchase, so no actual payment anyway.

EDIT: and just to clarify, this is my US Amazon account I’ve had for years

[-] the_d0c_is_in@lemmy.ml 7 points 1 year ago

Your vpn provider is only working with ipv4. Your phone has both ipv4 as well as ipv6 addresses. That's how....

[-] supercheesecake@aussie.zone 1 points 1 year ago

Do any VPN providers cover this?

[-] the_d0c_is_in@lemmy.ml 2 points 1 year ago

On phones? Maybe proton with their app? Its easier, though, to just disable ipv6 on your phone.

[-] supercheesecake@aussie.zone 1 points 1 year ago

I see. Thanks.

[-] Onihikage@beehaw.org 6 points 1 year ago

iOS up to at least version 16 has leaked VPN traffic for years. If you only turned on the VPN to make the purchase, that might be how Amazon still knew where you were. The only workaround (always-on VPN mode) apparently is an enterprise feature in iOS that most users don't have access to.

Alternatively, since it worked on a desktop, your VPN's mobile version or iOS support may be flawed. The ones I hear the most about from privacy advocates are Mullvad VPN, IVPN, and Proton VPN. If it's a free VPN, well, you get what you pay for. If it's one of the ones I mentioned, they might be interested to work with you to figure out how Amazon was bypassing them, if the issue can still be replicated, or they might already know.

[-] supercheesecake@aussie.zone 1 points 1 year ago

Cheers, thanks for the very helpful info.

We paid for Nord quite a while ago with some special deal. I haven’t heard great things about them since though so might be time to ditch and pay for something better. I’ve heard Proton is good as well.

[-] tm404@lemmy.ml 4 points 1 year ago* (last edited 1 year ago)

Full disclosure, I don't use Nord so I am not an authority. The following is just what I have been told. Take from it what you will, and research what you like. I believe Nord has a somewhat checkered history, including a security mishap that caused privacy concerns amongst users, making it harder than necessary to delete your account, and even charging for renewal after canceling the sub because they kept the card on file (happened to a mate from work). They opted to leave Nord a while back when their split tunneling broke or something like that. I also heard Nord was purchased by a company (name escapes me atm) that was buying up other VPN services and also had their hands in selling targeted ads. 🤷

Proton or Mullvad are typically my 2 recommendations. If you also have a desire for an entire ecosystem, Proton will provide that as well for marginally more than the price of just their VPN (mail, cloud storage, calendar, password manager, email aliasing). I have also had nothing but good experiences with Mullvad VPN and they come at a consistent price of $5/mo.

Helped my coworker (mentioned above) make the leap from Nord to Mullvad and they seem very pleased with it. Easy to use and very affordable. Mullvad also has a very functional Linux client if interested. Proton's Linux GUI is very lackluster, but their CLI is reliable if I remember correctly.

Hope this helps! 🍻

Edits: spelling and links.

[-] supercheesecake@aussie.zone 2 points 1 year ago

Yes! Much appreciated!

VPNs don’t guarantee anonymity. There’s no reason they cannot sell your data. Last I heard there isn’t any contractual obligation. Organizations like nord and surfshark are fully capable of saving your data, as well as selling it off to the highest bidder, if they choose to do so. Only services like Mullvad can guarantee anonymity because even they don’t know what you’re doing with their service.

[-] Pika@lemmy.world 6 points 1 year ago

As someone who jumps between the US and Canada (since on the border) I've found that, Amazon will block purchases from Canada to the US and visa versa, it doesn't care about ip, it uses your accounts region, Canada and US have seperate regions in your account settings that you need to do. Sadly this means you would need two different accounts. One for CA and one for US. It's likely the same deal with audible

[-] DrPen@mastodon.social 3 points 1 year ago

@Pika @supercheesecake dont wanna butt in but in case this is relevant: I use at least 3 Amazon regional accounts here in Europe: UK, Germany and Italy (I live in another EU country). I sign in with the same username/password. Currency of products changes for UK from EUR to GBP, and often different ranges of products can show up. I have multiple addresses listed for delivery and just select the one I want.

[-] Pika@lemmy.world 2 points 1 year ago

that's similar to how I do it, change the region and then pay, but some items I've noticed block sale if the originating payment method is in a different region

[-] DrPen@mastodon.social 2 points 1 year ago

@Pika Id have to log into the new region from he start, go find the same product, then order. I dont think it would work if I change region half way through a purchase.

[-] Pika@lemmy.world 2 points 1 year ago

oh sorry if I was unclear, yea since it's still a different account I would need to login when I change regions as well, I can't change halfway through.

[-] DrPen@mastodon.social 2 points 1 year ago

@Pika no probs! Sometimes the products arent available for whatever reason in a region.

[-] newpuritan@lemmy.ml 1 points 1 year ago

How are you setting up new accounts? I just tried to create a new one using a VPN but can't because it asks for my phone number for verification which has already been used.

[-] DrPen@mastodon.social 2 points 1 year ago

@newpuritan Its the same account, I just sign in to different Amazon regional sites.

[-] supercheesecake@aussie.zone 1 points 1 year ago

Audible and Amazon accounts are the same. I have an AU account and a US account. But I’m only using the US account to buy the audiobook in the US store, using VPN and private browsing. No CC or similar involved.

But from Australia. So how does Amazon know I’m in Australia?!

From a privacy point-of-view I thought VPN masks such things. I’m trying to understand how Amazon is detecting my physical country.

[-] Pika@lemmy.world 3 points 1 year ago

Aside from device ID, or maybe if you're using a billing address as something from Australia, I can't see how they would be, you've stated location services are off, VPN will mask the ip.

I didn't even need to use a VPN in my cases between Canada and the US, changing to an account that was in the region that allowed the purchase was all I had to do.

That being said if I changed my Canada account to use the billing address of my US residence instead of my Canadian residence when on the Canadian region, I would get region locked I found, so if you have a primary payment method on file using your AU address you could try temporarily removing or modifying it to have a different address

[-] supercheesecake@aussie.zone 2 points 1 year ago* (last edited 1 year ago)

Nah the CC and billing address for my US account are fully local there. My AU and US accounts are totally seperate and everything is local for each.

I’ve tried both using their apps on my phone and the browser (Safari with privacy relay) with the same result (with VPN etc etc).

I agree, I can’t se how they’re doing this. Must be something I’ve overlooked. Or some new internet black magic they’re employing.

EDIT: Or the search result for the book I want isn’t actually available in the USA and they’ve just messed that up (since I’m searching from the US as far as they can see). I guess I could try buying a different book

[-] Pika@lemmy.world 3 points 1 year ago

yea that was my next question, if the title was actually available in the country selected, I had that issue with Netflix searches constantly

[-] Loki@lemmy.beyondcombustion.net 5 points 1 year ago

Probably DNS?

[-] mishamouse@artemis.camp 3 points 1 year ago

i didn’t see if anyone else asked already; was your phone connected to the internet via wifi? or cell data?

[-] supercheesecake@aussie.zone 1 points 1 year ago

Yes it was. It needed to be connected somehow to make the purchase.

[-] mishamouse@artemis.camp 1 points 1 year ago

which one though? i was wondering, if you are connected to a cell tower, if that tower still reported the region or carrier network.

[-] supercheesecake@aussie.zone 1 points 1 year ago

Aah I see. Both. Didn’t think to disconnect from either and try separately.

I’ve already got the book now. But will remember this if I have the problem again in the future. Thanks.

[-] Kissaki@feddit.de 2 points 1 year ago

To verify assumptions, are you sure it's available in your impersonated country? "in your country" isn't specific and can apply to both.

with my US account

Isn't that the reason they deny?

Did you not change your accounts and browser sessions country?

[-] supercheesecake@aussie.zone 2 points 1 year ago

It’s the version that comes up from a search for that book when using the USA Amazon or Audible site from my USA account plus with a USA VPN on. So I’m assuming the search results are for USA available titles.

As far as I know, Amazon should see me as being in the USA. Hence why I’m confused.

Appreciate the suggestions though.

[-] Mikelius@beehaw.org 1 points 1 year ago

If you have geolocation enabled or don't block location requests, that could be another way. VPN can't protect you from geolocation.

[-] supercheesecake@aussie.zone 2 points 1 year ago

Thanks. Still happened with location services disabled phone-wide.

load more comments
view more: next ›
this post was submitted on 06 Aug 2023
60 points (100.0% liked)

Privacy

32142 readers
954 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS