Polymarket has started actively targeting users who rely on VPNs to bypass its geo-blocking rules. The platform now blocks certain IP addresses linked to VPN services and in some cases asks users to verify their identities. according to a report in The information. These measures come as the company faces growing legal and regulatory pressure around the world, including outright bans in countries such as Spain and Indonesia. Meanwhile, VPN providers themselves are also facing increased regulatory pressure in places like Utah and the United Kingdom.
Polymarket’s updated approach combines technical barriers with selective identity checks to prevent users from bypassing location restrictions. The company reportedly directly blocks known VPN IP ranges and flags accounts that show signs of evasion. Users with unusually large positions or those who move money in rapid, high-value cycles are now prompted to complete identity verification to comply with anti-money laundering rules. While basic wallet-based trading using USDC stablecoin As the Polygon blockchain network remains open to people in permitted regions, the platform has apparently moved away from fully permissionless access as the default option, which is a key feature that differentiates the international version of its platform from its main competitor Kalshi. Of course, this trend of more authoritative forms of access is increasingly seen throughout the broader crypto industry, as much of the associated activity is built around stablecoins and other centralization points.
Notably, Polymarket keeps its international operations separate from its US division, requiring full Know Your Customer compliance after the company acquired a licensed derivatives exchange in 2025. Prior to this acquisition, the prediction markets provider also had a $1.4 million settlement with the CFTC in 2022 for trading unregistered binary options.
Geo-blocking specific IP addresses serves as a common way to prevent people in restricted countries from reaching financial platforms that lack proper regulatory approval or compliance in those areas. However, VPNs allow anyone to route their connection through servers in permitted locations, making purely IP-based blocks untrustworthy without collecting personal data about users. This geoblocking limitation has been previously exploited by crypto exchanges. Both Binance and KuCoin drew heavy criticism and formal charges for allowing Americans to trade without required KYC and AML checks. Court documents show KuCoin knowingly allowed US customers to operate without identity verification, advertised the lack of KYC as a feature, and took steps to hide its presence. The CFTC has also pointed to cases where Binance provided US users with guidance on using VPNs to avoid detection.
Regulators around the world are increasingly questioning how prediction markets should be classified, with some treating them as unlicensed gambling and others viewing them as unauthorized derivatives transactions. Spain recently ordered internet providers to block both Polymarket and Kalshi. after the platforms operated without the necessary gaming licenses and did not include adequate protections for minors and self-excluded gamblers. The blockades will remain in place during disciplinary proceedings that are expected to last three to four months.
Spain’s decision brings the total to more than 30 jurisdictions where prediction markets face restrictions or outright bans. Recent additions to that list include Indonesia, which took action earlier this week, as well as Argentina, Brazil, India, France, Belgium, Australia and the United Kingdom. In the United States, the CFTC filed a lawsuit against Minnesota after the state passed a law criminalizing prediction markets. Kalshi also has joined the challenge with its own federal lawsuit arguing that the Minnesota statute overrides state authority and violates the Constitution by interfering with federally supervised derivatives markets.
At the same time, some jurisdictions have begun to explore stricter rules on VPNs when people use them to circumvent age limits on adult content and other forms of online regulation. So far, the focus is on shifting legal responsibility to app developers and website operators, forcing them to prevent unauthorized access by specific groups. critics, like the Electronic Frontier FoundationThey warn that this approach will push platforms to require real-world identity verification for users, effectively ending anonymous Internet access for many services.
Utah’s new Online Age Verification Amendments prohibit companies that host material harmful to minors from helping users bypass age controls through VPNs or similar tools and hold platforms responsible for access attempts from within the state, regardless of masking technology. Similar discussions have arisen in the United Kingdom.where officials have described VPNs as loopholes that undermine content restrictions.
