We are building a service that uses location-based pricing. The user can input an address and see prices in his area as determined by various server-side algorithms. It is then possible to order items based on these prices.
I'm trying to figure out if there is a way we can use client-side geocoding in this scenario (to avoid hitting Google Maps API usage limits), e.g. the user enters his address and the browser fetches the geocode result using the JS library and includes it in the form submission. The problem is that the user could tamper with the form submission and potentially place orders to his address for prices that apply to a different set of coordinates.
I'd like to hear your suggestions about how I can secure this. For example, it would be amazing if the geocode result could be signed somehow to verify that it hasn't been tampered with?