Detecting fraud using visitorId

Our mission is to empower developers with a device intelligence platform that can help them to build safe and sustainable web and mobile applications. With our device intelligence platform, you can

  1. Identify mobile devices and/or browsers reliably.
  2. Get more insights (e.g. IP-based location, if device was jailbroken, etc) about a visitor using our Server API

Every visitor to your web/mobile application is assigned an identifier called visitorId. The visitorId that is computed using advanced browser fingerprinting techniques and machine learning algorithms is incredibly robust that it does not change even when your visitors try to disguise (e.g. incognito browsing, proxy) their identity.

The visitorId is accurate enough to be used as a unique identifier for every one of your users. In general, we have been able to correctly identify a returning browser 99.5% of the time. For mobile devices, the accuracy is even better because we identify mobile devices using signals with higher longevity (than those used for identifying browsers).

Once you have obtained a visitorId value, you can use it to perform fraud detection. Query visitor information using our Server API, inspect visit history to get an idea if current activity is fraudulent or poses a threat to your website. It also can be used to get the geolocation (based on IP) and other types of useful information.

A high-performance fraud detection use case can be implemented as follows:

  1. Identify every visitor using the Fingerprint identification API.
  2. Configure webhooks to receive secure server-side events.
  3. Whenever a specific visitor is known to do any fraudulent activity, record that fact inside the visitor tag (which acts as a visitor metadata).
  4. In your webhook handler, read event tags and if you see fraudulent tags, send a notification email to be notified about this user visiting your website again.