Device fingerprinting is a technology that analyzes a user’s configuration of software and hardware, and creates a unique ID for each device, in order to identify connections between users. It can also be used to spot suspicious devices, such as those which might be spoofing or using malware.
Device Fingerprinting API Overview
The device fingerprinting process is based on artificial intelligence and machine learning, and it helps the Fraud Protection service to link seemingly unrelated events to help identify fraudulent behavior. It is a powerful way to help protect against fraud on your website or app.
Unlike web cookie fingerprinting, which are distributed back to the browser, device fingerprints are stored server side. This means that they must be kept in a database for analysis, and thus require substantial storage.
You can use device fingerprint API to protect your business from identity theft and fraud by allowing Sift to automatically blacklist suspicious devices that are associated with fraudulent activity on your site. It also helps to detect fraudulent orders and prevent them from being processed.
In addition, device fingerprints are uniquely stable across sessions, meaning that they can be used to differentiate between different devices. This helps identify credit card fraud and fraudulent requests to your site.
To use this feature, you need to integrate a client-side device fingerprinting SDK into your web or mobile application. The fingerprinting process uses a combination of user- and device-specific characteristics and attributes, which is evaluated in a probabilistic manner by the device fingerprinting service.
A device fingerprint can be generated for each user on your website or app by combining the user’s device characteristics and attributes with their session identifier. This information is then sent to the Fraud Protection service for further analysis.
The device fingerprint is then compared with a list of known fraudsters to produce a risk score. This risk score is then used to help identify high risk accounts and transactions.
This feature can be applied to any payment product on the MyCheckout platform. You will need to implement the required code in your checkout pages and pass it back with your Create Payment API call.
When using this feature, you must include the following device fingerprint code in your checkout pages: / js-deviceFingerprint :deviceFingerprintTransactionId> (where js- is a valid string variable). It must be placed as early in the page as possible, ideally right after the /head> tag to ensure that there’s minimal time between the web page load and the creation of the device fingerprint.
It’s important to note that this code will only work if your payment page is on the MyCheckout platform and it’s accessed via a web browser. If you are integrating it with your own application, you must ensure that the user has consented to allow fingerprinting.
In most cases, device fingerprinting is covered by the ePrivacy Directive and requires consent from the user before it is used. This may limit how companies can use it, as they will need to seek consent from each individual user before processing their device fingerprints.