Device ID

The Device ID has been developed to provide more data points for the fraud assessments.

Before using the Device ID, all GDPR needs to be in place via a LIA.
See status on GDRP – device ID

What is device ID/ Fingerprint? #

Device/browser fingerprinting is a technique used to identify a device/browser based on its specific and unique configuration. It provides data on the device used by the customer doing the transaction and consists and works like a device fingerprint (see Device fingerprint)

Use for Protectmaxx #

What this really means is Protectmaxx will have another key field to use in the fraud rules, one that aims to identify the browser used. If the transactions have the same DeviceID, then it means the same browser was used for both. Assume the scenario when a fraudster has a number of stolen cards and is trying to do some transactions with all of them. We can expect him to set up different accounts and provide a variety of personal (fake) details like different email addresses, different first names, last names etc… This would be quite difficult to stop, but if he is using the same browser to do this, the ability to detect this fact would be very useful. Sample fraud rules like below could be used to limit the impact.

The device ID is an alphanumeric token and will be handled by Protectmaxx just like any other fraud variable. It is expected to be received part of a fraud request, after being generated for the current browser. To generate such a token, a JavaScript snippet will need to be executed on the user browser to collect a set of configuration variables like screen resolution, colour depth, installed plugins, etc… and hash everything into a unique alphanumeric identifier.

Use for Merchant #

Having a Device ID implemented increases the quality of the fraud assessment for the Merchant, so it is also in their best interest (to lower Fraud Risk levels)

The merchant needs to include a piece of JavaScript into their website before the checkout. This JavaScript will tell the APU the properties of the device that is being used for the purchase.

Integration guide for merchants #

DeviceID – merchant.docx

Roadmap document (WIP) #

Device ID map.pptx

Properties #

Following are examples of browser properties are being retrieved based on GitHub – fingerprintjs/fingerprintjs: Browser fingerprinting library. The accuracy of this version is 40-60%, accuracy of the commercial Fingerprint Identification is 99.5%. V4 of this library is BSL licensed.

Use off pluginsscreenResolutionlocalStorage
Language preferencesavailableScreenResolutionindexedDb

Setup #