Deprecated versions

Fraud API v1.0

Request

SEON’s Fraud API is the core end-to-end solution designed to reduce fraud. It includes all our module APIs, but you can enable or disable them such as the Email API or the device fingerprint function via JavaScript snippet. It supports business-specific data fields for scores, using the user_label.

JSON Attributes	Type	Required
ip	string	no

action_type	string	no

transaction_id	string	no

affiliate_id	string	no

affiliate_name	string	no

user_order_memo	string	no

run_email_api	boolean	no

email	string	no

email_domain	string	no

password_hash	string	no

user_fullname	string	no

user_name	string	no

user_id	string	no

user_created	integer	no

user_country	string	no

user_city	string	no

user_region	string	no

user_zip	string	no

user_street	string	no

user_street2	string	no

session_id	string	no

device_id	string	no

payment_mode	string	no

card_fullname	string	no

card_bin	string	no

card_hash	string	no

card_last	string	no

avs_result	string	no

cvv_result	boolean	no

phone_number	string	no

transaction_type	string	no

transaction_amount	float	no

transaction_currency	string	no

items	array of item objects	no

shipping_country	string	no

shipping_city	string	no

shipping_region	string	no

shipping_zip	string	no

shipping_street	string	no

shipping_street2	string	no

shipping_phone	string	no

shipping_fullname	string	no

shipping_method	string	no

billing_country	string	no

billing_city	string	no

billing_region	string	no

billing_zip	string	no

billing_street	string	no

billing_street2	string	no

billing_phone	string	no

discount_code	string	no

gift	boolean	no

gift_message	boolean	no

merchant_id	string	no

merchant_created_at	integer	no

merchant_country	string	no

details_url	string	no

user_label	object	no

Warning: The maximum length of all request parameters is 100 characters, except the following: 64 characters for the session_id (sent directly or within the session field), 20 characters for the phone_number, 15 characters for cardBin, 50 characters for cvvResult, 4 characters for transactionCurrency and 255 characters for transactionId.

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
id	string

state	string

fraud_score	number

proxy_score	number

ip_details	object

email_details	object

bin_details	object

phone_details	object

version	string

applied_rules	array of object

device_details	object

calculation_time	integer

seon_id	integer

Errors for Fraud API v1.0

Error Code	Explanation
1000	Empty request body.
1001	IP address is missing.
1002	IP address is invalid.
1003	License key is missing.
1004	License key is invalid.
1005	Invalid public key.
1006	JSON input is invalid.
1008	Missing email address.
1009	Invalid email address.
1010	Invalid authorization header.
1011	Inactive license.
1012	Your subscription has ended.
2001	System database error.
3000	`[data_field_name]` size must be between `[minimum_value]` and `[maximum_value]`.
3001	Invalid ‘user_created’ input parameter.
3002	Invalid ‘cvv_result’ input parameter.
3003	Invalid ‘transaction_amount’ input parameter.
3004	Invalid ‘items_quantity’ input parameter.
3005	Invalid ‘items_price’ input parameter.
3006	Invalid ‘merchant_created_at’ input parameter.
3007	Invalid ‘action_type’ input parameter.
3008	‘transaction_amount’ not provided along with ‘transaction_currency’.
3009	Invalid ‘gift’ input parameter.
3010	Invalid ‘gift_message’ input parameter.

Fraud API v2.0

Request

Request Attributes	Type	Required
config	object	no

action_type	string	no

ip	string	no

transaction_id	string	no

affiliate_id	string	no

affiliate_name	string	no

order_memo	string	no

email	string	no

email_domain	string	no

payment_id	string	no

password_hash	string	no

user_fullname	string	no

user_name	string	no

user_firstname	string	no

user_middlename	string	no

user_lastname	string	no

user_pob	string	no

user_photoid_number	string	no

user_id	string	no

user_created	integer	no

user_category	string	no

user_account_status	string	no

user_bank_account	string	no

user_bank_name	string	no

user_balance	float	no

user_verification_level	string	no

user_dob	date	no

user_country	string	no

user_city	string	no

user_region	string	no

user_zip	string	no

user_street	string	no

user_street2	string	no

session_id	string	no

session	string	no

device_id	string	no

payment_mode	string	no

payment_provider	string	no

card_fullname	string	no

card_bin	string	no

card_hash	string	no

card_expire	date	no

card_last	string	no

avs_result	string	no

cvv_result	boolean	no

status_3d	string	no

sca_method	string	no

phone_number	string	no

transaction_type	string	no

transaction_amount	float	no

transaction_currency	string	no

items	array of objects	no

shipping_country	string	no

shipping_city	string	no

shipping_region	string	no

shipping_zip	string	no

shipping_street	string	no

shipping_street2	string	no

shipping_phone	string	no

shipping_fullname	string	no

shipping_method	string	no

billing_country	string	no

billing_city	string	no

billing_region	string	no

billing_zip	string	no

billing_street	string	no

billing_street2	string	no

billing_phone	string	no

discount_code	string	no

gift	boolean	no

gift_message	boolean	no

merchant_category	string	no

merchant_id	string	no

merchant_created_at	integer	no

merchant_country	string	no

receiver_fullname	string	no

receiver_bank_account	string	no

details_url	string	no

regulation	string	no

bonus_campaign_id	string	no

brand_id	string	no

custom_fields	object	no

Warning: The maximum length of all request parameters is 100 characters, except the following: 500 characters for card_hash, 64 characters for the session_id (sent directly or within the session field), 19 characters for the phone_number, 15 characters for card_bin, 4 characters for transaction_currency, 50 characters for discount_code and shipping_method and 255 characters for transaction_id.

The endpoint returns JSON structured response.

JSON Attributes	Type
id	string

state	string

fraud_score	number

ip_details	object

email_details	object

bin_details	object

phone_details	object

aml_details	object

version	string

applied_rules	array of object

device_details	object

geolocation_details	object

calculation_time	integer

seon_id	integer

rule_category_details	array of object

Response

{
    "success": true,
    "error": {},
    "data": {
        "id": "67c2810c2de1",
        "state": "DECLINE",
        "fraud_score": 95.75,
        "bin_details": {
            "card_bin": "414141",
            "bin_bank": "VERMONT NATIONAL BANK",
            "bin_card": "VISA",
            "bin_type": "CREDIT",
            "bin_level": "CLASSIC",
            "bin_country": "UNITED STATES",
            "bin_country_code": "US",
            "bin_website": "www.vermontnationalbank.com",
            "bin_phone": "+1 802 476 0030",
            "bin_valid": true,
            "card_issuer": "VISA"
        },
        "version": "v2.0",
        "applied_rules": [
            {
                "id": "1000702",
                "name": "Phone possible is equal to true",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "1000682",
                "name": "has_pep_match is not listed on watchlist2",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "P106",
                "name": "Customer is using a datacenter ISP",
                "operation": "+",
                "score": 10.0
            },
            {
                "id": "1000715",
                "name": "Temp ARC 2 category specific rule",
                "operation": null,
                "score": 0.0
            },
            {
                "id": "P110",
                "name": "IP address was found on 4 spam blacklists",
                "operation": "+",
                "score": 4.0
            },
            {
                "id": "1000671",
                "name": "has_sanction_match is equal to true",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000687",
                "name": "has_sanction_match is not listed on watchlist2",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000707",
                "name": "Rule C (User category is equal to VIP)",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000718",
                "name": "Domain creation date is greater than 1 month ago",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000670",
                "name": "has_watchlist_match is equal to false",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000696",
                "name": "Phone number valid is equal to true",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "P112",
                "name": "Customer is using public proxy",
                "operation": "+",
                "score": 10.0
            },
            {
                "id": "1000716",
                "name": "Temp ARC 2",
                "operation": "+",
                "score": 30.0
            },
            {
                "id": "1000713",
                "name": "Temp ARC category specific rule",
                "operation": null,
                "score": 0.0
            },
            {
                "id": "1000699",
                "name": "Phone country is equal to HU",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "E123",
                "name": "Email is not similar to user full name",
                "operation": "+",
                "score": 1.0
            },
            {
                "id": "1000674",
                "name": "Free email is equal to true",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "1000680",
                "name": "has_crimelist_match is not listed on watchlist2",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "PH100",
                "name": "At least 2 online profiles were found",
                "operation": "+",
                "score": 5.2
            },
            {
                "id": "1000666",
                "name": "has_crimelist_match is equal to false",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000706",
                "name": "Rule B (Affiliate full name is equal to Affiliate Two)",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000692",
                "name": "Sanction list match is equal to true",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000705",
                "name": "Rule A (Affiliate ID is equal to a002)",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000685",
                "name": "has_watchlist_match is not listed on watchlist2",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000698",
                "name": "Phone type is equal to Mobile",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "1000668",
                "name": "has_pep_match is equal to false",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000708",
                "name": "Rule D (User account status is equal to verified)",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000714",
                "name": "ARC User full name is equal to User full name",
                "operation": "+",
                "score": 30.0
            },
            {
                "id": "1000647",
                "name": "Count if Previous Email address similarity is equal to SIMILAR Email for the same Email domain is greater than 0",
                "operation": "+",
                "score": 0.0
            }
        ],
        "device_details": {
            "os": "MacOS",
            "type": "web",
            "dns_ip": null,
            "source": "js-5.8.0",
            "adblock": true,
            "browser": "FIREFOX10",
            "private": true,
            "platform": "MacIntel",
            "font_hash": "09894f345df34ce7ca5b86118ca1bec4",
            "font_list": [],
            "audio_hash": "35.73833039775491",
            "dns_ip_isp": null,
            "font_count": 13,
            "session_id": "90a87abb-91bc-5dc2-96f2-996acb894dd9",
            "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0",
           "webgl_hash": null,
            "webrtc_ips": [ '70.111.37.513', '0.0.0.0' ],
            "canvas_hash": "b1f0e02120278dbf75e77cb92980648d",
            "cookie_hash": "b29b21a6ba46b2770bb1737fd6c06c7d",
            "device_hash": "73604e79a0321f57249e82e27273a7a0",
            "device_type": "desktop",
            "plugin_hash": "29b51cf1619fb6943f256c2c6da59432",
            "plugin_list": [
                      "PDF Viewer",
                      "Chrome PDF Viewer",
                      "Chromium PDF Viewer",
                      "Microsoft Edge PDF Viewer",
                      "WebKit built-in PDF"
                    ],
            "window_size": "1600x800",
            "browser_hash": "4c58b2c53ea7489232cddeb897efaf7a",
            "do_not_track": null,
            "java_enabled": false,
            "plugin_count": 5,
            "webgl_vendor": null,
            "webrtc_count": 2,
            "battery_level": 44,
            "device_ip_isp": null,
            "device_memory": null,
            "flash_enabled": false,
            "social_logins": [],
            "touch_support": false,
            "cookie_enabled": true,
            "dns_ip_country": HU,
            "accept_language": [],
            "browser_version": "102.0",
            "region_language": "en-US",
            "region_timezone": "+00:00",
            "battery_charging": null,
            "webrtc_activated": true,
            "device_ip_address": "15.130.507.00",
            "device_ip_country": HU,
            "screen_resolution": "1600x800",
            "screen_color_depth": 24,
            "screen_pixel_ratio": 1,
            "hardware_concurrency": 2,
            "screen_available_resolution": "1600x800"
          },
        "calculation_time": 2327,
        "seon_id": 12602,
        "ip_details": {
            "ip": "1.2.3.4",
            "score": 24.0,
            "country": "AU",
            "state_prov": "Queensland",
            "city": "Brisbane",
            "timezone_offset": "+10:00",
            "isp_name": "APNIC Pty Ltd",
            "latitude": -27.48203,
            "longitude": 153.01358,
            "type": "DCH",
            "open_ports": [],
            "tor": false,
            "vpn": false,
            "web_proxy": false,
            "public_proxy": true,
            "spam_number": 4,
            "spam_urls": [
                "zen.spamhaus.org",
                "xbl.spamhaus.org",
                "noptr.spamrats.com",
                "dyna.spamrats.com"
            ]
        },
        "email_details": {
            "email": "testing.fv2@gmail.com",
            "score": 2.1100000000000003,
            "deliverable": true,
            "domain_details": {
                "domain": "gmail.com",
                "tld": ".com",
                "registered": true,
                "created": "1995-08-13 04:00:00",
                "updated": "2022-07-11 09:25:59",
                "expires": "2023-08-12 04:00:00",
                "registrar_name": "MarkMonitor Inc.",
                "registered_to": "Google LLC",
                "disposable": false,
                "free": true,
                "custom": false,
                "dmarc_enforced": true,
                "spf_strict": true,
                "valid_mx": true,
                "accept_all": false,
                "suspicious_tld": false,
                "website_exists": true
            },
            "account_details": {
                "apple": {
                    "registered": false
                },
                "ebay": {
                    "registered": null
                },
                "facebook": {
                    "registered": false,
                    "url": null,
                    "name": null,
                    "photo": null
                },
                "flickr": {
                    "registered": false
                },
                "foursquare": {
                    "registered": false
                },
                "github": {
                    "registered": false
                },
                "google": {
                    "registered": true,
                    "photo": null
                },
                "gravatar": {
                    "registered": false
                },
                "instagram": {
                    "registered": null
                },
                "lastfm": {
                    "registered": null
                },
                "linkedin": {
                    "registered": null,
                    "url": null,
                    "name": null,
                    "company": null,
                    "title": null,
                    "location": null,
                    "website": null,
                    "twitter": null,
                    "photo": null
                },
                "microsoft": {
                    "registered": false
                },
                "myspace": {
                    "registered": false
                },
                "pinterest": {
                    "registered": false
                },
                "skype": {
                    "registered": false,
                    "country": null,
                    "city": null,
                    "gender": null,
                    "name": null,
                    "id": null,
                    "handle": null,
                    "bio": null,
                    "age": null,
                    "language": null,
                    "state": null,
                    "photo": null
                },
                "spotify": {
                    "registered": false
                },
                "tumblr": {
                    "registered": false
                },
                "twitter": {
                    "registered": false
                },
                "vimeo": {
                    "registered": null
                },
                "weibo": {
                    "registered": false
                },
                "yahoo": {
                    "registered": null
                }
            },
            "breach_details": {
                "haveibeenpwned_listed": false,
                "number_of_breaches": 0,
                "first_breach": null,
                "breaches": []
            }
        },
        "phone_details": {
            "number": 36707770000,
            "valid": true,
            "type": "MOBILE",
            "country": "HU",
            "carrier": "Vodafone Hungary",
            "score": 9.64,
            "account_details": {
                "facebook": {
                    "registered": true
                },
                "google": {
                    "registered": false
                },
                "twitter": {
                    "registered": true
                },
                "instagram": {
                    "registered": null
                },
                "yahoo": {
                    "registered": null
                },
                "whatsapp": {
                    "registered": null,
                    "photo": null,
                    "last_seen": null
                },
                "telegram": {
                    "registered": true,
                    "photo": null,
                    "last_seen": 1654980251
                },
                "viber": {
                    "registered": false,
                    "photo": null,
                    "last_seen": null
                }
            }
        },
         "geolocation_details": {
            "user_billing_distance": 15265.747,
            "user_shipping_distance": 15162.088,
            "billing_shipping_distance": 7677.429,
            "ip_user_distance": 10210.516,
            "ip_billing_distance": 12056.986,
            "ip_shipping_distance": 5019.496
        },
        "aml_details":null
        }
}

Email API v1.0

Request

JSON Attributes	Type	Required
email	string	yes

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
email	string

email_score	number

email_exists	boolean

disposable	boolean

free	boolean

domain_exists	boolean

email_domain_details	object

email_account_details	object

Email API v2.0

Request

The [email_address] in the request URI should include the full email address, for example: example@example.com

Optional query string parameters

Add the following parameters to the request URL for more control over the returned data, as seen in the example URL below.

GET

https://api.seon.io/SeonRestService/email-api/v2.0/[email_address]?include=history,flags,id&flags_timeframe_days=10&timeout=3000

Request Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

flags_timeframe_days	[number of days]	no

timeout	[number of milliseconds]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
email	string

score	number

deliverable	boolean

domain_details	object

account_details	object

breach_details	object

applied_rules	array of object

history	object

flags	array of object

id	string

Email API v2.1

Request

The [email_address] in the request URI should include the full email address, for example: example@example.com

Optional query string parameters

Add the following parameters to the request URL for more control over the returned data, as seen in the example URL below.

GET

https://api.seon.io/SeonRestService/email-api/v2.1/[email_address]?include=history,flags,id&flags_timeframe_days=10&timeout=3000

Request Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

flags_timeframe_days	[number of days]	no

timeout	[number of milliseconds]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
email	string

score	number

deliverable	boolean

domain_details	object

account_details	object

breach_details	object

applied_rules	array of object

history	object

flags	array of object

id	string

Email API v2.2

Request

The [email_address] in the request URI should include the full email address, for example: example@example.com

Optional query string parameters

Add the following parameters to the request URL for more control over the returned data, as seen in the example URL below.

GET

https://api.seon.io/SeonRestService/email-api/v2.2/[email_address]?include=history,flags,id&flags_timeframe_days=10&timeout=3000

Request Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

flags_timeframe_days	[number of days]	no

timeout	[number of milliseconds]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
email	string

score	number

deliverable	boolean

domain_details	object

account_details	object

breach_details	object

applied_rules	array of object

history	object

flags	array of object

id	string

Phone API v1.0

Request

The [phone_number] in the request URI should include the full phone number, including country code. Cannot contain hyphens or spaces, the + sign is optional. The maximum length for the [phone_number] is 19 characters. For example: 36301234567

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.0/[phone_number]?include=history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

JSON Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

include	cnam_lookup	no

include	hlr_details	no

flags_timeframe_days	[number of days]	no

exclude	photo	no

exclude	last_seen	no

timeout	[number of milliseconds]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
number	integer

valid	boolean

type	string

country	string

carrier	string

score	number

account_details	object

applied_rules	array of object

hlr_details	object

cnam_details	object

history	object

flags	array of object

id	string

Phone API v1.1

Request

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.1/[phone_number]?include=history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

JSON Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

include	cnam_lookup	no

include	hlr_details	no

flags_timeframe_days	[number of days]	no

exclude	photo	no

exclude	last_seen	no

timeout	[number of milliseconds]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
number	integer

valid	boolean

type	string

country	string

carrier	string

score	number

account_details	object

applied_rules	array of object

hlr_details	object

cnam_details	object

history	object

flags	array of object

id	string

Phone API v1.2

Request

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.2/[phone_number]?include=history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

JSON Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

include	cnam_lookup	no

include	hlr_details	no

flags_timeframe_days	[number of days]	no

exclude	photo	no

exclude	last_seen	no

timeout	[number of milliseconds]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
number	integer

valid	boolean

type	string

country	string

carrier	string

score	number

account_details	object

applied_rules	array of object

hlr_details	object

cnam_details	object

history	object

flags	array of object

id	string

Phone API v1.3

Request

The [phone_number] in the request URL should include the full phone number only including country code without additional formatting. Cannot contain spaces or hyphens, only optionally the + sign for the country code. The maximum length is 19 characters for the [phone_number]. Required format: 36301234567 or +36301234567.

Optional query string parameters

In order to request additional or receive less information, use the following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.3/[phone_number]?include=cnam_lookup, hlr_details,history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

Request Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

include	cnam_lookup	no

include	hlr_details	no

flags_timeframe_days	[number of days]	no

exclude	photo	no

exclude	last_seen	no

timeout	[number of milliseconds]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
number	integer

valid	boolean

disposable	boolean

type	string

country	string

carrier	string

score	number

account_details	object

applied_rules	array of object

hlr_details	object

cnam_details	object

history	object

flags	array of object

id	string

Phone API v1.4

Request

Optional query string parameters

In order to request additional or receive less information, use the following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.4/[phone_number]?include=cnam_lookup, hlr_details,history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

Request Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

include	cnam_lookup	no

include	hlr_details	no

flags_timeframe_days	[number of days]	no

exclude	photo	no

exclude	last_seen	no

timeout	[number of milliseconds]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
number	integer

valid	boolean

disposable	boolean

type	string

country	string

carrier	string

score	number

account_details	object

applied_rules	array of object

hlr_details	object

cnam_details	object

history	object

flags	array of object

id	string

IP API v1.0

Request

The [ip] in the request URI should include the full IPv4 or IPv6 address, example: 1.1.1.1 or 2001:db8:3333:4444:5555:6666:7777:8888 .

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/ip-api/v1.0/[ip]?include=history,flags,id&flags_timeframe_days=10

Request Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

flags_timeframe_days	[number of days]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
ip	string

score	number

country	string

state_prov	string

city	string

timezone_offset	string

isp_name	string

latitude	string

longitude	string

type	string

open_ports	array

tor	boolean

vpn	boolean

web_proxy	boolean

public_proxy	boolean

spam_number	integer

spam_urls	array

applied_rules	array of object

history	object

flags	array of object

id	string

IP API v1.1

Request

The [ip] in the request URI should include the full IPv4 or IPv6 address, example: 1.1.1.1 or 2001:db8:3333:4444:5555:6666:7777:8888 .

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/ip-api/v1.1/[ip]?include=history,flags,id&flags_timeframe_days=10

Request Attributes	Value	Required
include	history	no

include	flags	no

include	id	no

flags_timeframe_days	[number of days]	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
ip	string

score	number

country	string

state_prov	string

city	string

timezone_offset	string

isp_name	string

latitude	number

longitude	number

type	string

open_ports	array

tor	boolean

harmful	boolean

vpn	boolean

web_proxy	boolean

public_proxy	boolean

spam_number	integer

spam_urls	array

applied_rules	array of object

history	object

flags	array of object

id	string

AML API v1.1

Request

Attributes	Type	Required
config	object	no

user_id	string	no

user_fullname	string	yes

user_firstname	string	no

user_middlename	string	no

user_lastname	string	no

user_dob	date	no

user_pob	string	no

user_photoid_number	string	no

user_country	string	no

Response

JSON attributes
has_crimelist_match	boolean

has_pep_match	boolean

has_watchlist_match	boolean

has_sanction_match	boolean

result_payload	object

AML Entity API v1.1

Request

Attributes	Type	Required
config	object	no

entity_id	string	no

entity_name	string	yes

entity_country	string	no

Response

JSON attributes
has_watchlist_match	boolean

has_sanction_match	boolean

result_payload	object

Label API (non-versioned)

Request

You must replace [id] with your transaction_id that you have provided during the Fraud API call or was generated automatically.

Request Attributes	Type	Required
label	string	yes

Request (multiple)

You can also label multiple transactions with one API call using the URL below.

JSON Attributes	Type	Required
transactions	array of label objects	yes

Lists API (non-versioned)

Request

Request Attributes	Type	Required
data_field	string	yes

value	string	yes

state	string	yes

comment	string	no

expire_day	integer	no

Self Exclusion API (non-versioned)

Request

Request Attributes	Type	Required
user_ids	array	No

emails	array	No

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
created_id_rules	object map

created_email_rules	object map

failed_ids	object

failed_emails	object

Delete request

JSON Attributes	Type	Required
user_ids	array	no

emails	array	no

Delete response

The endpoint returns JSON structured response.

JSON Attributes	Type
created_id_rules	object map

created_email_rules	object map

failed_ids	object

failed_emails	object

Exclude User from Rule API (non-versioned)

Request

Request Attributes	Type	Required
rule_id	integer	yes

field	string	yes

value	string	yes

expiration	string	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
data	object

error	object

success	boolean

Delete request

Request Attributes	Type	Required
rule_id	integer	yes

field	string	yes

value	string	yes

Delete response

The endpoint returns JSON structured response.

JSON Attributes	Type
data	object

error	object

success	boolean

Email Verification API v1.0

Request

The [email_address] in the request URI should include the full email address, for example: example@example.com

Optional query string parameters

Add the following parameters to the request URL for more control over the returned data, as seen in the example URL below.

GET

https://api.seon.io/SeonRestService/email-verification/v1.0/[email_address]?include=id

Request Attributes	Value	Required
include	id	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
id	string

valid_format	boolean

deliverable	boolean

inbox_full	boolean

domain_details	object

Erase API (non-versioned)

Request

Request Attributes	Type	Required
user_ids	array	no

emails	array	no

Optional query string parameters

POST

https://api.seon.io/SeonRestService/erase-api?dry_run=true

JSON Attributes	Value	Required
dry_run	boolean	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
transaction_records	integer

email_records	integer

phone_records	integer

ip_records	integer

dry_run	boolean

BIN API v1.0

Request

Request Attributes	Value	Required
include	id	no

Response

The endpoint returns JSON structured response.

JSON Attributes	Type
bin_bank	string

bin_card	string

bin_type	string

bin_level	string

bin_country	string

bin_country_code	string

bin_website	string

bin_phone	string

bin_valid	boolean

card_issuer	string

id

JavaScript Agent v2.0

Our JavaScript Agent collects data through the browser for device fingerprinting purposes. Please follow the steps below to enable session and device data-collection with our JavaScript agent:

Include SEON JavaScript agent in your header, between <head> … </head> tags.
Insert the initialization code to the bottom of your page, just before the </body> tag.
Replace [session_id] with the unique identifier of user’s session.
We recommend to use onSuccess and onError callback functions to make sure that the data has been saved successfully. Fraud API requests initiated before the successful callback won’t be able to reference the collected device data.

Note: Including the lightweight JavaScript agent is optional, but it provides in-depth analysis for each user.

Options

JSON Attributes	Type	Default
social_detection	boolean	false

audio_fingerprint	boolean	false

use_flash	boolean	true

Don’t forget to replace [session_id] with your unique session identifier.

<html>
  <head>
    ...
    <script src="https://cdn.seon.io/v2.0/js/agent.js"></script>
    ...
  </head>
  <body>
    ...
    <script>

      seon.start({
        session_id: '[session_id]',
        social_detection: false,
        audio_fingerprint: false,
        use_flash: true,
        onSuccess: function() {
          console.log("Session data was sucessfully saved!");
        },
        onError: function() {
          console.log("Something went wrong. Session data was not saved sucessfully!");
        }
      });

    </script>
  </body>
</html>

`device_details` Object with JavaScript Agent v2.0

JSON Attributes	Type
session_id	string

timezone	string

private_mode	boolean

useragent	string

fonts	integer

plugins	integer

op_sys	string

cookie_enabled	boolean

screen	string

avail_screen	string

window_screen	string

webrtc_count	integer

cookie_hash	string

device_hash	string

js_ip	string

js_ip_country	string

js_ip_isp	string

browser_hash	string

webrtc_ips	array

webrtc_activated	boolean

flash	boolean

java	boolean

plugins_hash	string

fonts_hash	string

plugin_names	array

device_type	string

fonts_names	array

social_sites	array

dns_ip	string

dns_ip_country	string

dns_ip_isp	string

JavaScript Agent v3.0

Our JavaScript Agent collects data through the browser for device fingerprinting purposes. In order to use it, you need to add the JavaScript file inside <head> tags. We recommend to use our CDN hosted JavaScript for fast page load and continuous support of the script.

Note: Including the lightweight JavaScript agent is optional, but it provides in-depth analysis for each user.

Step-by-step guide

Integrate the JavaScript Agent into your website or web application, which will send the device information to SEON’s platform including the session_id that you generated (max. 64 characters).
During the user’s session use the same session_id in Fraud API calls.
The device details will be provided in the response of the Fraud API, and will be displayed on the Admin Panel on the Transaction details page.
We recommend to use onSuccess and onError callback functions to make sure that the data has been saved successfully. Fraud API requests initiated before the successful callback won’t be able to reference the collected device data.

<html>
  <head>
    ...
    <script src="https://cdn.seon.io/v3.0/js/agent.js"></script>
  </head>
  <body>
    ...
  </body>
</html>

Configuration parameters

To configure the JavaScript module, you need to call seon.config() function:

JSON Attributes	Required
public_key	yes

session_id	yes

audio_fingerprint	no

canvas_fingerprint	no

webgl_fingerprint	no

onSuccess	no

onError	no

Don’t forget to replace [session_id] with your unique session identifier, and [public_key] with your own public key. Your public key can be found on the My Account page.

seon.config({
  public_key: "[public_key]",
  session_id: "[session_id]",
  audio_fingerprint: true,
  canvas_fingerprint: true,
  webgl_fingerprint: true,
  onSuccess: function(message) {
    console.log('success', message);
  },
  onError: function(message) {
    console.log('error', message);
  }
});

Integration

Fingerprinting can be triggered by the seon.saveSession() function. After collection, all the available information will automatically be sent to the configured endpoint.

seon.saveSession(function(success) {
  if (success) {
    console.log("Session data has been saved!");
  } else {
    console.log("Failed to save session data.");
  }
});

Payload

SEON JavaScript SDK sends a POST request to the configured endpoint with a JSON payload. Some fields can be ‘null’, if the actual browser does not support or return data for that specific data point. In every other case, data types are preserved. Find a sample payload on the right side.

Common issues

The session_id is provided in the Fraud API request, but the device_details is null in the response and there is no device information on the Transaction details page. - This means the JavaScript agent could not send the device data to SEON correctly. Please look into your integration and check again.

The session_id is provided in the Fraud API request, but the device_details is null in the response but there is device information on the Transaction details page. - This means the device data arrived later than the Fraud API request at SEON. Please wait until the JavaScript finished successfully (use callbacks).

`device_details` Object with JavaScript Agent v3.0

JSON Attributes	Type
type	string

source	string

session_id	string

adblock	boolean

audio_hash	string

battery_charging	boolean

battery_level	integer

browser_hash	string

browser	string

browser_version	string

canvas_hash	string

cookie_enabled	string

cookie_hash	string

device_hash	string

device_memory	integer

device_type	string

dns_ip	string

dns_ip_country	string

dns_ip_isp	string

do_not_track	boolean

flash_enabled	boolean

font_count	integer

font_hash	string

font_list	array

hardware_concurrency	integer

java_enabled	boolean

device_ip_address	string

device_ip_country	string

device_ip_isp	string

accept_language	array

os	string

platform	string

plugin_count	integer

plugin_hash	string

plugin_list	array

private	boolean

region_language	string

region_timezone	string

screen_available_resolution	string

screen_color_depth	integer

screen_pixel_ratio	integer

screen_resolution	string

social_logins	array

touch_support	boolean

user_agent	string

webgl_hash	string

webgl_vendor	string

webrtc_activated	boolean

webrtc_count	integer

webrtc_ips	array

window_size	string

JavaScript Agent v4.0

You can integrate our optional device fingerprinting module directly into a web app, by using our JavaScript agent. Please, always use our CDN hosted script to ensure you always load the latest available version.

Include the JavaScript Agent for example inside the <head> tags of your website or web app. You can also lazy-load it or execute upon specific actions (e.g. clicking on Login, Payment, Registration buttons, before calling the API). In this case you must ensure that the module has been loaded successfully before invoking its methods.
Set a unique session_id for your client using the seon.config() function.
Call the seon.getBase64Session() function to get the encrypted payload for the device.
Send the returned session payload string to your backend and add to the session property in your Fraud API request. The Fraud API call should be still executed if the session is missing, due to non-executed JS snippet. Tip: Add timeout to JS and utilise Fraud API call after.

All the device fingerprinting data will be available in the response of the Fraud API, and accessible on the Admin Panel of the Transactions Details page.

Note: Including the lightweight JavaScript agent or mobile SDKs are optional, but it provides in-depth analysis for each user’s device.

Configuration parameters

To configure the JavaScript module, you need to call seon.config() function:

JSON Attributes	Required
host	no

session_id	yes

audio_fingerprint	no

canvas_fingerprint	no

webgl_fingerprint	no

onSuccess	no

onError	no

Integration

Fingerprinting can be triggered by seon.getBase64Session() function. After collecting all the available information, the function returns an encrypted base64 encoded payload.

Payload

SEON JavaScript library collects device information and prepares an encrypted payload to use in Fraud API. The information on client side is not readable, we’ll reveal in the Fraud API response and on the Admin Panel. Some fields can be null, if the actual browser does not support or return data for that specific data point. In every other case, data types are preserved. Find a sample payload on the right side.

Common issues

The session is provided in the Fraud API request, but the device_details is null in the response and there is no device information on the Transaction details page. - This means the encrypted payload is corrupted. Please look into your integration and check again.
The v4 version of the JavaScript Agent is not compatible with the Fraud API v1, we highly recommend to upgrade because of security and performance reasons.
If you use CSP (Content Security Policy) headers on your site, you must allow the following domains in connect-src directive for full functionality based on your host configuration.

Default: *.seondnsresolve.com
seondf.com: *.seondfresolver.com
deviceinf.com: *.deviceinfresolver.com
getdeviceinf.com: *.getdeviceinfresolver.com

<html>
  <head>
    ...
    <script src="[source_url]"></script>
  </head>
  <body>
    ...
  </body>
</html>

You can use the following script source URLs ([source_url]):

https://cdn.seondf.com/js/v4/agent.js
https://cdn.deviceinf.com/js/v4/agent.js
https://cdn.getdeviceinf.com/js/v4/agent.js

Make sure you use the same domain as host in the seon.config() as you used for loading the script.

seon.config({
  host: "seondf.com",
  session_id: "[session_id]",
  audio_fingerprint: true,
  canvas_fingerprint: true,
  webgl_fingerprint: true,
  onSuccess: function(message) {
    console.log("success", message);
  },
  onError: function(message) {
    console.log("error", message);
  }
});

Don’t forget to replace [session_id] with your unique session identifier. We recommend to use UUID, but you can use your own implementation as well.

seon.getBase64Session(function(data) {
  if (data) {
    console.log("Session payload", data);
  } else {
    console.log("Failed to retrieve session data.");
  }
});

iOS SDK v1.0

`device_details` Object with iOS SDK v1.0

JSON Attributes	Type
type	string

session_id	string

device_udid	string

ios_version	string

ip_address	string

app_platform_type	string

device_adid	string

wifi_mac_address	string

network_config	string

battery_level	string

device_orientation	string

file_system_size	string

physical_memory	string

cpu_type	string

cpu_count	integer

cpu_speed	string

accessories_number	string

has_proximity_sensor	boolean

screen_brightness	string

screen_resolution	string

ios_device_name	string

kernel_version	string

icloud_ubiquity_token	string

local_language	string

currency_code	string

system_uptime	string

Response

{
 "device_details": {
  "type": "ios",
  "session_id": "3UeZWaHrRT",
  "device_udid": "A51E1FFC-9C09-43AF-9477-9276A011E3CE",
  "ios_version": "11.2.2",
  "ip_address": "112.196.3.212",
  "app_platform_type": "iPhone 5s (GSM+CDMA)",
  "device_adid": "6DD386F9-5B70-495C-B466-B3AF85534511",
  "wifi_mac_address": "d4:9a:20:5a:81:b9",
  "network_config": "Wifi",
  "battery_level": "100%",
  "device_orientation": "Portrait",
  "file_system_size": "1250209792",
  "physical_memory": "1048576000",
  "cpu_type": "ARM_64V8",
  "cpu_count": 0,
  "cpu_speed": "0",
  "accessories_number": "0",
  "has_proximity_sensor": true,
  "screen_brightness": "0.42",
  "screen_resolution": null,
  "ios_device_name": "Bansal",
  "kernel_version": "15C202",
  "icloud_ubiquity_token": "9928f58d e1ab9d3c 63707e75 e240e45f 4b0b9c8b",
  "local_language": "en-IN",
  "currency_code": "IN",
  "system_uptime": "92790"
 }
}

Android SDK v5

You can integrate our device fingerprinting module directly into Android mobile apps, by using our SDK found on GitHub. It will collect information based on the user’s software and hardware configuration.

The SDK returns an encrypted, base64 encoded string to add in the session property in the Fraud API request. It isn’t permitted to access or modify the payload on the clients.
JSON structured device details will be revealed in the Fraud API response.

JSON Attributes	Type
type	string

source	string

session_id	string

android_id	string

android_version	string

app_guid	string

audio_mute_status	boolean

audio_volume_current	integer

battery_charging	boolean

battery_health	string

battery_level	integer

battery_temperature	float

battery_voltage	integer

build_device	string

build_id	string

build_manufacturer	string

build_number	string

build_time	integer

carrier_country	string

carrier_name	string

cpu_count	integer

cpu_hash	string

cpu_speed	double

cpu_type	string

device_hash	string

device_cellular_id	string

device_name	string

free_storage	integer

has_proximity_sensor	boolean

is_emulator	boolean

is_rooted	boolean

kernel_arch	string

kernel_name	string

kernel_version	string

last_boot_time	integer

network_config	string

pasteboard_hash	string

physical_memory	integer

region_country	string

region_language	string

region_timezone	string

screen_brightness	integer

screen_height	integer

screen_scale	integer

screen_width	integer

sensor_hash	string

system_uptime	integer

total_storage	integer

wifi_mac_address	string

wifi_ssid	string

dns_ip	string

dns_ip_country	string

dns_ip_isp	string

device_ip_address	string

device_ip_country	string

device_ip_isp	string

Response

{
 "device_details": {
  "session_id": "test_session",
  "type": "android",
  "dns_ip": "89.134.46.87",
  "dns_ip_country": "HU",
  "dns_ip_isp": "UPC Magyarorszag Kft.",
  "source": "android-4.1.0",
  "device_hash": "702ec69fa2538ed37ddca2d29210bba6f7801ab9cf2f47bdec260f5dc84fd9cc",
  "device_name": "LGE LG-H502",
  "device_cellular_id": "352104070316496",
  "android_id": "9cb5c5698c590fdc",
  "build_id": "MRA58K",
  "build_device": "my90ds",
  "build_time": 1550069867,
  "build_number": "MRA58K",
  "build_manufacturer": "LGE",
  "app_guid": "66dc9430-a09f-4dcb-ab16-cd5b1c3d7316",
  "android_version": "23 (6.0)",
  "last_boot_time": 1623315851,
  "system_uptime": 495,
  "sensor_hash": "ea8170d27b08a39d3a697c9da5e8c0190174ebb302fc35e77da17690abb61576",
  "audio_volume_current": 28,
  "audio_mute_status": true,
  "battery_level": 80,
  "battery_charging": false,
  "battery_temperature": 29,
  "battery_voltage": 4063,
  "battery_health": "GOOD",
  "has_proximity_sensor": true,
  "cpu_type": "ARMv7 Processor rev 3 (v7l)",
  "cpu_count": 4,
  "cpu_speed": 1300,
  "cpu_hash": "6bae8487b6bd0d18f12910a12d79b43e79a21f8fa11bb0b44ca15b6a9f4c5cbe",
  "kernel_name": "Linux",
  "kernel_version": "3.10.72",
  "kernel_arch": "armv7l",
  "physical_memory": 979608000,
  "screen_brightness": 100,
  "screen_height": 1187,
  "screen_width": 720,
  "screen_scale": 2,
  "total_storage": 3854680064,
  "free_storage": 395546624,
  "network_config": "WIFI",
  "wifi_mac_address": "64:BC:0C:91:DC:01",
  "wifi_ssid": "WIFI_SSID",
  "carrier_name": null,
  "pasteboard_hash": "50ba875a2d572ed0c2632d3920d73a827588f0d86500b2e3145a788c86fdc83c",
  "region_timezone": "+02:00",
  "region_language": "en",
  "region_country": "GB",
  "carrier_country": null,
  "is_emulator": false,
  "is_rooted": false,
  "device_ip_address": "84.2.42.16",
  "device_ip_country": "HU",
  "device_ip_isp": "Magyar Telekom"
 }
}

Android SDK v1.0

`device_details` Object with Android SDK v1.0

JSON Attributes	Type
type	string

device_id	string

android_id	string

device_name	string

build_id	string

build_device	string

build_manufacture	string

build_time	date

network_name	string

is_plugged_in	boolean

android_version	string

build_number	string

kernel_version	string

locale_country_code	string

wifi_mac_address	string

session_id	string

cpu_type	string

cpu_count	integer

cpu_speed	string

cpu_hash	string

system_uptime	time

ip_address	string

has_proximity_sensor	boolean

physical_memory	string

locale_language	string

Response

{
 "device_details": {
  "type": "android",
  "device_id": "8547c5c2466aa0a3",
  "android_id": "8c9965c2466aa0a3",
  "device_name": "Android SDK built for x86",
  "build_id": "LMY48X",
  "build_device": "generic_x86",
  "build_manufacture": null,
  "build_time": "2018-03-16T22:11:26",
  "network_name": "Android",
  "is_plugged_in": true,
  "android_version": "22 (5.1.1)",
  "build_number": "sdk_google_phone_x86-userdebug 5.1.1 LMY48X 4660545 test-keys",
  "kernel_version": "3.10.0+",
  "locale_country_code": "us",
  "wifi_mac_address": null,
  "session_id": "android_testsession_id",
  "cpu_type": "Android 32-bit virtual processor",
  "cpu_count": 2,
  "cpu_speed": "2591.937",
  "cpu_hash": "4fe2f91f9c4e5e19f40a77711ffba9f0e78b7184",
  "system_uptime": "04:04:50",
  "ip_address": "10.0.2.15",
  "has_proximity_sensor": true,
  "physical_memory": "1007.3 MB",
  "local_language": "English"
 }
}

Deprecated versions

Fraud API v1.0

Request

JSON Attributes

ip

action_type

transaction_id

affiliate_id

affiliate_name

user_order_memo

run_email_api

email

email_domain

password_hash

user_fullname

user_name

user_id

user_created

user_country

user_city

user_region

user_zip

user_street

user_street2

session_id

device_id

payment_mode

card_fullname

card_bin

card_hash

card_last

avs_result

cvv_result

phone_number

transaction_type

transaction_amount

transaction_currency

items

shipping_country

shipping_city

shipping_region

shipping_zip

shipping_street

shipping_street2

shipping_phone

shipping_fullname

shipping_method

billing_country

billing_city

billing_region

billing_zip

billing_street

billing_street2

billing_phone

discount_code

gift

gift_message

merchant_id

merchant_created_at

merchant_country

details_url

user_label

Response

JSON Attributes

id

state

fraud_score

proxy_score

ip_details

email_details

bin_details

phone_details

version

applied_rules

device_details

calculation_time

seon_id

Errors for Fraud API v1.0

Fraud API v2.0

Request