Deprecated versions

Fraud API v1.0

Request

SEON’s Fraud API is the core end-to-end solution designed to reduce fraud. It includes all our module APIs, but you can enable or disable them such as the Email API or the device fingerprint function via JavaScript snippet. It supports business-specific data fields for scores, using the user_label.

JSON Attributes

TypeRequired
ip
stringno
action_type
stringno
transaction_id
stringno
affiliate_id
stringno
affiliate_name
stringno
user_order_memo
stringno
run_email_api
booleanno
email
stringno
email_domain
stringno
password_hash
stringno
user_fullname
stringno
user_name
stringno
user_id
stringno
user_created
integerno
user_country
stringno
user_city
stringno
user_region
stringno
user_zip
stringno
user_street
stringno
user_street2
stringno
session_id
stringno
device_id
stringno
payment_mode
stringno
card_fullname
stringno
card_bin
stringno
card_hash
stringno
card_last
stringno
avs_result
stringno
cvv_result
booleanno
phone_number
stringno
transaction_type
stringno
transaction_amount
floatno
transaction_currency
stringno
items
array of item objectsno
shipping_country
stringno
shipping_city
stringno
shipping_region
stringno
shipping_zip
stringno
shipping_street
stringno
shipping_street2
stringno
shipping_phone
stringno
shipping_fullname
stringno
shipping_method
stringno
billing_country
stringno
billing_city
stringno
billing_region
stringno
billing_zip
stringno
billing_street
stringno
billing_street2
stringno
billing_phone
stringno
discount_code
stringno
gift
booleanno
gift_message
booleanno
merchant_id
stringno
merchant_created_at
integerno
merchant_country
stringno
details_url
stringno
user_label
objectno

 

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
id
string
state
string
fraud_score
number
proxy_score
number
ip_details
object
email_details
object
bin_details
object
phone_details
object
version
string
applied_rules
array of object
device_details
object
calculation_time
integer
seon_id
integer

Errors for Fraud API v1.0

 

Error CodeExplanation
1000Empty request body.
1001IP address is missing.
1002IP address is invalid.
1003License key is missing.
1004License key is invalid.
1005Invalid public key.
1006JSON input is invalid.
1008Missing email address.
1009Invalid email address.
1010Invalid authorization header.
1011Inactive license.
1012Your subscription has ended.
2001System database error.
3000[data_field_name] size must be between [minimum_value] and [maximum_value].
3001Invalid ‘user_created’ input parameter.
3002Invalid ‘cvv_result’ input parameter.
3003Invalid ‘transaction_amount’ input parameter.
3004Invalid ‘items_quantity’ input parameter.
3005Invalid ‘items_price’ input parameter.
3006Invalid ‘merchant_created_at’ input parameter.
3007Invalid ‘action_type’ input parameter.
3008‘transaction_amount’ not provided along with ‘transaction_currency’.
3009Invalid ‘gift’ input parameter.
3010Invalid ‘gift_message’ input parameter.

Fraud API v2.0

 

Request

Request Attributes

TypeRequired
config
objectno
action_type
stringno
ip
stringno
transaction_id
stringno
affiliate_id
stringno
affiliate_name
stringno
order_memo
stringno
email
stringno
email_domain
stringno
payment_id
stringno
password_hash
stringno
user_fullname
stringno
user_name
stringno
user_firstname
stringno
user_middlename
stringno
user_lastname
stringno
user_pob
stringno
user_photoid_number
stringno
user_id
stringno
user_created
integerno
user_category
stringno
user_account_status
stringno
user_bank_account
stringno
user_bank_name
stringno
user_balance
floatno
user_verification_level
stringno
user_dob
dateno
user_country
stringno
user_city
stringno
user_region
stringno
user_zip
stringno
user_street
stringno
user_street2
stringno
session_id
stringno
session
stringno
device_id
stringno
payment_mode
stringno
payment_provider
stringno
card_fullname
stringno
card_bin
stringno
card_hash
stringno
card_expire
dateno
card_last
stringno
avs_result
stringno
cvv_result
booleanno
status_3d
stringno
sca_method
stringno
phone_number
stringno
transaction_type
stringno
transaction_amount
floatno
transaction_currency
stringno
items
array of objectsno
shipping_country
stringno
shipping_city
stringno
shipping_region
stringno
shipping_zip
stringno
shipping_street
stringno
shipping_street2
stringno
shipping_phone
stringno
shipping_fullname
stringno
shipping_method
stringno
billing_country
stringno
billing_city
stringno
billing_region
stringno
billing_zip
stringno
billing_street
stringno
billing_street2
stringno
billing_phone
stringno
discount_code
stringno
gift
booleanno
gift_message
booleanno
merchant_category
stringno
merchant_id
stringno
merchant_created_at
integerno
merchant_country
stringno
receiver_fullname
stringno
receiver_bank_account
stringno
details_url
stringno
regulation
stringno
bonus_campaign_id
stringno
brand_id
stringno
custom_fields
objectno

The endpoint returns JSON structured response.

JSON Attributes

Type
id
string
state
string
fraud_score
number
ip_details
object
email_details
object
bin_details 
object
phone_details
object
aml_details
object
version
string
applied_rules
array of object
device_details
object
geolocation_details
object
calculation_time
integer
seon_id
integer
rule_category_details
array of object

 

Response
{
    "success": true,
    "error": {},
    "data": {
        "id": "67c2810c2de1",
        "state": "DECLINE",
        "fraud_score": 95.75,
        "bin_details": {
            "card_bin": "414141",
            "bin_bank": "VERMONT NATIONAL BANK",
            "bin_card": "VISA",
            "bin_type": "CREDIT",
            "bin_level": "CLASSIC",
            "bin_country": "UNITED STATES",
            "bin_country_code": "US",
            "bin_website": "www.vermontnationalbank.com",
            "bin_phone": "+1 802 476 0030",
            "bin_valid": true,
            "card_issuer": "VISA"
        },
        "version": "v2.0",
        "applied_rules": [
            {
                "id": "1000702",
                "name": "Phone possible is equal to true",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "1000682",
                "name": "has_pep_match is not listed on watchlist2",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "P106",
                "name": "Customer is using a datacenter ISP",
                "operation": "+",
                "score": 10.0
            },
            {
                "id": "1000715",
                "name": "Temp ARC 2 category specific rule",
                "operation": null,
                "score": 0.0
            },
            {
                "id": "P110",
                "name": "IP address was found on 4 spam blacklists",
                "operation": "+",
                "score": 4.0
            },
            {
                "id": "1000671",
                "name": "has_sanction_match is equal to true",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000687",
                "name": "has_sanction_match is not listed on watchlist2",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000707",
                "name": "Rule C (User category is equal to VIP)",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000718",
                "name": "Domain creation date is greater than 1 month ago",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000670",
                "name": "has_watchlist_match is equal to false",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000696",
                "name": "Phone number valid is equal to true",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "P112",
                "name": "Customer is using public proxy",
                "operation": "+",
                "score": 10.0
            },
            {
                "id": "1000716",
                "name": "Temp ARC 2",
                "operation": "+",
                "score": 30.0
            },
            {
                "id": "1000713",
                "name": "Temp ARC category specific rule",
                "operation": null,
                "score": 0.0
            },
            {
                "id": "1000699",
                "name": "Phone country is equal to HU",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "E123",
                "name": "Email is not similar to user full name",
                "operation": "+",
                "score": 1.0
            },
            {
                "id": "1000674",
                "name": "Free email is equal to true",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "1000680",
                "name": "has_crimelist_match is not listed on watchlist2",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "PH100",
                "name": "At least 2 online profiles were found",
                "operation": "+",
                "score": 5.2
            },
            {
                "id": "1000666",
                "name": "has_crimelist_match is equal to false",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000706",
                "name": "Rule B (Affiliate full name is equal to Affiliate Two)",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000692",
                "name": "Sanction list match is equal to true",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000705",
                "name": "Rule A (Affiliate ID is equal to a002)",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000685",
                "name": "has_watchlist_match is not listed on watchlist2",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000698",
                "name": "Phone type is equal to Mobile",
                "operation": "+",
                "score": 1.11
            },
            {
                "id": "1000668",
                "name": "has_pep_match is equal to false",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000708",
                "name": "Rule D (User account status is equal to verified)",
                "operation": "+",
                "score": 0.0
            },
            {
                "id": "1000714",
                "name": "ARC User full name is equal to User full name",
                "operation": "+",
                "score": 30.0
            },
            {
                "id": "1000647",
                "name": "Count if Previous Email address similarity is equal to SIMILAR Email for the same Email domain is greater than 0",
                "operation": "+",
                "score": 0.0
            }
        ],
        "device_details": {
            "os": "MacOS",
            "type": "web",
            "dns_ip": null,
            "source": "js-5.8.0",
            "adblock": true,
            "browser": "FIREFOX10",
            "private": true,
            "platform": "MacIntel",
            "font_hash": "09894f345df34ce7ca5b86118ca1bec4",
            "font_list": [],
            "audio_hash": "35.73833039775491",
            "dns_ip_isp": null,
            "font_count": 13,
            "session_id": "90a87abb-91bc-5dc2-96f2-996acb894dd9",
            "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0",
           "webgl_hash": null,
            "webrtc_ips": [ '70.111.37.513', '0.0.0.0' ],
            "canvas_hash": "b1f0e02120278dbf75e77cb92980648d",
            "cookie_hash": "b29b21a6ba46b2770bb1737fd6c06c7d",
            "device_hash": "73604e79a0321f57249e82e27273a7a0",
            "device_type": "desktop",
            "plugin_hash": "29b51cf1619fb6943f256c2c6da59432",
            "plugin_list": [
                      "PDF Viewer",
                      "Chrome PDF Viewer",
                      "Chromium PDF Viewer",
                      "Microsoft Edge PDF Viewer",
                      "WebKit built-in PDF"
                    ],
            "window_size": "1600x800",
            "browser_hash": "4c58b2c53ea7489232cddeb897efaf7a",
            "do_not_track": null,
            "java_enabled": false,
            "plugin_count": 5,
            "webgl_vendor": null,
            "webrtc_count": 2,
            "battery_level": 44,
            "device_ip_isp": null,
            "device_memory": null,
            "flash_enabled": false,
            "social_logins": [],
            "touch_support": false,
            "cookie_enabled": true,
            "dns_ip_country": HU,
            "accept_language": [],
            "browser_version": "102.0",
            "region_language": "en-US",
            "region_timezone": "+00:00",
            "battery_charging": null,
            "webrtc_activated": true,
            "device_ip_address": "15.130.507.00",
            "device_ip_country": HU,
            "screen_resolution": "1600x800",
            "screen_color_depth": 24,
            "screen_pixel_ratio": 1,
            "hardware_concurrency": 2,
            "screen_available_resolution": "1600x800"
          },
        "calculation_time": 2327,
        "seon_id": 12602,
        "ip_details": {
            "ip": "1.2.3.4",
            "score": 24.0,
            "country": "AU",
            "state_prov": "Queensland",
            "city": "Brisbane",
            "timezone_offset": "+10:00",
            "isp_name": "APNIC Pty Ltd",
            "latitude": -27.48203,
            "longitude": 153.01358,
            "type": "DCH",
            "open_ports": [],
            "tor": false,
            "vpn": false,
            "web_proxy": false,
            "public_proxy": true,
            "spam_number": 4,
            "spam_urls": [
                "zen.spamhaus.org",
                "xbl.spamhaus.org",
                "noptr.spamrats.com",
                "dyna.spamrats.com"
            ]
        },
        "email_details": {
            "email": "testing.fv2@gmail.com",
            "score": 2.1100000000000003,
            "deliverable": true,
            "domain_details": {
                "domain": "gmail.com",
                "tld": ".com",
                "registered": true,
                "created": "1995-08-13 04:00:00",
                "updated": "2022-07-11 09:25:59",
                "expires": "2023-08-12 04:00:00",
                "registrar_name": "MarkMonitor Inc.",
                "registered_to": "Google LLC",
                "disposable": false,
                "free": true,
                "custom": false,
                "dmarc_enforced": true,
                "spf_strict": true,
                "valid_mx": true,
                "accept_all": false,
                "suspicious_tld": false,
                "website_exists": true
            },
            "account_details": {
                "apple": {
                    "registered": false
                },
                "ebay": {
                    "registered": null
                },
                "facebook": {
                    "registered": false,
                    "url": null,
                    "name": null,
                    "photo": null
                },
                "flickr": {
                    "registered": false
                },
                "foursquare": {
                    "registered": false
                },
                "github": {
                    "registered": false
                },
                "google": {
                    "registered": true,
                    "photo": null
                },
                "gravatar": {
                    "registered": false
                },
                "instagram": {
                    "registered": null
                },
                "lastfm": {
                    "registered": null
                },
                "linkedin": {
                    "registered": null,
                    "url": null,
                    "name": null,
                    "company": null,
                    "title": null,
                    "location": null,
                    "website": null,
                    "twitter": null,
                    "photo": null
                },
                "microsoft": {
                    "registered": false
                },
                "myspace": {
                    "registered": false
                },
                "pinterest": {
                    "registered": false
                },
                "skype": {
                    "registered": false,
                    "country": null,
                    "city": null,
                    "gender": null,
                    "name": null,
                    "id": null,
                    "handle": null,
                    "bio": null,
                    "age": null,
                    "language": null,
                    "state": null,
                    "photo": null
                },
                "spotify": {
                    "registered": false
                },
                "tumblr": {
                    "registered": false
                },
                "twitter": {
                    "registered": false
                },
                "vimeo": {
                    "registered": null
                },
                "weibo": {
                    "registered": false
                },
                "yahoo": {
                    "registered": null
                }
            },
            "breach_details": {
                "haveibeenpwned_listed": false,
                "number_of_breaches": 0,
                "first_breach": null,
                "breaches": []
            }
        },
        "phone_details": {
            "number": 36707770000,
            "valid": true,
            "type": "MOBILE",
            "country": "HU",
            "carrier": "Vodafone Hungary",
            "score": 9.64,
            "account_details": {
                "facebook": {
                    "registered": true
                },
                "google": {
                    "registered": false
                },
                "twitter": {
                    "registered": true
                },
                "instagram": {
                    "registered": null
                },
                "yahoo": {
                    "registered": null
                },
                "whatsapp": {
                    "registered": null,
                    "photo": null,
                    "last_seen": null
                },
                "telegram": {
                    "registered": true,
                    "photo": null,
                    "last_seen": 1654980251
                },
                "viber": {
                    "registered": false,
                    "photo": null,
                    "last_seen": null
                }
            }
        },
         "geolocation_details": {
            "user_billing_distance": 15265.747,
            "user_shipping_distance": 15162.088,
            "billing_shipping_distance": 7677.429,
            "ip_user_distance": 10210.516,
            "ip_billing_distance": 12056.986,
            "ip_shipping_distance": 5019.496
        },
        "aml_details":null
        }
}

Email API v1.0

Request

JSON Attributes

TypeRequired
email
stringyes

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
email
string
email_score
number
email_exists
boolean
disposable
boolean
free
boolean
domain_exists
boolean
email_domain_details
object
email_account_details
object

Email API v2.0

Request

The [email_address] in the request URI should include the full email address, for example: example@example.com

 

Optional query string parameters

Add the following parameters to the request URL for more control over the returned data, as seen in the example URL below.

GET

https://api.seon.io/SeonRestService/email-api/v2.0/[email_address]?include=history,flags,id&flags_timeframe_days=10&timeout=3000

Request Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
flags_timeframe_days
[number of days]no
timeout
[number of milliseconds]no

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
email
string
score
number
deliverable
boolean
domain_details
object
account_details
object
breach_details
object
applied_rules
array of object
history
object
flags
array of object
id
string

Email API v2.1

Request

The [email_address] in the request URI should include the full email address, for example: example@example.com

 

Optional query string parameters

Add the following parameters to the request URL for more control over the returned data, as seen in the example URL below.

GET

https://api.seon.io/SeonRestService/email-api/v2.1/[email_address]?include=history,flags,id&flags_timeframe_days=10&timeout=3000

Request Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
flags_timeframe_days
[number of days]no
timeout
[number of milliseconds]no

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
email
string
score
number
deliverable
boolean
domain_details
object
account_details
object
breach_details
object
applied_rules
array of object
history
object
flags
array of object
id
string

Email API v2.2

Request

The [email_address] in the request URI should include the full email address, for example: example@example.com

 

Optional query string parameters

Add the following parameters to the request URL for more control over the returned data, as seen in the example URL below.

GET

https://api.seon.io/SeonRestService/email-api/v2.2/[email_address]?include=history,flags,id&flags_timeframe_days=10&timeout=3000

Request Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
flags_timeframe_days
[number of days]no
timeout
[number of milliseconds]no

 

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
email
string
score
number
deliverable
boolean
domain_details
object
account_details
object
breach_details
object
applied_rules
array of object
history
object
flags
array of object
id
string

Phone API v1.0

Request

The [phone_number] in the request URI should include the full phone number, including country code. Cannot contain hyphens or spaces, the + sign is optional. The maximum length for the [phone_number]  is 19 characters. For example: 36301234567

 

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.0/[phone_number]?include=history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

JSON Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
include
cnam_lookupno
include
hlr_detailsno
flags_timeframe_days
[number of days]no
exclude
photono
exclude
last_seenno
timeout
[number of milliseconds]no

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
number
integer
valid
boolean
type
string
country
string
carrier
string
score
number
account_details
object
applied_rules
array of object
hlr_details
object
cnam_details
object
history
object
flags
array of object
id
string

Phone API v1.1

Request

The [phone_number] in the request URI should include the full phone number, including country code. Cannot contain hyphens or spaces, the + sign is optional. The maximum length for the [phone_number]  is 19 characters. For example: 36301234567

 

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.1/[phone_number]?include=history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

JSON Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
include
cnam_lookupno
include
hlr_detailsno
flags_timeframe_days
[number of days]no
exclude
photono
exclude
last_seenno
timeout
[number of milliseconds]no

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
number
integer
valid
boolean
type
string
country
string
carrier
string
score
number
account_details
object
applied_rules
array of object
hlr_details
object
cnam_details
object
history
object
flags
array of object
id
string

Phone API v1.2

Request

The [phone_number] in the request URI should include the full phone number, including country code. Cannot contain hyphens or spaces, the + sign is optional. The maximum length for the [phone_number]  is 19 characters. For example: 36301234567

 

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.2/[phone_number]?include=history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

JSON Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
include
cnam_lookupno
include
hlr_detailsno
flags_timeframe_days
[number of days]no
exclude
photono
exclude
last_seenno
timeout
[number of milliseconds]no

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
number
integer
valid
boolean
type
string
country
string
carrier
string
score
number
account_details
object
applied_rules
array of object
hlr_details
object
cnam_details
object
history
object
flags
array of object
id
string

Phone API v1.3

Request

The [phone_number] in the request URL should include the full phone number only including country code without additional formatting. Cannot contain spaces or hyphens, only optionally the + sign for the country code. The maximum length is 19 characters for the [phone_number]. Required format: 36301234567 or +36301234567

 

Optional query string parameters

In order to request additional or receive less information, use the following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.3/[phone_number]?include=cnam_lookup, hlr_details,history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

Request Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
include
cnam_lookupno
include
hlr_detailsno
flags_timeframe_days
[number of days]no
exclude
photono
exclude
last_seenno
timeout
[number of milliseconds]no

 

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
number
integer
valid
boolean
disposable
boolean
type
string
country
string
carrier
string
score
number
account_details
object
applied_rules
array of object
hlr_details
object
cnam_details
object
history
object
flags
array of object
id
string

Phone API v1.4

Request

The [phone_number] in the request URL should include the full phone number only including country code without additional formatting. Cannot contain spaces or hyphens, only optionally the + sign for the country code. The maximum length is 19 characters for the [phone_number]. Required format: 36301234567 or +36301234567

 

Optional query string parameters

In order to request additional or receive less information, use the following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/phone-api/v1.4/[phone_number]?include=cnam_lookup, hlr_details,history,flags,id&flags_timeframe_days=10&exclude=photo,last_seen&timeout=3000

Request Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
include
cnam_lookupno
include
hlr_detailsno
flags_timeframe_days
[number of days]no
exclude
photono
exclude
last_seenno
timeout
[number of milliseconds]no

 

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
number
integer
valid
boolean
disposable
boolean
type
string
country
string
carrier
string
score
number
account_details
object
applied_rules
array of object
hlr_details
object
cnam_details
object
history
object
flags
array of object
id
string

IP API v1.0

Request

The [ip] in the request URI should include the full IPv4 or IPv6 address, example: 1.1.1.1 or 2001:db8:3333:4444:5555:6666:7777:8888 .

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/ip-api/v1.0/[ip]?include=history,flags,id&flags_timeframe_days=10

Request Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
flags_timeframe_days
[number of days]no

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
ip
string
score
number
country
string
state_prov
string
city
string
timezone_offset
string
isp_name
string
latitude
string
longitude
string
type
string
open_ports
array
tor
boolean
vpn
boolean
web_proxy
boolean
public_proxy
boolean
spam_number
integer
spam_urls
array
applied_rules
array of object
history
object
flags
array of object
id
string

IP API v1.1

Request

The [ip] in the request URI should include the full IPv4 or IPv6 address, example: 1.1.1.1 or 2001:db8:3333:4444:5555:6666:7777:8888 .

Optional query string parameters

In order to request additional or receive less information, use following parameters in the request URL as in the example below:

GET

https://api.seon.io/SeonRestService/ip-api/v1.1/[ip]?include=history,flags,id&flags_timeframe_days=10

Request Attributes

ValueRequired
include
historyno
include
flagsno
include
idno
flags_timeframe_days
[number of days]no

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
ip
string
score
number
country
string
state_prov
string
city
string
timezone_offset
string
isp_name
string
latitude
number
longitude
number
type
string
open_ports
array
tor
boolean
harmful
boolean
vpn
boolean
web_proxy
boolean
public_proxy
boolean
spam_number
integer
spam_urls
array
applied_rules
array of object
history
object
flags
array of object
id
string

AML API v1.1

Request

Attributes

TypeRequired
config 
objectno
user_id
stringno
user_fullname 
stringyes
user_firstname
stringno
user_middlename
stringno
user_lastname
stringno
user_dob 
dateno
user_pob
stringno
user_photoid_number
stringno
user_country
stringno

Response

JSON attributes

  
has_crimelist_match
boolean 
has_pep_match
boolean 
has_watchlist_match
boolean 
has_sanction_match
boolean 
result_payload
object 

AML Entity API v1.1

Request

Attributes

TypeRequired
config 
objectno
entity_id
stringno
entity_name
stringyes
entity_country
stringno

Response

JSON attributes

  
has_watchlist_match
boolean 
has_sanction_match
boolean 
result_payload
object 

Label API (non-versioned)

Request

You must replace [id] with your transaction_id that you have provided during the Fraud API call or was generated automatically.

Request Attributes

TypeRequired
label
stringyes

Request (multiple)

You can also label multiple transactions with one API call using the URL below.

JSON Attributes

TypeRequired
transactions
array of label objectsyes

Lists API (non-versioned)

Request

Request Attributes

TypeRequired
data_field
stringyes
value
stringyes
state
stringyes
comment
stringno
expire_day
integerno

Self Exclusion API (non-versioned)

Request

Request Attributes

TypeRequired
user_ids
array No
emails
array No

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
created_id_rules
object map
created_email_rules
object map
failed_ids
object
failed_emails
object

Delete request

JSON Attributes

TypeRequired
user_ids
array no
emails
array no

Delete response

The endpoint returns JSON structured response.

JSON Attributes 

Type
created_id_rules
object map
created_email_rules
object map
failed_ids
object
failed_emails
object

Exclude User from Rule API (non-versioned)

Request

Request Attributes

TypeRequired
rule_id
integeryes
field
stringyes
value
stringyes
expiration
stringno

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
data
object
error
object
success
boolean

Delete request

Request Attributes

TypeRequired
rule_id
integeryes
field
stringyes
value
stringyes

Delete response

The endpoint returns JSON structured response.

JSON Attributes

Type
data
object
error
object
success
boolean

Email Verification API v1.0

Request

The [email_address] in the request URI should include the full email address, for example: example@example.com

 

Optional query string parameters

Add the following parameters to the request URL for more control over the returned data, as seen in the example URL below.

GET

https://api.seon.io/SeonRestService/email-verification/v1.0/[email_address]?include=id

Request Attributes

ValueRequired
include
id no

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
id
string
valid_format
boolean
deliverable
boolean
inbox_full
boolean
domain_details
object

Erase API (non-versioned)

Request

Request Attributes

TypeRequired
user_ids
array no
emails
array no

Optional query string parameters

POST

https://api.seon.io/SeonRestService/erase-api?dry_run=true

JSON Attributes

ValueRequired
dry_run
boolean no 

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
transaction_records
integer
email_records
integer
phone_records
integer
ip_records
integer
dry_run
boolean

BIN API v1.0

Request

 

Request Attributes

ValueRequired
include
idno

Response

The endpoint returns JSON structured response.

JSON Attributes

Type
bin_bank
string
bin_card
string
bin_type
string
bin_level
string
bin_country
string
bin_country_code
string
bin_website
string
bin_phone
string
bin_valid
boolean
card_issuer
string
id

JavaScript Agent v5.0

You can integrate our optional device fingerprinting module directly into a web app, by using our JavaScript agent. Please, use our CDN hosted script to ensure you always load the latest available version.

  1. Include the JavaScript Agent for example inside the <head> tags of your website or web app. You can also lazy-load it or execute it upon specific actions (e.g. clicking on Login, Payment, and Registration buttons, before calling the API). In this case, you must ensure that the module has been loaded successfully before invoking its methods.
  2. Set a unique session_id for your client using the seon.config() function.
  3. Call the seon.getBase64Session() function to get the encrypted payload for the device.
  4. Send the returned session payload string to your backend and add to the session property in your Fraud API request. The Fraud API call should be still executed if the session is missing, due to a non-executed JS snippet. Tip: Add timeout to JS and utilize Fraud API call after.

All the device fingerprinting data will be available in the response of the Fraud API, and accessible on the Admin Panel of the Transactions Details page.

 

Configuration parameters

To configure the JavaScript module, you need to call seon.config() function:

JSON Attributes

Required
host
no
session_id
yes
audio_fingerprint
no
canvas_fingerprint
no
webgl_fingerprint
no
silent_mode
no
font_list
no
onSuccess
no
onError
no
max_proxy_delay
no
geolocation
no
geolocation_age
no
geolocation_prompt
no

 

Integration

Fingerprinting can be triggered by seon.getBase64Session() function. After collecting all the available information, the function returns an encrypted base64 encoded payload.

By default the SDK will try to avoid throwing errors on the DevTools console, but disabling the silent_mode option will enable probes that are not possible without them.

 

Payload

SEON JavaScript library collects device information and prepares an encrypted payload to use in Fraud API. The information on client side is not readable, we’ll reveal in the Fraud API response and on the Admin Panel. Some fields can be null, if the actual browser does not support or return data for that specific data point. In every other case, data types are preserved. Find a sample payload on the right side.

 

Common issues

  • The session is provided in the Fraud API request, but the device_details is null in the response and there is no device information on the Transaction details page. - This means the encrypted payload is corrupted. Please look into your integration and check again.
  • The v4 version of the JavaScript Agent is not compatible with the Fraud API v1, we highly recommend to upgrade because of security and performance reasons.
  • If you use CSP (Content Security Policy) headers on your site, you must allow the following domains in connect-src directive for full functionality based on your host configuration.

    Default: *.seondnsresolve.com
    seondf.com: *.seondfresolver.com
    deviceinf.com: *.deviceinfresolver.com
    seonintelligence.com: *.seonintelligence.com
<html>
  <head>
    ...
    <script src="[source_url]"></script>
  </head>
  <body>
    ...
  </body>
</html>

You can use the following script source URLs ([source_url]):

  • https://cdn.seondf.com/js/v5/agent.js
  • https://cdn.deviceinf.com/js/v5/agent.js
  • https://cdn.seonintelligence.com/js/v5/agent.js

 

 

 

 

 

 

 

 

 

 

 

 

seon.config({ 
    host: "seondf.com",
    session_id: "[session_id]", 
    audio_fingerprint: true, 
    canvas_fingerprint: true, 
    webgl_fingerprint: true, 
    silent_mode: false,
    max_proxy_delay: 1000;
	onSuccess: function(message) { 
    	console.log("success", message); 
	},
	onError: function(message) { 
    	console.log("error", message); 
	} 
});
seon.getBase64Session(function(data) {
  if (data) {
    console.log("Session payload", data);
  } else {
    console.log("Failed to retrieve session data.");
  }
});

JavaScript Agent v4.0

You can integrate our optional device fingerprinting module directly into a web app, by using our JavaScript agent. Please, always use our CDN hosted script to ensure you always load the latest available version.

  1. Include the JavaScript Agent for example inside the <head> tags of your website or web app. You can also lazy-load it or execute upon specific actions (e.g. clicking on Login, Payment, Registration buttons, before calling the API). In this case you must ensure that the module has been loaded successfully before invoking its methods.
  2. Set a unique session_id for your client using the seon.config() function.
  3. Call the seon.getBase64Session() function to get the encrypted payload for the device.
  4. Send the returned session payload string to your backend and add to the session property in your Fraud API request. The Fraud API call should be still executed if the session is missing, due to non-executed JS snippet. Tip: Add timeout to JS and utilise Fraud API call after.

All the device fingerprinting data will be available in the response of the Fraud API, and accessible on the Admin Panel of the Transactions Details page.

 

 

Configuration parameters

To configure the JavaScript module, you need to call seon.config() function:

JSON Attributes

Required
host
no
session_id
yes
audio_fingerprint
no
canvas_fingerprint
no
webgl_fingerprint
no
onSuccess
no
onError
no

 

 

Integration

Fingerprinting can be triggered by seon.getBase64Session() function. After collecting all the available information, the function returns an encrypted base64 encoded payload.

 

 

 

 

Payload

SEON JavaScript library collects device information and prepares an encrypted payload to use in Fraud API. The information on client side is not readable, we’ll reveal in the Fraud API response and on the Admin Panel. Some fields can be null, if the actual browser does not support or return data for that specific data point. In every other case, data types are preserved. Find a sample payload on the right side.

 

 

Common issues

  • The session is provided in the Fraud API request, but the device_details is null in the response and there is no device information on the Transaction details page. - This means the encrypted payload is corrupted. Please look into your integration and check again.
  • The v4 version of the JavaScript Agent is not compatible with the Fraud API v1, we highly recommend to upgrade because of security and performance reasons.
  • If you use CSP (Content Security Policy) headers on your site, you must allow the following domains in connect-src directive for full functionality based on your host configuration.

    Default: *.seondnsresolve.com
    seondf.com: *.seondfresolver.com
    deviceinf.com: *.deviceinfresolver.com
    getdeviceinf.com: *.getdeviceinfresolver.com

 

 

<html>
  <head>
    ...
    <script src="[source_url]"></script>
  </head>
  <body>
    ...
  </body>
</html>

You can use the following script source URLs ([source_url]):

  • https://cdn.seondf.com/js/v4/agent.js
  • https://cdn.deviceinf.com/js/v4/agent.js
  • https://cdn.getdeviceinf.com/js/v4/agent.js

 

 

 

 

 

 

 

seon.config({
  host: "seondf.com",
  session_id: "[session_id]",
  audio_fingerprint: true,
  canvas_fingerprint: true,
  webgl_fingerprint: true,
  onSuccess: function(message) {
    console.log("success", message);
  },
  onError: function(message) {
    console.log("error", message);
  }
});

 

 

seon.getBase64Session(function(data) {
  if (data) {
    console.log("Session payload", data);
  } else {
    console.log("Failed to retrieve session data.");
  }
});

JavaScript Agent v3.0

Our JavaScript Agent collects data through the browser for device fingerprinting purposes. In order to use it, you need to add the JavaScript file inside <head> tags. We recommend to use our CDN hosted JavaScript for fast page load and continuous support of the script.

 

 

Step-by-step guide

  1. Integrate the JavaScript Agent into your website or web application, which will send the device information to SEON’s platform including the session_id that you generated (max. 64 characters).
  2. During the user’s session use the same session_id in Fraud API calls.
  3. The device details will be provided in the response of the Fraud API, and will be displayed on the Admin Panel on the Transaction details page.
  4. We recommend to use onSuccess and onError callback functions to make sure that the data has been saved successfully. Fraud API requests initiated before the successful callback won’t be able to reference the collected device data.
<html>
  <head>
    ...
    <script src="https://cdn.seon.io/v3.0/js/agent.js"></script>
  </head>
  <body>
    ...
  </body>
</html>

Configuration parameters

To configure the JavaScript module, you need to call seon.config() function:

JSON Attributes

Required
public_key
yes
session_id
yes
audio_fingerprint
no
canvas_fingerprint
no
webgl_fingerprint
no
onSuccess
no
onError
no

Don’t forget to replace [session_id] with your unique session identifier, and [public_key] with your own public key. Your public key can be found on the My Account page.

 

seon.config({
  public_key: "[public_key]",
  session_id: "[session_id]",
  audio_fingerprint: true,
  canvas_fingerprint: true,
  webgl_fingerprint: true,
  onSuccess: function(message) {
    console.log('success', message);
  },
  onError: function(message) {
    console.log('error', message);
  }
});

Integration

Fingerprinting can be triggered by the seon.saveSession() function. After collection, all the available information will automatically be sent to the configured endpoint.

seon.saveSession(function(success) {
  if (success) {
    console.log("Session data has been saved!");
  } else {
    console.log("Failed to save session data.");
  }
});

Payload

SEON JavaScript SDK sends a POST request to the configured endpoint with a JSON payload. Some fields can be ‘null’, if the actual browser does not support or return data for that specific data point. In every other case, data types are preserved. Find a sample payload on the right side.

 

 

 

Common issues

The session_id is provided in the Fraud API request, but the device_details is null in the response and there is no device information on the Transaction details page. - This means the JavaScript agent could not send the device data to SEON correctly. Please look into your integration and check again.

The session_id is provided in the Fraud API request, but the device_details is null in the response but there is device information on the Transaction details page. - This means the device data arrived later than the Fraud API request at SEON. Please wait until the JavaScript finished successfully (use callbacks).

device_details Object with JavaScript Agent v3.0

JSON Attributes

Type
type
string
source
string
session_id
string
adblock
boolean
audio_hash
string
battery_charging
boolean
battery_level
integer
browser_hash
string
browser
string
browser_version
string
canvas_hash
string
cookie_enabled
string
cookie_hash
string
device_hash
string
device_memory
integer
device_type
string
dns_ip
string
dns_ip_country
string
dns_ip_isp
string
do_not_track
boolean
flash_enabled
boolean
font_count
integer
font_hash
string
font_list
array
hardware_concurrency
integer
java_enabled
boolean
device_ip_address
string
device_ip_country
string
device_ip_isp
string
accept_language
array
os
string
platform
string
plugin_count
integer
plugin_hash
string
plugin_list
array
private
boolean
region_language
string
region_timezone
string
screen_available_resolution
string
screen_color_depth
integer
screen_pixel_ratio
integer
screen_resolution
string
social_logins
array
touch_support
boolean
user_agent
string
webgl_hash
string
webgl_vendor
string
webrtc_activated
boolean
webrtc_count
integer
webrtc_ips
array
window_size
string

JavaScript Agent v2.0

Our JavaScript Agent collects data through the browser for device fingerprinting purposes. Please follow the steps below to enable session and device data-collection with our JavaScript agent:

  1. Include SEON JavaScript agent in your header, between <head></head> tags.
  2. Insert the initialization code to the bottom of your page, just before the </body> tag.
  3. Replace [session_id] with the unique identifier of user’s session.
  4. We recommend to use onSuccess and onError callback functions to make sure that the data has been saved successfully. Fraud API requests initiated before the successful callback won’t be able to reference the collected device data.

 

 

Options

JSON Attributes

TypeDefault
social_detection
booleanfalse
audio_fingerprint
booleanfalse
use_flash
booleantrue

Don’t forget to replace [session_id] with your unique session identifier.

<html>
  <head>
    ...
    <script src="https://cdn.seon.io/v2.0/js/agent.js"></script>
    ...
  </head>
  <body>
    ...
    <script>

      seon.start({
        session_id: '[session_id]',
        social_detection: false,
        audio_fingerprint: false,
        use_flash: true,
        onSuccess: function() {
          console.log("Session data was sucessfully saved!");
        },
        onError: function() {
          console.log("Something went wrong. Session data was not saved sucessfully!");
        }
      });

    </script>
  </body>
</html>

device_details Object with JavaScript Agent v2.0

JSON Attributes

Type
session_id
string
timezone
string
private_mode
boolean
useragent
string
fonts
integer
plugins
integer
op_sys
string
cookie_enabled
boolean
screen
string
avail_screen
string
window_screen
string
webrtc_count
integer
cookie_hash
string
device_hash
string
js_ip
string
js_ip_country
string
js_ip_isp
string
browser_hash
string
webrtc_ips
array
webrtc_activated
boolean
flash
boolean
java
boolean
plugins_hash
string
fonts_hash
string
plugin_names
array
device_type
string
fonts_names
array
social_sites
array
dns_ip
string
dns_ip_country
string
dns_ip_isp
string

iOS SDK v1.0

device_details Object with iOS SDK v1.0

 

JSON Attributes

Type
type
string
session_id
string
device_udid
string
ios_version
string
ip_address
string
app_platform_type
string
device_adid
string
wifi_mac_address
string
network_config
string
battery_level
string
device_orientation
string
file_system_size
string
physical_memory
string
cpu_type
string
cpu_count
integer
cpu_speed
string
accessories_number
string
has_proximity_sensor
boolean
screen_brightness
string
screen_resolution
string
ios_device_name
string
kernel_version
string
icloud_ubiquity_token
string
local_language
string
currency_code
string
system_uptime
string
Response
{
 "device_details": {
  "type": "ios",
  "session_id": "3UeZWaHrRT",
  "device_udid": "A51E1FFC-9C09-43AF-9477-9276A011E3CE",
  "ios_version": "11.2.2",
  "ip_address": "112.196.3.212",
  "app_platform_type": "iPhone 5s (GSM+CDMA)",
  "device_adid": "6DD386F9-5B70-495C-B466-B3AF85534511",
  "wifi_mac_address": "d4:9a:20:5a:81:b9",
  "network_config": "Wifi",
  "battery_level": "100%",
  "device_orientation": "Portrait",
  "file_system_size": "1250209792",
  "physical_memory": "1048576000",
  "cpu_type": "ARM_64V8",
  "cpu_count": 0,
  "cpu_speed": "0",
  "accessories_number": "0",
  "has_proximity_sensor": true,
  "screen_brightness": "0.42",
  "screen_resolution": null,
  "ios_device_name": "Bansal",
  "kernel_version": "15C202",
  "icloud_ubiquity_token": "9928f58d e1ab9d3c 63707e75 e240e45f 4b0b9c8b",
  "local_language": "en-IN",
  "currency_code": "IN",
  "system_uptime": "92790"
 }
}

Android SDK v5

You can integrate our device fingerprinting module directly into Android mobile apps, by using our SDK found on GitHub. It will collect information based on the user’s software and hardware configuration.

  • The SDK returns an encrypted, base64 encoded string to add in the session property in the Fraud API request. It isn’t permitted to access or modify the payload on the clients.
  • JSON structured device details will be revealed in the Fraud API response.

JSON Attributes

Type
type
string
source
string
session_id
string
android_id
string
android_version
string
app_guid
string
audio_mute_status
boolean
audio_volume_current
integer
battery_charging
boolean
battery_health
string
battery_level
integer
battery_temperature
float
battery_voltage
integer
build_device
string
build_id
string
build_manufacturer
string
build_number
string
build_time
integer
carrier_country
string
carrier_name
string
cpu_count
integer
cpu_hash
string
cpu_speed
double
cpu_type
string
device_hash
string
device_cellular_id
string
device_name
string
free_storage
integer
has_proximity_sensor
boolean
is_emulator
boolean
is_rooted
boolean
kernel_arch
string
kernel_name
string
kernel_version
string
last_boot_time
integer
network_config
string
pasteboard_hash
string
physical_memory
integer
region_country
string
region_language
string
region_timezone
string
screen_brightness
integer
screen_height
integer
screen_scale
integer
screen_width
integer
sensor_hash
string
system_uptime
integer
total_storage
integer
wifi_mac_address
string
wifi_ssid
string
dns_ip
string
dns_ip_country
string
dns_ip_isp
string
device_ip_address
string
device_ip_country
string
device_ip_isp
string
Response
{
 "device_details": {
  "session_id": "test_session",
  "type": "android",
  "dns_ip": "89.134.46.87",
  "dns_ip_country": "HU",
  "dns_ip_isp": "UPC Magyarorszag Kft.",
  "source": "android-4.1.0",
  "device_hash": "702ec69fa2538ed37ddca2d29210bba6f7801ab9cf2f47bdec260f5dc84fd9cc",
  "device_name": "LGE LG-H502",
  "device_cellular_id": "352104070316496",
  "android_id": "9cb5c5698c590fdc",
  "build_id": "MRA58K",
  "build_device": "my90ds",
  "build_time": 1550069867,
  "build_number": "MRA58K",
  "build_manufacturer": "LGE",
  "app_guid": "66dc9430-a09f-4dcb-ab16-cd5b1c3d7316",
  "android_version": "23 (6.0)",
  "last_boot_time": 1623315851,
  "system_uptime": 495,
  "sensor_hash": "ea8170d27b08a39d3a697c9da5e8c0190174ebb302fc35e77da17690abb61576",
  "audio_volume_current": 28,
  "audio_mute_status": true,
  "battery_level": 80,
  "battery_charging": false,
  "battery_temperature": 29,
  "battery_voltage": 4063,
  "battery_health": "GOOD",
  "has_proximity_sensor": true,
  "cpu_type": "ARMv7 Processor rev 3 (v7l)",
  "cpu_count": 4,
  "cpu_speed": 1300,
  "cpu_hash": "6bae8487b6bd0d18f12910a12d79b43e79a21f8fa11bb0b44ca15b6a9f4c5cbe",
  "kernel_name": "Linux",
  "kernel_version": "3.10.72",
  "kernel_arch": "armv7l",
  "physical_memory": 979608000,
  "screen_brightness": 100,
  "screen_height": 1187,
  "screen_width": 720,
  "screen_scale": 2,
  "total_storage": 3854680064,
  "free_storage": 395546624,
  "network_config": "WIFI",
  "wifi_mac_address": "64:BC:0C:91:DC:01",
  "wifi_ssid": "WIFI_SSID",
  "carrier_name": null,
  "pasteboard_hash": "50ba875a2d572ed0c2632d3920d73a827588f0d86500b2e3145a788c86fdc83c",
  "region_timezone": "+02:00",
  "region_language": "en",
  "region_country": "GB",
  "carrier_country": null,
  "is_emulator": false,
  "is_rooted": false,
  "device_ip_address": "84.2.42.16",
  "device_ip_country": "HU",
  "device_ip_isp": "Magyar Telekom"
 }
}

Android SDK v1.0

device_details Object with Android SDK v1.0

 

JSON Attributes

Type
type
string
device_id
string
android_id
string
device_name
string
build_id
string
build_device
string
build_manufacture
string
build_time
date
network_name
string
is_plugged_in
boolean
android_version
string
build_number
string
kernel_version
string
locale_country_code
string
wifi_mac_address
string
session_id
string
cpu_type
string
cpu_count
integer
cpu_speed
string
cpu_hash
string
system_uptime
time
ip_address
string
has_proximity_sensor
boolean
physical_memory
string
locale_language
string
Response
{
 "device_details": {
  "type": "android",
  "device_id": "8547c5c2466aa0a3",
  "android_id": "8c9965c2466aa0a3",
  "device_name": "Android SDK built for x86",
  "build_id": "LMY48X",
  "build_device": "generic_x86",
  "build_manufacture": null,
  "build_time": "2018-03-16T22:11:26",
  "network_name": "Android",
  "is_plugged_in": true,
  "android_version": "22 (5.1.1)",
  "build_number": "sdk_google_phone_x86-userdebug 5.1.1 LMY48X 4660545 test-keys",
  "kernel_version": "3.10.0+",
  "locale_country_code": "us",
  "wifi_mac_address": null,
  "session_id": "android_testsession_id",
  "cpu_type": "Android 32-bit virtual processor",
  "cpu_count": 2,
  "cpu_speed": "2591.937",
  "cpu_hash": "4fe2f91f9c4e5e19f40a77711ffba9f0e78b7184",
  "system_uptime": "04:04:50",
  "ip_address": "10.0.2.15",
  "has_proximity_sensor": true,
  "physical_memory": "1007.3 MB",
  "local_language": "English"
 }
}