Migration guides

The current versioning structure of SEON APIs contains both a MAJOR and MINOR version numbers. As part of this change, the MINOR part of the version string will be omitted. This will result in the following versioning changes in both the URLs and the Fraud API’s config object:

• Fraud API v2.0 -> v2
• AML API v1.1 -> v1
• AML Entity API v1.1 -> v1
• Email API v2.3 -> v2
• Email Verification API v1.0 -> v1
• Phone API v1.5 -> v1
• IP API v1.1 -> v1
• BIN API v1.0 -> v1
• Label API non-versioned -> v1
• Lists API non-versioned -> v1
• Self Exclusion API non versioned -> v1
• Exclude User from Rule API non versioned -> v1
• Erase API non-versioned -> v1

With the new versioning structure, a new policy takes effect for breaking changes in the API.

The most influential changes in the policy above are the following:

• API integrators need to be prepared that the API might return new fields in the API responses without prior notice
• Version strings must be changed in the API URLs and the Fraud API config objects.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

Instead of sending your license key via request payload, you need to send it as a HTTP header. The name of the header should be X-API-KEY.

APIs that are affected by this change:

• Fraud API v1.0
• Fraud API v2.0
• Lists API
• Label API

Payload-based Authentication changes

Instead of sending your license key via request payload, you need to send it as a HTTP header. The name of the header should be X-API-KEY.

URL Changes

New URL: https://api.seon.io/SeonRestService/fraud-api/v2

Deprecated URL: https://api.seon.io/SeonRestService/fraud-api/v1.0

New config object for Fraud API

• run_email_api field in input is deprecated for v2, Email API should be set in config object (set email_api: true).
• IP API won’t be executed by default, it needs to be set explicitly in config object. (set ip_api: true).
• Device fingerprint won’t be enabled by default; it needs to be set explicitly in config object. (set device_fingerprinting: true).
• Phone API is supported for Fraud API. (set phone_api: true).

Session handling

• Instead of the session_id, you need to send the encrypted payload returned by the SDK (supported by JS Agent v4, iOS SDK 3.0.0, Android SDK 3.0.0). The session_id parameter is still required for the configuration; the change affects the data you need to send in the Fraud API request related to the Device Fingerprint module.
• The previous SDK versions are still supported with the session_id field, but we highly recommend migrating the Device Fingerprint module.
• The public key is no longer necessary with the latest SDK versions.
• You must set device_fingerprinting: true in the config object to enable the feature.

Renamed fields

• user_label -> custom_fields
• item_user_label -> item_custom_fields
• user_order_memo -> order_memo

Response changes

Please find the full data field mapping from Fraud API v1.0 to v2 here.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

Modifications are only required if your integration is not compatible with our new API policy or you are still using Payload-based Authentication (see below).

Keep in mind that 

• The default configuration parameters of the Fraud API - v2 will also be modified when the sunsetting of the old endpoints takes effect.
  • config.ip.version -> IP - v1
  • config.email.version -> Email - v2
  • config.phone.version -> Phone - v1
  • config.aml.version -> AML - v1
• the length of the data.id field's value generated by us - we generate it if the transaction_id was not provided in the request - can change over time, an increase can be expected

Payload-based Authentication changes

Instead of sending your license key via request payload, you need to send it as a HTTP header. The name of the header should be X-API-KEY.

URL Changes

New URL: https://api.seon.io/SeonRestService/fraud-api/v2

Deprecated URL: https://api.seon.io/SeonRestService/fraud-api/v2.0

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

All fields referenced here start from the root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/aml-api/v1

Deprecated URL: https://api.seon.io/SeonRestService/aml-api/v1.0

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• data.result_payload.details.crimelist_entries[X].scores
• data.result_payload.details.watchlist_entries[X].scores
• data.result_payload.details.sanctionlist_entries[X].scores
• data.result_payload.details.pep_entries[X].scores

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy.

URL Changes

New URL: https://api.seon.io/SeonRestService/aml-api/v1

Deprecated URL: https://api.seon.io/SeonRestService/aml-api/v1.1

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy.

URL Changes

New URL: https://api.seon.io/SeonRestService/aml-api/entity/v1

Deprecated URL: https://api.seon.io/SeonRestService/aml-api/entity/v1.1

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy.

URL Changes

New URL: https://api.seon.io/SeonRestService/bin-api/v1/[bin]

Deprecated URL: https://api.seon.io/SeonRestService/bin-api/v1.0/[bin]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

All fields referenced here start from the root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/email-api/v2

Deprecated URL: https://api.seon.io/SeonRestService/email-api/v1.0

Removed fields

• email_exists
• disposable
• free
• domain_exists
• email_domain_details
• email_score
• email_account_details

Renamed fields

• email_score -> score
• free -> domain_details.free
• email_exists -> deliverable
• email_domain_details.domain -> domain_details.domain
• email_domain_details.created -> domain_details.created
• email_domain_details.updated -> domain_details.updated
• email_domain_details.is_registered -> domain_details.registered
• email_account_details.facebook_exists -> account_details.facebook.registered
• email_account_details.facebook_profile -> account_details.facebook.url
• email_account_details.facebook_name -> account_details.facebook.name
• email_account_details.facebook_photo -> account_details.facebook.photo
• email_account_details.google_exists -> account_details.google.registered
• email_account_details.google_photo -> account_details.google.photo
• email_account_details.apple_exists -> account_details.apple.registered
• email_account_details.twitter_exists -> account_details.apple.twitter
• email_account_details.microsoft_exists -> account_details.microsoft.registered
• email_account_details.yahoo_exists -> account_details.yahoo.registered
• email_account_details.ebay_exists -> account_details.ebay.registered
• email_account_details.gravatar_exists -> account_details.gravatar.registered
• email_account_details.instagram_exists -> account_details.instagram.registered
• email_account_details.spotify_exists -> account_details.spotify.registered
• email_account_details.tumblr_exists -> account_details.tumblr.registered
• email_account_details.linkedin_exists -> account_details.linkedin.registered
• email_account_details.haveibeenpwned_exists -> breach_details.haveibeenpwned_listed
• email_account_details.number_of_breaches -> breach_details.number_of_breaches
• email_account_details.first_breach -> breach_details.first_breach
• email_account_details.weibo_exists -> account_details.weibo.registered

New fields

• score
• deliverable
• id
• history
• history_timeframes
• flags
• domain_details
• breach_details
• account_details
• applied_rules
• account_details.discord
• account_details.ok
• account_details.kakao
• account_details.booking
• account_details.airbnb
• account_details.amazon
• account_details.qzone
• account_details.adobe
• account_details.mailru
• account_details.wordpress
• account_details.imgur
• account_details.disneyplus
• account_details.netflix
• account_details.jdid
• account_details.flipkart
• account_details.bukalapak
• account_details.archiveorg
• account_details.lazada
• account_details.zoho
• account_details.samsung
• account_details.evernote
• account_details.envato
• account_details.patreon
• account_details.tokopedia
• account_details.rambler
• account_details.quora
• account_details.atlassian
• account_details.flickr
• account_details.github
• account_details.google_plus
• account_details.skype
• account_details.adobe
• account_details.mailru
• account_details.wordpress
• account_details.imgur
• account_details.disneyplus
• account_details.netflix
• account_details.jdid
• account_details.flipkart
• account_details.bukalapak
• account_details.archiveorg
• account_details.lazada
• account_details.zoho
• account_details.samsung
• account_details.evernote
• account_details.envato
• account_details.patreon
• account_details.tokopedia
• account_details.rambler
• account_details.quora
• account_details.atlassian
• account_details.foursquare.bio
• account_details.foursquare.photo
• account_details.foursquare.profile_url
• account_details.gravatar.location
• account_details.gravatar.name
• account_details.gravatar.profile_url
• account_details.gravatar.username
• account_details.linkedin.connection_count
• account_details.flickr.username
• account_details.flickr.photo
• account_details.flickr.followers
• account_details.flickr.location
• account_details.flickr.occupation
• account_details.flickr.description
• account_details.github.photo
• account_details.github.full_name
• account_details.github.username
• account_details.github.location
• account_details.github.company
• account_details.github.website
• account_details.github.bio
• account_details.github.followers
• account_details.github.following
• account_details.github.twitter
• account_details.github.profile_url
• account_details.google.activity
• account_details.google.is_enterprise_user
• account_details.google.last_updated
• account_details.skype.country_code
• account_details.skype.contact_type
• account_details.aboutme
• account_details.altbalaji
• account_details.bitmoji
• account_details.bodybuilding
• account_details.codecademy
• account_details.deliveroo
• account_details.diigo
• account_details.duolingo
• account_details.eventbrite
• account_details.firefox
• account_details.freelancer
• account_details.gaana
• account_details.giphy
• account_details.giphy
• account_details.hubspot
• account_details.kommo
• account_details.komoot
• account_details.nike
• account_details.plurk
• account_details.rappi
• account_details.replit
• account_details.seoclerks
• account_details.snapchat
• account_details.snapdeal
• account_details.soundcloud
• account_details.starz
• account_details.strava
• account_details.taringa
• account_details.tiki
• account_details.treehouse
• account_details.venmo
• account_details.vivino
• account_details.vkontakte
• account_details.wattpad
• account_details.xing
• account_details.yandex
• account_details.adult_sites

All fields referenced here start from the root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/email-api/v2

Deprecated URL: https://api.seon.io/SeonRestService/email-api/v2.0

Removed fields

There were no fields removed. 

Renamed fields

There were no fields renamed. 

New fields

• account_details.discord
• account_details.ok
• account_details.kakao
• account_details.booking
• account_details.airbnb
• account_details.amazon
• account_details.qzone
• account_details.adobe
• account_details.mailru
• account_details.wordpress
• account_details.imgur
• account_details.disneyplus
• account_details.netflix
• account_details.jdid
• account_details.flipkart
• account_details.bukalapak
• account_details.archiveorg
• account_details.lazada
• account_details.zoho
• account_details.samsung
• account_details.evernote
• account_details.envato
• account_details.patreon
• account_details.tokopedia
• account_details.rambler
• account_details.quora
• account_details.atlassian
• account_details.flickr
• account_details.github
• account_details.google_plus
• account_details.skype
• account_details.adobe
• account_details.mailru
• account_details.wordpress
• account_details.imgur
• account_details.disneyplus
• account_details.netflix
• account_details.jdid
• account_details.flipkart
• account_details.bukalapak
• account_details.archiveorg
• account_details.lazada
• account_details.zoho
• account_details.samsung
• account_details.evernote
• account_details.envato
• account_details.patreon
• account_details.tokopedia
• account_details.rambler
• account_details.quora
• account_details.atlassian
• account_details.foursquare.bio
• account_details.foursquare.photo
• account_details.foursquare.profile_url
• account_details.gravatar.location
• account_details.gravatar.name
• account_details.gravatar.profile_url
• account_details.gravatar.username
• account_details.linkedin.connection_count
• account_details.flickr.username
• account_details.flickr.photo
• account_details.flickr.followers
• account_details.flickr.location
• account_details.flickr.occupation
• account_details.flickr.description
• account_details.github.photo
• account_details.github.full_name
• account_details.github.username
• account_details.github.location
• account_details.github.company
• account_details.github.website
• account_details.github.bio
• account_details.github.followers
• account_details.github.following
• account_details.github.twitter
• account_details.github.profile_url
• account_details.google.activity
• account_details.google.is_enterprise_user
• account_details.google.last_updated
• account_details.skype.country_code
• account_details.skype.contact_type
• account_details.aboutme
• account_details.altbalaji
• account_details.bitmoji
• account_details.bodybuilding
• account_details.codecademy
• account_details.deliveroo
• account_details.diigo
• account_details.duolingo
• account_details.eventbrite
• account_details.firefox
• account_details.freelancer
• account_details.gaana
• account_details.giphy
• account_details.giphy
• account_details.hubspot
• account_details.kommo
• account_details.komoot
• account_details.nike
• account_details.plurk
• account_details.rappi
• account_details.replit
• account_details.seoclerks
• account_details.snapchat
• account_details.snapdeal
• account_details.soundcloud
• account_details.starz
• account_details.strava
• account_details.taringa
• account_details.tiki
• account_details.treehouse
• account_details.venmo
• account_details.vivino
• account_details.vkontakte
• account_details.wattpad
• account_details.xing
• account_details.yandex
• account_details.adult_sites

All fields referenced here are starting from root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/email-api/v2

Deprecated URL: https://api.seon.io/SeonRestService/email-api/v2.1

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• account_details.ok.full_name
• account_details.adobe
• account_details.mailru
• account_details.wordpress
• account_details.imgur
• account_details.disneyplus
• account_details.netflix
• account_details.jdid
• account_details.flipkart
• account_details.bukalapak
• account_details.archiveorg
• account_details.lazada
• account_details.zoho
• account_details.samsung
• account_details.evernote
• account_details.envato
• account_details.patreon
• account_details.tokopedia
• account_details.rambler
• account_details.quora
• account_details.atlassian
• account_details.foursquare.bio
• account_details.foursquare.photo
• account_details.foursquare.profile_url
• account_details.gravatar.location
• account_details.gravatar.name
• account_details.gravatar.profile_url
• account_details.gravatar.username
• account_details.linkedin.connection_count
• account_details.flickr.username
• account_details.flickr.photo
• account_details.flickr.followers
• account_details.flickr.location
• account_details.flickr.occupation
• account_details.flickr.description
• account_details.github.photo
• account_details.github.full_name
• account_details.github.username
• account_details.github.location
• account_details.github.company
• account_details.github.website
• account_details.github.bio
• account_details.github.followers
• account_details.github.following
• account_details.github.twitter_url
• account_details.github.profile_url
• account_details.google.activity
• account_details.google.is_enterprise_user
• account_details.google.last_updated
• account_details.skype.country_code
• account_details.skype.contact_type
• account_details.aboutme
• account_details.altbalaji
• account_details.bitmoji
• account_details.bodybuilding
• account_details.codecademy
• account_details.deliveroo
• account_details.diigo
• account_details.duolingo
• account_details.eventbrite
• account_details.firefox
• account_details.freelancer
• account_details.gaana
• account_details.giphy
• account_details.giphy
• account_details.hubspot
• account_details.kommo
• account_details.komoot
• account_details.nike
• account_details.plurk
• account_details.rappi
• account_details.replit
• account_details.seoclerks
• account_details.snapchat
• account_details.snapdeal
• account_details.soundcloud
• account_details.starz
• account_details.strava
• account_details.taringa
• account_details.tiki
• account_details.treehouse
• account_details.venmo
• account_details.vivino
• account_details.vkontakte
• account_details.wattpad
• account_details.xing
• account_details.yandex
• account_details.adult_sites

All fields referenced here are starting from root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/email-api/v2

Deprecated URL: https://api.seon.io/SeonRestService/email-api/v2.2

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• account_details.ok.full_name
• account_details.flickr.photo
• account_details.flickr.followers
• account_details.flickr.location
• account_details.flickr.occupation
• account_details.flickr.description
• account_details.github.photo
• account_details.github.full_name
• account_details.github.username
• account_details.github.location
• account_details.github.company
• account_details.github.website
• account_details.github.bio
• account_details.github.followers
• account_details.github.following
• account_details.github.twitter_url
• account_details.github.profile_url
• account_details.google.activity
• account_details.google.is_enterprise_user
• account_details.google.last_updated
• account_details.skype.country_code
• account_details.skype.contact_type
• account_details.aboutme
• account_details.altbalaji
• account_details.bitmoji
• account_details.bodybuilding
• account_details.codecademy
• account_details.deliveroo
• account_details.diigo
• account_details.duolingo
• account_details.eventbrite
• account_details.firefox
• account_details.freelancer
• account_details.gaana
• account_details.giphy
• account_details.giphy
• account_details.hubspot
• account_details.kommo
• account_details.komoot
• account_details.nike
• account_details.plurk
• account_details.rappi
• account_details.replit
• account_details.seoclerks
• account_details.snapchat
• account_details.snapdeal
• account_details.soundcloud
• account_details.starz
• account_details.strava
• account_details.taringa
• account_details.tiki
• account_details.treehouse
• account_details.venmo
• account_details.vivino
• account_details.vkontakte
• account_details.wattpad
• account_details.xing
• account_details.yandex
• account_details.adult_sites

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy.

URL Changes

New URL: https://api.seon.io/SeonRestService/email-verification/v1/[email_address]

Deprecated URL: https://api.seon.io/SeonRestService/email-verification/v1.0/[email_address]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy.

URL Changes

New URL: https://api.seon.io/SeonRestService/erase-api/v1?dry_run=false

Deprecated URL: https://api.seon.io/SeonRestService/erase-api?dry_run=false

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy.

URL Changes

New URL: https://api.seon.io/SeonRestService/fraud-api/rule-exclude/v1

Deprecated URL: https://api.seon.io/SeonRestService/fraud-api/rule-exclude

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

All fields referenced here start from the root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/ip-api/v1/[ip]

Deprecated URL: https://api.seon.io/SeonRestService/ip-api/v1.0/[ip]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• data.harmful

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy.

URL Changes

New URL: https://api.seon.io/SeonRestService/ip-api/v1/[ip]

Deprecated URL: https://api.seon.io/SeonRestService/ip-api/v1.1/[ip]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy or you are still using Payload-based Authentication (see below).

Payload-based Authentication changes

Instead of sending your license key via request payload, you need to send it as a HTTP header. The name of the header should be X-API-KEY.

URL Changes

New URL: https://api.seon.io/SeonRestService/fraud-api/label/v1/[id]

Deprecated URL: https://api.seon.io/SeonRestService/fraud-api/label/[id]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy or you are still using Payload-based Authentication (see below).

Payload-based Authentication changes

Instead of sending your license key via request payload, you need to send it as a HTTP header. The name of the header should be X-API-KEY.

URL Changes

New URL: https://api.seon.io/SeonRestService/fraud-api/state-field/v1

Deprecated URL: https://api.seon.io/SeonRestService/fraud-api/state-field

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

All fields referenced here are starting from root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/phone-api/v1/[phone_number]

Deprecated URL: https://api.seon.io/SeonRestService/phone-api/v1.0/[phone_number]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• disposable
• account_details.skype
• account_details.kakao
• account_details.ok
• account_details.zalo
• account_details.snapchat
• account_details.line
• account_details.viber.name
• account_details.whatsapp.about
• account_details.flipkart
• account_details.bukalapak
• account_details.jdid
• account_details.google.account_id
• account_details.google.full_name
• account_details.altbalaji
• account_details.shopclues
• account_details.snapdeal
• account_details.tiki
• account_details.vkontakte
• account_details.weibo
• account_details.whatsapp.last_active
• cnam_details.cnam
• cnam_details.gender

Field value changed

• data.type is separated with ' ' instead of '_' character

All fields referenced here start from the root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/phone-api/v1/[phone_number]

Deprecated URL: https://api.seon.io/SeonRestService/phone-api/v1.1/[phone_number]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• disposable
• account_details.flipkart
• account_details.bukalapak
• account_details.jdid
• account_details.zalo.uid
• account_details.zalo.date_of_birth
• account_details.zalo.name
• account_details.ok.age
• account_details.google.account_id
• account_details.google.full_name
• account_details.altbalaji
• account_details.shopclues
• account_details.snapdeal
• account_details.tiki
• account_details.vkontakte
• account_details.weibo
• account_details.whatsapp.last_active
• cnam_details.cnam
• cnam_details.gender

Field value changed

• data.type is separated with ' ' instead of '_' character

All fields referenced here start from root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/phone-api/v1/[phone_number]

Deprecated URL: https://api.seon.io/SeonRestService/phone-api/v1.2/[phone_number]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• account_details.flipkart
• account_details.bukalapak
• account_details.jdid
• account_details.zalo.uid
• account_details.zalo.date_of_birth
• account_details.zalo.name
• account_details.ok.age
• account_details.google.account_id
• account_details.google.full_name
• account_details.altbalaji
• account_details.shopclues
• account_details.snapdeal
• account_details.tiki
• account_details.vkontakte
• account_details.weibo
• account_details.whatsapp.last_active

Field value changed

• data.type is separated with ' ' instead of '_' character

All fields referenced here start from root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/phone-api/v1/[phone_number]

Deprecated URL: https://api.seon.io/SeonRestService/phone-api/v1.3/[phone_number]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• account_details.altbalaji
• account_details.shopclues
• account_details.snapdeal
• account_details.tiki
• account_details.vkontakte
• account_details.weibo
• account_details.whatsapp.last_active

Field value changed

• data.type is separated with ' ' instead of '_' character

All fields referenced here start from the root/data path in our response.

Keep in mind that additional modifications may also be required on your side later on as the API policy for the new endpoints will also change.

URL Changes

New URL: https://api.seon.io/SeonRestService/phone-api/v1/[phone_number]

Deprecated URL: https://api.seon.io/SeonRestService/phone-api/v1.4/[phone_number]

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

• account_details.altbalaji
• account_details.shopclues
• account_details.snapdeal
• account_details.tiki
• account_details.vkontakte
• account_details.weibo
• account_details.whatsapp.last_active

Field value changed

There were no field value changed.

Except for the URL change, modifications are only required if your integration is not compatible with our new API policy.

URL Changes

New URL: https://api.seon.io/SeonRestService/fraud-api/exclude/v1

Deprecated URL: https://api.seon.io/SeonRestService/fraud-api/exclude

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added.

Removed fields

There were no fields removed.

Renamed fields

• avail_screen -> screen_available_resolution
• flash -> flash_enabled
• font_names -> font_list
• fonts -> font_count
• fonts_hash -> font_hash
• java -> java_enabled
• js_ip -> device_ip_address
• js_ip_country -> device_ip_country
• js_ip_isp -> device_ip_isp
• op_sys -> os
• plugin_names -> plugin_list
• plugins -> plugin_count
• plugins_hash -> plugin_hash
• private_mode -> private
• screen -> screen_resolution
• timezone -> region_timezone
• useragent -> user_agent
• window_screen -> window_size

New fields

See v5 documentation for all available new fields. It also includes an additional bot, fraud tool, privacy tool, and spoofing detection using the Scoring Engine.

Field value changes

• All _hash fields are generated differently, meaning they will break between versions.
  The collected list of fonts is different. On v5, the font_list is empty by default but can be turned on with the font_list configuration option. Only the font_count and font_hash fields are populated correctly; the font_list field is empty by default to reduce payload size.
• The private mode detection is more accurate on v5.

Integration changes

In v1, the JS SDK sent in the device fingerprint to SEON services automatically, and you could link the device fingerprint with your Fraud API call with the session_id.

In v5, the SDK generates a base64 encoded encrypted payload, which has to be sent in with the Fraud API request. The new flow is the following:

1. Generate the session string on your frontend with the getBase64Session.
2. Send this session string to your backend.
3. Send the session string as the session parameter to the Fraud API.

Additionally, you have to call the Fraud API v2 instead of v1 to send in sessions. Please refer to the Fraud API v2 documentation for more information.

JavaScript integration changes

v1:

<script src="https://cdn.seon.io/v1.0/js/agent-dev.js"></script>
<script>
 start(sessionId, () => console.log('success'));
</script>

v2:

<script src="https://cdn.seon.io/v2.0/js/agent-dev.js"></script>
<script>
 seon.start({
   session_id: sessionId,
   onSuccess: () => console.log('success'),
   onError: () => console.log('error'),
 });
</script>

v5:

<script src="https://cdn.seon.io/js/v5/agent.prod.js"></script>
<script>
 seon.config({
   session_id: sessionId,
   onSuccess: (msg) => console.log('config success', msg),
   onError: (msg) => console.error('config error', msg),
 });
 
 seon.getBase64Session().then((session) => {
   console.log('Session string:', session);
   // Send 'session' to your backend and send it in the Fraud API call
 });
</script>

Please refer to the JS SDK v5 documentation for more information and additional configuration options.

Content-Security-Policy

The V5 SDK sends network requests to our custom domains for more accurate identification and fraud detection. If your site uses CSP HTTP headers, then you need to allow these requests explicitly with a connect-src directive. For more info, please refer to the v5 configuration section of the API reference.

Removed fields

There were no fields removed.

Renamed fields

There were no fields renamed.

New fields

There were no new fields added. But additional bot, fraud tool, privacy tool, and spoofing detection is available in v5 using the scoring engine.

Field value changes

• The _hash fields are generated differently, meaning they might break between versions.
• The list of collected fonts is different. Also, on v5, the font_list is empty by default but can be turned on with the font_list configuration option. Only the font_count and font_hash fields are populated correctly; the font_list field is empty by default to reduce payload size.
• The private mode detection is more accurate on v5.
• The accept_language field will always be an empty list due to the different integration methods.
• The window_size, screen_resolution, screen_available_resolution fields in v5 always follow the <WIDTH>x<HEIGHT> format instead of the alphabetically ordered format of v3.
• Some fields might have a different value in edge cases due to some improvements.

Integration changes

The changes required in the integration highly depend on the customer's chosen integration method.

The latest v3 SDK version allows for two different methods:

• Calling the seon.getBase64Session JavaScript function, the SDK returns the encrypted session string, which can be linked to a transaction by sending it in as the session parameter in the Fraud API v2 call.
• Calling the seon.saveSession JavaScript function, the SDK sends in the device fingerprint to SEON services, and you can connect these details to a transaction in the Fraud API call with the given session_id.

Using seon.getBase64Session

The first option requires the least amount of changes from the customers, as the JavaScript interface did not change between v3 and v5. You can simply switch the CDN URL to one of our supported URLs (see SEON Docs). The public_key configuration option is deprecated in v5 because it is no longer used, but will not generate a warning if it is still included.

Using seon.saveSession

In v3, the JS SDK sent in the device fingerprint to SEON services automatically by calling the seon.saveSession, and you could link the device fingerprint with your Fraud API call with the session_id.

In v5, the SDK generates a base64 encoded encrypted payload, which has to be sent in with the Fraud API request. So the new flow is the following:

1. Generate the session string on your frontend with the getBase64Session
2. Send this session string to your backend
3. Send the session string as the session parameter to the Fraud API

Additionally, you have to call the Fraud API v2 instead of v1 to send in sessions. Please refer to the Fraud API v2 documentation for more information.

Content-Security-Policy

The v5 SDK sends network requests to our custom domains for more accurate identification and fraud detection. If your site uses CSP HTTP headers, you need to explicitly allow these requests with a connect-src directive. For more info please refer to the v5 configuration section of the API reference.

There were no significant changes in the output fields. The _hash fields are incompatible between v4 and v5 (especially the browser_hash), and the list of collected fonts is different. In v5, the font_list is empty by default, but can be turned on with the font_list configuration option. Only the font_count and font_hash fields are populated correctly; the font_list field is empty by default to reduce payload size.

The v5 version contains a lot of improvements to improve the stability and accuracy of the fields, as well as updates to our fraud tool and spoofing detection features.

The integration remained exactly the same and requires no changes besides updating the CDN URL by switching v4 to v5.

Removed fields

• is_plugged_in has been removed. The same information and more can be derived when considering the value of battery_charging and usb_cable_state

Renamed fields

• cpu_model -> cpu_type
• ip_address -> device_ip_address
• local_language -> region_language
• local_country_code -> region_country
• memory_size -> physical_memory
• model -> device_name
• network_name -> network_config

Field value changes

• memory_size (now physical_memory) type has been changed to represent the physical memory size in bytes. The return value has also changed from string to double
• The value and type of system_uptime have both changed. The return type is now long instead of string and it indicates the uptime of the system in seconds instead of the hh:mm:ss format.

Integration changes

SDK Integration changes

• Starting from v6 there is a change in SEON’s API Policy. From now on SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that the addition of new fields is handled gracefully.
• The SDK package is available through the Maven Central Repository
• The preferred way to integrate the SDK and its dependencies is through Gradle. Please visit the SDK documentation for an example integration snippet and more information about installing the SDK.
• SeonBuilder.getInstance() has been deprecated. To get a valid Seon object instance, pass the context and your session ID to SeonBuilder() and then call the build() method on the configured instance. For more detailed information and examples, please visit the SDK documentation.
• getFingerprintBase64() returns the fingerprint asynchronously. Thread management is fully handled by the SDK internally and doesn’t require any extra effort from the integration side. For more detailed information and examples, please visit the SDK documentation.
• Introduced the following transitive runtime dependencies for the SDK

• androidx.annotation:annotation:1.6.0
• com.getkeepsafe.relinker:relinker:1.4.4
• com.scottyab:rootbeer-lib:0.1.0

• minSdkVersion has been raised from 15 to 21

Fraud API Integration changes

In v1, the Android SDK sent in the device fingerprint to SEON services automatically, and you could link the device fingerprint with your Fraud API call with the session_id. In v6 the SDK generates a base64 encoded encrypted payload, which has to be sent in with a Fraud API request. The new flow looks like this:

1. Generate the base64 session string in your Android application with calling the SDK’s getFingerprintBase64 method.
2. Send the session string to your backend.
3. Set the session string as the session parameter in your Fraud API request.
4. Call SEON’s Fraud API v2 to send in the configured session. Please refer to the Fraud API v2 documentation for more information.

New fields

• The application’s Globally Unique Identifier
  Type: string
  Fraud API field name: app_guid
  A globally custom unique identifier for the app instance.
• Audio mute status
  Type: boolean
  Fraud API field name: audio_mute_status
  Indicates if the phone is muted or not.
• Current audio volume
  Type: integer
  Fraud API field name: audio_volume_current
  Current level of device system’s volume on a 0 to 100 scale.
• Battery charge status
  Type: boolean
  Fraud API field name: battery_charging
  Indicates if the phone is currently charging or not.
• Battery health status
  Type: string
  Fraud API field name: battery_health
  Indicates the health status of the device’s battery reported by the OS.
• Battery level
  Type: integer
  Fraud API field name: battery_level
  The current level of the device’s battery charge on a 0 to 100 scale.
• Battery temperature
  Type: double
  Fraud API field name: battery_temperature
  The current temperature of the device’s battery in centigrade.
• Battery voltage
  Type: integer
  Fraud API field name: battery_voltage
  The current voltage of the device’s battery in millivolts.
• Biometric authentication Status
  Type: string
  Fraud API field name: biometric_status
  Indicates the status of biometric authentication on the device.
  Useful for determining the end user's security awareness.
• Bootloader state
  Type: string
  Fraud API field name: bootloader_state
  Bootloader lock state, calculation based on system properties.
  High value security information.
• Device build model identifier
  Type: string
  Fraud API field name: build_model
  A human-readable name that represents the marketing or consumer-facing name of the device.
• Carrier country
  Type: string
  Fraud API field name: carrier_country
  Returns the ISO-3166-1 alpha-2 country code equivalent of the MCC (Mobile Country Code) of the current registered operator or the cell nearby, if available.
• Carrier name
  Type: string
  Fraud API field name: carrier_name
  Returns the alphabetic name of current registered operator when if the device has hardware radio access and the user is registered to a network.
• CPU count
  Type: integer
  Fraud API field name: cpu_count
  Returns the number of logical cores.
• CPU speed
  Type: long
  Fraud API field name: cpu_speed
  Returns the nominal cpu clock speed available in Megahertz.
• Developer options state
  Type: string
  Fraud API field name: developer_options_state
  Returns the state of the developer options setting.
  High-value security information which can be tied to fraud and can be determined to id rooted devices or emulators in conjunction with other fields.
• Device cellular ID
  Type: string
  Fraud API field name: device_cellular_id
  Unique identifier of the user's device based on IMEI, MEID, ESN, or IMSI, which is non-resettable. The device must have cellular services.
  Requires permission: READ_PHONE_STATE,ACCESS_NETWORK_STATE
• Device Hash
  Type: string
  Fraud API field name: device_hash
  A strong unique identifier of the user’s device based on SEON’s arbitrary algorithm.
  This property can be used to identify the same device between sessions and even between app reinstalls. More info can be found here.
• Device country based on IP
  Type: string
  Fraud API field name: device_ip_country
  A two-character ISO 3166-1 country code for the country associated with the IP address.
• Device IP ISP
  Type: string
  Fraud API field name: device_ip_isp
  The Internet Service Provider name of the device based on it’s IP.
• Device orientation
  Type: string
  Fraud API field name: device_orientation
  Returns the current orientation of the device.
• Domain Name System IP
  Type: string
  Fraud API field name: dns_ip
  The user’s DNS IP address.
• Domain Name System IP Country
  Type: string
  Fraud API field name: dns_ip_country
  The user’s DNS IP country.
• Domain Name System IP’s Internet Service Provider
  Type: string
  Fraud API field name: dns_ip_isp
  The Internet Service Provider name of the device is based on the DNS IP.
• Free Storage
  Type: long
  Fraud API field name: free_storage
  Returns the current free storage of the device’s file system in bytes.
• Google Service Framework identifier
  Type: string
  Fraud API field name: gsf_id
  Requires permission: com.google.android.providers.gsf.permission.READ_GSERVICES
  Returns a unique identifier which only changes after a factory reset is performed on the device.
• Possibly interfering apps
  Type: string[]
  Fraud API field name: interfering_apps
  Contains the list of installed applications that were given permission to potentially interfere with other applications on the device by our metric.
  Accurate results to the given metric. Applications might interfere with the host application through different methods/permissions, which are not detected here.
• Click automator installed
  Type: boolean
  Fraud API field name: is_click_automator_installed
  Detects if a click automator is installed
  Reliably detecting enabled click automator applications known to us. Returns false negative if the user has a click automator installed which we haven’t added to our blacklist yet.
• Emulator detection
  Type: boolean
  Fraud API field name: is_emulator
  Returns whether the device is possibly an emulator or not.
  Reliably detecting the most popular emulators available. A high-value security information which can be tied to fraud.
• Keyguard secured
  Type: boolean
  Fraud API field name: is_keyguard_secure
  Indicates whether the keyguard is secured by a PIN, pattern, or password or a SIM card is currently locked.
• NFC hardware available
  Type: boolean
  Fraud API field name: is_nfc_available
  Returns whether the device has NFC hardware available.
• NFC features enabled
  Type: boolean
  Fraud API field name: is_nfc_enabled
  Returns whether the device has NFC functionalities enabled.
• Currently is on a phone call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true or false depending on whether the device was on a call while collecting the fingerprint. Detects both cellular and VOIP calls.
• Is device currently being remotely controlled
  Type: boolean
  Fraud API field name: is_remote_control_connected
  Returns whether the device is being remotely controlled by a known remote control application at the time of the fingerprint.
  High-value security information which can be tied to fraud.
• Device is rooted
  Type: boolean
  Fraud API field name: is_rooted
  Returns whether the device is possibly rooted or not.
  High-value security information which can be tied to fraud.
• Is the current screen is being mirrored
  Type: boolean
  Fraud API field name: is_screen_being_mirrored
  Returns whether the device's screen is being mirrored to an additional display. This is triggered by screen sharing, screen mirroring to a television, using a display through HDMI connection, etc. This might be the indicator of the user’s screen content is being visible to someone else in some way.
  High-value security information which can be tied to fraud.
• The kernel’s architecture
  Type: string
  Fraud API field name: kernel_arch
  Information about the device’s kernel architecture.
• Name of the kernel
  Type: string
  Fraud API field name: kernel_name
  Name of the device’s kernel.
• Last boot time
  Type: long
  Fraud API field name: last_boot_time
  Returns when the device booted last time in UNIX time format.
• Pasteboard hash
  Type: string
  Fraud API field name: pasteboard_hash
  A hash created of the content or the content’s description ( API Level 31+ )
• Region timezone
  Type: string
  Fraud API field name: region_timezone
  Returns the device's timezone settings as an offset.
• Connected remote control provider’s name
  Type: string
  Fraud API field name: remote_control_provider
  If is_remote_control_connected is true, this field returns the readable name of detected remote control application, otherwise null.
  Best effort detection of the used tool.
• Screen brightness
  Type: integer
  Fraud API field name: screen_brightness
  Current level of device’s screen brightness ranging between 0 and 100.
• Screen height of the device
  Type: integer
  Fraud API field name: screen_height
  Device’s screen height in pixels.
• Screen scale
  Type: integer
  Fraud API field name: screen_scale
  Returns the scaling factor for the Density Independent Pixel unit.
• Screen width of the device
  Type: integer
  Fraud API field name: screen_width
  Device’s screen width in pixels.
• Sensor hash
  Type: string
  Fraud API field name: sensor_hash
  Returns a hash built from collected information about the available built-in device sensors.
• Session ID
  Type: string
  Fraud API field name: session_id
  A unique identifier of the user session set when initializing the SDK.
• Source
  Type: string
  Fraud API field name: source
  Identifies the SDK version that originated the request.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system timezone’s geopolitical region ID.
• Total storage
  Type: long
  Fraud API field name: total_storage
  Returns the total usable internal storage of the device’s file system in bytes.
• Platform type
  Type: string
  Fraud API field name: type
  Returns the static string androidindicating the platform
• Current USB cable state
  Type: string
  Fraud API field name: usb_cable_state
  Shows if the device is currently being connected to a PC/other device by a USB-cable.
  Being connected to a charger does not affect this value.
• USB debugging setting
  Type: string
  Fraud API field name: usb_debugging_state
  State of USB debugging toggle in developer options.
  If both this and usb_cable_state are true at the same time, the device is possibly connected to ADB debugger.
• Local WiFi network identifier
  Type: string
  Fraud API field name: wifi_ssid
  Requires Permission: ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION, ACCESS_WIFI_STATE
  Name of the WIFI network, the device is connected to.

Removed fields

There were no fields removed.

Renamed fields

• device_id has been renamed to device_cellular_id
• ip_address has been renamed to device_ip_address

Field value changes

• session_id doesn’t need to include the Android_ platform prefix anymore.
• device_hash field is calculated differently, resulting in different values for a given device. This means these values are going to break between versions.

Integration changes

SDK Integration changes

• Starting from v6 there is a change in SEON’s API Policy. From now on SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that addition of new fields is handled gracefully.
• The SDK package is available through Maven Central Repository
• The preferred way to integrate the SDK and its dependencies through Gradle. For an example integration snippet and more information about installing the SDK, please visit the SDK documentation.
• SeonBuilder.getInstance() has been deprecated. To get a valid Seon object instance, pass the context and your session ID to SeonBuilder() and then call the build() method on the configured instance. For more detailed information and examples, please visit the SDK documentation.
• getFingerprintBase64() returns the fingerprint asynchronously. Thread management is fully handled by the SDK internally and doesn’t require any extra effort from the integration side.
  For more detailed information and examples, please visit the SDK documentation.
• Introduced the following transitive runtime dependencies for the SDK

• androidx.annotation:annotation:1.6.0
• com.getkeepsafe.relinker:relinker:1.4.4

• Removed the following transitive runtime dependencies for the SDK

• com.jaredrummler:android-device-names

• minSdkVersion has been raised from 15 to 21
• Removed deprecated interface members:

• SeonBuilder.seon
• SeonBuilder.getInstance()

Fraud API Integration changes

In v2, the Android SDK sent in the device fingerprint to SEON services automatically, and you could link the device fingerprint with your Fraud API call with the session_id. In v6 the SDK generates a base64 encoded encrypted payload, which has to be sent in with a Fraud API request. The new flow looks like this:

1. Generate the base64 session string in your Android application with calling the SDK’s getFingerprintBase64 method.
2. Send the session string to your backend.
3. Set the session string as the session parameter in your Fraud API request.
4. Call SEON’s Fraud API v2 to send in the configured session. Please refer to the Fraud API v2 documentation for more information.

New fields

• Biometric authentication Status
  Type: string
  Fraud API field name: biometric_status
  Indicates the status of biometric authentication on the device.
  Useful for determining the end user's security awareness.
• Bootloader state
  Type: string
  Fraud API field name: bootloader_state
  Bootloader lock state, a calculation based on system properties.
  High-value security information.
• Device build model identifier
  Type: string
  Fraud API field name: build_model
  A human-readable name that represents the marketing or consumer-facing name of the device.
• Developer options state
  Type: string
  Fraud API field name: developer_options_state
  Returns the state of the developer options setting.
  High-value security information which can be tied to fraud and can be determined to id rooted devices or emulators in conjunction with other fields.
• Device cellular ID
  Type: string
  Fraud API field name: device_cellular_id
  Unique identifier of the user's device based on IMEI, MEID, ESN, or IMSI, which is non-resettable. The device must have cellular services.
  Requires permission: READ_PHONE_STATE,ACCESS_NETWORK_STATE
• Device country based on IP
  Type: string
  Fraud API field name: device_ip_country
  A two-character ISO 3166-1 country code for the country associated with the IP address.
• Device IP ISP
  Type: string
  Fraud API field name: device_ip_isp
  The Internet Service Provider name of the device based on its IP.
• Domain Name System IP
  Type: string
  Fraud API field name: dns_ip
  The user’s DNS IP address.
• Domain Name System IP Country
  Type: string
  Fraud API field name: dns_ip_country
  The user’s DNS IP country.
• Domain Name System IP’s Internet Service Provider
  Type: string
  Fraud API field name: dns_ip_isp
  The Internet Service Provider name of the device based on the DNS IP.
• Google Service Framework identifier
  Type: string
  Fraud API field name: gsf_id
  Requires permission: com.google.android.providers.gsf.permission.READ_GSERVICES
  Returns a unique identifier which only changes after a factory reset is performed on the device.
• Possibly interfering apps
  Type: string[]
  Fraud API field name: interfering_apps
  Contains the list of installed applications that were given permission to potentially interfere with other applications on the device by our metric.
  Accurate results to the given metric. Applications might interfere with the host application through different methods/permissions, which are not detected here.
• Click automator installed
  Type: boolean
  Fraud API field name: is_click_automator_installed
  Detects if a click automator is installed
  Reliably detecting enabled click automator applications known to us. Returns false negative if the user has a click automator installed which we haven’t added to our blacklist yet.
• Keyguard secured
  Type: boolean
  Fraud API field name: is_keyguard_secure
  Indicates whether the keyguard is secured by a PIN, pattern or password or a SIM card is currently locked.
• NFC hardware available
  Type: boolean
  Fraud API field name: is_nfc_available
  Returns whether the device has NFC hardware available.
• NFC features enabled
  Type: boolean
  Fraud API field name: is_nfc_enabled
  Returns whether the device has NFC functionalities enabled.
• Currently is on a phone call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true or false depending on whether the device was on a call while collecting the fingerprint. Detects both cellular and VOIP calls.
• Is device currently being remotely controlled
  Type: boolean
  Fraud API field name: is_remote_control_connected
  Returns whether the device is being remotely controlled by a known remote control application at the time of the fingerprint.
  High-value security information which can be tied to fraud.
• Is the current screen is being mirrored
  Type: boolean
  Fraud API field name: is_screen_being_mirrored
  Returns whether the screen of the device is being mirrored to an additional display. This is triggered by screen sharing, screen mirroring to a television, using a display through HDMI connection, etc. This might be the indicator of the user’s screen content is being visible to someone else in some way.
  High-value security information which can be tied to fraud.
• Connected remote control provider’s name
  Type: string
  Fraud API field name: remote_control_provider
  If is_remote_control_connected is true, this field returns the readable name of detected remote control application, otherwise null.
  Best effort detection of the used tool.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system timezone’s geopolitical region ID.
• Platform type
  Type: string
  Fraud API field name: type
  Returns the static string android indicating the platform.
• Current USB cable state
  Type: string
  Fraud API field name: usb_cable_state
  Shows if the device is currently being connected to a PC/other device by a USB cable.
  Being connected to a charger does not affect this value.
• USB debugging setting
  Type: string
  Fraud API field name: usb_debugging_state
  State of USB debugging toggle in developer options.
  If both this and usb_cable_state are true at the same time, the device is possibly connected to ADB debugger.

Removed fields

There were no fields removed.

Renamed fields

There were no renamed fields.

Field value changes

• device_hash field is calculated differently, resulting in different values for a given device. This means these values are going to break between versions.

Integration changes

SDK Integration changes

• Starting from v6, there is a change in SEON’s API Policy. From now on, SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that the addition of new fields is handled gracefully.
• SeonBuilder.getInstance() has been deprecated. To get a valid Seon object instance pass the context and your session ID to SeonBuilder() and then call the build() method on the configured instance. For more detailed information and examples, please visit the SDK documentation.
• getFingerprintBase64() returns the fingerprint asynchronously. Thread management is fully handled by the SDK internally and doesn’t require any extra effort from the integration side.
  For more detailed information and examples, please visit the SDK documentation.
• Introduced the following transitive runtime dependencies for the SDK

• androidx.annotation:annotation:1.6.0
• com.getkeepsafe.relinker:relinker:1.4.4

• Removed the following transitive runtime dependencies for the SDK

• com.jaredrummler:android-device-names

• minSdkVersion has been raised from 15 to 21
• Removed deprecated interface members:

• SeonBuilder.seon
• SeonBuilder.getInstance()

Fraud API Integration changes

There were no Fraud API integration changes.

New fields

Biometric authentication Status

• Type: string
  Fraud API field name: biometric_status
  Indicates the status of biometric authentication on the device.
  Useful for determining the end user's security awareness.
• Bootloader state
  Type: string
  Fraud API field name: bootloader_state
  Bootloader lock state, calculation based on system properties.
  High-value security information.
• Device build model identifier
  Type: string
  Fraud API field name: build_model
  A human-readable name that represents the marketing or consumer-facing name of the device.
• Developer options state
  Type: string
  Fraud API field name: developer_options_state
  Returns the state of the developer options setting.
  High-value security information which can be tied to fraud and can be determined to ID rooted devices or emulators in conjunction with other fields.
• Device orientation
  Type: string
  Fraud API field name: device_orientation
  Returns the current orientation of the device.
• Google Service Framework identifier
  Type: string
  Fraud API field name: gsf_id
  Requires permission: com.google.android.providers.gsf.permission.READ_GSERVICES
  Returns a unique identifier which only changes after a factory reset is performed on the device.
• Possibly interfering apps
  Type: string[]
  Fraud API field name: interfering_apps
  Contains the list of installed applications that were given permission to potentially interfere with other applications on the device by our metric.
  Accurate results to the given metric. Applications might interfere with the host application through different methods/permissions, which are not detected here.
• Click automator installed
  Type: boolean
  Fraud API field name: is_click_automator_installed
  Detects if a click automator is installed
  Reliably detecting enabled click automator applications known to us. Returns false negative if the user has a click automator installed which we haven’t added to our blacklist yet.
• Keyguard secured
  Type: boolean
  Fraud API field name: is_keyguard_secure
  Indicates whether the keyguard is secured by a PIN, pattern, or password or a SIM card is currently locked.
• NFC hardware available
  Type: boolean
  Fraud API field name: is_nfc_available
  Returns whether the device has NFC hardware available.
• NFC features enabled
  Type: boolean
  Fraud API field name: is_nfc_enabled
  Returns whether the device has NFC functionalities enabled.
• Currently is on a phone call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true or false depending on whether the device was on a call while collecting the fingerprint. Detects both cellular and VOIP calls.
• Is device currently being remotely controlled
  Type: boolean
  Fraud API field name: is_remote_control_connected
  Returns whether the device is being remotely controlled by a known remote control application at the time of the fingerprint.
  High-value security information which can be tied to fraud.
• Is the current screen is being mirrored
  Type: boolean
  Fraud API field name: is_screen_being_mirrored
  Returns whether the device's screen is being mirrored to an additional display. This is triggered by screen sharing, screen mirroring to a television, using a display through HDMI connection, etc. This might be the indicator that the user’s screen content is visible to someone else in some way.
  High-value security information which can be tied to fraud.
• Connected remote control provider’s name
  Type: string
  Fraud API field name: remote_control_provider
  If is_remote_control_connected is true, this field returns the readable name of the detected remote control application, otherwise null.
  Best effort detection of the used tool.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system timezone’s geopolitical region ID.
• Current USB cable state
  Type: string
  Fraud API field name: usb_cable_state
  Shows if the device is currently being connected to a PC/other device by a USB cable.
  Being connected to a charger does not affect this value.
• USB debugging setting
  Type: string
  Fraud API field name: usb_debugging_state
  State of USB debugging toggle in developer options.
  If both this and usb_cable_state are true at the same time, the device is possibly connected to ADB debugger.

Removed fields

There were no fields removed.

Renamed fields

There were no renamed fields.

Field value changes

• device_hash field is calculated differently, resulting in different values for a given device. This means these values are going to break between versions.

Integration changes

SDK Integration changes

• Starting from v6, there is a change in SEON’s API Policy. From now on SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that the addition of new fields is handled gracefully.
• Removed the following transitive runtime dependencies for the SDK

• com.jaredrummler.android-device-names:1.1.8

• Removed deprecated interface members:

• SeonBuilder.seon
• SeonBuilder.getInstance()

Fraud API Integration changes

There were no Fraud API integration changes.

New fields

• Biometric authentication Status
  Type: string
  Fraud API field name: biometric_status
  Indicates the status of biometric authentication on the device.
  Useful for determining the end user's security awareness.
• Bootloader state
  Type: string
  Fraud API field name: bootloader_state
  Bootloader lock state, calculation based on system properties.
  High-value security information.
• Device build model identifier
  Type: string
  Fraud API field name: build_model
  A human-readable name that represents the marketing or consumer-facing name of the device.
• Developer options state
  Type: string
  Fraud API field name: developer_options_state
  Returns the state of the developer options setting.
  High-value security information which can be tied to fraud and can be determined to id rooted devices or emulators in conjunction with other fields.
• Device orientation
  Type: string
  Fraud API field name: device_orientation
  Returns the current orientation of the device.
• Google Service Framework identifier
  Type: string
  Fraud API field name: gsf_id
  Requires permission: com.google.android.providers.gsf.permission.READ_GSERVICES
  Returns a unique identifier which only changes after a factory reset is performed on the device.
• Possibly interfering apps
  Type: string[]
  Fraud API field name: interfering_apps
  Contains the list of installed applications that were given permission to potentially interfere with other applications on the device by our metric.
  Accurate results to the given metric. Applications might interfere with the host application through different methods/permissions, which are not detected here.
• Click automator installed
  Type: boolean
  Fraud API field name: is_click_automator_installed
  Detects if a click automator is installed
  Reliably detecting enabled click automator applications known to us. Returns false negative if the user has a click automator installed which we haven’t added to our blacklist yet.
• Keyguard secured
  Type: boolean
  Fraud API field name: is_keyguard_secure
  Indicates whether the keyguard is secured by a PIN, pattern or password or a SIM card is currently locked.
• NFC hardware available
  Type: boolean
  Fraud API field name: is_nfc_available
  Returns whether the device has NFC hardware available.
• NFC features enabled
  Type: boolean
  Fraud API field name: is_nfc_enabled
  Returns whether the device has NFC functionalities enabled.
• Currently is on a phone call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true or false depending on whether the device was on a call while collecting the fingerprint. Detects both cellular and VOIP calls.
• Is device currently being remotely controlled
  Type: boolean
  Fraud API field name: is_remote_control_connected
  Returns whether the device is being remotely controlled by a known remote control application at the time of the fingerprint.
  High-value security information which can be tied to fraud.
• Is the current screen being mirrored
  Type: boolean
  Fraud API field name: is_screen_being_mirrored
  Returns whether the screen of the device is being mirrored to an additional display. This is triggered by screen sharing, screen mirroring to a television, using a display through HDMI connection, etc. This might be the indicator of the user’s screen content is being visible to someone else in some way.
  High-value security information which can be tied to fraud.
• Connected remote control provider’s name
  Type: string
  Fraud API field name: remote_control_provider
  If is_remote_control_connected is true, this field returns the readable name of detected remote control application, otherwise null.
  Best effort detection of the used tool.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system timezone’s geopolitical region ID.
• Current USB cable state
  Type: string
  Fraud API field name: usb_cable_state
  Shows if the device is currently being connected to a PC/other device by a USB cable.
  Being connected to a charger does not affect this value.
• USB debugging setting
  Type: string
  Fraud API field name: usb_debugging_state
  State of USB debugging toggle in developer options.
  If both this and usb_cable_state are true at the same time, the device is possibly connected to ADB debugger.

Removed fields

There were no fields removed.

Renamed fields

There were no renamed fields.

Field value changes

device_hash field is calculated differently, resulting in different values for a given device. This means these values are going to break between versions.

Integration changes

SDK Integration changes

• Starting from v6, there is a change in SEON’s API Policy. From now on SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that the addition of new fields is handled gracefully.
• Removed deprecated interface members:

• SeonBuilder.seon
• SeonBuilder.getInstance()

Fraud API Integration changes

There were no Fraud API integration changes.

New fields

• Biometric authentication Status
  Type: string
  Fraud API field name: biometric_status
  Indicates the status of biometric authentication on the device.
  Useful for determining the end user's security awareness.
• Bootloader state
  Type: string
  Fraud API field name: bootloader_state
  Bootloader lock state, calculation based on system properties.
  High-value security information.
• Device build model identifier
  Type: string
  Fraud API field name: build_model
  A human-readable name that represents the marketing or consumer-facing name of the device.
• Developer options state
  Type: string
  Fraud API field name: developer_options_state
  Returns the state of the developer options setting.
  High-value security information which can be tied to fraud and can be determined to ID rooted devices or emulators in conjunction with other fields.
• Device orientation
  Type: string
  Fraud API field name: device_orientation
  Returns the current orientation of the device.
• Google Service Framework identifier
  Type: string
  Fraud API field name: gsf_id
  Requires permission: com.google.android.providers.gsf.permission.READ_GSERVICES
  Returns a unique identifier which only changes after a factory reset is performed on the device.
• Possibly interfering apps
  Type: string[]
  Fraud API field name: interfering_apps
  Contains the list of installed applications that were given permissions to potentially interfere with other applications on the device by our metric.
  Accurate results to the given metric. Applications might interfere with the host application through different methods/permissions, which are not detected here.
• Click automator installed
  Type: boolean
  Fraud API field name: is_click_automator_installed
  Detects if a click automator is installed
  Reliably detecting enabled click automator applications known to us. Returns false negative if the user has a click automator installed which we haven’t added to our blacklist yet.
• Keyguard secured
  Type: boolean
  Fraud API field name: is_keyguard_secure
  Indicates whether the keyguard is secured by a PIN, pattern or password or a SIM card is currently locked.
• NFC hardware available
  Type: boolean
  Fraud API field name: is_nfc_available
  Returns whether the device has NFC hardware available.
• NFC features enabled
  Type: boolean
  Fraud API field name: is_nfc_enabled
  Returns whether the device has NFC functionalities enabled.
• Currently is on a phone call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true or false depending on whether the device was on a call while collecting the fingerprint. Detects both cellular and VOIP calls.
• Is device currently being remotely controlled
  Type: boolean
  Fraud API field name: is_remote_control_connected
  Returns whether the device is being remotely controlled by a known remote control application at the time of the fingerprint.
  High-value security information which can be tied to fraud.
• Is the current screen is being mirrored
  Type: boolean
  Fraud API field name: is_screen_being_mirrored
  Returns whether the screen of the device is being mirrored to an additional display. This is triggered by screen sharing, screen mirroring to a television, using a display through HDMI connection, etc. This might be the indicator that the user’s screen content is visible to someone else in some way.
  High-value security information which can be tied to fraud.
• Connected remote control provider’s name
  Type: string
  Fraud API field name: remote_control_provider
  If is_remote_control_connected is true, this field returns the readable name of the detected remote control application, otherwise null.
  Best effort detection of the used tool.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system timezone’s geopolitical region ID.
• Current USB cable state
  Type: string
  Fraud API field name: usb_cable_state
  Shows if the device is currently being connected to a PC/other device by a USB cable.
  Being connected to a charger does not affect this value.
• USB debugging setting
  Type: string
  Fraud API field name: usb_debugging_state
  State of USB debugging toggle in developer options.
  If both this and usb_cable_state are true at the same time, the device is possibly connected to ADB debugger.

Removed fields

• cpu_speed
• file_system_size
• has_proximity_sensor
• screen_resolution - there are two separate fields where the information can be derived from screen_width and screen_height.

Renamed fields

accessories_number -> accessories_count.

app_platform_type -> device_name.

currency_code -> region_country.

icloud_ubiqility_token -> icloud_ubiquity_token.

intcpu_count -> cpu_count.

ip_address -> device_ip_address.

local_language -> region_language.

Field value changes

• accessories_number (now accessories_count) value has been changed from string to integer.
• battery_level value has changed from string to integer.
• intcpu_count (now cpu_count) value has changed from string to integer.
• system_uptime value has changed from string to integer.
• physical_memory value has changed from string to integer.

Integration changes

SDK Integration changes

• Starting from iOS SDK v5.0.0, there is a change in SEON’s API Policy. From now on SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that addition of new fields is handled gracefully.
• Minimum deployment target has been raised to iOS 11.0
• SeonFingerprint class has been renamed to SEONFingerprint
• The fingerprinting process is no longer automatically generated and sent in to SEON’s Fraud API once the App gets focus. The method getFingerprintBase64 has to be called explicitly to get the session data to be attached to a Fraud API v2 request. For more information please refer to the Fraud API integration changes section.
• getFingerprintBase64’s completion handler now returns an NSError object which contains details about possible integration and runtime errors. For now the following errors are forwarded by the SDK:

• SEONErrorInvalidSessionID
• SEONErrorFingerprintFailed

• The SDK binary is being distributed as an XCFramework instead of a Universal Binary format, optimizing compatibility for multiple platforms in one package. This shift streamlines integration with Xcode's build system, enhancing performance and ensuring a unified experience while also adheres to Apple’s development guidelines.
• The iOS SDK has been also made available through the Swift Package Manager. This doesn’t affect the SDK’s availability through CocoaPods, it’s still supported to integrate the SDK as a pod. You can find more information about integrating it as a swift package here.

Fraud API Integration changes

In v1 the iOS SDK sent in the device fingerprint to SEON services automatically, and you could link the device fingerprint with your Fraud API call with the session_id. In v5 the SDK generates a base64 encoded encrypted payload, which has to be sent in with a Fraud API request. The new flow looks like this:

1. Generate the base64 session string in your Android application with calling the SDK’s getFingerprintBase64 method.
2. Send the session string to your backend.
3. Set the session string as the session parameter in your Fraud API request.
4. Call SEON’s Fraud API v2 to send in the configured session. Please refer to the Fraud API v2 documentation for more information.

New fields

• Audio mute status
  Type: boolean
  Fraud API field name: audio_mute_status
  Indicates if the phone is muted or not.
• Current audio volume
  Type: integer
  Fraud API field name: audio_volume_current
  Current level of device system’s volume on a 0 to 100 scale.
• Battery charge status
  Type: boolean
  Fraud API field name: battery_charging
  Indicates if the phone is currently charging or not.
• Email setup state
  Type: boolean
  Fraud API field name: can_send_mail
  Returns whether the device is set up to send and receive emails.
  Information on whether the device is set up for use properly.
• Texting setup state
  Type: boolean
  Fraud API field name: can_send_text
  Returns whether the device is set up to send and receive text messages or iMessage.
  Information on whether the device is set up for use properly.
• Device Hash
  Type: string
  Fraud API field name: device_hash
  A strong unique identifier of user’s device based on SEON’s arbitrary algorithm.
  This property can be used to identify the same device between sessions and even between app reinstalls. More info can be found here.
• Device country based on IP
  Type: string
  Fraud API field name: device_ip_country
  A two-character ISO 3166-1 country code for the country associated with the IP address.
• Device IP ISP
  Type: string
  Fraud API field name: device_ip_isp
  The Internet Service Provider name of the device based on it’s IP.
• Domain Name System IP
  Type: string
  Fraud API field name: dns_ip
  The user’s DNS IP address.
• Domain Name System IP Country
  Type: string
  Fraud API field name: dns_ip_country
  The user’s DNS IP country.
• Domain Name System IP’s Internet Service Provider
  Type: string
  Fraud API field name: dns_ip_isp
  The Internet Service Provider name of the device based on the DNS IP.
• Biometrics status
  Type: boolean
  Fraud API field name: is_biometrics_enabled
  Indicates the status whether some kind of biometric authentication is enabled on the device or not.
• Emulator detection
  Type: boolean
  Fraud API field name: is_emulator
  Returns whether the device is possibly an emulator or not.
  Reliably detecting the most popular emulators available. A high-value security information which can be tied to fraud.
• Host application is running on MacOS
  Type: boolean
  Fraud API field name: is_ios_app_on_mac
  Returns true if the host process is an iOS app running on a Mac. The value of the property is also true for apps built using Mac Catalyst.
  Useful output about the environment the host application is running in.
• Device is jailbroken
  Type: boolean
  Fraud API field name: is_jailbroken
  Returns whether the device is possibly jailbroken or not.
  Useful output about the environment the host application is running in.
• Currently is on a phone call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true or false depending on whether the device was on a call while collecting the fingerprint. Detects both cellular and VOIP calls.
• Passcode lock is enabled
  Type: boolean
  Fraud API field name: is_passcode_enabled
  Returns true if the device is set up to authenticate the user with a passcode.
  Useful for determining the end user's security awareness.
• Screen is being captured
  Type: boolean
  Fraud API field name: is_screen_captured
  Returns true if the device’s screen is currently being captured during the fingerprint collection.
  High-value security information which can be tied to fraud.
• The kernel’s architecture
  Type: string
  Fraud API field name: kernel_arch
  Information about the device’s kernel architecture.
• Name of the kernel
  Type: string
  Fraud API field name: kernel_name
  Name of the device’s kernel.
• Pasteboard hash
  Type: string
  Fraud API field name: pasteboard_hash
  A hash created of the content or the content’s description ( iOS 14.0+ )
• Region timezone
  Type: string
  Fraud API field name: region_timezone
  Returns the device's timezone settings as an offset.
• Screen height of the device
  Type: integer
  Fraud API field name: screen_height
  Device’s screen height in pixels.
• Screen width of the device
  Type: integer
  Fraud API field name: screen_width
  Device’s screen width in pixels.
• Source
  Type: string
  Fraud API field name: source
  Identifies the SDK version that originated the request.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system time zone’s geopolitical region ID. E.g.: Europe/Budapest.
  Another source of locale information.
• Platform type
  Type: string
  Fraud API field name: type
  Returns the static string ios indicating the platform
• Local WiFi network identifier
  Type: string
  Fraud API field name: wifi_ssid
  Requires Optional Permission:
  Access WiFi Information entitlement for wifi_mac_address and wifi_ssid
  Core Location permission for wifi_mac_address and wifi_ssid (starting from iOS 13)
  Name of the WIFI network, the device is connected to.

Removed fields

The following fields are no longer collected and removed from the Fraud API response to comply with Apple’s required reason API policy.

• carrier_country
• carrier_name
• free_storage
• last_boot_time
• total_storage

Renamed fields

There were no renamed fields.

Field value changes

• device_hash field is calculated differently, resulting in different values for a given device. This means these values are going to break between versions.
• region_language Instead of the language tag format (“en-EN”) , the value now conforms to the ISO 3166 alpha-2 country code format (“en”).

Integration changes

SDK Integration changes

• Starting from iOS SDK v5.0.0 there is a change in SEON’s API Policy. From now on SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that addition of new fields is handled gracefully.
• Minimum deployment target has been raised to iOS 11.0
• SeonFingerprint class has been renamed to SEONFingerprint
• scanFingerprint has been renamed to getFingerprintBase64 and changed to return the fingerprint asynchronously. Thread management is fully handled by the SDK internally and doesn’t require any extra effort from the integration side.
• getFingerprintBase64’s completion handler now returns an NSError object which contains details about possible integration and runtime errors. For now the following errors are forwarded by the SDK:

• SEONErrorInvalidSessionID
• SEONErrorFingerprintFailed

• The SDK binary is being distributed as an XCFramework instead of a Universal Binary format, optimizing compatibility for multiple platforms in one package. This shift streamlines integration with Xcode's build system, enhancing performance and ensuring a unified experience while also adheres to Apple’s development guidelines.
• The iOS SDK has been also made available through the Swift Package Manager. This doesn’t affect the SDK’s availability through CocoaPods, it’s still supported to integrate the SDK as a pod. You can find more information about integrating it as a swift package here.

Fraud API Integration changes

In v2, the iOS SDK sent in the device fingerprint to SEON services automatically, and you could link the device fingerprint with your Fraud API call with the session_id. In v5 the SDK generates a base64 encoded encrypted payload, which has to be sent in with a Fraud API request. The new flow looks like this:

1. Generate the base64 session string in your Android application with calling the SDK’s getFingerprintBase64 method.
2. Send the session string to your backend.
3. Set the session string as the session parameter in your Fraud API request.
4. Call SEON’s Fraud API v2 to send in the configured session. Please refer to the Fraud API v2 documentation for more information.

New fields

• Email setup state
  Type: boolean
  Fraud API field name: can_send_mail
  Returns whether the device is setup to send and receive emails.
  Information whether the device is set up for use properly.
• Texting setup state
  Type: boolean
  Fraud API field name: can_send_text
  Returns whether the device is set up to send and receive text messages or iMessage.
  Information on whether the device is set up for use properly.
• Device IP
  Type: string
  Fraud API field name: device_ip_address
  The IP address of the device where the fingerprint is originating from.
• Device country based on IP
  Type: string
  Fraud API field name: device_ip_country
  A two-character ISO 3166-1 country code for the country associated with the IP address.
• Device IP ISP
  Type: string
  Fraud API field name: device_ip_isp
  The Internet Service Provider name of the device based on its IP.
• Domain Name System IP
  Type: string
  Fraud API field name: dns_ip
  The user’s DNS IP address.
• Domain Name System IP Country
  Type: string
  Fraud API field name: dns_ip_country
  The user’s DNS IP country.
• Domain Name System IP’s Internet Service Provider
  Type: string
  Fraud API field name: dns_ip_isp
  The Internet Service Provider name of the device based on the DNS IP.
• Biometrics state
  Type: boolean
  Fraud API field name: is_biometrics_enabled
  Returns whether any kind ( either fingerprint or FaceID ) of biometric authentication is enabled on the device or not.
  Useful for determining the end user's security awareness.
• Host application is running on MacOS
  Type: boolean
  Fraud API field name: is_ios_app_on_mac
  Returns true if the host process is an iOS app running on a Mac. The value of the property is also true for apps built using Mac Catalyst.
  Useful output about the environment the host application is running in.
• Device is on call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true if the device is engaged in an ongoing call during the fingerprint collection. Detects both cellular and VOIP calls.
  High-value security information which can be tied to fraud.
• Passcode lock is enabled
  Type: boolean
  Fraud API field name: is_passcode_enabled
  Returns true if the device is set up to authenticate the user with a passcode.
  Useful for determining the end user's security awareness.
• Screen is being captured
  Type: boolean
  Fraud API field name: is_screen_captured
  Returns true if the device’s screen is currently being captured during the fingerprint collection.
  High-value security information which can be tied to fraud.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system time zone’s geopolitical region ID. E.g.: Europe/Budapest.
  Another source of locale information.
• Platform type
  Type: string
  Fraud API field name: type
  Returns the static string ios indicating the platform.

Removed fields

The following fields are no longer collected and removed from the Fraud API response to comply with Apple’s required reason API policy.

• carrier_country
• carrier_name
• free_storage
• last_boot_time
• total_storage

Renamed fields

There were no renamed fields.

Field value changes

• device_hash field is calculated differently, resulting in different values for a given device. This means these values are going to break between versions.

Integration changes

SDK Integration changes

• Starting from iOS SDK v5.0.0, there is a change in SEON’s API Policy. From now on SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that the addition of new fields is handled gracefully.
• Minimum deployment target has been raised to iOS 11.0
• SeonFingerprint class has been renamed to SEONFingerprint
• fingerprintBase64 has been renamed to getFingerprintBase64 and changed to return the fingerprint asynchronously. Thread management is fully handled by the SDK internally and doesn’t require any extra effort from the integration side.
• getFingerprintBase64’s completion handler now returns an NSError object which contains details about possible integration and runtime errors. For now the following errors are forwarded by the SDK:

• SEONErrorInvalidSessionID
• SEONErrorFingerprintFailed

• The SDK binary is being distributed as an XCFramework instead of a Universal Binary format, optimizing compatibility for multiple platforms in one package. This shift streamlines integration with Xcode's build system, enhancing performance and ensuring a unified experience while also adheres to Apple’s development guidelines.
• The iOS SDK has been also made available through the Swift Package Manager. This doesn’t affect the SDK’s availability through CocoaPods, it’s still supported to integrate the SDK as a pod. You can find more information about integrating it as a swift package here.

Fraud API Integration changes

There were no Fraud API integration changes.

New fields

• Email setup state
  Type: boolean
  Fraud API field name: can_send_mail
  Returns whether the device is setup to send and receive emails.
  Information whether the device is set up for use properly.
• Texting setup state
  Type: boolean
  Fraud API field name: can_send_text
  Returns whether the device is set up to send and receive text messages or iMessage.
  Information on whether the device is set up for use properly.
• Biometrics state
  Type: boolean
  Fraud API field name: is_biometrics_enabled
  Returns whether any kind ( either fingerprint or FaceID ) of biometric authentication is enabled on the device or not.
  Useful for determining the end user's security awareness.
• Host application is running on MacOS
  Type: boolean
  Fraud API field name: is_ios_app_on_mac
  Returns true if the host process is an iOS app running on a Mac. The value of the property is also true for apps built using Mac Catalyst.
  Useful output about the environment the host application is running in.
• Device is on call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true if the device is engaged in an ongoing call during the fingerprint collection. Detects both cellular and VOIP calls.
  High-value security information which can be tied to fraud.
• Passcode lock is enabled
  Type: boolean
  Fraud API field name: is_passcode_enabled
  Returns true if the device is setup to authenticate the user with a passcode.
  Useful for determining the end user's security awareness.
• Screen is being captured
  Type: boolean
  Fraud API field name: is_screen_captured
  Returns true if the device’s screen is currently being captured during the fingerprint collection.
  High-value security information which can be tied to fraud.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system time zone’s geopolitical region ID. E.g.: Europe/Budapest.
  Another source of locale information.

Removed fields

The following fields are no longer collected and removed from the Fraud API response to comply with Apple’s required reason API policy.

• carrier_country
• carrier_name
• free_storage
• last_boot_time
• total_storage

Renamed fields

There were no renamed fields.

Field value changes

• device_hash field is calculated differently, resulting in different values for a given device. This means these values are going to break between versions.

Integration changes

SDK Integration changes

• Starting from iOS SDK v5.0.0 there is a change in SEON’s API Policy. From now on SEON might introduce new fields in the SDK with minor versions. We advise you to integrate in a way that addition of new fields is handled gracefully.
• Minimum deployment target has been raised to iOS 11.0
• SeonFingerprint class has been renamed to SEONFingerprint
• fingerprintBase64With has been renamed to getFingerprintBase64 and changed to return the fingerprint asynchronously. Thread management is fully handled by the SDK internally and doesn’t require any extra effort from the integration side.
• getFingerprintBase64’s completion handler now returns an NSError object which contains details about possible integration and runtime errors. For now the following errors are forwarded by the SDK:

• SEONErrorInvalidSessionID
• SEONErrorFingerprintFailed

• The iOS SDK has been also made available through the Swift Package Manager. This doesn’t affect the SDK’s availability through CocoaPods, it’s still supported to integrate the SDK as a pod. You can find more information about integrating it as a swift package here.

Fraud API Integration changes

There were no Fraud API integration changes.

New fields

• Email setup state
  Type: boolean
  Fraud API field name: can_send_mail
  Returns whether the device is setup to send and receive emails.
  Information whether the device is set up for use properly.
• Texting setup state
  Type: boolean
  Fraud API field name: can_send_te
  Returns whether the device is set up to send and receive text messages or iMessage.
  Information on whether the device is set up for use properly.
• Biometrics state
  Type: boolean
  Fraud API field name: is_biometrics_enabled
  Returns whether any kind ( either fingerprint or FaceID ) of biometric authentication is enabled on the device or not.
  Useful for determining the end user's security awareness.
• Host application is running on MacOS
  Type: boolean
  Fraud API field name: is_ios_app_on_mac
  Returns true if the host process is an iOS app running on a Mac. The value of the property is also true for apps built using Mac Catalyst.
  Useful output about the environment the host application is running in.
• Device is on call
  Type: boolean
  Fraud API field name: is_on_call
  Returns true if the device is engaged in an ongoing call during the fingerprint collection. Detects both cellular and VOIP calls.
  High-value security information which can be tied to fraud.
• Passcode lock is enabled
  Type: boolean
  Fraud API field name: is_passcode_enabled
  Returns true if the device is set up to authenticate the user with a passcode.
  Useful for determining the end user's security awareness.
• Screen is being captured
  Type: boolean
  Fraud API field name: is_screen_captured
  Returns true if the device’s screen is currently being captured during the fingerprint collection.
  High-value security information which can be tied to fraud.
• Timezone identifier
  Type: string
  Fraud API field name: timezone_identifier
  Returns the current system time zone’s geopolitical region ID. E.g.: Europe/Budapest.
  Another source of locale information.