SEON's API-based architecture makes our solution extremely flexible. Integrate different APIs – with various unique parameters and timeouts – to different parts of your user journey. Prevent fraud by using the right tools at the right time.

Core APIs

• Fraud API: A modular API that combines our our email, phone number, IP, BIN, and AML APIs with device fingerprinting so that you can request and receive our enriched data, rules, and scoring in a single API call. We recommend integrating the fraud management APIs for proper feedback handling and rule control.
• Device Intelligence: It collects and analyzes device data to identify unique devices, detect suspicious configurations such as residential proxies, remote access, or bot behavior, and leverages behavioral biometrics to spot anomalies in user interactions. This involves integrating JavaScript modules or SDKs for iOS and Android, and sending the collected session data to SEON via the Fraud API to enable device fingerprinting and behavioral analysis.

Standalone APIs

• AML API: Complement your fraud prevention toolkit with anti-money laundering tools. AML API makes anti-money laundering checks efficient and pain-free.
• AML Entity API: Our entity search enables you to query organizations via the AML API to determine whether they appear on any Sanctions or Watchlists, helping you ensure compliance and avoid engagement with high-risk or flagged entities.
• Email API: Our standalone email enrichment tool that will help you learn about the approximate minimum age of an email address, its provider, and any connected online profiles.
• Email Verification API: Our quick email verification tool will tell you whether an email address is valid and deliverable using a  fast SMTP-MX check.
• Phone API: Unlock insights into a user's phone number's history, and social or digital profiles connected to it, using SEON's standalone phone number enrichment solution.
• IP API: Identify suspicious VPN and proxy connections and pinpoint users with accurate geolocation information relying on our standalone IP address data enrichment API.
• BIN API: Unearth information about a card's bank, issuer, country, type, and validity using our BIN API. Identify pre-paid, gift, and credit cards to counter payment fraud effectively.
• Geofence API: The standalone Geofence API integrates effortlessly with SEON’s Device Intelligence SDKs to analyze device geolocation against predefined geofences. It provides accurate, compliance-ready location data and insights into location behavior, enabling businesses to enhance security, manage geofence interactions, and improve operational efficiency.

Data Governance APIs

• Self Exclusion API: Online gambling operators can enable self-exclusion lists using our bespoke API if required by law. The API uses the email address, phone number, full name, date of birth, user country, and user zip fields.
• Erase API: Under certain data protection regulations, companies that handle personal data are required to delete it upon request. With our Erase API, you can erase all data related to one or multiple users by providing email addresses or user IDs.
• User Actions API: SEON's User Actions API is a security information and event management solution. User Actions API takes events from the Logs page on the SEON Admin Panel that occurred between two specified points in time and sends them to the defined endpoint.

Fraud Management APIs for our Core APIs

• Tag API: Enables the categorization of transactions with tags that can be managed and filtered directly from the SEON Admin Panel.
• Label API: Automates feedback into SEON's machine learning algorithms, enhancing the system’s accuracy by reducing false positives and negatives.
• List API: Facilitates the addition of data points to blacklists, whitelists, or custom lists with the ability to modify associated request and response parameters.
• Exclude User from Rule API: Prevents specific users from being affected by certain custom rules, ideal for flexible API-driven fraud management setups.

Authentication 

Our API uses a standard HTTP Authorization header. This protects your account and the data within it, so only you and SEON can access them.        

You must provide authentication for all API requests using the following format:  
X-API-KEY: [license_key]

Note: Note: Please replace [license_key]  with your unique license_key found above or on the Organization page.

Error Details

In case of problems with the API request payload or authentication, SEON returns specific error codes in the error property of the response body. You should be able to understand the exact issue based on the returned error codes.  

For a detailed list of error codes, please check the API Reference - Error codes.

Rate Limits

Rate limits are in place to prevent misuse and overloading of our systems. The limit takes into account all requests with a specific license key, not individual API requests.  

There is a 2 request/second limit for trial accounts. After the trial period, this limit increases to 10 requests/second. 

In case the rate limit is hit SEON returns 429 HTTP response code, in this case, please get in touch with our support team in case you wish to increase your rate limit.  

Timeout logic

All client integrations should be able to cope with client-side timeout responses to avoid timeout errors in case of degraded API performance. We recommend adding at least 500-1000 ms to the timeout set on the SEON's setting page when configuring timeout in your back-side API implementation. 

Learn more: For more details read the Timeouts page of our Integration overview, to learn how you can change your timeout settings head to the guide in our Knowledge Base.

At its core, our fraud prevention platform operates in three simple steps:

1. You send user / transaction / device data.
2. We enrich the data and deliver a risk score based on rules.
3. You give feedback on the results.

Integration timeline

You can find a detailed timeline here to see how long it takes to get results with SEON.

All the user, transaction and device data is sent via the Fraud API. Your first step is to define payloads for the API, populating it with as many relevant data points as possible. All the fields are optional, but the more you fill, the more precise our results will be.

• For custom business-specific data points, use the custom_fields object.
• The config object helps you to fine-tune settings such as versions, response and aggregating data enrichment APIs, when required.
• You must define the authentication points aka. action_type-s (account_register, account_login, purchase etc.) where risk assessment data can be collected or fraud should be prevented.
• For device fingerprinting, you can use our JavaScript snippet for web apps, and the SDKs for iOS and Android mobile apps. Use the session to send the encrypted payload returned by the SDK (supported by JS Agent v4, iOS SDK 3.0.1, Android SDK 3.0.2) for device data collection.

Custom support

Please get in touch with your dedicated account manager to tailor and validate your specific payloads.

SEON is designed to give you full transparency behind every score and decision (a.k.a. state). This is why every data point will be available in the response.

By default, the fraud scores are based on preset rules, which can be reviewed in the Scoring Engine. A score of 10+ is considered risky. Standard thresholds for each state are:

Providing feedback is the key to refining the rules and getting more precise fraud scores. This is particularly important when discovering false positives and false negatives.

Every transaction state should therefore be set to the appropriate category:

You can label any transaction that exists in SEON with Label API. SEON provides defined label values for use cases, which cannot be modified. Labels can be either negative or positive.

Tip: Need help getting started? Select the API you want to integrate in the menu on the left.