Devices Intelligence Widget

As part of the data enrichment magic SEON does, you can get valuable information about the device and system specifications of the gadgets user actions are traced back to. We use device fingerprinting to gather this information which comes in very handy when trying to catch a fraudster. Here’s everything you need to know about the Device and OS widget on the Transaction Details pages.

Learn more: Looking for different widgets? Check these pages:
Transaction Details – Widgets Overview
Data enrichment widgets
AML widget
Custom fields and industry-specific widgets

Integrating SEON Device Fingerprinting allows the collection of a range of information about the user’s client device. Device Fingerprinting Modules are available for JavaScript or as a mobile SDK (iOS and Android).

Learn more: To learn more about how the system works, please refer to the Device Fingerprinting Documentation.

If the device widget is not active and showing as no data being received, please make sure you have set up your integration correctly. Our API Documentation can help to understand what may have gone wrong, and our support team is ready to help with any troubleshooting.

We collect more than 90 different data points using our JavaScript SDKs to provide you with the clearest possible picture of user devices; you can find a full list of these in our API Documentation.
 

Device Intelligence Highlights

The widget now features a new display of data, highlighting the most important data points in an easily comparable view. This improvement will help you quickly identify key information and make informed decisions when analyzing user actions.

Device risk scoring

Each device shown in the widget has an individual risk score, located in the top section.

SEON's fraud experts analyze data from different fraud rings and malicious attacks, identifying patterns and creating rules to detect signs of fraud such as bots, device spoofing, and more. These rules contribute to the final device risk score. A device score of 4 or higher is considered suspicious.

The Device & OS Widget now organizes data into several categories, offering a structured and transparent view of the information you need. Each category is designed to help you identify fraud risks, analyze device behaviors, and make informed decisions.

You can easily access an in-depth view of all the data fields in each category by clicking the drop-down arrow on the right.

Device Identification

• True Device ID: Next-generation device identification technology that analyzes a combination of browser, device, and network signals to combine SEON’s main 3 identification hashes into one ultimate hash
• Additional identification hashes: Device and Browser identifiers
  • Cookie Hash: The most unique identifier for shared devices, as it links transactions from the same browser and device. Clearing cookies will change this hash.
  • Browser Hash: Accurate identifier based on the browser profile, including screen resolution, hardware, plugins, and other features. This helps track shared devices and suspicious activity.
  • Device Hash: Accurate identifier for a specific device based on its hardware, used for linking multiple transactions to a single device.

Specific hashes: 

For enhanced fraud detection like spoofing hash or Math Hash.

Learn more: For further details on device identification and how it supports fraud detection, please check our dedicated knowledge base article the Understanding the Hashes - Device Identification with SEON Device Intelligence.

Device Safety

• Suspicious Flags: Flags are triggered based on known fraud patterns such as device spoofing, bots, and other anomalies. Suspicious Flags integrated with Behavior Biometrics allows for more precise risk detection and a deeper understanding of user behavior, especially when fraud rings or malicious activity are suspected.
• Fraud detection related device security and integrity datapoints.

Learn more: For more on risk scoring and suspicious flags, refer to the SDK Documentation on GitHub.

Location

• Geolocation Data: Newly added geolocation data points that help you identify the location of the device and detect potential fraud risks related to unusual locations or patterns.
• Location Mismatch: Differences between the device's location and the network or IP location could be flagged as suspicious.

Learn more: Access to the geolocation fields may require upgrading your SDK. For more information, please visit the SDK Documentation on GitHub.

Network

• Residential proxy and VPN detection: Based on network fingerprinting our Device Intelligence solution is capable to detect proxy and vpn usage
• WebRTC IP and DNS IP Checks
• IP location detection with country and region support

Learn more: Learn more about how network checks can support fraud detection in the Fraud API Documentation.

User Preferences

• Language and Region Settings: Track discrepancies between the user's language and region settings versus the device's settings.
• Timezone Offset: Analyze differences between the device’s timezone and IP location to spot suspicious behavior.

Software Environment

• OS and Browser Information: Details about the operating system, browser version, and other software components to detect suspicious setups or spoofed environments.
• Software Configuration: Insights into app and software configurations that may indicate fraudulent activity or unusual setups.

Display

• Screen Resolution and Window Size: Key attributes for identifying cloned devices or unusual user behavior patterns. Significant discrepancies in display settings can indicate fraud.
• Orientation and Display Settings: These are used to flag potential fraud when they differ from the expected behavior of a device.

Hardware Environment

• Hardware Fingerprint: Unique hardware identifiers for devices that help link multiple transactions to the same device.
• Device Specifications: Detailed information about the device’s hardware, such as the model and manufacturer, used to detect fraudulent or suspicious devices.

Device Status

Detailed device status 

with hardware and software characteristics.

Start using the Device Widget Now

We have made the new enhanced view available by default to all our customers at no additional cost.

If you encounter any issues with the widget not showing data, please ensure your integration is set up correctly. Our API Documentation and support team are available to assist you.

Our Geolocation Monitoring Widget helps you track and verify user locations in real time, ensuring secure transactions and minimizing fraud risks. This tool is essential for businesses that require location validation for compliance and security purposes.

The Geolocation Monitoring Widget consists of three main sections that provide insights into user location data and risk indicators. These sections help businesses review geofence API transaction results, detect fraud attempts, and visualize geolocation trends on an interactive map.

Transaction List 

This section displays a list of Geofence API transactions recorded by the system. Each transaction represents a user’s action (such as login or betting attempt) and includes:

• Device Type – The icon indicates if the request came from a mobile, desktop, or web browser.
• Platform - Whether the transaction is sourced on Android, iOS or Web
• Timestamp – The exact date and time of the transaction.
• Location – The region or country where the request originated (e.g., BR-MT for Brazil, Mato Grosso).
• Status Indicator – Shows whether the request was ALLOW or DECLINE status based on risk analysis and Geofence evaluation.

 Clicking on a transaction expands the details for further investigation.

Geofence API Transaction Details

When a transaction is expanded, you can see detailed geolocation and risk factor analysis, including:

• Geolocation Data - Location
  • Allow - Result of the geofence outcome, indicating whether it is inside or outside the requested Geofence ID.
  • Latitude - Device location latitude.
  • Longitude – Device location longitude.
  • Country – Device location country in ISO format based on our Geofence data.
  • Region - Device location region in ISO format based on our Geofence data.
  • Accuracy – The confidence level of the detected location.
  • Created at - When the location was identified.
• Risk Indicators - Integrity
  • Allow - This is a parameter that simplifies all other options under the integrity object to a single boolean flag.
  • Proxy Detection – Identifies if the user is hiding their real location.
  • VPN Usage – Flags users connecting through a virtual private network.
  • IP Mismatch – Detects if the IP location conflicts with expected user data.
  • Location Mismatch - Comparing device IP location to device location by calculating the distance between them.
  • Impossible Travel - Detect scenarios where the user could not have traveled the distance between two locations based on the elapsed time. We detect impossible travel on a per-user basis using the user_id field.
  • Compromised - Analysis of device software integrity. Emulator, VM, root, jailbreak, app cloning, bootloader state, running on mac, location spoofing.
  • Remote Access - Flagging remote access on a device.

High-risk transactions are declined automatically to prevent fraudulent activities.

Map View

The interactive map provides a visual representation of user locations and flagged transactions.

• Red Map Markers indicate different geolocation points where transactions occurred.
• Clicking on a marker reveals details about the specific transaction.
• Zoom & Navigation allow for deeper analysis of geolocation trends.

This feature helps administrators quickly identify suspicious activity and location patterns.

Start using the Geolocations Widget Now

This widget streamlines fraud detection and compliance monitoring by offering:

• A clear list of transactions with approval statuses.
• Detailed geolocation & risk insights for each API call.
• An interactive map for location tracking.

Need help interpreting geolocation data? Our support team is here to assist! ????