Transaction Details – Widgets
Updated on 14.02.23
12 minutes to read
Copy link
Overview
Our data enrichment APIs enhance all the data you send to SEON. You can find the results of this process in the widgets of the transaction details page. Scroll down below the Applied rules section to unlock this wealth of information.
You can easily reposition each widget to customize the Transaction Details Page in a way that fits your workflows best.
Additionally, many elements can be used to filter the transaction list. If you click on a green filter icon that appears over a metric, a new window will open listing all transactions that match the selected filter.
Read about what you can find in the different widgets below.
IP Information Widget
The IP API response can be seen in the IP Information widget where all of the IP address related data relating to the selected transaction is displayed. The following information is displayed:
|
|
|
|
|
|
|
|
|
|
|
|

Email Information Widget
The Email API response can be seen in the Email Information widget where all social media and domain information for the selected transaction is displayed.
You can see how many times the email address in question has been seen across the entire SEON database under the Lookup details, as well as how many different SEON clients encountered it.
Email Risk Scoring
The Email API response can be seen in the Email Information widget where all social media and domain information for the selected transaction is displayed.
Our Email Risk Scoring system identifies suspicious email addresses, with the higher the score, the more risky an address is deemed to be. The score is based on the default rules, which can be reviewed in the Scoring Engine.
Free email providers have a no-risk and high risk category. A provider is flagged as High Risk when the customer can create a new mailbox without text message or other type of additional verification methods.
Data BreachesThe SEON Email API gives insight as to whether the email address supplied has been involved in any historical data breaches.
Registered Online ProfilesThe SEON Email API checks the provided email address against more than 40 online and social platforms in real time.
Domain AnalysisA domain can be manually updated from within this section to mark it as being a Free, Custom or Disposable address. Additional metadata about the domain is shown within the Domain Analysis section including:
| ![]() |
Lookup Details
The SEON Email API identifies the number of times that the email address has been seen across the entire SEON database.
Email String Analysis
The email string analysis identifies various metrics associated with the structure of the email address.
Clicking on the API Runner button will resubmit the email data to the Email API in order to refresh and update the information available.
Phone Information Widget
The Phone Information Widget provides a risk score, which indicates how risky the phone number provided is.

This score is based on default SEON rules which can be reviewed in the Scoring Engine. A score of 4 or more is considered risky.
The widget also shows additional information about the phone number:
- You can instantly see whether the phone number is valid or not, what country it originates from, as well as the carrier’s name. We also check whether the phone number is listed by disposable phone number provider sites.
- The widget will also detail the type of the phone number.
Premium rate
– Premium-rate telephone numbers are telephone numbers that charge callers higher price rates for select services, including information and entertainment. A portion of the call fees is paid to the service provider, allowing premium calls to be an additional source of revenue for businesses.Toll free
– Toll-free numbers are telephone numbers with distinct three-digit codes that can be dialed from landlines at no charge to the person placing the call. Such numbers allow callers to reach businesses and individuals out of the area without being charged a long-distance fee for the call.Shared cost
– Shared cost numbers are premium numbers in the UK, Australia, Germany, Switzerland, France, Portugal, and the Netherlands, often used by businesses and other institutions. They are charged at a higher rate than regular numbers.Voip
– A VoIP (Voice over Internet Protocol) phone number is assigned to you when you sign up for a VoIP service. It works the same as traditional phone numbers, but there's usually a PC App or phone app on the receiving end.Personal number
– Personal numbering is the name of the virtual telephone number service in the UK. Typically the national destination code used for this service is (0)70. The service provides a flexible virtual telephone number routed to any other number, including international mobiles. For example, the UK number +44 70 0585 0070 might route to an Inmarsat satellite phone number, allowing the user to have a UK number while roaming globally.Pager
– A number used to communicate with pagersUan
– When an EPFO (Employees Provident Fund Organisation) member is generated a UAN (Universal Account Number), or EPF Passbook, they must have the member's registered mobile number, for which the EPFO has made provisions.Voicemail
– A number that directly connects to a voicemail.Fixed line
– A landline number is just a regular phone number that relies on physical wires to enable voice calls.Mobile
– Personal number associated with the user.Unknown
– We can't share any information about this number.
- The phone widget cross references with 15 social media networks including WhatsApp, Viber, Twitter, Facebook, and Telegram to highlight details from any registered accounts such as last seen status or profile pictures where applicable.
- Additionally the Phone API also queries the Home Location Register (HLR) and Caller Name Delivery (CNAM) database to provide additional metadata for any fraud analysis. Please keep in mind that this is a premium feature, you can contact our team if you want this enabled in your account.
Under lookup Details, you can see how many times the phone number has been seen across the entire SEON database, as well as how many different SEON customers encountered it.
Clicking on the Refresh Data button will resubmit the phone data to the Phone API in order to refresh and update the information.
Identity Widget
The Identity Widget shows a combined list of all known customer-related information. You can access previously used data and our string analysis of the user’s username by clicking the arrows next to the values. It is also possible to create a custom fraud rule based on your preferences for the selected user’s data by selecting the Exclude Settings button. | ![]() |
Addresses Widget
Relevant addresses associated with the user and the transaction are displayed on the map showing Google Street View images and the distances between every location.
![]()
| ![]()
|
Devices & OS Widget
Integrating SEON Device Fingerprinting allows the collection of a range of information about the user’s client device. Device Fingerprinting Modules are available for JavaScript or as a mobile SDK (iOS and Android).
To learn more about how the system works, please refer to the Device Fingerprinting Documentation.
- If the device widget is not active and showing as no data being received, please make sure you have set up your integration correctly. Our API Documentation can help to understand what may have gone wrong and our support team is ready to help with any troubleshooting.
- We collect more than 50 different data points using our JS Agent/SDKs to provide you with the clearest possible picture of your users’ devices, you can find a full list of these in our API Documentation.
Returning users are identified by using cookie, browser and device hashes:
Cookie hash
Unique identifier based on the cookie session. If someone shares the same cookie hash with someone else, they are most likely using the same browser and device. It is the most accurate identifier for shared devices. However if the client clears the browser’s cookies and storage cache this ID will change.
Browser hash
A unique identifier based on the complete browser profile. This includes details on the screen resolution, hardware, font, plugin set, network layers and specific features in the browser.
This is a very good way to make connections between shared devices, but in some rare cases, specifically for mobile devices, the ID can be the same. This may occur if they have completely the same hardware, software and settings profile.
If the client clears the browser’s cookie and storage cache then this ID will not change. Likewise, if someone is browsing using Incognito or InPrivate tabs then the same ID will be returned.
Device hash
Unique identifier based on the hardware of a device. It is generated based on a number of data points including the HTML5 canvas fingerprint, WebGL driver, audio fingerprint and others.
It's useful to detect virtual machines and emulators. We recommend using it for blacklists, if there are bad actors who share a hash, or using it as an extra parameter for rules if needed.
Two identical devices with the same hardware will share the same hash. However customers who share the hash are not likely to be related.
We also offer native iOS and Android SDKs for Device Fingerprinting purposes. These return slightly different device details, the most important among these, at least for clone search purposes, is the device_hash. In the case of the native SDKs, there is no Browser or Cookie hash, only the Device hash, however this value will always be a 100% match if more users are sharing the same value.
How we determine device risk scores
When you check user profiles in SEON, you probably noticed that we assign an individual risk score to each device.
Our fraud experts constantly collect and analyze data from different fraud rings and malicious attacks. We then identify behavioral patterns and create rules in SEON to spot the telltale signs such as bots, device spoofing, and many more.
These rules are used to add points to the risk score, determining the final device score of a transaction. A device score of 4 or higher is considered suspicious.
Most notable data points to observe for fraud detection purposes:
WebRTC IP checks
- Web real-time-communications, known as WebRTC, is a technology that enables your browser to communicate with websites by establishing a real-time peer-to-peer connection.
- While using a proxy, users might think they can mask their public IP address. With the WebRTC check, you can detect what the user’s actual IP address behind their proxy is because the communication channel between the website and the user’s browser exchanges their public IP address along with other data.
Domain IP checks
- Similar to WebRTC IPs, users can have DNS (Domain Name System) IP addresses that are different from their regular IP. The use of proxy connections can also be detected by checking for distinct DNS IPs. This is not always a cause for concern however, because a number of legitimate users tend to utilise large, well-known companies DNS servers to protect their privacy and to prevent their ISPs from observing their traffic.
- In conclusion, if you see a DNS IP with a much less common DNS ISP Name and the regular and DNS IP addresses of users are different, the connection can be considered suspicious.
Time zone offset and Region language
- Differences in the IP location’s time zone and that of the device can be an obvious sign of suspicious activity, same goes for differences between languages.
Window’s size and Screen resolution
- We have found that these attributes, especially the Window’s size, can be a great tool for clone searches when dealing with a large fraud ring.
Credit Card Widget
The Credit Card widget shows all data related to any payment card details passed to SEON via the API.
This can be used to spot unusual BINs, issuer countries, issuing bank, card type, level and whether the card is prepaid or virtual.
Lists Widget
The Lists Widget allows for the review of all the blacklisted or whitelisted data points within the current transaction. Clicking the 'Change' button allows you to see a detailed view of every data point used by the transaction. In addition, it allows for the change of state, the addition of comments, and the ability to set an expiration date for a particular data point.
| ![]() |
User Revenue Widget
The User Revenue widget lets you quickly see a snapshot of the user's revenue based on how much they’ve deposited and withdrawn within a certain time frame. The amounts are calculated based on transactions where On the top right corner you are able to choose the time frames you want to view within the past year and select a Brand where the revenue was earned. This is based on the On the bottom you see the total bonus or deposit rate for the user.
| ![]() |
Transactional Information Widget
The Transactional Information Widget shows all other transactional and payment information passed to SEON via the API.
This includes details about the payment method, bank account, and any relevant verification steps, such as user verification or 3D-Secure.
Flight Information Widget
Where flight information is passed to the SEON API, the Flight Information Widget is displayed.
It shows any information related to the flight itself, including departure times, cabin classes, and any personal details about the passenger(s).
Order Details Widget
Any additional information about the order that has been passed into SEON via the API can be accessed from the Order Details widget.
This includes notes, discount codes, and gift messages.
Custom Fields Widget
You can send additional business-specific data points that aren’t covered by any of the standard SEON fields as custom fields to the API.
This allows for the scoring model to be more accurate for your business.
All custom fields passed into SEON are shown on the Custom Fields widget, and it is possible to search for these via filtering.
Additionally, customer custom rules can be created directly based on these passed-in values.
Notes Widget
The notes widget allows for the saving of any relevant notes about the transaction. This is useful for giving other analysts information about the transaction or the reasoning behind a given decision. The notes are saved in a chat-like format, including the users’ name, date & time and avatar. | ![]() |