Secure SDK Signals

​

Smart Signal Components

​

1.1 Suspect Score

Availability: iOS, Android, Browser

Suspect Score combines all Smart Signals into a weighted integer value based on their global probability.

{
  "suspectScore": {
    "data": {
      "result": 0
    }
  }
}

​

1.2 Velocity Signals

Availability: iOS, Android, Browser

Velocity Signals sum key data points for a specific visitorID at three intervals: 5 minutes, 1 hour, and 24 hours.

{
  "velocity": {
    "data": {
      "distinctIp": {
        "intervals": {
          "5m": 1,
          "1h": 1,
          "24h": 5
        }
      }
    }
  }
}

​

1.3 Browser Smart Signals

​

1.3.1 Browser Bot Detection

Availability: Browser

Detects good and bad bots, allowing you to filter or block automated abuse attempts.

{
  "botd": {
    "data": {
      "bot": {
        "result": "bad",
        "type": "headless"
      },
      "url": "https://example.com/",
      "ip": "193.165.141.254",
      "time": "2024-04-12T09:29:59.588Z",
      "userAgent": "Headless",
      "requestId": "1712914199539.K1EXmu"
    }
  }
}

​

1.3.2 Browser Incognito Detection

Availability: Browser

Detects whether incognito or private modes are being used by the visitor.

{
  "incognito": {
    "data": {
      "result": true
    }
  }
}

​

1.3.3 IP Geolocation

Availability: iOS, Android, Browser

Provides information about the physical location of the originating IP address.

{
  "ipInfo": {
    "data": {
      "v4": {
        "address": "94.142.239.124",
        "geolocation": {
          "accuracyRadius": 20,
          "latitude": 50.05,
          "longitude": 14.4,
          "postalCode": "150 00",
          "timezone": "Europe/Prague",
          "city": {
            "name": "Prague"
          },
          "country": {
            "code": "CZ",
            "name": "Czechia"
          },
          "continent": {
            "code": "EU",
            "name": "Europe"
          },
          "subdivisions": [
            {
              "isoCode": "10",
              "name": "Prague"
            }
          ]
        },
        "asn": {
          "asn": "7922",
          "name": "COMCAST-7922",
          "network": "73.136.0.0/13"
        },
        "datacenter": {
          "result": true,
          "name": "DediPath"
        }
      },
      "v6": {
        // Similar structure as v4
      }
    }
  }
}

​

1.3.4 VPN Detection for Browsers

Availability: Browser

Detects whether the user is using a VPN based on timezone mismatch, known public VPN providers, and OS mismatch.

{
  "vpn": {
    "data": {
      "result": true,
      "originTimezone": "Europe/Prague",
      "originCountry": "unknown",
      "methods": {
        "timezoneMismatch": true,
        "publicVPN": true,
        "auxiliaryMobile": false,
        "osMismatch": true
      }
    }
  }
}

​

1.3.5 Browser Tamper Detection

Availability: Browser

Detects attempts to confuse fingerprinting algorithms through techniques like User Agent spoofing.

{
  "tampering": {
    "data": {
      "result": true,
      "anomalyScore": 0.97
    }
  }
}

​

1.3.6 Virtual Machine Detection

Availability: Browser

Detects if the browser is running inside virtualization software.

{
  "virtualMachine": {
    "data": {
      "result": true
    }
  }
}

​

1.3.7 Privacy-Focused Settings

Availability: Browser

Detects if privacy settings that can randomize and obfuscate signal output are enabled.

{
  "privacySettings": {
    "data": {
      "result": true
    }
  }
}

​

1.3.8 Developer Tools Detection

Availability: Browser

Detects if developer tools are manually opened in Chrome or Firefox browsers.

{
  "developerTools": {
    "data": {
      "result": true
    }
  }
}

​

1.3.9 Remote Control Tools Detection

Availability: Browser

Detects the usage of remote control tools like AnyDesk, TeamViewer, and RDP.

{
  "remoteControl": {
    "data": {
      "result": true
    }
  }
}

​

1.3.10 IP Blocklist Matching

Availability: iOS, Android, Browser

Checks if an IP address is present in different public and proprietary blocklists.

{
  "ipBlocklist": {
    "data": {
      "result": false,
      "details": {
        "emailSpam": false,
        "attackSource": false
      }
    }
  }
}

​

1.3.11 High-Activity Device

Availability: iOS, Android, Browser

Detects spikes in traffic connected to a single visitorID.

{
  "highActivity": {
    "data": {
      "result": true,
      "dailyRequests": 42
    }
  }
}

​

1.3.12 Raw Device Attributes

Availability: Browser

Exposes additional data points collected through the JavaScript agent.

{
  "rawDeviceAttributes": {
    "data": {
      "<field_name>": {
        "value": 127
      }
    }
  }
}

​

1.4 Mobile-specific Smart Signals

​

1.4.1 Android Emulator Detection

Availability: Android

Detects if the request is coming from an Android emulator.

{
  "emulator": {
    "data": {
      "result": false
    }
  }
}

​

1.4.2 Android Tamper Detection

Availability: Android

Detects rooted Android devices.

{
  "rootApps": {
    "data": {
      "result": false
    }
  }
}

​

1.4.3 Cloned App Detection

Availability: Android

Identifies if a request is coming from a cloned application.

{
  "clonedApp": {
    "data": {
      "result": false
    }
  }
}

​

1.4.4 Factory Reset Detection

Availability: iOS, Android

Indicates when a mobile device was most recently factory reset.

{
  "factoryReset": {
    "data": {
      "time": "2023-07-19T011:00:00Z",
      "timestamp": 1689445704
    }
  }
}

​

1.4.5 Frida Detection

Availability: iOS, Android

Detects if Frida is being used to dynamically instrument the app.

{
  "frida": {
    "data": {
      "result": false
    }
  }
}

​

1.4.6 Geolocation Spoofing Detection

Availability: iOS, Android

Detects if the location of the mobile device has been spoofed.

{
  "locationSpoofing": {
    "data": {
      "result": false
    }
  }
}

​

1.4.7 Jailbroken Device Detection

Availability: iOS

Detects if an iPhone or iPad has been jailbroken.

{
  "jailbroken": {
    "data": {
      "result": false
    }
  }
}

​

1.4.8 VPN Detection for Mobile Devices

Availability: iOS, Android

Detects if the mobile device is using an active VPN connection.

{
  "vpn": {
    "data": {
      "result": false,
      "originTimezone": "Europe/Berlin",
      "originCountry": "DE",
      "methods": {
        "timezoneMismatch": false,
        "publicVPN": false,
        "auxiliaryMobile": false,
        "osMismatch": false
      }
    }
  }
}

​

Conclusion

OTPLESS Smart Signals provide a comprehensive suite of fraud detection and device intelligence tools for both web and mobile platforms. By leveraging these signals, you can enhance your application’s security, detect potential fraud attempts, and make informed decisions about user authenticity.

Remember to use these signals responsibly and in compliance with all applicable privacy laws and regulations. For more information on implementation or to enable specific signals, please contact OTPLESS support.