Device fingerprint
Introduction
A device fingerprint is information collected about a remote computing device for the purpose of identification. Fingerprints can be used to fully or partially identify individual users or devices and may detect and prevent online identity theft and credit card fraud.
Worldline has chosen to partner with InAuth to collect, create and assess the device fingerprints. Utilizing JavaScript collectors, inAuth provides device identification and risk assessment. They collect data provided to both real-time login or transaction logic, such as geographical and time attributes, plug-ins, and IP address – using the data to create a strong device ID and uncovering high-risk indicators to understand device trustworthiness.
InAuth’s browser identification recipe determines how well devices are differentiated from each other, allowing your business to seamlessly authenticate users with less friction. InAuth leverages high-tech technology and device-specific browser identification to recognize any web-connected device and produce a unique identifier. InAuth analyzes the collected data and applies rules to identify business-relevant risk information. They calculate a score based on the Anomalies, Velocity, Location, Integrity, List-Based, and Device Reputation. This score, along with the raw data from the device is fed as additional data-points for our fraud prevention using Retail Decisions.
Benefits
- Reduce fraud based on device trustworthiness
- Non-invasive seamless user experience
- Detection of spoofed data used to create a fake fingerprint
- Detection of Replay and Bot attacks
- Device fingerprint is collected even if the consumer has cookies and/or JavaScript disabled
Availability
The service is available if you process on the GlobalCollect platform. If you also use Retail Decisions to prevent fraud we will use the device fingerprint results in the fraud advice that is returned. If you don't use the Retail Decisions service you will have to look at the device fingerprint service results returned yourself. You are advised to have transactions need your explicit approval to be captured to allow you to block transactions based on the device fingerprint service results. The service is available for all card payment products. The collection and analysis of device fingerprints is seamlessly integrated into the MyCheckout hosted payment pages. No changes on your side are needed to make use of the service.
The service is also available for integration on your own checkout pages, though our Server API integration.
Limitations
Collection of device fingerprints from web clients (browser software) relies on the availability of JavaScript or similar client-side scripting language for the harvesting of a suitably large number of parameters. Two classes of users with limited client-side scripting are those with mobile devices and those running privacy software or browser extensions which block ads and trackers. Separately a single device may have multiple web clients installed or even multiple virtual operating systems making it hard or even impossible to identify it as a single device.
Note that the solution we provide is able to still collect a device fingerprint even if the consumer has cookies and/or JavaScript disabled.
Technical integration
For both the MyCheckout hosted payment pages as well as the integration using your own checkout pages you need to make sure that the device fingerprint service has been enabled for each of the payment products on your account. Please contact your account manager to have it enabled.
1. Using the MyCheckout hosted payment pages
You don't need to do anything in your integration to use this service, except tell us you want it enabled on your account. The service is seamlessly integrated in the MyCheckout hosted payment pages. The output of the service is automatically included in the messaging towards Retail Decisions and the output can be used to create additional rules. At this moment no special output properties are returned for this service.
2. Using your own checkout pages
To use device fingerprint on your own payment pages you will need to add some code to your payment pages, that will collect the device information. The code is transaction specific and can be retrieved dynamically using an API call. This API call returns both the HTML code that needs to be added to your checkout pages as well as the deviceFingerprintTransactionId that you will need to include in your Create Payment API request. Because the routing for further processing can be different per payment product the API to retrieve the HTML and the deviceFingerprintTransactionId is payment product specific. By calling this API for each transaction you are sure that you use the correct device fingerprint collection code including the right collection flags and a unique deviceFingerprintTransactionId.
Step 1: Determine for which payment products device fingerprint has been enabled
By calling the get products API call the system will tell us for which payment products the device fingerprint service has been enabled. This API call is available both in the Server as well as in the Client API.
GET /v1/9930/products?currencyCode=EUR&countryCode=NL&hide=fields HTTP/1.1
Authorization: GCS v1HMAC:36f6f588bff5373d:S9HKCdy2el8l+i013Ar2cais8nJA761Ikt3eyrpiz+g=
Date: Sat, 08 Jun 2019 22:46:57 GMT
Content-Type: application/json
Host: world.preprod.api-ingenico.com
Connection: close
User-Agent: Paw/3.1.8 (Macintosh; OS X/10.14.5) GCDHTTPRequestIn the response we need to look for the property deviceFingerprintEnabled. For each payment product this is true we can call the get device fingerprint API call (in case the consumer is using this payment product in their current checkout). In below example response the device fingerprint service has been enabled for Visa and Mastercard, but not for iDeal.
HTTP/1.1 200
Date: Sat, 08 Jun 2019 22:46:57 GMT
Server: Apache
Content-Type: application/json
Connection: close
Transfer-Encoding: chunked
{
"paymentProducts": [
{
"deviceFingerprintEnabled": true,
"allowsRecurring": true,
"allowsTokenization": true,
"authenticationIndicator": {
"name": "AUTHENTICATIONINDICATOR",
"value": "1"
},
"autoTokenized": false,
"displayHints": {
"displayOrder": 9,
"label": "Visa",
"logo": "templates/master/global/css/img/ppimages/pp_logo_1_v1.png"
},
"id": 1,
"maxAmount": 100000000,
"mobileIntegrationLevel": "OPTIMISED_SUPPORT",
"paymentMethod": "card",
"paymentProductGroup": "cards",
"usesRedirectionTo3rdParty": false
},
{
"deviceFingerprintEnabled": true,
"allowsRecurring": true,
"allowsTokenization": true,
"authenticationIndicator": {
"name": "AUTHENTICATIONINDICATOR",
"value": "1"
},
"autoTokenized": false,
"displayHints": {
"displayOrder": 12,
"label": "MasterCard",
"logo": "templates/master/global/css/img/ppimages/pp_logo_3_v2.png"
},
"id": 3,
"maxAmount": 1000000,
"mobileIntegrationLevel": "OPTIMISED_SUPPORT",
"paymentMethod": "card",
"paymentProductGroup": "cards",
"usesRedirectionTo3rdParty": false
},
{
"deviceFingerprintEnabled": false,
"allowsRecurring": true,
"allowsTokenization": false,
"autoTokenized": false,
"canBeIframed": false,
"displayHints": {
"displayOrder": 17,
"label": "iDEAL",
"logo": "templates/master/global/css/img/ppimages/pp_logo_809_v1.png"
},
"id": 809,
"maxAmount": 1000000,
"mobileIntegrationLevel": "OPTIMISED_SUPPORT",
"paymentMethod": "redirect",
"usesRedirectionTo3rdParty": true
}
]
}Step 2: Calling the get device fingerprint API
Once you have determined which payment product is being used by your consumer and the device fingerprint service is available for this payment product you can call the get device fingerprint API. In our example we are performing these actions against our pre-production environment and the selected payment product is Visa (1). We also want to execute some JavaScript after the device fingerprint collection script has finished. The JavaScript can be provided in the request using the property collectorCallback. If you don't want to call any JavaScript you can just submit an empty JSON.
Please see below an example request and response, including the full HTTP Headers.
POST /v1/9930/products/1/deviceFingerprint HTTP/1.1
Authorization: GCS v1HMAC:36f6f588bff5373d:wNRg7TDq+KtD2nivdyxxBqtKgU3jSO5WQBr+t7DKt2E=
Date: Sat, 08 Jun 2019 17:00:51 GMT
Content-Type: application/json
Host: world.preprod.api-ingenico.com
Connection: close
User-Agent: Paw/3.1.8 (Macintosh; OS X/10.14.5) GCDHTTPRequest
Content-Length: 82
{
"collectorCallback" : "function() { alert('Device fingerprint submitted!') };"
}HTTP/1.1 200
Date: Sat, 08 Jun 2019 17:00:52 GMT
Server: Apache
Content-Type: application/json
Connection: close
Transfer-Encoding: chunked
{
"deviceFingerprintTransactionId" : "b3883837-991e-410b-a5d4-fe936631984b",
"html" : "<script data-test-selector=\"DeviceFingerprint\">
window._cc = window._cc || [];
_cc.push(['ci', {'sid': 'd34c3b6505b24a76', 'tid': 'b3883837-991e-410b-a5d4-fe936631984b'}]);
_cc.push(['cf', '34577395']);
_cc.push(['run', 'https://devicefingerprint.pay1.preprod.secured-by-ingenico.com']);
_cc.push(['sf', function() {alert(\\'Device fingerprint submitted!\\')};]);
(function() {
var c = document.createElement('script');
c.type = 'text/javascript';
c.async = true;
c.src ='https://devicefingerprint.pay1.preprod.secured-by-ingenico.com/cc.js?ts=' + (new Date()).getTime();
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(c, s);
})();
function doDevicefingerPrintSubmit(callback) { _cc.push(['csd', callback}]);}
</script>
<noscript><img src=\"https://devicefingerprint.pay1.preprod.secured-by-ingenico.com/s1.gif?sid=d34c3b6505b24a76&tid=b3883837-991e-410b-a5d4-fe936631984b\"></noscript>"
}The two properties html and deviceFingerprintTransactionId that are being returned each serve their own purpose. The content of the html property needs to be incorporated in your checkout page where you have the final submit button. You should not incorporate it into any of your other pages as each time the script is executed it is counted and has an affect on your invoice. The script will only get executed when the consumer clicks on the submit button and it already contains all the right settings, the deviceFingerprintTransactionId and the optional JavaScript you provided in the collectorCallback property in the request.
More detailed information on this API and SDK specific code example can be found in our API Reference on the Get Device Fingerprint API.
Step 3: Calling the create payment API
When the submit button has been pressed you will normally have collected all the payment information to perform a Create Payment API call. To make sure the device fingerprint data that has been collected will be taken into account you will need to include the deviceFingerprintTransactionId that was returned in the get device fingerprint API in the order.customer.device.deviceFingerprintTransactionId property.
POST /v1/9930/payments HTTP/1.1
Authorization: GCS v1HMAC:36f6f588bff5373d:4ItHCmmjtYuovLPKSOWjORLrWx+cjPpso9aOZGvlHCM=
Date: Sat, 08 Jun 2019 22:17:19 GMT
Content-Type: application/json
Host: world.preprod.api-ingenico.com
Connection: close
User-Agent: Paw/3.1.8 (Macintosh; OS X/10.14.5) GCDHTTPRequest
Content-Length: 512
{
"order": {
"amountOfMoney": {
"currencyCode": "USD",
"amount": 240
},
"customer": {
"device": {
"deviceFingerprintTransactionId": "b3883837-991e-410b-a5d4-fe936631984b"
},
"billingAddress": {
"countryCode": "US"
}
}
},
"cardPaymentMethodSpecificInput": {
"paymentProductId": 1,
"card": {
"cvv": "123",
"cardNumber": "4111111111111111",
"expiryDate": "1220",
"cardholderName": "Wile E. Coyote"
}
}
}Some additional properties are returned regarding the device fingerprint service in the inAuth object. If Retail Decisions (ReD) has also been configured on the account for the same payment product as used for the device fingerprint service, some of the output of the device fingerprint service will be submitted to ReD for evaluation. In the final advise returned by ReD the device fingerprint data will have been taken into account.
HTTP/1.1 201
Date: Sat, 08 Jun 2019 22:36:49 GMT
Server: Apache
Location: https://world.preprod.api-ingenico.com/v1/9930/payments/000000993010000638450000100001
Content-Type: application/json
Connection: close
Transfer-Encoding: chunked
{
"creationOutput" : {
"additionalReference" : "00000099301000063845",
"externalReference" : "000000993010000638450000100001"
},
"payment" : {
"id" : "000000993010000638450000100001",
"paymentOutput" : {
"amountOfMoney" : {
"amount" : 240,
"currencyCode" : "EUR"
},
"references" : {
"paymentReference" : "0",
"providerId" : "3000"
},
"paymentMethod" : "card",
"cardPaymentMethodSpecificOutput" : {
"paymentProductId" : 1,
"authorisationCode" : "306398",
"fraudResults" : {
"fraudServiceResult" : "accepted",
"inAuth" : {
"deviceCategory" : "PERSONAL_COMPUTER",
"deviceId" : "b3883837-991e-410b-a5d4-fe936631984b",
"riskScore" : "20",
"trueIpAddress" : "123.123.123.123",
"trueIpAddressCountry" : "netherlands"
},
"avsResult" : "0",
"cvvResult" : "P",
"retailDecisions" : {
"fraudCode" : "0150",
"fraudNeural" : "142"
}
},
"card" : {
"cardNumber" : "************1111",
"expiryDate" : "1220"
}
}
},
"status" : "PENDING_APPROVAL",
"statusOutput" : {
"isCancellable" : true,
"statusCategory" : "PENDING_MERCHANT",
"statusCode" : 600,
"statusCodeChangeDateTime" : "20190609003650",
"isAuthorized" : true,
"isRefundable" : false
}
}
}Optional: Calling the Get Device Fingerprint details API
If you would like to see the full details returned by the device fingerprint service you can do so as well based on the paymentId of the payment. The rawDeviceFingerprintOutput contains the full escapped JSON response that you can use further for your own fraudscreening. The structure of the JSON inside the rawDeviceFingerprintOutput is defined and managed by the back-end provider of the service (inAuth) and might change in the future. Please note that the structure is different between the inBrowser (browser based) and inMobile (native in-app based) responses. The example below is an example of the browser based response.
More detailed information on this API and SDK specific code example can be found in our API Reference on the Get Device Fingerprint details API.
GET /v1/9930/payments/000000993010000638450000100001/devicefingerprint HTTP/1.1
Authorization: GCS v1HMAC:d852ca3d4cef3fca:ZcoOuznZD9oM1O881FbDjV1SMjL7GvDDCY/MOMM1BdI=
Date: Mon, 31 Aug 2020 09:20:07 GMT
Content-Type: application/json
Host: world.preprod.api-ingenico.com
Connection: close
User-Agent: Paw/3.1.10 (Macintosh; OS X/10.15.6) GCDHTTPRequest
HTTP/1.1 200
Date: Mon, 31 Aug 2020 09:20:06 GMT
Server: Apache
Content-Type: application/json
Connection: close
Transfer-Encoding: chunked
{
"paymentId" : "000000993010000638450000100001",
"rawDeviceFingerprintOutput" : "{\"deviceprintinfo\":{\"transactionId\":\"b3883837-991e-410b-a5d4-fe936631984b\",\"generatedAt\":1598865585,\"devicePrint\":\"ace4cb941f15613bdc7e69b28318646915928a6d\",\"submissionEndpoint\":\"unknown\",\"riskResults\":{\"results\":[{\"name\":\"Some performed check\",\"score\":0,\"executionTimeMs\":0,\"errors\":[],\"extra\":{}},{\"name\":\"Another performed check\",\"score\":0,\"executionTimeMs\":1,\"errors\":[],\"extra\":{\"hits\":\"1\"}},{\"name\":\"Yet another performed check\",\"score\":0,\"executionTimeMs\":0,\"errors\":[],\"extra\":{}},{\"name\":\"One more performed check\",\"score\":0,\"executionTimeMs\":0,\"errors\":[],\"extra\":{}},{\"name\":\"Plus one more performed check\",\"score\":0,\"executionTimeMs\":0,\"errors\":[],\"extra\":{}},{\"name\":\"and another one\",\"score\":10,\"executionTimeMs\":0,\"errors\":[],\"extra\":{}},{\"name\":\"I think you get the idea by now...\",\"score\":0,\"executionTimeMs\":0,\"errors\":[],\"extra\":{}},{\"name\":\"..these are all different checks...\",\"score\":0,\"executionTimeMs\":2,\"errors\":[],\"extra\":{}},{\"name\":\"... returning their scores..\",\"score\":0,\"executionTimeMs\":0,\"errors\":[],\"extra\":{}},{\"name\":\"...but in this example...\",\"score\":0,\"executionTimeMs\":1,\"errors\":[],\"extra\":{\"hits\":\"1\",\"threshold\":\"35\"}},{\"name\":\"...we will not show the real ones.\",\"score\":0,\"executionTimeMs\":0,\"errors\":[],\"extra\":{\"Result\":\"VALID\"}},{\"name\":\"Last check in this example\",\"score\":10,\"executionTimeMs\":0,\"errors\":[],\"extra\":{}}],\"score\":20,\"totalRunTime\":5},\"deviceInfo\":{\"browser-data\":{\"_six\":\"eyJhbGciOiJSUzI1NiIsImp3ayI6eyJrdHkiOiJSU0EiLCJuIjoid3ZBZktEZlEwNXQ3emRFbm5rU216akhzNUo3S2tFWWNkSU1aZF9jRDRNUzBFbHE1eExQTVFCdXAyV2Qwc3I4T2dlOFNLaVV1TDJVUUE0Zk80NXZYQ3lCeWMxQ0lqWldqYkpldEtwOHlocHdHcEFaa25DM043VEVEQ2dQWWY2eUpSUGNtbTZ5akExZVk0Sk5MQ3RfRFFRUG5hYUswbk1aUFZONVBhZVZZeTczSmFHZUFuQ3MwdzVuREJBMUVuWVhFdmZFYkJFX0xGUUJoVmttT1A2Snc4MTd4U194aTZ3ekI0MllJUzloOHJoWkV0aTMzLVpJWlVTTVFWTEVYMHFZU3FfVmVxdGJxVkhTb1htTXRaal9fNGtzbmJVdTBsOXdpeGVlZ1B2ZUJxZUhOSmUteUFUZnNGUTBfS290NzBFMFNMV3U3TFRqU1VtdzhpQlFTZDNhWkR3IiwiZSI6IkFRQUIifX0.LEjuMgs8wAN243Vuq5BgBiMT7DJOb40EJK9jKfKQLUAzGL5tTmeeWnroZTnwg30TeVisb055jQM7tzRu_IhuHGJbqm9VZp1ANuA1OvOGfUBgR6VkCWWCWzXhZmrshH1HNFiudUB32x5242Y-54p0EmJfqm5fZpwQ.a9aBvNcD697JvqVBwffdo5Xp687BDmr09dLm5UqUqENeKUmqW5XT7eidACfaYvrtA72cWMRdqhADN8vY7zxzOsh-RlAj8sdQvVoNhNiSqo9vIEo7nV7XoZt7W6IAhwFsod-O6zaQMOgSt47gGVgT71RWQvmXlL9SuNEz9mWxcv400mTfmkqJerT8fm-SN3Y715ODTRwjOlbq_TrjcKnbuQP1qRprRbNYBURS07pPXMiJbfz4nTvx0bPyA2FN0Insi5YPTKg2FtQAzqw5jy2XwDkXtfJ0Nl3kHjr6PnHYZB4Pe2ADvkMUN-k4oMWn1vINeiqKb7wnDgrDizRlykZUKg\",\"timing-sync-collection\":926,\"cf_flags\":\"34577395\",\"timing-iepl\":0,\"timing-ls\":1,\"webgl-max-aa\":16,\"webgl-vendor\":\"WebKit\",\"webgl-extensions\":[\"EXT_blend_minmax\",\"EXT_sRGB\",\"EXT_frag_depth\",\"OES_texture_float\",\"OES_texture_float_linear\",\"OES_texture_half_float\",\"OES_texture_half_float_linear\",\"OES_standard_derivatives\",\"EXT_shader_texture_lod\",\"EXT_texture_filter_anisotropic\",\"OES_vertex_array_object\",\"OES_element_index_uint\",\"WEBGL_lose_context\",\"WEBGL_compressed_texture_s3tc\",\"WEBGL_depth_texture\",\"WEBGL_draw_buffers\",\"ANGLE_instanced_arrays\",\"WEBGL_debug_renderer_info\"],\"webgl-vendor-real\":\"ATI Technologies Inc.\",\"webgl-renderer-real\":\"AMD Radeon Pro 460 OpenGL Engine\",\"fresh-cookie\":\"true\",\"time-tz-std-offset\":-120,\"canvas-print-100-999\":\"f280ff4a4c67486c8191e30aaf485dcf34096447\",\"timing-kf\":840,\"t\":\"Adql2Tw5c8cypsoBIPPOiOFm\",\"x\":\"1\",\"tid\":\"b3883837-991e-410b-a5d4-fe936631984b\",\"timing-i6\":941,\"navigator.appVersion\":\"5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15\",\"time-tz-has-dst\":\"true\",\"dom-session-tag\":\"Adql2Tw5c8cypsoBIPPOiOFm\",\"navigator.language\":\"en\",\"window.devicePixelRatio\":\"1\",\"sid\":\"d34c3b6505b24a76\",\"time-tz-offset-minutes\":-120,\"timing-et\":934,\"window.screen.availHeight\":\"1361\",\"timing-wo\":0,\"webgl-glsl-version\":\"WebGL GLSL ES 1.0 (1.20)\",\"navigator.appCodeName\":\"Mozilla\",\"dom-local-tag\":\"AfvyQNmKYUeF9yGTKi81kYZT\",\"navigator.product\":\"Gecko\",\"timing-ss\":0,\"timing-ti\":4,\"time-string\":\"Mon Aug 31 2020 11:19:29 GMT+0200 (CEST)\",\"timing-generation\":9,\"navigator.productSub\":\"20030107\",\"navigator.vendor\":\"Apple Computer, Inc.\",\"timing-cp\":33,\"window.screen.colorDepth\":\"24\",\"timing-do\":1,\"plugin-mimes\":\"application/pdf,application/postscript,text/pdf\",\"window.history.length\":\"2\",\"timing-gief\":0,\"webgl-supported\":true,\"_et\":\"NTFjYjc4ZjgtY2QzZC00YmRkLTg5NWEtYmU5NzU4ZjI2ZGY4OjE1OTg4NjU1NjkxODg\",\"canvas-print-detailed-100-999\":\"ccccd0635815330f73c2c8d7d69dc61812cc44c0\",\"flash-enabled\":\"false\",\"time-tz-fixed-locale-string\":\"3/6/2014, 7:58:39 AM\",\"timing-sc\":0,\"time-tz-dst-active\":\"true\",\"webgl-renderer\":\"WebKit WebGL\",\"timing-wgl\":30,\"time-unix-epoch-ms\":1598865569182,\"plugin-suffixes\":\"pdf,ps\",\"time-local\":\"8/31/2020, 11:19:29 AM\",\"window.screen.pixelDepth\":\"24\",\"window.screen.height\":\"1440\",\"navigator.platform\":\"MacIntel\",\"js-errors\":[\"TypeError: Member RTCIceServer.urls is required and must be an instance of (DOMString or sequence)\",\"TypeError: undefined is not an object (evaluating 'screen.orientation.type')\",\"InvalidCharacterError: The string contains invalid characters.\",\"InvalidCharacterError: The string contains invalid characters.\"],\"window.screen.width\":\"3440\",\"navigator.appName\":\"Netscape\",\"webgl-version\":\"WebGL 1.0\",\"navigator.userAgent\":\"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15\",\"navigator.cookieEnabled\":\"true\",\"cookie-_cc\":\"Adql2Tw5c8cypsoBIPPOiOFm\",\"timing-np\":0,\"timing-no\":0,\"window.clientInformation.language\":\"en\",\"_t\":\"Adql2Tw5c8cypsoBIPPOiOFmgwbEsEz2nLOV50SJVaQoUHBpHPqz7DHj4lPU+A5mGhLmTYGwt3E6h9VO6Gr8vkBJuA3R3VCutMyaTSZcggbx6+i6zHSuyvSbnch51z1iy10AYnkY26/EatVcj4EsF97vr5AkLlE14m5RGFYEJGKGaj+tUHZ/FO3y//oD1pD4lWUwpzDU+lqXneEuOcOgpNqWqdSdJ61gWegl6MLSKGjIRHAA2UvngfCl99TqAgK/lkohKbwLe06kL2fsQZTAwkmSISnmCRxzVXbhY0KMdphDJf+6euZL5J9a7xAu4RNl6yid0YiMpXkLlCPHG7XJWebvei94z/7bBiXhmymO8+WFVAdZ\"},\"http-headers\":{\"x-inauth-javascript\":\"true\",\"x-forwarded-port\":\"443\",\"x-inauth-geolocation-routing-type\":\"fixed\",\"via\":\"2.0 ba140d1feaa494b27e3ecd7fb6c940a2.cloudfront.net (CloudFront)\",\"x-ia-request-id\":\"60ba45d4dce494602c3f1d8256cfea26\",\"host\":\"staging-uk.cdn-net.com\",\"connection\":\"keep-alive\",\"x-inauth-remote-address\":\"123.123.123.123\",\"x-inauth-geolocation-tld\":\"nl\",\"accept-language\":\"en-us\",\"cookie\":\"_cc-x=NTVmMDlmZGQtYzQ5MC00M2VmLTkzNjktZTU1NzEzNjc0NGZmOjE1ODQwMTk3ODEyOTA; dtCookie=v_4_srv_32_sn_5B6E8ACEDFF2FA86D526A051FAE09E38_perc_100000_ol_0_mul_1_app-3A8e4bb9b3a387a3c5_1; dtLatC=59; dtPC=32$465568489_954h-vFPFBCIUPFHFBMRVPEDCGJJJTFKTWBIUK-0; dtSa=-; rxVisitor=1598865558903GNCUSGS90SGIE4ODA9AIC1S5L45C9O01; rxvt=1598867381441|1598865558904\",\"x-inauth-request-ts\":\"1598865585752\",\"x-inauth-geolocation-longitude\":\"5.41733\",\"x-inauth-request-region\":\"\",\"x-inauth-geolocation-state\":\"utrecht\",\"x-forwarded-for\":\"123.123.123.123, 64.252.178.77, 100.113.54.0\",\"x-inauth-screen\":\"3440X1440\",\"x-inauth-server-ts\":\"1598865585752\",\"x-inauth-geolocation-asn\":33915,\"accept\":\"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\",\"x-inauth-geolocation-isp\":\"ziggo consumers\",\"x-inauth-geolocation-postal-code\":\"3821\",\"x-inauth-geolocation-line-speed\":\"medium\",\"x-inauth-geolocation-region\":\"utrecht\",\"x-inauth-request-method\":\"POST\",\"x-inauth-geolocation-country-code\":\"nl\",\"content-length\":\"15922\",\"origin\":\"https://payment.pay1.preprod.secured-by-ingenico.com\",\"x-inauth-geolocation-state-cf\":74,\"x-inauth-geolocation-connection-type\":\"cable\",\"content-type\":\"multipart/form-data; boundary=----WebKitFormBoundaryCvur473xBXRTikUZ\",\"x-inauth-geolocation-country-cf\":99,\"x-inauth-geolocation-continent\":\"europe\",\"x-inauth-geolocation-sld\":\"ziggo\",\"x-inauth-is-malware\":\"false\",\"x-inauth-geolocation-time-zone\":1.0,\"x-forwarded-proto\":\"https\",\"x-inauth-geolocation-country\":\"netherlands\",\"x-inauth-geolocation-city-cf\":50,\"x-inauth-geolocation-organization\":\"vodafone libertel b.v.\",\"x-inauth-geolocation-latitude\":\"52.16629\",\"x-real-ip\":\"100.113.54.0\",\"x-inauth-geolocation-hosting-facility\":\"false\",\"x-inauth-geolocation-city\":\"amersfoort\",\"accept-encoding\":\"gzip, deflate, br\",\"x-amz-cf-id\":\"w9OgMaa8pbXJaqRIS1cLM-nsbG1UvDCf2o3cCkt3aCf_qZD_cI9nRQ==\",\"user-agent\":\"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15\"},\"extra-data\":{\"user-agent-os-type\":\"OS X\",\"x-inauth-device-print\":\"ace4cb941f15613bdc7e69b28318646915928a6d\",\"browser-spoof-reason\":\"HIGH_FONTS_BELOW_THRESHOLD\",\"flashFonts-list\":\"da39a3ee5e6b4b0d3255bfef95601890afd80709\",\"user-agent-browser-name\":\"Safari\",\"ieFonts-list\":\"da39a3ee5e6b4b0d3255bfef95601890afd80709\",\"ipv6-address-details\":{\"type\":\"ipv4\",\"addr\":\"123.123.123.123\",\"nonce\":\"85168932-b9b1-41d7-93e0-6a81a261cc22\",\"ts\":1598865569333,\"region\":\"eu\"},\"x-inauth-device-tag-guid-v2\":\"47b652a8-a2cb-4722-b52f-462b2923a7d4\",\"x-inauth-global-device-print\":\"484be01f2fc7d8c257ec3efa12c77907416a1862\",\"user-agent-browser-version\":\"13.1.2\",\"user-agent-os\":\"OS X\",\"x-inauth-resilient-guid-v2\":\"b3883837-991e-410b-a5d4-fe936631984b\",\"x-inauth-global-guid\":\"59eec874-21dc-4e6b-93bd-ca1b9b63da78\",\"is-mobile\":\"false\",\"x-inauth-is-proxy\":false,\"browser-spoof-risk-status\":\"MEDIUM_RISK\",\"x-inauth-real-ip-address\":\"217.122.117.208\",\"x-inauth-replay-tag\":{\"userAgent\":\"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15\",\"ipAddress\":\"123.123.123.123\",\"nonce\":\"f846a8bd-40ef-4624-b210-451452103f80\",\"ts\":\"1598865568832\",\"status\":\"VALID\"},\"user-agent-browser\":\"Safari 13.1.2\",\"fonts-list\":\"b893debd1f83d6a73e8922f9a14b665b2a2085db\",\"user-agent-os-version\":\"10.15.6\",\"x-inauth-cloud-tag\":\"NTVmMDlmZGQtYzQ5MC00M2VmLTkzNjktZTU1NzEzNjc0NGZmOjE1ODQwMTk3ODEyOTA\",\"plugins-list\":\"da39a3ee5e6b4b0d3255bfef95601890afd80709\",\"x-inauth-device-print-lr\":\"02702d5efba62c96ef98751775026f3933fbd1ba\",\"x-inauth-device-print-extra-pluginVector\":\"0000000000000000000000000000000000000000000000000000000000000000\",\"x-inauth-device-print-lr-is-new\":true,\"user-agent-device-category\":\"PERSONAL_COMPUTER\",\"x-inauth-device-tag-guid-global\":\"6f45eebc-06b1-47e2-9582-e60718029ea0\",\"user-agent-platform-type\":\"Browser\",\"x-inauth-global-device-print-lr\":\"be6121e2fa45b8cb5dcec0c24b8e9c515921ef14\",\"user-agent-os-name\":\"OS X\",\"fonts\":[\"Papyrus\",\"宋体\",\"Geneva\",\"Mshtakan\",\"Bauhaus 93\",\"Zapfino\",\"Times New Roman\",\"Herculanum\",\"Helvetica Neue\",\"䡵湧䱡渠䅲瑤敳楧渠㈰〲⁁汬楧桴猠牥獥牶敤⹔桵⁰桡瀠噎周畦慰〲†乯牭慬ㄮ〠䍯摥⁖义潲⁗楮摯睳周畦慰〲乯牭慬HungLan Artdesign - http://www.vietcomic.comVNI-Thufap2 Normalv2.0 Code VNI for WindowsVNI-Thufap2 Normal\\u0002\",\"Verdana\",\"Arial Rounded MT Bold\",\"Chalkduster\",\"Arial Black\",\"Zapf Dingbats\",\"Apple Chancery\",\"Arial Hebrew\",\"Baskerville\",\"Devanagari MT\",\"Geeza Pro\",\"Hoefler Text\",\"Georgia\",\"Wingdings\",\"Comic Sans MS\",\"Gujarati MT\",\"New Peninim MT\",\"Arial Unicode MS\",\"Lucida Grande\",\"Impact\",\"Nadeem\",\"InaiMathi\",\"Helvetica\",\"Apple Braille\",\"Webdings\",\"Bookshelf Symbol 7\",\"SimSun\",\"KufiStandardGK\",\"Andale Mono\",\"Chalkboard\",\"Didot\",\"Modern No. 20\",\"Baghdad\",\"Rockwell\",\"GB18030 Bitmap\",\"Plantagenet Cherokee\",\"Cochin\",\"Apple Symbols\",\"Silom\",\"Krungthep\",\"Bullets 5(Korean)\",\"Tahoma\",\"Thonburi\",\"Wingdings 2\",\"Wingdings 3\",\"Symbol\",\"Gill Sans\",\"Palatino\",\"Arial Narrow\",\"DecoType Naskh\",\"Monaco\",\"Sathu\",\"Euphemia UCAS\",\"Microsoft JhengHei\",\"Brush Script MT\",\"Microsoft Sans Serif\",\"Courier\",\"Courier New\",\"Corsiva Hebrew\",\"Trebuchet MS\",\"Ayuthaya\",\"Arial\",\"American Typewriter\",\"Copperplate\"]}}}}"
}Reporting
Some of the data points that were captured using the device fingerprint service are visible in the Payment Console (WPC).
| Property | Description |
|---|---|
| DeviceID | This is the device fingerprint value. Based on the amount of data that the device fingerprint collector script was able to collect, this will be a proxy ID for the device used by the consumer. |
| Device Category |
The type of device used by the consumer. Possible values:
|
| Risk Result Score | The score calculated on the basis of Anomalies, Velocity, Location, Integrity, List-Based, and Device Reputation. Range of the score is between 0 and 100. A lower value is better. |
| True IP Address | The true IP address as determined by inAuth. This might be different from the IP address that you are seeing on your side due to the proxy piercing technology deployed by inAuth. |
| Country (IP) | The country of the consumer based on the location of the True IP Address determined by inAuth. |