Skip to main content
All CollectionsUsing the API
Getting started with device fingerprint
Getting started with device fingerprint
Daragh McMeel avatar
Written by Daragh McMeel
Updated over 9 months ago

It's common for fraudulent actors to make repeated applications when attempting fraud. If one document doesn't work, they try another. If the first stolen identity they use is rejected, they have a second one ready to go. In many cases, multiple applications are submitted simultaneously in a single attack, in the hopes that at least one will make it through your fraud stack.

Inscribe's device fingerprint is designed to keep you protected from repeated fraudulent applications, with zero manual input.

By combining device, browser, and geographical data, we can assign each of your customers a unique 'fingerprint'. Repeat applications can then be uncovered as coming from the same source, and custom rules can be used to flag these applications.

Integration

Getting started with device identification is as simple as adding a single line of code to your onboarding flow. You can learn more about how to do this over at our documentation page.

Alternatively, if you are using Collect to receive documents from your customers, we will identify the user's device when they land on the collect portal. No integration is required to leverage this.

Choosing alert conditions

Once you have allowed Inscribe to identify customer devices, the next step is choosing a condition for when you want an alert to be raised. Inscribe supports the following conditions:

Repeat Application — The device has been associated with another customer

Repeat Application with Different Address — The device has been associated with another customer that provided different address data

Repeat Application with Different Name — The device has been associated with another customer that provided different name data

Repeat Application with Previous Fraud — The device has been associated with another customer where documents were flagged by Inscribe

Repeat Application with Previous Rejection — The device has been associated with another customer where you recorded a rejection decision within Inscribe

Incognito Mode — The device browser was using 'Incognito mode'

To apply a condition, simply create a corresponding custom rule within the web app at your Checks & Rules page. You can learn more about creating custom rules at our Help Center page.

Whenever any of your conditions have been met, documents associated with that customer will be flagged by Inscribe, with the relevant fraud signals displayed.

Testing embedded device fingerprint

If you'd like to test it out, you can manually associate your own device with an example customer by visiting the appropriate link with your device browser. All you need is the ID for the Customer object you want to associate your device with, and this is provided in the URL for viewing the Customer object within the web app.

Let's walk through a concrete example of testing the Repeat Application Previous Rejection condition:

  1. Create a custom rule that requires the Repeat Application Previous Rejection result.

  2. Create a new Customer within the Inscribe web app. This will play the role of the first application.

  3. Use the Customer URL to copy the ID for the Customer object. For example, if the URL is https://app.inscribe.ai/#/customer/12d84acf-25a6-66af-a0b4-8d45a7baade7, the ID is 12d84acf-25a6-66af-a0b4-8d45a7baade7

  4. Visit https://verify.inscribe.ai?customerId={CustomerID} with your browser. For example, with the ID as in step 3, you would visit https://verify.inscribe.ai?customerId=12d84acf-25a6-66af-a0b4-8d45a7baade7. This allows Inscribe to associate your device with this Customer object. This step happens automatically for applicants going through your on-boarding flow.

  5. Reject the Customer within the Inscribe app.

  6. Create a second Customer. This will play the role of the second application.

  7. Repeat steps 3 and 4 for this Customer. Now the same device will be associated with both Customer objects.

  8. Upload a document to the second Customer. Because the device was related to a previously rejected Customer, you'll see the fraud signal as shown below.

Testing device fingerprint with Collect

If you are using Collect, then testing would look like this instead

  1. Create a custom rule that requires the Repeat Application Previous Rejection result.

  2. Create a new Customer within the Inscribe web app. This will play the role of the first application.

  3. Create a Collect session associated with that Customer and copy the URL you generate.

  4. Follow this URL to the Collect portal and complete the Collect session.

    1. Your device will now be associated with this Customer object.

  5. Reject the Customer within the Inscribe app.

  6. Create a second Customer. This will play the role of the second application.

  7. Repeat steps 3 and 4 for this Customer. Now the same device will be associated with both Customer objects.

  8. Upload a document to the second Customer. Because the device was related to a previously rejected Customer, you'll see the fraud signal as shown below.

Reviewing device fingerprint metadata

If you would like to review the metadata associated with a users device fingerprint, you can find this by looking at the Retrieve A Document API response. You view the API response in the web app by loading the document, and then clicking the API button in the top right.

Related Articles
Fingerprinting
Understanding the Decision Engine
Getting started with the Trust Score during your Inscribe pilot
Fraud Rating
Getting Started with Inscribe 🎥
Did this answer your question?