Device Intelligence
Device intelligence collects and analyzes device characteristics to identify fraud, detect suspicious behavior, and prevent application abuse.
How Device Intelligence Works
┌─────────────────────────────────────────────────────────┐
│ USER'S DEVICE │
│ Browser, OS, Hardware, Network, Location │
└─────────────────────────┬───────────────────────────────┘
│
v
┌─────────────────────────────────────────────────────────┐
│ DEVICE FINGERPRINTING │
│ Collect 100+ signals to create unique identifier │
└─────────────────────────┬───────────────────────────────┘
│
v
┌─────────────────────────────────────────────────────────┐
│ FRAUD DATABASE │
│ Check against known fraudulent devices │
└─────────────────────────┬───────────────────────────────┘
│
v
┌─────────────────────────────────────────────────────────┐
│ RISK ASSESSMENT │
│ Calculate device risk score (0-100) │
└─────────────────────────────────────────────────────────┘
Collecting Device Data
Web Integration
Add the TrustGate SDK to collect device signals:
<script src="https://cdn.bytrustgate.com/device-sdk.js"></script>
<script>
const deviceData = await TrustGate.collectDeviceSignals();
// Include in API request
fetch('/api/verify', {
method: 'POST',
body: JSON.stringify({
applicant_id: 'applicant_123',
device_data: deviceData
})
});
</script>
Mobile Integration
Coming soon: Native mobile SDKs for React Native, iOS, and Android are under development. For now, collect device data via the REST API:
curl -X POST https://api.bytrustgate.com/api/v1/device/analyze \
-H "X-API-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"ip_address": "203.0.113.1", "user_agent": "Mozilla/5.0..."}'
API Submission
curl -X POST https://api.bytrustgate.com/v1/device/analyze \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"applicant_id": "550e8400-e29b-41d4-a716-446655440000",
"device_data": {
"fingerprint": "fp_abc123...",
"signals": {...}
}
}'
Device Signals Collected
Browser Signals
| Signal | Description |
|---|---|
| User agent | Browser and version |
| Language | Browser language settings |
| Timezone | Local timezone |
| Screen resolution | Display dimensions |
| Color depth | Display color capability |
| Plugins | Browser plugins installed |
| Canvas fingerprint | Graphics rendering signature |
| WebGL fingerprint | 3D rendering signature |
| Audio fingerprint | Audio processing signature |
Network Signals
| Signal | Description |
|---|---|
| IP address | Connection IP |
| IP geolocation | Derived location |
| ISP | Internet service provider |
| Connection type | Wifi, cellular, etc. |
| VPN detection | VPN/proxy indicators |
| Tor detection | Tor network usage |
Device Signals
| Signal | Description |
|---|---|
| Operating system | OS type and version |
| Device type | Desktop, mobile, tablet |
| Device model | Specific device model |
| CPU cores | Processor information |
| Memory | Available RAM |
| Touch support | Touchscreen capability |
| Battery | Battery status (mobile) |
Device Risk Score
Get Device Analysis
curl -X GET "https://api.bytrustgate.com/v1/device/{device_id}" \
-H "Authorization: Bearer YOUR_API_KEY"
Response
{
"device_id": "dev_789012",
"fingerprint": "fp_abc123def456",
"risk_score": 72,
"risk_level": "high",
"first_seen": "2025-01-15T10:00:00Z",
"application_count": 5,
"risk_factors": [
{
"factor": "multiple_applications",
"severity": "high",
"details": "5 applications from this device in 7 days"
},
{
"factor": "vpn_detected",
"severity": "medium",
"details": "Commercial VPN service detected"
},
{
"factor": "timezone_mismatch",
"severity": "medium",
"details": "Browser timezone doesn't match IP location"
}
],
"associations": {
"applicants": ["app_001", "app_002", "app_003", "app_004", "app_005"],
"ips": ["192.168.1.1", "10.0.0.1"],
"locations": ["New York, US", "London, UK"]
}
}
Risk Factors
High Risk Indicators
| Factor | Risk Contribution | Description |
|---|---|---|
device_previously_fraudulent | +40 | Device linked to confirmed fraud |
device_emulator | +35 | Virtual device detected |
device_rooted_jailbroken | +25 | Modified OS detected |
multiple_applications | +20 | Many apps from same device |
tor_network | +25 | Tor exit node detected |
Medium Risk Indicators
| Factor | Risk Contribution | Description |
|---|---|---|
vpn_detected | +15 | VPN or proxy in use |
datacenter_ip | +15 | IP from hosting provider |
timezone_mismatch | +10 | Timezone inconsistency |
browser_automation | +20 | Automation tools detected |
incognito_mode | +5 | Private browsing |
Low Risk Indicators
| Factor | Risk Contribution | Description |
|---|---|---|
new_device | +5 | First time seeing device |
unusual_browser | +5 | Uncommon browser |
outdated_browser | +5 | Old browser version |
Velocity Controls
Configure Device Velocity
curl -X PUT https://api.bytrustgate.com/v1/settings/device-velocity \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"max_applications_per_device": {
"count": 3,
"period_days": 30,
"action": "flag_for_review"
},
"max_applications_per_ip": {
"count": 5,
"period_days": 1,
"action": "block"
},
"cooldown_after_rejection": {
"hours": 24,
"action": "block"
}
}'
Velocity Check Response
{
"velocity_check": {
"passed": false,
"violations": [
{
"rule": "max_applications_per_device",
"current": 4,
"limit": 3,
"period": "30d"
}
],
"action": "flag_for_review"
}
}
Device Linking
Find Linked Devices
curl -X GET "https://api.bytrustgate.com/v1/device/{device_id}/linked" \
-H "Authorization: Bearer YOUR_API_KEY"
Response
{
"device_id": "dev_789012",
"linked_devices": [
{
"device_id": "dev_789013",
"link_type": "same_ip",
"confidence": 0.95,
"shared_signals": ["ip_address", "isp"]
},
{
"device_id": "dev_789014",
"link_type": "similar_fingerprint",
"confidence": 0.78,
"shared_signals": ["canvas_fingerprint", "webgl_fingerprint"]
}
],
"linked_applicants": [
{
"applicant_id": "app_001",
"status": "approved"
},
{
"applicant_id": "app_002",
"status": "rejected",
"rejection_reason": "fraud"
}
]
}
Workflow Integration
Auto-Flag High-Risk Devices
curl -X POST https://api.bytrustgate.com/v1/workflows/rules \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"rule_id": "flag_risky_device",
"trigger": "device_analyzed",
"conditions": {
"all": [
{"field": "device_risk_score", "operator": "gte", "value": 70}
]
},
"actions": [
{
"type": "add_flag",
"flag": "high_risk_device"
},
{
"type": "create_case",
"case_type": "fraud",
"priority": "high"
}
]
}'
Privacy Considerations
- Device fingerprinting complies with GDPR when proper consent is obtained
- No PII is collected directly - only device characteristics
- Data retention follows your configured policies
- Users can request device data deletion
Next Steps
- Email Verification - Email risk assessment
- Phone Verification - Phone validation
- Risk Signals - All fraud signals