SEON Device Fingerprint

Web, iOS, and Android SDKs capture an encrypted, base64-encoded device fingerprint via getSession(); the payload is passed in the Fraud API session field and decoded server-side into device_details intelligence covering hardware, browser, emulator, and tampering signals.

OpenAPI Specification

seon-openapi.yml Raw ↑
openapi: 3.0.1
info:
  title: SEON REST API
  description: >-
    SEON's fraud prevention and anti-money-laundering REST API. Combines
    digital-footprint analysis, device fingerprinting, and machine-learning
    risk scoring to return real-time fraud scores and enriched intelligence
    from an email address, phone number, IP address, or full transaction
    payload, plus AML screening and transaction labeling. All requests
    authenticate with an X-API-KEY header and are case-sensitive.
  termsOfService: https://seon.io/legal/terms-and-conditions/
  contact:
    name: SEON Support
    email: support@seon.io
    url: https://docs.seon.io
  version: '2.0'
servers:
  - url: https://api.seon.io
    description: Primary (EU) transaction processing environment
security:
  - ApiKeyAuth: []
tags:
  - name: Fraud
    description: Combined transaction fraud scoring.
  - name: Email
    description: Email address digital footprint and risk scoring.
  - name: Phone
    description: Phone number digital footprint and risk scoring.
  - name: IP
    description: IP address proxy/VPN/Tor detection and risk scoring.
  - name: AML
    description: Sanctions, watchlist, PEP, and adverse-media screening.
  - name: Labels
    description: Transaction outcome labeling for machine-learning feedback.
paths:
  /SeonRestService/fraud-api/v2.0:
    post:
      operationId: scoreFraud
      tags:
        - Fraud
      summary: Score a transaction for fraud
      description: >-
        Submits a combined transaction payload (user, transaction, payment,
        device, email, phone, and IP signals) and returns a fraud_score, a
        state decision, and the applied_rules that fired, enriched with module
        details for email, phone, IP, BIN, device, and AML.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FraudRequest'
      responses:
        '200':
          description: Fraud scoring result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FraudResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /SeonRestService/email-api/v3:
    post:
      operationId: analyzeEmail
      tags:
        - Email
      summary: Analyze an email address
      description: >-
        Returns the digital footprint behind an email address, including
        deliverability, domain details, breach history, registration across
        250+ online platforms, and a machine-learning risk score.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EmailRequest'
      responses:
        '200':
          description: Email analysis result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EmailResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /SeonRestService/phone-api/v2:
    post:
      operationId: analyzePhone
      tags:
        - Phone
      summary: Analyze a phone number
      description: >-
        Returns the digital footprint behind a phone number, including carrier
        and HLR details, CNAM, telco attributes such as SIM-swap and porting
        history, account aggregates, and a global network risk score.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PhoneRequest'
      responses:
        '200':
          description: Phone analysis result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PhoneResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /SeonRestService/ip-api/v1/{ip}:
    get:
      operationId: analyzeIp
      tags:
        - IP
      summary: Analyze an IP address
      description: >-
        Detects fake, harmful, and suspicious IP addresses - including Tor,
        VPN, web, public, data-center, and residential proxies - with
        geolocation, ISP, open ports, and a risk score for a given IPv4 or
        IPv6 address.
      parameters:
        - name: ip
          in: path
          required: true
          description: Full IPv4 or IPv6 address to analyze.
          schema:
            type: string
        - name: include
          in: query
          required: false
          description: Comma-separated extra data sets to include (history, flags, id).
          schema:
            type: string
        - name: flags_timeframe_days
          in: query
          required: false
          description: Number of days of flag history to include.
          schema:
            type: integer
      responses:
        '200':
          description: IP analysis result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IpResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /SeonRestService/aml-api/v1:
    post:
      operationId: screenAml
      tags:
        - AML
      summary: Screen a person for AML risk
      description: >-
        Screens a person against sanctions, watchlists, crime lists,
        politically exposed persons (PEP), and adverse-media sources, returning
        per-category match flags and a result payload.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AmlRequest'
      responses:
        '200':
          description: AML screening result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AmlResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /SeonRestService/fraud-api/transaction-label/v2:
    put:
      operationId: labelTransactions
      tags:
        - Labels
      summary: Label scored transactions
      description: >-
        Applies fraud-outcome labels (such as fraud_detection_fraud) to up to
        50 previously scored transactions per request, feeding SEON's
        machine-learning models. A transaction can hold a single label at a
        time; existing labels can be overwritten.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LabelRequest'
      responses:
        '200':
          description: Labeling result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
components:
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: X-API-KEY
      description: SEON license key sent as the X-API-KEY request header.
  responses:
    Unauthorized:
      description: Authentication failed - missing or invalid X-API-KEY.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/GenericResponse'
  schemas:
    FraudRequest:
      type: object
      properties:
        config:
          type: object
          description: Per-module configuration controlling which enrichments run.
        ip:
          type: string
          description: IP address associated with the transaction.
        email:
          type: string
          description: Email address associated with the user.
        phone_number:
          type: string
          description: Phone number in international format.
        user_fullname:
          type: string
        user_id:
          type: string
        transaction_id:
          type: string
          maxLength: 255
        transaction_amount:
          type: number
        transaction_currency:
          type: string
          maxLength: 4
        card_hash:
          type: string
          maxLength: 500
        card_bin:
          type: string
          maxLength: 15
        session:
          type: string
          description: Device fingerprinting session payload.
        custom_fields:
          type: object
          description: Arbitrary key/value pairs used in custom rules.
    FraudResponse:
      type: object
      properties:
        success:
          type: boolean
        error:
          $ref: '#/components/schemas/Error'
        data:
          type: object
          properties:
            id:
              type: string
            state:
              type: string
              description: Decision such as APPROVE, REVIEW, or DECLINE.
            fraud_score:
              type: number
            applied_rules:
              type: array
              items:
                $ref: '#/components/schemas/AppliedRule'
            calculation_time:
              type: integer
              description: Processing time in milliseconds.
            email_details:
              type: object
            phone_details:
              type: object
            ip_details:
              type: object
            bin_details:
              type: object
            device_details:
              type: object
            aml_details:
              type: object
    AppliedRule:
      type: object
      properties:
        id:
          type: string
        name:
          type: string
        operation:
          type: string
        score:
          type: number
    EmailRequest:
      type: object
      required:
        - email
      properties:
        email:
          type: string
        config:
          type: object
    EmailResponse:
      type: object
      properties:
        success:
          type: boolean
        error:
          $ref: '#/components/schemas/Error'
        data:
          type: object
          properties:
            id:
              type: string
            email:
              type: string
            score:
              type: number
            deliverable:
              type: boolean
            domain_details:
              type: object
            account_details:
              type: object
              description: Registration on 250+ online platforms.
            breach_details:
              type: object
            applied_rules:
              type: array
              items:
                $ref: '#/components/schemas/AppliedRule'
    PhoneRequest:
      type: object
      required:
        - phone
      properties:
        phone:
          type: string
        config:
          type: object
    PhoneResponse:
      type: object
      properties:
        success:
          type: boolean
        error:
          $ref: '#/components/schemas/Error'
        data:
          type: object
          properties:
            id:
              type: string
            phone:
              type: string
            score:
              type: number
            account_details:
              type: object
            carrier_details:
              type: object
            hlr_details:
              type: object
            cnam_details:
              type: object
            applied_rules:
              type: array
              items:
                $ref: '#/components/schemas/AppliedRule'
    IpResponse:
      type: object
      properties:
        success:
          type: boolean
        error:
          $ref: '#/components/schemas/Error'
        data:
          type: object
          properties:
            id:
              type: string
            ip:
              type: string
            score:
              type: number
            country:
              type: string
            city:
              type: string
            isp_name:
              type: string
            type:
              type: string
            open_ports:
              type: array
              items:
                type: integer
            tor:
              type: boolean
            harmful:
              type: boolean
            vpn:
              type: boolean
            web_proxy:
              type: boolean
            public_proxy:
              type: boolean
            data_center_proxy:
              type: boolean
            residential_proxy:
              type: boolean
            applied_rules:
              type: array
              items:
                $ref: '#/components/schemas/AppliedRule'
    AmlRequest:
      type: object
      required:
        - user_fullname
      properties:
        user_fullname:
          type: string
        user_id:
          type: string
        user_firstname:
          type: string
        user_middlename:
          type: string
        user_lastname:
          type: string
        user_dob:
          type: string
          format: date
        user_pob:
          type: string
        user_photoid_number:
          type: string
        user_country:
          type: string
        config:
          type: object
    AmlResponse:
      type: object
      properties:
        success:
          type: boolean
        error:
          $ref: '#/components/schemas/Error'
        data:
          type: object
          properties:
            has_sanction_match:
              type: boolean
            has_watchlist_match:
              type: boolean
            has_crimelist_match:
              type: boolean
            has_pep_match:
              type: boolean
            has_adversemedia_match:
              type: boolean
            local_aml_match:
              type: object
            result_payload:
              type: object
    LabelRequest:
      type: object
      required:
        - transactions
      properties:
        transactions:
          type: array
          maxItems: 50
          items:
            type: object
            required:
              - transaction_id
              - label
            properties:
              transaction_id:
                type: string
              label:
                type: string
                description: >-
                  A predefined label value such as fraud_detection_fraud or
                  bnpl_credit_risk_default.
    GenericResponse:
      type: object
      properties:
        success:
          type: boolean
        error:
          $ref: '#/components/schemas/Error'
        data:
          type: object
    Error:
      type: object
      properties:
        code:
          type: string
        message:
          type: string