Device Fingerprinting automatically collects browser and device signals during the hosted verification flow. These signals generate a risk score and fraud indicators that help you detect bots, emulators, and repeat offenders.
What’s Collected
Verilock’s fingerprinting SDK captures the following signals transparently during the hosted flow — no additional integration required.
| Category | Signals |
|---|
| Browser | User agent, language, timezone, installed plugins, cookie support |
| Operating System | Platform, OS version, CPU cores, device memory |
| Screen | Resolution, color depth, pixel ratio, available dimensions |
| Canvas | Canvas rendering hash (unique per GPU/driver combination) |
| WebGL | GPU vendor, renderer, supported extensions |
| Audio | AudioContext fingerprint |
| Network | Connection type, IP geolocation, VPN/proxy detection |
| Behavior | Touch support, pointer type, Do Not Track setting |
Fingerprinting runs automatically during hosted verification sessions. No additional SDK configuration is needed.
Risk Scoring
Each session receives a device risk score from 0 (no risk) to 100 (highest risk), calculated from the collected signals.
| Score Range | Level | Description |
|---|
| 0 — 20 | Low | Normal browser on a standard device |
| 21 — 50 | Medium | Minor anomalies detected (e.g., unusual timezone/IP mismatch) |
| 51 — 80 | High | Multiple fraud signals present |
| 81 — 100 | Critical | Strong indicators of fraud, bot, or emulation |
Fraud Signals
Verilock flags specific fraud indicators when detected:
| Signal | Description |
|---|
bot | Automated browser detected (headless Chrome, Puppeteer, Selenium) |
emulator | Device emulator detected (e.g., Android emulator, BrowserStack) |
tampered | Browser properties have been spoofed or modified |
webdriver | WebDriver automation flag is present |
incognito | Private/incognito browsing mode detected |
vpn | Traffic routed through a known VPN provider |
proxy | Traffic routed through a known proxy server |
tor | Traffic originating from a Tor exit node |
multiple_accounts | Same device fingerprint seen across different sessions |
Cross-Session Tracking
Device fingerprints are stored and compared across all sessions in your organization. This enables:
- Duplicate detection — flag when the same device submits multiple verification sessions
- Velocity checks — detect rapid submissions from the same device
- Device linking — connect sessions that share the same fingerprint even if personal details differ
The device_id field in the session response is a stable identifier for the device across sessions.
API Response
Device fingerprinting data is included in the session detail response (GET /v1/sessions/{id}):
{
"id": "ses_a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"status": "approved",
"device_fingerprint": {
"device_id": "dfp_8a7b6c5d4e3f2a1b",
"risk_score": 15,
"risk_level": "low",
"fraud_signals": [],
"browser": "Chrome 122.0",
"os": "macOS 15.3",
"screen_resolution": "2560x1440",
"timezone": "America/New_York",
"ip_address": "203.0.113.42",
"ip_country": "US",
"vpn_detected": false,
"proxy_detected": false,
"previous_sessions": [],
"collected_at": "2026-03-18T10:00:00Z"
}
}
High-Risk Example
{
"device_fingerprint": {
"device_id": "dfp_suspicious123",
"risk_score": 87,
"risk_level": "critical",
"fraud_signals": ["bot", "webdriver", "tampered"],
"browser": "Chrome 122.0 (headless)",
"os": "Linux x86_64",
"screen_resolution": "1920x1080",
"timezone": "UTC",
"ip_address": "198.51.100.10",
"ip_country": "RO",
"vpn_detected": true,
"proxy_detected": false,
"previous_sessions": [
"ses_prev1-uuid",
"ses_prev2-uuid"
],
"collected_at": "2026-03-18T10:05:00Z"
}
}
Response Fields
| Field | Type | Description |
|---|
device_id | string | Stable device identifier for cross-session tracking |
risk_score | integer | Device risk score (0-100) |
risk_level | string | low, medium, high, or critical |
fraud_signals | array | List of detected fraud indicators |
browser | string | Browser name and version |
os | string | Operating system and version |
screen_resolution | string | Screen resolution |
timezone | string | IANA timezone |
ip_address | string | Client IP address |
ip_country | string | ISO 3166-1 alpha-2 country code |
vpn_detected | boolean | Whether VPN usage was detected |
proxy_detected | boolean | Whether proxy usage was detected |
previous_sessions | array | Session IDs from the same device |
collected_at | string | ISO 8601 timestamp of data collection |
Device fingerprinting requires the hosted verification flow. API-only sessions (direct document upload) do not collect device data.
