> ## Documentation Index
> Fetch the complete documentation index at: https://developer.verilock.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Device Fingerprinting

> Detect fraud with automatic browser and device fingerprinting during verification.

Device Fingerprinting automatically collects browser and device signals during the hosted verification flow. These signals generate a risk score and fraud indicators that help you detect bots, emulators, and repeat offenders.

## What's Collected

Verilock's fingerprinting SDK captures the following signals transparently during the hosted flow -- no additional integration required.

| Category             | Signals                                                           |
| -------------------- | ----------------------------------------------------------------- |
| **Browser**          | User agent, language, timezone, installed plugins, cookie support |
| **Operating System** | Platform, OS version, CPU cores, device memory                    |
| **Screen**           | Resolution, color depth, pixel ratio, available dimensions        |
| **Canvas**           | Canvas rendering hash (unique per GPU/driver combination)         |
| **WebGL**            | GPU vendor, renderer, supported extensions                        |
| **Audio**            | AudioContext fingerprint                                          |
| **Network**          | Connection type, IP geolocation, VPN/proxy detection              |
| **Behavior**         | Touch support, pointer type, Do Not Track setting                 |

<Note>
  Fingerprinting runs automatically during hosted verification sessions. No additional SDK configuration is needed.
</Note>

## Risk Scoring

Each session receives a device risk score from **0** (no risk) to **100** (highest risk), calculated from the collected signals.

| Score Range | Level        | Description                                                   |
| ----------- | ------------ | ------------------------------------------------------------- |
| 0 -- 20     | **Low**      | Normal browser on a standard device                           |
| 21 -- 50    | **Medium**   | Minor anomalies detected (e.g., unusual timezone/IP mismatch) |
| 51 -- 80    | **High**     | Multiple fraud signals present                                |
| 81 -- 100   | **Critical** | Strong indicators of fraud, bot, or emulation                 |

## Fraud Signals

Verilock flags specific fraud indicators when detected:

| Signal              | Description                                                       |
| ------------------- | ----------------------------------------------------------------- |
| `bot`               | Automated browser detected (headless Chrome, Puppeteer, Selenium) |
| `emulator`          | Device emulator detected (e.g., Android emulator, BrowserStack)   |
| `tampered`          | Browser properties have been spoofed or modified                  |
| `webdriver`         | WebDriver automation flag is present                              |
| `incognito`         | Private/incognito browsing mode detected                          |
| `vpn`               | Traffic routed through a known VPN provider                       |
| `proxy`             | Traffic routed through a known proxy server                       |
| `tor`               | Traffic originating from a Tor exit node                          |
| `multiple_accounts` | Same device fingerprint seen across different sessions            |

## Cross-Session Tracking

Device fingerprints are stored and compared across all sessions in your organization. This enables:

* **Duplicate detection** -- flag when the same device submits multiple verification sessions
* **Velocity checks** -- detect rapid submissions from the same device
* **Device linking** -- connect sessions that share the same fingerprint even if personal details differ

The `device_id` field in the session response is a stable identifier for the device across sessions.

## API Response

Device fingerprinting data is included in the session detail response (`GET /v1/sessions/{id}`):

```json theme={null}
{
  "id": "ses_a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "status": "approved",
  "device_fingerprint": {
    "device_id": "dfp_8a7b6c5d4e3f2a1b",
    "risk_score": 15,
    "risk_level": "low",
    "fraud_signals": [],
    "browser": "Chrome 122.0",
    "os": "macOS 15.3",
    "screen_resolution": "2560x1440",
    "timezone": "America/New_York",
    "ip_address": "203.0.113.42",
    "ip_country": "US",
    "vpn_detected": false,
    "proxy_detected": false,
    "previous_sessions": [],
    "collected_at": "2026-03-18T10:00:00Z"
  }
}
```

### High-Risk Example

```json theme={null}
{
  "device_fingerprint": {
    "device_id": "dfp_suspicious123",
    "risk_score": 87,
    "risk_level": "critical",
    "fraud_signals": ["bot", "webdriver", "tampered"],
    "browser": "Chrome 122.0 (headless)",
    "os": "Linux x86_64",
    "screen_resolution": "1920x1080",
    "timezone": "UTC",
    "ip_address": "198.51.100.10",
    "ip_country": "RO",
    "vpn_detected": true,
    "proxy_detected": false,
    "previous_sessions": [
      "ses_prev1-uuid",
      "ses_prev2-uuid"
    ],
    "collected_at": "2026-03-18T10:05:00Z"
  }
}
```

## Response Fields

| Field               | Type    | Description                                         |
| ------------------- | ------- | --------------------------------------------------- |
| `device_id`         | string  | Stable device identifier for cross-session tracking |
| `risk_score`        | integer | Device risk score (0-100)                           |
| `risk_level`        | string  | `low`, `medium`, `high`, or `critical`              |
| `fraud_signals`     | array   | List of detected fraud indicators                   |
| `browser`           | string  | Browser name and version                            |
| `os`                | string  | Operating system and version                        |
| `screen_resolution` | string  | Screen resolution                                   |
| `timezone`          | string  | IANA timezone                                       |
| `ip_address`        | string  | Client IP address                                   |
| `ip_country`        | string  | ISO 3166-1 alpha-2 country code                     |
| `vpn_detected`      | boolean | Whether VPN usage was detected                      |
| `proxy_detected`    | boolean | Whether proxy usage was detected                    |
| `previous_sessions` | array   | Session IDs from the same device                    |
| `collected_at`      | string  | ISO 8601 timestamp of data collection               |

<Warning>
  Device fingerprinting requires the hosted verification flow. API-only sessions (direct document upload) do not collect device data.
</Warning>
