Session Protection

overview session protection is used at the time of in account activity, such as when saving a new payment method, transferring loyalty points, etc in order to prevent malicious activity such as card testing, loyalty points theft, manipulation of verification methods and saved contact information primary use cases credit card testing preventing fraudsters from checking validity of stolen card details to by adding them to user accounts fraudsters leverage the merchant gateway's $0 auth to check whether the stolen card data is still valid p2p & loyalty transferring protecting peer to peer transferring of fund and other monetary equivalents such as loyalty points between accounts across the ecosystem account / profile protections verifying users through account details change (email, phone, etc), ensuring security while minimizing friction account take over (ato) to prevent incidents where fraudsters use stolen credentials to try and gain access user accounts, leading to data theft, fraud, and brand damage seller fraud protection ecosystem from fraudsters using seller ecosystem to commit fraud (see seller item listing tab) integration steps front end integration docid\ i0th2q4hrfbn h8chrv1d in your dedicated forter portal, you will receive a javascript snippet for both sandbox and production for native mobile apps, you will receive links to download forter's native sdks you'll paste the js script on the appropriate pages of your website or call mobile sdk methods on relevant mobile app screens so that it can load and asynchronously collect important behavioral data from your customer the script or mobileuid generated by the mobile sdk will also generate a unique token for each user on your site that should be included in the account sign up api request body request profile access or update decision forter's profile access api https //docs forter com/reference/profile access can provide a decision to approve a frictionless account details change or suggest that multi factor auth if suspicious activity is detected the relevant access type is denoted as the update payment enum of the accessrequesttype parameter in the request body profile access api request primary data points for card testing account id accessrequesttype update payment connectioninformation cyber intelligence data to analyze browsing behavior, device and connection quality such as ip address, user agent and data collected via js / mobile sdk details of the new item added to the user profile (phone, address, payment method) { "accountid" "e520 ba9a 367 60b", "eventtime" 1415287568000, "connectioninformation" { "customerip" "10 0 0 127", "useragent" "mozilla/5 0 (windows nt 6 1; wow64) applewebkit/537 36 (khtml, like gecko) chrome/47 0 2526 73 safari/537 36", "fortertokencookie" "2315688945984" }, "channeltype" "web", "accountowner" { "email" "john s\@test com", "accountid" "e520 ba9a 367 60b", "created" 1415273168 }, "newpaymentmethods" { "billingdetails" { "personaldetails" { "firstname" "john", "lastname" "smith", "email" "john s\@test com" }, "address" { "address1" "235 montgomery st ", "city" "san francisco", "country" "us", "zip" "94104" } }, "creditcard" { "nameoncard" "john r h smith", "bin" "424242", "cardbrand" "visa", "lastfourdigits" "4242", "expirationmonth" "03", "expirationyear" "2025", "verificationresults" { "avsfullresult" "y", "cvvresult" "m" } } }, "accessrequesttype" "update payment" } profile access api response the response will include the forter decision and potential recommendations, as well as a correlation id that should be stored and used when the merchant provides additional updates (e g result of mfa) key fields forterdecision the latest forter decision regarding the attempted action said fields may hold one of various options "approve" for approved signup requests, where user should be allowed to register for a new accounts; "decline" for declined signup requests, where user should be declined from registering for new accounts; "verification required" for signup requests, where user should be triggered an additional verification (via email, sms, etc ,; "not reviewed" recommendation a specific recommendation for an action that might help the customer to complete their transaction/action (e g verify phone via sms, verify via push notification, verify email, perform a 3ds check, etc ) originalorderid unique order/transaction identifier for which this access request is referring to, if relevant { "forterdecision" "decline", "decisionreason" "", "accountid" "e520 ba9a 367 60b", "originalorderid" "hgj7512345h3de", "recommendation" "" } send new seller items for review relevant for marketplaces, forter's seller item listing api https //docs forter com/reference/seller item listing can provide a decision to approve a frictionless inventory change or suggest that multi factor auth if suspicious activity is detected seller item listing api request { "accountid" "e520 ba9a 367 60b", "eventtime" 1415287568000, "connectioninformation" { "customerip" "10 0 0 127", "useragent" "mozilla/5 0 (windows nt 6 1; wow64) applewebkit/537 36 (khtml, like gecko) chrome/47 0 2526 73 safari/537 36", "fortertokencookie" "2315688945984" }, "channeltype" "web", "accountowner" { "email" "john s\@test com", "accountid" "e520 ba9a 367 60b", "created" 1415273168 }, "listeditems" \[ { "basicitemdata" { "category" "apparel and accessories", "discount" { "couponcodeused" "fathersday2015", "coupondiscountamount" { "amountlocalcurrency" "105 55", "amountusd" "99 95", "currency" "cad" }, "discounttype" "coupon" }, "name" "white genericbrand handbag", "price" { "amountlocalcurrency" "105 55", "amountusd" "99 95", "currency" "cad" }, "productid" "ag54352r7768kko", "productidtype" "sku", "quantity" 1, "secondaryproductid" "2h8331lg4692b45p", "secondaryproductidtype" "isbn", "type" "tangible", "value" { "amountlocalcurrency" "105 55", "amountusd" "99 95", "currency" "cad" } } } ] } seller item listing api response the response will include the forter decision and potential recommendations, as well as a correlation id that should be stored and used when the merchant provides additional updates (e g result of mfa) key fields forterdecision the latest forter decision regarding the attempted action said fields may hold one of various options "approve" for approved signup requests, where user should be allowed to register for a new accounts; "decline" for declined signup requests, where user should be declined from registering for new accounts; "verification required" for signup requests, where user should be triggered an additional verification (via email, sms, etc ,; "not reviewed" recommendation a specific recommendation for an action that might help the customer to complete their transaction/action (e g verify phone via sms, verify via push notification, verify email, perform a 3ds check, etc ) { "forterdecision" "decline", "decisionreason" "", "accountid" "e520 ba9a 367 60b", "correlationid" "hgj7512345h3de", "recommendation" "mfa" } send authentication attempts the authentication result api https //docs forter com/reference/authentication result is used to inform forter of authentication results after an mfa was required by a previous profile access api request, using the provided correlation id while no decision is provided on this request, it is required in order to ensure optimal customer experience as well as continuously improving the decision model authentication result api request key fields accountid customer's account uid in merchant's site eventtime the time that the trigger event occurred in milliseconds additionalauthenticationmethod correlationid a forter unique identifier that was provided as part of a forter api response recommending additional authentication measures used to correlate between the user action which triggered the recommendation and the authentication attempt result required when the additional authentication was triggered by forter's recommendation additionalauthenticationmethod verificationoutcome may take various forms depending on verification outcome for example additionalauthenticationmethod verificationoutcome is a general authentication result enumerated field with 3 possible values \["success"; "failure"; none attempted] please see the authentication result https //docs forter com/reference/authentication result api reference section for more details { "accountid" "e520 ba9a 367 60b", "eventtime" 1415287568000, "connectioninformation" { "customerip" "10 0 0 127", "useragent" "mozilla/5 0 (windows nt 6 1; wow64) applewebkit/537 36 (khtml, like gecko) chrome/47 0 2526 73 safari/537 36", "fortertokencookie" "2315688945984" }, "channeltype" "web", "additionalauthenticationmethod" { "verificationoutcome" "success", "correlationid" "87363864834", }, } authentication result api response as this api is only used to provide forter's model's additional information, the decision returned will always be "not reviewed" supplementary parameters like correlationid and accountid are also returned in the api response send account status updates the account status api https //docs forter com/reference/account status is used to provide forter model's additional information indication of accounts closed by the merchant or accounts that changed in status that reflect agreement or disagreement with forter's sign up decision (use / ignore the decision) the account status api is only intended to provide forter with additional details and does not return a new decision rather, the response will always be "not reviewed" account status api request main data points are status updated status (forter enum format) enumerated values include ("active"; "suspended"; "closed"; "guest"; "pending") statuschangereason merchant descriptive reason for closing the account { "accountid" "e520 ba9a 367 60b", "eventtime" 1415287568000, "status" "suspended", "statuschangereason" "user violation of coupon abuse policy", "connectioninformation" { "customerip" "10 0 0 127", "useragent" "mozilla/5 0 (windows nt 6 1; wow64) applewebkit/537 36 (khtml, like gecko) chrome/47 0 2526 73 safari/537 36", "fortertokencookie" "2315688945984" }, "type" "business", "merchantaccountstatus" "open", "statuschangeby" "merchant admin" } prepare and upload historical data https //docs forter com/historical data to ensure the highest level of accuracy for our decisioning model, forter customizes our model to fit the specific risk profile of each of our customers we achieve this by training the model with your past signup and login data in order to provide you with better accuracy from day 1 complete integration tests https //docs forter com/qa#uk1vi the purpose of forter's integration tests is to make sure that your integration covers all relevant use cases, while still in the sandbox or test environment each use case may need a different combination of attributes and values to make sure you have covered each of the use cases we expect in your integration, please go through the test scenario list in the integration tests section of portal for each, you'll need to create the scenario in your sandbox site that will generate a call to forter's api then, select the corresponding api request that forter received and click run to verify that the sample request meets the criteria deploy to production once the integration tests have passed, and you've reviewed any gaps with a forter implementation engineer please, deploy your code to your production environment, with two critical adjustments replace your site id and secret key with your production credentials https //docs forter com/reference/environments#x fxu update your javascript snippet and mobile sdks to use your production site id and the production hash keys, if relevant please note that this does not yet complete your integration until forter has switched your site to live (after data validation and listen mode), all forter decisions will return "not reviewed" data validation https //docs forter com/qa#qeexu once in production, forter uses a data validation tool to execute a set of automated tests across your live data in aggregation the test outputs are daily reports that validate the accuracy and completeness of the production data we receive from you you can monitor this output in forter portal under integration center tools we recommend checking the report daily to identify any failed tests, which will prevent you from moving forward to listen mode listen mode https //docs forter com/qa#dkxgh in "listen mode", we will monitor the production traffic on your site and calibrate our models before we begin to provide you with decisions this is a critical stage to ensure you meet your kpis, and usually lasts around 7 14 days your implementation engineer will update you on the specific timeline for your integration during this time, forter will continue to return "not reviewed" decisions in the api response go live as forter begins to send decisions and recommendations, confirm that your production site is handling responses as expected