Web App Fraud Analytics
Keyri provides a JavaScript agent for fraud analytics that produces durable device ID fingerprints that persist across sessions. It provides risk analytics data to your client and server for events you want analyzed. Trigger the fraud analytics agent at each event that you want to assess the risk of; the Keyri API will provide a summary of the risk level and details about the event's risk signals as well as details about the user such as location. The JavaScript agent is lightweight and can be deployed in a few minutes.
Features
- Retrieve device data for logging and analytics
- Create device identifier based on device data
Installing
Package manager
Using npm:
$ npm i @keyri/xray
Once the package is installed, you can import the library using import
or require
:
import { XRAY } from "@keyri/xray";
const xray = new XRAY();
const info = await xray.scan(
data.eventType, // The type of event: Login, Signup, Visits, Access
data.userId, // The id of the user in your system
data.yourPublicEcdhKey, // This comes from our dashboard and is used
// -- to identify you and as an encryption key
5000, // Optional Timeout.
// -- If nothing happens before this, an error is returned
"safe" // Optional Commit-Mode. When used, the API does not
// -- automatically update information about the device or user.
// -- The Relying-Party (you) must make an additional API
// -- call to make this happen.
);
You can get the constant you need (your serviceEncryptionKey
(pair)) from the Keyri Dashboard under Setup & Credentials
Example
Note CommonJS usage
Browser
import { XRAY } from "@keyri/xray";
const serviceEncryptionKey = 'your_ECDH_public_key';
async function login(userId, password) {
const xray = new XRAY();
// Call the Keyri fraud analytics function and await its response
const encryptedRiskObject = await xray.scan('login', userId, serviceEncryptionKey, 5000);
// Send the Keyri response object
// as part of your API call to retrieve protected resources
const loginResponse = await fetch('/api/login', {
method: 'POST',
body: { userId, password, encryptedRiskObject },
});
}