Complete End-to-End Web Integration Guide
Overview
Sensfrx is a fraud prevention platform that uses cognitive intelligence technology to identify harmful activities such as risky logins, fake registrations, fraudulent transactions, and other suspicious actions. You can integrate Sensfrx into your web application to reduce the risk of fraud.
The goal of this guide is to help you correctly configure Sensfrx and achieve your security goals. The integration is divided into steps that are:
Step 1: Create and setup your account
Step 2: Add your property
Step 3: Code Integration (Client-Side SDK)
3.1: Phase I
3.2: Phase II
Step 4: Code Integration (Server-Side SDK)
Step 1: Create and Setup your account
If you already have an account, please proceed to Step 2.
1.1 Sign up for a free trail to get started and enter all the details as required and you will receive a verification link in your email.
Image depicting screen after creating an account on Sensfrx
1.2 After verifying the email you will need to enter the details of your web application and click on Next.
Image the screen
1.3 Select the option applicable to you and click on Next.
Image depicting second screen of integrating your property
1.4 Select the application type applicable to your web application and enter the website domain name and click Next.
1.5 If you have a mobile application, select the respective radio buttons, fill in the required details, and click "Next." Otherwise, you may click the Next button and proceed to the next step.
Step 2: Add your property
If you already have a property ID and property secret, please proceed to Step 3. If not, continue reading for further instructions.
2.1 The Property ID field will be pre-filled and click on GENERATE SECRET to get Property secret.
2.2 You will get the property secret. Copy the Property ID and Property secret then proceed for client-side SDK integration.
Step 3: Code Integration (Client-side SDK)
After setting up your account and obtaining your property ID and property secret, you will need to integrate the code into your web application. This includes configuring both the client-side and server-side SDKs.
To integrate Sensfrx client-side SDK into your web application you will need to integrate our Pixel file.
Pixel file: A pixel file is a small piece of code to track user activity like browsing pages, exploring various products online and other similar functions that helps to conduct User and entity behavioral analysis to create identity profile and gather device fingerprinting data.
3.1: Phase I – Pixel Integration
For a Web application, Users need to include the following JavaScript snippet:
<script src="https://p.Sensfrx.ai/as.js?p={PROPERTY ID}"></script> It needs to be included in the <head> tag just before the head closing tag </head>.
In the script, replace the PROPERTY ID with your Property ID value. Click here to know how to generate property ID and secret key.
Note: Since property ID is a unique value so ensure that you always have it saved.
Secondly, the User needs to be initialized.
<script> _Sensfrx("userInit", <userid>); </script> Note: This line needs to be called only when the user is logged in, the rest of the time it does not need to be called.
3.2: Phase II – Getting Request String
Execute the following JavaScript integration script to get request string.
<script> var as_request_string = _Sensfrx("getRequestString"); </script> Note: The above request string is required in all the api requests. _Sensfrx() is a global function and can be called anywhere after the library is included in the code.
Step 4: Code Integration (Server-Side Configuration)
After completing the client-side configuration, the next step is to configure the server side.
There are two ways to perform integration on server-side code:
SDK: Software Development Kits (SDKs) ease the integration process, and the detailed explanation is given in the next section.
REST API: If you do not want to use SDKs, then you can choose the REST APIs which can be directly integrated on the server-side. Refer how to integrate Sensfrx using REST API.
Prerequisites for installing the APIs
Prior expertise in API to ensure correct API integration.
Handle data securely as the API transmits PII.
Must have a Sensfrx API Key.
Understanding of your registration, login and checkout flow.
Must provide the IPs to Sensfrx for whitelisting.
Below is the step-by-step process of the SDK integration that involves:
SDK integration
SDK functions integration
Note: The following section contains code snippets for the PHP codebase. If you don’t h have a PHP application, you can go ahead with Rest APIs integration.
4.1: SDK integration
The below steps will guide you on how to integrate the Sensfrx SDK into your existing web application codebase:
Click on the DOWNLOAD SDK button to download.
2. Extract the downloaded SDK from your system and copy the Sensfrx folder in your PHP directory.
Add the below lines to your code to instantiate the SDK:
require_once("PATH TO SENSFRX PHP SDK/Sensfrx-php-sdk/Sensfrx/autoload.php");
obj = new Sensfrx\Sensfrx([ 'property_id' => '1234567891234567', 'property_secret' =>'xxxxxxxxxxxxxxxx']); Note: Instead of required_once, users can call the autoloader any other way they want. Users need to call it first before calling any APIs or functions.
Click here to know how to generate property ID and property secret key.
4.2 Include the SDK functions
Sensfrx SDK platform offers five major functions for calling the APIs, which users can select based on their requirements.
Below are the code snippets that you can include in your codebase to include the respective functions:
4.2.1 Login Attempt:
The login attempt function handles login attempts, recording both successful and failed logins.
Integrate the below code into your codebase to call the login attempt API:
$res = $obj->loginAttempt( STATUS, USERID, as_request_string, array( 'email' => 'test@gmail.com', 'username' => $username,'phone'=>$phone,'password'=>$hashpassword ));To get a detailed understanding of the login attempt function visit the Server-side SDK page.
4.2.2 Register Attempt:
The Register Attempt function handles the evaluation of risk associated with new user registration attempts, allowing for the detection and prevention of fake or malicious registrations.
Integrate the below code into your codebase to call the register attempt API:
$res = $obj->registerAttempt( STATUS, as_request_string, array('email'=>$email,'name'=>$name,'phone'=>$phone,'password'=>$hashpassword ) ); To get a detailed understanding of the register attempt function visit the Server-side SDK page.
4.2.3 Reset Password Attempt:
The reset password attempt function handles the recording of successful password reset attempts, allowing for the evaluation of the risk associated with these events.
Integrate the below code into your codebase to call the Reset password attempt function:
$res = $obj->passwordResetAttempt ( STATUS, USERID, as_request_string, array( ’email’ => ‘test@gmail.com’, ‘username’ => $username ) );
To get a detailed understanding of the reset password attempt function visit the Server-side SDK page.
4.2.4 Transaction Attempt:
The transaction attempt function handles the evaluation of risk associated with transaction attempts, allowing for the detection and prevention of suspicious transactions.
The user should add the below code snippet to integrate the transaction attempt API:
$res = $obj->transactionAttempt( STATUS, as_request_string,
array( ‘user_id’ => $user_id,
’email’ => $email,
‘username’ => $username,
‘first_name’ => $first_name,
‘last_name’ => $last_name,
‘phone_no’ => $phone_no,
‘transaction_id’ => $transaction_id,
‘invoice_id’ => $invoice_id,
‘affiliate_id’ => $affiliate_id,
‘affiliate_name’ => $affiliate_name,
‘transaction_type’ => $transaction_type,
‘payment_mode’ => $payment_mode,
‘payment_provider’ => $payment_provider,
‘card_type’ => $card_type,
‘card_fullname’ => $card_fullname,
‘card_bin’ => $card_bin,
‘card_expire’ => $card_expire,
‘card_last’ => $card_last,
‘cvv’ => $cvv,
‘transaction_amount’ => $transaction_amount,
‘tax_amount’ => $tax_amount,
‘discount_amount’ => $discount_amount,
‘transaction_currency’ => $transaction_currency,
‘items’ => $items,
‘shipping_cost’ => $shipping_cost,
‘shipping_fullname’ => $shipping_fullname,
‘shipping_address’ => $shipping_address,
‘shipping_phone’ => $shipping_phone,
‘shipping_city’ => $shipping_city,
‘shipping_state’ => $shipping_state,
‘shipping_country’ => $shipping_country,
‘shipping_zip’ => $shipping_zip,
‘shipping_method’ => $shipping_method,
‘billing_address’ => $billing_address,
‘billing_phone’ => $billing_phone,
‘billing_city’ => $billing_city,
‘billing_state’ => $billing_state,
‘billing_country’ => $billing_country,
‘billing_zip’ => $billing_zip,
‘merchant_name’ => $merchant_name,
‘merchant_category’ => $merchant_category,
‘merchant_id’ => $merchant_id,
‘merchant_country’ => $merchant_country,
) ); To get a detailed understanding of the login attempt function visit the Server-side SDK page.
4.2.5 Bot Attempt:
The Bot Attempt API function handles the evaluation of risk associated with bot activities, enabling the detection and prevention of automated or malicious actions that could compromise system integrity.
The user should add the below code snippet to integrate the Bot attempt API:
$res = $obj->isBot( as_request_string, USERID ); To get a detailed understanding of the bot attempt function visit the Server-side SDK page.
After completing the client and server-side integration process, the user should click the VERIFY button to activate Sensfrx for tracking traffic on the application.
After successful verification, you will be redirected to your Sensfrx dashboard, where you can access all the data you need to protect your business from fraud.
Click here to explore the Sensfrx Dashboard and discover how it can elevate your fraud prevention efforts to the next level!