Flutter SEON SDK Plugin

The official Flutter plugin for integrating SEON's advanced fraud prevention and device fingerprinting capabilities into your Flutter applications. This plugin provides a unified interface to access the SEON SDK for both Android and iOS platforms.

To learn more about device fingerprinting please visit our knowledge base.

The plugin depends on the closed-source SEON SDK binaries. While the Flutter plugin itself is open-source and distributed under the BSD 3-Clause License, the SEON SDK binaries remain proprietary and are subject to their own licensing terms. Please visit https://seon.io/resources/legal-and-security/legal/#terms-of-service for more details.

Platform specific requirements

Android

  • Android 5.0 or higher (API level 21)
  • INTERNET permission
  • (optional) READ_PHONE_STATE permission for is_on_call and device_cellular_id (under API 28)
  • (optional) ACCESS_WIFI_STATE permission for wifi_ssid (under API 27)
  • (optional) ACCESS_NETWORK_STATE permission for network_config for WiFi configurations and READ_PHONE_STATE for cellular data configurations
  • (optional) ACCESS_FINE_LOCATION (starting from API 29) and ACCESS_COARSE_LOCATION (starting from API 27) permission for wifi_mac_address, wifi_ssid, device_location*
  • (optional) ACCESS_BACKGROUND_LOCATION (starting from API 29) permission for to get location updates even if the application is in the background
  • (optional) com.google.android.providers.gsf.permission.READ_GSERVICES for gsf_id

Note: If the optional permissions listed are not available the application, the values collected using those permissions will be ignored. We recommend using as much permission as possible based on your use-case to provide reliable device fingerprint.

*device_location: Please see the Geolocation Integration section for more info

iOS

NOTE: If the listed permissions are not available for the application, the values collected using those permissions will be ignored. We recommend using as much permission as possible based on your use-case to provide reliable device fingerprint.

*device_location: Please see the Geolocation Integration section for more info

Using the plugin

The SDK returns an encrypted, base64 encoded string. In order to receive the device details JSON a Fraud API request has to be made, and the result will be in the response. The base64 encoded string has to be added in the session property in the Fraud API request. It isn’t possible to access or modify the payload on the clientside.

final _seonSdkFlutterPlugin = SeonSdkFlutterPlugin();

try {
    String? fingerprint =
        await _seonSdkFlutterPlugin.getFingerprint("<UNIQUE_SESSION_ID>");
// Set fingerprint as the value for the session property of the Fraud API request.
} catch (e) {
    print("Error getting fingerprint: $e");
}

For more details about how to send the fingerprint to our API to receive the device details JSON visit our Fraud API documentation.

Behaviour Monitoring (Optional)

Behaviour Monitoring allows the SEON SDK to be able to detect potentially suspicious user behaviour on the device. The SDK collects data during the session, which is then analyzed to identify potentially fraudulent environments and actions. This feature enhances the SDK’s ability to prevent fraud by detecting various forms of automated or suspicious activity, such as bot usage or device farms.

Note: For the result of the behaviour evaluation, we are introducing a new response field in the Fraud API response named suspicious_flags. It's available in sessions generated by Flutter SDK when the session had been generated by the new startBehaviourMonitoring and stopBehaviourMonitoring("<UNIQUE_SESSION_ID>") interfaces.

The monitoring should be started with calling startBehaviourMonitoring wherever you would like to detect suspicious activity in your application and should be stopped with stopBehaviourMonitoring whenever it's reasonable. The returned session string should be then used in a Fraud API request as usual.

Possible suspicious_flags values:

  • "possible_automation": Suggests that automation tools or scripts may be controlling the device.
  • "possible_device_farm": Suggests that the device might be part of a device farm used for fraudulent activities.
  • "possible_vishing": Flags possible vishing (voice phishing) activity, where the user might be coerced into providing sensitive information.
  • "possible_ongoing_call": ANDROID ONLY - Flags possible ongoing phone call, which could be useful information in case the READ_PHONE_STATE permission wasn't granted for is_on_call field to work. This behaviour based flag does not need any permissions to work, but it's only a best-effort metric.
  • To be continously improved and extended with new signals

Using SDK with behavioural monitoring

The SDK returns an encrypted, base64 encoded string. In order to receive the device details JSON a Fraud API request has to be made, and the result will be in the response. The base64 encoded string has to be added in the session property in the Fraud API request. It isn’t possible to access or modify the payload on the clientside.

final _seonSdkFlutterPlugin = SeonSdkFlutterPlugin();
//To get behaviour based signals, you have to start monitoring before the relevant user journey:
try {
    _seonSdkFlutterPlugin.startBehaviourMonitoring();
} catch (e) {
    fingerprint = 'Failed to start behaviour $e';
}
/* ---- Relevant user journey happens here ----
* Note: The behaviour analysis needs time to collect signals on user behaviour,
* so it's advisable to run it at least for a few seconds.
*/

//When you want to collect the results, call stopBehaviourMonitoring() as you would getFingerprint()
try {
    String? fingerprint = await _seonSdkFlutterPlugin.stopBehaviourMonitoring("<UNIQUE_SESSION_ID>");
    // Set fingerprint as the value for the session property of the Fraud API request.
} catch (e) {
    print("Error getting fingerprint: $e");
}

Geolocation Integration

Enable or disable geolocation:

// Prompt the user for the appropriate location permission(s)
// ...
//Set the geolocation properties as you like
      final geoConfig = SeonGeolocationConfigBuilder()
        .withGeolocationEnabled(true).withLocationServiceTimeoutMs(3000)
        .withPrefetchEnabled(true).withMaxLocationCacheAgeSec(600)
        .build();
      _seonSdkFlutterPlugin.setGeolocationConfig(geoConfig);
//Generate the fingerprint as usual

Additional Information

For more details on SEON's capabilities and how to integrate our services, refer to the official SEON Documentation and the integration guide of the native SDKs:

Libraries

seon_sdk_flutter_plugin
seon_sdk_flutter_plugin_method_channel
seon_sdk_flutter_plugin_platform_interface
seon_sdk_geolocation_config
seon_sdk_geolocation_config_builder