Flutter SEON SDK Plugin
The official Flutter plugin for integrating SEON's advanced fraud prevention and device fingerprinting capabilities into your Flutter applications. This plugin provides a unified interface to access the SEON SDK for both Android and iOS platforms.
To learn more about device fingerprinting please visit our knowledge base.
The plugin depends on the closed-source SEON SDK binaries. While the Flutter plugin itself is open-source and distributed under the BSD 3-Clause License, the SEON SDK binaries remain proprietary and are subject to their own licensing terms. Please visit https://seon.io/resources/legal-and-security/legal/#terms-of-service for more details.
Platform specific requirements
Android
- Android 5.0 or higher (API level 21)
- INTERNET permission
- (optional) READ_PHONE_STATE permission for
is_on_callanddevice_cellular_id(under API 28) - (optional) ACCESS_WIFI_STATE permission for
wifi_ssid(under API 27) - (optional) ACCESS_NETWORK_STATE permission for
network_configfor WiFi configurations and READ_PHONE_STATE for cellular data configurations - (optional) ACCESS_FINE_LOCATION (starting from API 29) and ACCESS_COARSE_LOCATION (starting from API 27) permission for
wifi_mac_address,wifi_ssid,device_location* - (optional) ACCESS_BACKGROUND_LOCATION (starting from API 29) permission for to get location updates even if the application is in the background
- (optional) com.google.android.providers.gsf.permission.READ_GSERVICES for
gsf_id
Note: If the optional permissions listed are not available the application, the values collected using those permissions will be ignored. We recommend using as much permission as possible based on your use-case to provide reliable device fingerprint.
*device_location: Please see the Geolocation Integration section for more info
iOS
- iOS 12.0 or higher
- (optional) Access WiFi Information entitlement for
wifi_mac_addressandwifi_ssid - (optional) Core Location permission for
device_location*,wifi_mac_addressandwifi_ssid(starting from iOS 13)
NOTE: If the listed permissions are not available for the application, the values collected using those permissions will be ignored. We recommend using as much permission as possible based on your use-case to provide reliable device fingerprint.
*device_location: Please see the Geolocation Integration section for more info
Using the plugin
The SDK returns an encrypted, base64 encoded string. In order to receive the device details JSON a Fraud API request has to be made, and the result will be in the response. The base64 encoded string has to be added in the session property in the Fraud API request. It isn’t possible to access or modify the payload on the clientside.
final _seonSdkFlutterPlugin = SeonSdkFlutterPlugin();
try {
String? fingerprint =
await _seonSdkFlutterPlugin.getFingerprint("<UNIQUE_SESSION_ID>");
// Set fingerprint as the value for the session property of the Fraud API request.
} catch (e) {
print("Error getting fingerprint: $e");
}
For more details about how to send the fingerprint to our API to receive the device details JSON visit our Fraud API documentation.
Behaviour Monitoring (Optional)
Behaviour Monitoring allows the SEON SDK to be able to detect potentially suspicious user behaviour on the device. The SDK collects data during the session, which is then analyzed to identify potentially fraudulent environments and actions. This feature enhances the SDK’s ability to prevent fraud by detecting various forms of automated or suspicious activity, such as bot usage or device farms.
Note: For the result of the behaviour evaluation, we are introducing a new response field in the Fraud API response named
suspicious_flags. It's available in sessions generated by Flutter SDK when the session had been generated by the newstartBehaviourMonitoringandstopBehaviourMonitoring("<UNIQUE_SESSION_ID>")interfaces.
The monitoring should be started with calling startBehaviourMonitoring wherever you would like to detect suspicious activity in your application and should be stopped with stopBehaviourMonitoring whenever it's reasonable. The returned session string should be then used in a Fraud API request as usual.
Possible suspicious_flags values:
"possible_automation": Suggests that automation tools or scripts may be controlling the device."possible_device_farm": Suggests that the device might be part of a device farm used for fraudulent activities."possible_vishing": Flags possible vishing (voice phishing) activity, where the user might be coerced into providing sensitive information."possible_ongoing_call":ANDROID ONLY- Flags possible ongoing phone call, which could be useful information in case the READ_PHONE_STATE permission wasn't granted foris_on_callfield to work. This behaviour based flag does not need any permissions to work, but it's only a best-effort metric.- To be continously improved and extended with new signals
Using SDK with behavioural monitoring
The SDK returns an encrypted, base64 encoded string. In order to receive the device details JSON a Fraud API request has to be made, and the result will be in the response. The base64 encoded string has to be added in the session property in the Fraud API request. It isn’t possible to access or modify the payload on the clientside.
final _seonSdkFlutterPlugin = SeonSdkFlutterPlugin();
//To get behaviour based signals, you have to start monitoring before the relevant user journey:
try {
_seonSdkFlutterPlugin.startBehaviourMonitoring();
} catch (e) {
fingerprint = 'Failed to start behaviour $e';
}
/* ---- Relevant user journey happens here ----
* Note: The behaviour analysis needs time to collect signals on user behaviour,
* so it's advisable to run it at least for a few seconds.
*/
//When you want to collect the results, call stopBehaviourMonitoring() as you would getFingerprint()
try {
String? fingerprint = await _seonSdkFlutterPlugin.stopBehaviourMonitoring("<UNIQUE_SESSION_ID>");
// Set fingerprint as the value for the session property of the Fraud API request.
} catch (e) {
print("Error getting fingerprint: $e");
}
Geolocation Integration
Enable or disable geolocation:
// Prompt the user for the appropriate location permission(s)
// ...
//Set the geolocation properties as you like
final geoConfig = SeonGeolocationConfigBuilder()
.withGeolocationEnabled(true).withLocationServiceTimeoutMs(3000)
.withPrefetchEnabled(true).withMaxLocationCacheAgeSec(600)
.build();
_seonSdkFlutterPlugin.setGeolocationConfig(geoConfig);
//Generate the fingerprint as usual
Additional Information
For more details on SEON's capabilities and how to integrate our services, refer to the official SEON Documentation and the integration guide of the native SDKs: