IPQS
Login Register
<< Back to Categories
Android Fingerprinting SDK
About the Android Fingerprinting SDK

This feature, which combines IPQS's web fingerprinting with the IPQS mobile device fingerprinting SDK , offers a flexible solution for your Android app's fraud detection needs. It can verify new or returning users and identify a wide range of high-risk behaviors, including:

  • Mobile emulators
  • Residential botnets
  • Location spoofing
  • Bots
  • Non-human requests
  • Fake accounts
  • and hijacked devices.

With this tool, you can easily identify app install quality and gain deeper insights into your audience's KPIs. It also helps you detect duplicate accounts and prevent free trial abuse, fraudulent users, fake installs, and much more.

Setup
  1. In your app's top-level build.gradle file, add the following:

    maven {
	url = uri("https://downloads.ipqualityscore.com/maven2/")
	credentials {
		username "ipqs"
		password "YOUR_API_KEY_HERE"
  	}
	authentication {
  	  	basic(BasicAuthentication)
	}
}

    As an example, your repository list should now look similar to this:

    

    allprojects {
	repositories {
		google()
		mavenCentral()
		maven {
			url = uri("https://downloads.ipqualityscore.com/maven2/")
			credentials {
				username "ipqs"
				password “YOUR_API_KEY_HERE”
			}
			authentication { basic(BasicAuthentication) }
		}
	}
}
  2. In your app's module build.gradle file, add the dependency implementation 'com.ipqualityscore:FraudEngine:x.x.x', replacing x.x.x with the version number of the SDK (the current latest version is 1.4.0).

  3. Sync your build.gradle  file. 

  4. The IPQS SDK can optionally  take advantage of the following permissions if you choose to add them to your app. These permissions help us provide better results and create a better overall picture of your users. These permissions can be added to the <manifest> section of your AndroidManifest.xml file, if you choose to use them:

    <!-- Permissions -->
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.READ_BASIC_PHONE_STATE"/>
<!-- If allowing location request -->
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
<!-- If allowing network request -->
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
<!-- If allowing advertising ID -->
<uses-permission android:name="com.google.android.gms.permission.AD_ID"/>
App Integration
  1. Add the SDK inside one of your app's activity sections. Ideally, this should be the main activity section, but it does not necessarily need to be, depending on your specific use case.

    import com.ipqualityscore.fraudengine.IPQualityScore;

...

IPQualityScore api = IPQualityScore.getInstance();
api.setAppKey("YOUR_API_KEY_HERE");
api.setActivity(this); // Not required if using the Proxy/Email portions of the SDK.

// The following are set to false by default
api.setAskLocationPermission(true);
api.setCaptureAdvertisingID(true);
api.setAskLocalNetworkPermission(true);
api.setCheckClipboard(true);


     
  2. Call the SDK from within your application's activities. Below is an example of how to retrieve the fraud score for a given device:

    import android.widget.Toast;
import android.content.Context;
import com.ipqualityscore.fraudengine.MobileTracker;
import com.ipqualityscore.fraudengine.IPQualityScore;
import com.ipqualityscore.fraudengine.interfaces.OnMobileTrackerResult;
import com.ipqualityscore.fraudengine.utilities.IPQualityScoreException;

...

try {
	// Set custom variables if you have them before calling performFraudCheck()
	MobileTracker.addCustomVariable("userID", "1234");
	MobileTracker.performFraudCheck(new OnMobileTrackerResult() {
		@Override
		public void onResult(MobileTrackerResult result) {
			// Display a result via a toast
			Context context = IPQualityScore.getInstance().getContext();
			CharSequence text = "You have a fraud score of " + result.getFraudScore().toString() + "!";
			int duration = Toast.LENGTH_SHORT;
			Toast toast = Toast.makeText(context, text, duration);
			toast.show();
		}
	});
} catch(IPQualityScoreException e) {
	// Display the error via toast
	Context context = IPQualityScore.getInstance().getContext();
	CharSequence text = e.getMessage();
	int duration = Toast.LENGTH_SHORT;
	Toast toast = Toast.makeText(context, text, duration);
	toast.show();
}
Example App

Below is an example Android app with the Mobile Device Fingerprinting SDK integrated. The app will close if the user's fraud score is greater than 85:

package com.ipqualityscore.testsdk;

import android.os.Bundle;
import android.widget.TextView;

import androidx.appcompat.app.AppCompatActivity;

import com.ipqualityscore.fraudengine.IPQualityScore;
import com.ipqualityscore.fraudengine.MobileTracker;
import com.ipqualityscore.fraudengine.results.MobileTrackerResult;
import com.ipqualityscore.fraudengine.interfaces.OnMobileTrackerResult;
import com.ipqualityscore.fraudengine.utilities.IPQualityScoreException;

public class MainActivity extends AppCompatActivity {

	@Override
	protected void onCreate(Bundle savedInstanceState) {
		try {
			IPQualityScore api = IPQualityScore.getInstance();
			api.setAppKey("YOUR_API_KEY_HERE");
			api.setActivity(this);
			api.setAskLocationPermission(true);
			api.setCaptureAdvertisingID(true);
			api.setAskLocalNetworkPermission(true);
			api.setCheckClipboard(true);
			
			/*
			* Set custom variables if you have them before calling performFraudCheck()
			* MobileTracker.addCustomVariable("userID", "1234");
			*/
			
			MobileTracker.performFraudCheck(new OnMobileTrackerResult(){
				@Override
				public void onResult(MobileTrackerResult result){
					if(result.getFraudScore() > 85){
						android.os.Process.killProcess(android.os.Process.myPid());
						System.exit(1);
					}
				}
			});
		} catch(IPQualityScoreException e){
				
				// Display the error via toast.
				Context context = IPQualityScore.getInstance().getContext();
				CharSequence text = e.getMessage();

				int duration = Toast.LENGTH_SHORT;
				Toast toast = Toast.makeText(context, text, duration);
				toast.show();
				
		}
	}
}
Additional Settings

Our SDK allows you to specify that you'd like us to attempt to capture location information from your user via a permission request check. You can enable this like such:

IPQualityScore api = IPQualityScore.getInstance();
api.setAskLocationPermission(true);

Our SDK allows you to specify that you'd like us to attempt to capture network information from your user via a permission request check. You can enable this like such:


IPQualityScore api = IPQualityScore.getInstance();
api.setAskLocalNetworkPermission(true);

Our SDK allows you to specify that you'd like to copy the clipboard from your user. You can enable this like such:


IPQualityScore api = IPQualityScore.getInstance();
api.setCheckClipboard(true);

Our SDK allows you to specify custom variables for statistics, postback, and enhanced scoring purposes. We only accept strings for both the key and values specified. Make sure you cast/convert the type of your data appropriately. You can set a custom variable like such:


MobileTracker.addCustomVariable("userID", "1234");

Some apps may want to avoid collecting the advertising ID or may get flagged by Google for doing so. We've added a method to disable it (You no longer need to include androidx.ads:ads-identifier:1.0.0-alpha04 in your build.gradle):


IPQualityScore api = IPQualityScore.getInstance();
api.setCaptureAdvertisingID(false);

Our SDK allows users to use custom endpoints. To enable custom endpoints for your app, please contact support. To utilize this feature, follow the example below when you set your instance:

IPQualityScore api = IPQualityScore.getInstance();
api.setCustomEndpoint("YOUR_ENDPOINT_HERE");
Result Methods

Our SDK offers various result methods and functions to enhance your experience and help prevent fraudulent activity. The variable result below signifies an object of com.ipqualityscore.fraudengine.results.MobileTrackerResult.

Name Function Description Type
getRaw result.getRaw() Get the raw JSON string response from our API. This can be useful for debugging, providing feedback, and long-term storage. String
getMessage result.getMessage() Get the response message string for this request. This usually returns "Success" but can include administrator-level information on why a request failed. String
getSuccess result.getSuccess() A boolean containing the request's success or failure status. True on success, false on failure. Boolean
getRequestID result.getRequestID() The unique ID associated with this request. Helpful for debugging and postbacks. String
getFraudScore result.getFraudScore() Number 0 - 100 describing how likely this device is to commit fraud. 0 being not at all, 100 being definitively fraudulent. We suggest blocking users greater than 85.  Float
getCountryCode result.getCountryCode() A two-character country code based on this user's IP address. String
getRegion result.getRegion() A string describing the region this user's IP is from. String
getCity result.getCity() A string describing the city this user's IP is from. String
getISP result.getISP() A string describing the ISP this user's IP belongs to. String
getOrganization result.getOrganization() A string describing the Organization to which this user's IP belongs. String
getASN result.getASN() The ASN assigned to the ISP to which this user's IP belongs. Integer
getLatitude result.getLatitude() The latitude where this user's IP is located. Float
getLongitude result.getLongitude() The longitude where this user's IP is located. Float
getIsCrawler result.getIsCrawler() Returns true if this user's IP is from any of the following search engine crawlers: Baidu, Google, Bing, Yahoo, Yandex, Sogou, Exabot, DuckDuckGo, Facebook, Twitter, Pinterest, Naver, UptimeRobot, AppleBot, ArchiveBot, CoccocBot, YisouBot, PetalBot, ByteDance, and MailRU. Boolean
getTimezone result.getTimezone() Returns the timezone this user's IP is from. String
getHost result.getHost() Returns the hostname of this user's IP address. String
getIsProxy result.getIsProxy() Returns true if this user's IP is a known proxy. Boolean
getIsVPN result.getIsVPN() Returns true if this user's IP is a known VPN. Boolean
getIsTOR result.getIsTOR() Returns true if this user's IP is a known or suspected TOR node. Boolean
getRecentAbuse result.getRecentAbuse() Returns true if this user's IP has been reported for being abusive recently or if this device has been seen performing abusive actions. Boolean
getBotStatus result.getBotStatus() Returns true if this user's IP has been reported for botting or if this device has been seen performing bot-like actions. Boolean
getConnectionType result.getConnectionType() Classification of the IP address connection type as "Residential", "Corporate", "Education", "Mobile", or "Data Center". String
getDeviceSuspicious result.getDeviceSuspicious() Returns true if this device has suspicious properties or has been seen performing suspicious activities recently. Boolean
getDeviceEmulated result.getDeviceEmulated() Returns true if this device has been emulated or appears to have been emulated. Boolean
getDeviceID result.getDeviceID() A unique identifier for this device. String

 

Retrieve Results
Note: Before using either of these methods, make sure your initial API request passed a valid userID value (or any variable of your choice) using the addCustomVariable function. The variable name must be set on your custom tracking variables.

 

Postback Example to Retrieve Latest Request by UserID

This method uses the Postback API to retrieve requests by userID.

 

Retrieve multiple requests with the Request List API

This method uses the Request List API to search by Device ID and IP Address. 

Ready to eliminate fraud?

Start fighting fraud now with 1,000 Free Lookups!

We're happy to answer any questions or concerns.

Chat with our fraud detection experts any day of the week.

Call us at: (800) 713-2618

Schedule a Demo Sign Up