Generating an API access key
All endpoints are protected by an API key.
Once you generate the API key, send it through the Authorization header in the following way:
`Authorization: <apikey>`
To generate the API key, go to the Credentials page, click on 'Generate API key':
With this API key, you will have access to all possible requests. The generated QR is used to synchronize the mobile app with the dashboard.
API Libraries
Official libraries are available to assist integration with the Ironchip API. These libraries serve as API containers and handle functions like:
- Transparent API authentication
- Requests for all available endpoints
- HTTP error handling
Understanding Risk Assessments
Understanding Risk Assessments
Ironchip can provide four types of risk assessments, which depend on our level of confidence in a certain action performed by a device:
- fraud: Ironchip considers the action performed by the device to be fraudulent, involved in a fraud
- high_risk: Ironchip considers the action (e.g. registration, login) performed by the device to be potentially fraudulent and recommends taking preventive measures in these scenarios.
- low_risk: Ironchip considers this action performed by the device to be safe to accept.
- unknown_risk: Ironchip cannot provide an accurate assessment at the time of the request.
Risk assessment evidence
Ironchip's APIs are based on evidence to provide risk assessments. This decision is based on different analyses through distinct lenses.
The following table describes the possible evidence values, their meaning, and the use cases they affect.
Understanding the type of sensor match
| Match Type | Description |
|---|---|
| gps | When Ironchip is able to make comparisons by GPS data. |
| wifi_scan | When Ironchip can make comparisons using Wi-Fi sensors, but no matching connected networks are found. |
| wifi_connection | When Ironchip is able to make comparisons by connected Wi-Fi networks. |
| mobile_networks | When Ironchip is able to make comparisons by connected mobile networks. |
Risk Assessment Decision
Ironchip's APIs are based on decisions to provide risk assessments. This decision is based on different analyses through different lenses.
The following table describes the possible decision values, their meaning, and the use cases that affect them.
| Decision | Description | Type |
|---|---|---|
| SIM Swapping / ATO | Account takeover detected based on the Sim Swapping attack or not (depending on the client user's protection) | string |
| Phising | Phishing attack detected from a specific location (multiple ATO) | string |
| Synthetic identity | Synthetic identity attack detected | string |
| New user | New user detected on the Ironchip platform | string |
| Location fraud | Location fraud attempt detected by the user comparing all location data sources | string |
| Banned location | Location detected from a banned place. In the example: Location detected from Russia | string |
| Device Swapping | Legitimate device swap detected from a user | string |
| Location Swapping | Legitimate location swap detected from a user | string |
| Common usage | Common usage detected | string |
Reports API
Location-Based Fraud Reports API
Information
Version
api/v1.0.5-5-gc944fcf
Contact
Support page info@ironchip.com https://www.ironchip.com/products/location_based_fraud.html
Terms of Service
https://www.ironchip.com/term_uses/terms.html
Content Negotiation
URI Schemes
- http
Uses
- application/json
Response Type
- application/json
Access Control
Security Schemes
ApiKeyAuth (header: Authorization)
All Connection Points
Report
| Method | URI | Name | Summary |
|---|---|---|---|
| GET | /reports | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#get-reports | This endpoint allows the client to get the application's reports. The user should be allowed to consult reports from the referenced application. |
| GET | /reports/{transaction_id} | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#get-reports-transaction-id | This endpoint allows the client to get the application's reports by providing the transaction ID. The user should be allowed to consult reports from the referenced application. |
Feedback
| Method | URI | Name | Summary |
|---|---|---|---|
| POST | /feedback/{transaction_id} | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#post-feedback-transaction-id | This endpoint allows the client to send feedback on the received report to improve future fraud detections. |
Reports
This endpoint allows the client to get the reports from the application. The user should be allowed to consult reports from the Application. (GetReports)
GET /reports
Get all reports from the application. By default, they will be paginated to 20 reports per page.
Response Type
- application/json
Security Requirements
- ApiKeyAuth
Parameters
| Name | Origin | Type | Go Type | Separator | Mandatory | Mandatory | Description |
|---|---|---|---|---|---|---|---|
| limit | query | integer | int64 | 20 | Limit of number of reports | ||
| page | query | integer | int64 | 1 | Reports page |
Example
curl -X 'GET' \\
'<https://report.lbfraud.ironchip.com/reports?limit=20&page=1>' \\
-H 'accept: application/json' \\
-H 'Authorization: example-api-key'
All responses
Responses
200 - OK
Status: OK
Scheme
- [ ] [ ]ModelsReport
404 - Not Found
Status: Not Found
Scheme
500 - Internal Server Error
Status: Internal Server Error
Scheme
This endpoint allows the client to obtain the reports from the application by providing the transaction ID. The user should be allowed to consult reports from the Application. (GetReportsTransactionID)
GET /reports/{transaction_id}
Get the application reports filtered by transaction ID. Reports will by default be paginated to 20 per page. The timeout parameter is the maximum waiting time for the report to be processed; it should be used if the report is requested before the transaction is completed.
Response Type
- application/json
Security Requirements
- ApiKeyAuth
Parameters
| Name | Origin | Type | Go Type | Mandatory | Default | Description |
|---|---|---|---|---|---|---|
| transaction_id | path | string | string | ✓ | Transaction ID | |
| limit | query | integer | int64 | 20 | Limit of the number of reports | |
| page | query | integer | int64 | 1 | From the report generation (numbers and unit suffix) | |
| since | query | string | string | "30d" | From the report generation (numbers and unit suffix) | |
| timeout | query | string | string | "5s" | Wait time in seconds |
Example
curl -X 'GET' \\
'<https://report.lbfraud.ironchip.com/reports/example-transaction-id?limit=1&page=1&since=30d&timeout=5s>' \\
-H 'accept: application/json' \\
-H 'Authorization: example-api-key'
All responses
Responses
200 - OK
Status: OK
Schema
- [ ] [ ]ModelsReport
404 - Not Found
Status: Not Found
Schema
500 - Internal Server Error
Status: Internal Server Error
Schema
Feedback
This route allows the client to post comments about the received report to improve future fraud detections. (PostFeedbackTransactionID)
POST /feedback/{transaction_id}
Comment on the received transaction to improve future results in fraud detections.
Use
- application/json
Security Requirements
- ApiKeyAuth
Parameters
| Name | Origin | Type | Type in Go | Separator | Mandatory | Default | Description |
|---|---|---|---|---|---|---|---|
| transaction_id | path | string | string | ✓ | Transaction ID | ||
| feedback | body | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-feedback | models.ModelsFeedback | ✓ | Feedback |
Example
curl -X 'POST' \\
'<https://report.lbfraud.ironchip.com/feedback/example-transaction-id>' \\
-H 'accept: application/json' \\
-H 'Authorization: example-api-key' \\
-H 'Content-Type: application/json' \\
-d '{
"behaviour": {
"desired": {
"fraud_cases": [
"device swapping",
"location swapping"
],
"risk_assignment": "clear"
}
},
"impact": {
"description": "The transaction has been detected as fraud rather than low"
},
"reporter": {
"email": "TatianaPrieto@ironchip.com",
"name": "Tatiana",
"surname": "Prieto"
},
"situation": {
"description": "The customer has downloaded the APP to an unknown device located in a new country"
},
"valuation": {
"annotations": "It is not possible to difference between real and fake client without client confirmation",
"score": 8,
"type": "Corrective"
}
}'
All Responses
Responses
200 - OK
Status: OK
Schema
404 - Not Found
Status: Not Found
Schema
500 - Internal Server Error
Status: Internal Server Error
Schema
Models
models.Address
Properties
| Name | Type | Type in Go | Required | Default | Description |
|---|---|---|---|---|---|
| city | string | string | City where the report occurred | ||
| country | string | string | Name of the country | ||
| country_code | string | string | Country codes are short alphabetic (ISO 3166) | ||
| latitude | number | float64 | Coordinate specifying the north-south position of a point on the Earth's surface | ||
| longitude | number | float64 | Coordinate specifying the east-west position of a point on the Earth's surface | ||
| region | string | string | Geographical region of a country used for administrative purposes | ||
| state | string | string | Geographical areas into which a particular country is divided |
models.Behaviour
Properties
| Name | Type | Go Type | Required | Default | Description |
|---|---|---|---|---|---|
| desired | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-desired-behaviour | ModelsDesiredBehaviour | ✓ | Desired behaviour |
models.DesiredBehaviour
Properties
| Name | Type | Go Type | Required | Description | Example |
|---|---|---|---|---|---|
| fraud_cases | []string | []string | Report case, reason | ["device change","location change"] | |
| risk_assignment | string | string | ✓ | Risk level (fraud, high, low, clear) |
models.Device
Properties
| Name | Type | Go Type | Required | Default | Description |
|---|---|---|---|---|---|
| id | string | string | Unique device ID | ||
| integrity | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-integrity | ModelsIntegrity | Device integrity | ||
| model | string | string | Device model | ||
| sensors | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-sensors | ModelsSensors | Activated device sensors |
models.EmLocation
Properties
| Name | Type | Go Type | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| address | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-address | ModelsAddress | Location address | |||
| id | string | string | Location ID |
models.Event
Properties
| Name | Type | Go Type | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| fraud_cases | []string | []string | Report case, reason | |||
| id | string | string | Application transaction ID | |||
| risk_assignment | string | string | Risk level (fraud, high, low, clear) | |||
| timestamp | integer | int64 | Event timestamp |
models.Feedback
Properties
| Name | Type | Go Type | Required | Description |
|---|---|---|---|---|
| behaviour | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-behaviour | ModelsBehaviour | ✓ | Product behaviour: expected |
| impact | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-impact | ModelsImpact | Impact of the results | |
| reporter | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-reporter | ModelsReporter | Identifying data of the person sending the feedback | |
| situation | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-situation | ModelsSituation | The situation when the process was carried out | |
| valuation | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-valuation | ModelsValuation | Valuation of the results |
models.GeoLocation
Properties
| Name | Type | Go Type | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| address | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-address | ModelsAddress | Location address | |||
| id | string | string | Location ID |
models.IP
Properties
| Name | Type | Go Type | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| address | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-address | ModelsAddress | Location address | |||
| tor | boolean | bool | Is using TOR | |||
| vpn | boolean | bool | Is using VPN |
models.Impact
Properties
| Name | Type | Go Type | Required | Description | Example |
|---|---|---|---|---|---|
| description | string | string | Description of the generated impact | The transaction has been detected as fraud instead of low |
models.Integrity
Properties
| Name | Type | Go Type | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| debugged | boolean | bool | The device is open in debugging mode or the application is not built | |||
| emulated | boolean | bool | The device is being emulated | |||
| gps_spoofed | boolean | bool | Is the GPS location or signal being spoofed? | |||
| rooted | boolean | bool | Is the device rooted or jailbroken? |
models.Location
Properties
| Name | Type | Go Type | Required | Description |
|---|---|---|---|---|
| address | https://helpcenter.ironchip.com/es/fraud-detection/technical-documentation/apis/report-api/documentation/#models-address | ModelsAddress | Location address | |
| id | string | string | Location ID | |
| location_type | string | string | Location type (ip, geo, wifi, lte, cdma, wcdma, gsm) |
models.Report
Properties
models.Reporter
Properties
| Name | Type | Type in Go | Required | Description | Example |
|---|---|---|---|---|---|
| string | string | Identifying email | mailto:TatianaPrieto@ironchip.com | ||
| name | string | string | Identifying name | Tatiana | |
| surname | string | string | Identifying surname | Prieto |
models.RestError
Properties
| Name | Type | Type in Go | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| cause | string | string | ||||
| error | string | string | ||||
| error_code | string | string | ||||
| traceability_id | string | string |
models.Sensors
Properties
| Name | Type | Go Type | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| gps | boolean | bool | Is the GPS sensor activated? | |||
| mobile_networks | boolean | bool | Can the device access mobile networks? | |||
| wifi | boolean | bool | Is the WiFi sensor on the device activated? | |||
| wifi_connected | boolean | bool | Is the device connected to a WiFi network? |
models.Situation
Properties
| Name | Type | Go Type | Required | Description | Example |
|---|---|---|---|---|---|
| description | string | string | Description of the situation when the process was carried out | The client has downloaded the application on an unknown device located in a new country |
models.User
Properties
| Name | Type | Go Type | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| id | string | string | User ID | exampleuserid |
models.Valuation
Properties
| Name | Type | Go Type | Required | Description | Example |
|---|---|---|---|---|---|
| annotations | string | string | Annotations | It is not possible to differentiate between a real and fake customer without customer confirmation | |
| score | integer | int64 | Valuation score (0-10) | 8 | |
| type | string | string | Feedback rating type (Positive, Negative, Corrective) | Corrective |
models.Version
Properties
| Name | Type | Go Type | Required | Default | Description | Example |
|---|---|---|---|---|---|---|
| build_date | string | string | ||||
| commit | string | string | ||||
| version | string | string | 1.0.0 |