![01_1-ironchip_logo_articulación horizontal_ppal.png]](https://docs.ironchip.com/hs-fs/hubfs/01_1-ironchip_logo_articulacio%CC%81n%20horizontal_ppal.png?height=40&name=01_1-ironchip_logo_articulacio%CC%81n%20horizontal_ppal.png){kind=logo}
Android (en)
Overview The Ironchip Fraud Detection SDK for Android allows you to collect environmental signals to detect fraudulent activities such as identity theft, location spoofing, or automated attacks within your native Android applications.
Change Log
[1.2.13] - 2023-10-11 - Present
Added
Communication detection.
SIM network type (2G, 3G, 4G, 5G).
Changed
Removed
[1.2.12] - 2023-09-12 - 2023-10-11
Added
Proxy configuration method.
Changed
Cipher suites are now used.
Removed
[1.2.11] - 2023-07-05 - Present
Added
Changed
Fixed additional data that was not being sent.
Removed
[1.2.10] - 2023-06-23 - 2023-07-05
This version is an update with no functional changes. The version number was updated to 1.2.10 to maintain version sequence.
Added
Changed
Removed
[1.2.9.2] - 2023-06-23 - 2023-06-23
Added
Changed
Commons library updated with additional fixes.
Removed
[1.2.9.1] - 2023-06-22 - 2023-06-23
Added
Changed
Commons library updated to apply some bug fixes.
Removed
[1.2.9] - 2023-05-18 - 2023-06-22
Added
SDK version added to the transaction model.
Changed
Previous error handling implemented to allow fraud service creation even if the GPS provider is unavailable.
Removed
[1.2.8] - 2023-05-12 - 2023-05-12
Added
Additional error handling added to prevent transaction failure when a compilation step fails.
Changed
Removed
[1.2.7] - 2023-03-15 - 2023-05-12
Added
Transaction model modified to include SIM card information.
Changed
Removed
[1.2.6] - 2023-02-02 - 2023-03-15
Added
Changed
Transaction model modified to include the status of requested permissions.
Transaction model modified to include whether GPS and WiFi providers are enabled.
Removed
[1.2.5] - 2023-01-13 - 2023-02-02
Added
Changed
Fixed ProGuard configuration that caused the client application to be repackaged into our internal library folder.
Removed
[1.2.4] - 2023-01-10 - 2023-01-13
Added
Changed
Errors during the sendTransaction callback will now be logged instead of being redirected to the exception callback.
Removed
[1.2.3] - 2022-12-09 - 2023-01-10
Added
Changed
Fixed issue with fingerprint identification.
Removed
[1.2.2] - 2022-11-30 - 2022-12-09
Added
Changed
Class name refactoring.
Log tags updated to match the refactoring.
Fraud constructor no longer accepts a URL host; it only allows selecting the desired environment.
Removed
[1.2.0] - 2022-10-12 - 2022-11-22
Added
Kernel version added to device properties.
Debug logs.
Changed
Fixed errors related to sending JSON strings instead of arrays.
Improved device identification, installation identification, and fingerprinting.
GPS and Signal can no longer cause a process crash.
Removed
[1.1.3] - 2022-09-30 - 2022-10-12
Added
Changed
Published Nexus repository to GitHub.
Removed
[1.1.2] - 2022-09-30 - 2022-10-12
Added
Support for versions 5+.
Changed
Removed
[1.1.0] - 2022-09-22 - 2022-09-30
Added
LICENSE file added to the project.
Changed
Module name refactoring.
Removed
[1.0.2] - 2022-09-10 - 2022-09-22
Added
Custom exceptions.
Changed
Callbacks and exceptions excluded from obfuscation to simplify client usage.
Parameter names and model structure updated.
Removed
[1.0.1] - 2022-09-10 - 2022-09-12
Added
CI/CD to build and publish on dev, testing, and release branches.
Changed
Callbacks and exceptions excluded from obfuscation to simplify client usage.
Parameter names and model structure updated.
Removed
[1.0.0] - 2022-09-10
Added
Code obfuscation and extended .gitignore.
Changed
Code sections migrated to a common library.
Modified GPS service behavior.
Removed
Configuration
Supported versions
| Platform | Supported versions |
|---|---|
| Android | 5.0.0+ |
Add the Ironchip location-based fraud SDK
Add our library to other projects
First, in the settings.gradle file, you will need to reference the remote repository where the library is located.
dependencyResolutionManagement {
...
repositories {
maven { url 'https://jitpack.io' }
...
}
}Next, in the gradle.build file, you must add the SDK dependency.
dependencies {
...
implementation "com.github.Ironchip-Security:LBFraud-SDK-Android:1.2.13"
...
}Permisions
Add the following permissions to your manifest:
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />Use
Using in an application
To take full advantage of the SDK, you need to grant the ACCESS_FINE_LOCATION permission.
How to request permissions
import com.ironchip.ironchiplbfraudandroidsdk.LBFraudSDK;
...
// Reemplace APIKEY con la clave API generada deseada.
LBFraudSDK fraud = new LBFraudSDK(this, "APIKEY");
// Por defecto nuestro SDK apunta al entorno de producción.
// En caso de que desee apuntar a un entorno diferente:
// LBFraudSDK fraud = new LBFraudSDK(this, "APIKEY", LBFraudSDK.Environment.Testing);
//public enum Environment {
// Production,
// Testing,
// Development
//}
Map<String, Object> extraData = new HashMap<>();
extraData.put("concept", "Book august");
extraData.put("amount", new Integer(30));
extraData.put("operation", "booking");
// TransactionID (required,unique): transaction identifier request for fraud results
// UserID (required): User identifier
// ExtraData (optional): extra information for analysis
// The sendTransaction can be provided with 2 callbacks, one is executed when the transaction is finished
// and the other one is called in case an error did occure during the transaction process.
ironchipLBFraud.sendTransaction("random_identifier_generated", "john.doe@gmail.com", extraData, () -> {
// Add here any code you want to be executed after the transaction
// has finished.
}, exception -> {
// Add here any code you want to perform in case of an error
// during the transaction.
// exception.printStackTrace()
});Example
import com.ironchip.ironchiplbfraudandroidsdk.LBFraudSDK;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.CompletableFuture;
...
// Reemplace APIKEY con la clave API generada deseada.
LBFraudSDK fraud = new LBFraudSDK(this, "APIKEY");
// Método asincrónico para realizar el inicio de sesión del usuario
private void login(String username, String password) {
performLogin(username, password).thenAccept(loginSuccessful -> {
if (loginSuccessful) {
// Si el inicio de sesión es exitoso, llama a sendTransaction con los parámetros necesarios
String transactionID = generateRandomTransactionID(10); // Generate or fetch your transaction ID
String userID = "john.doe@gmail.com"; // Identificador de usuario
String anonymizedUserID = anonymizeUserID(userID); // ID de usuario anonimizado
Map<String, Object> extraData = new HashMap<>(); // Información adicional para análisis
extraData.put("amount", 30); // Usa Integer.valueOf(30) si fuera necesario
extraData.put("operation", "login");
sendTransactionAfterLogin(transactionID, anonymizedUserID, extraData);
} else {
// Manejar el fallo en el inicio de sesión
}
});
}
// Función de inicio de sesión asincrónica que devuelve un Future<Boolean>
private CompletableFuture<Boolean> performLogin(String username, String password) {
return CompletableFuture.supplyAsync(() -> {
try {
Thread.sleep(2000);
// Reemplaza con tu lógica de inicio de sesión real
// Por ejemplo, autentica al usuario y devuelve true si es exitoso
return true;
} catch (InterruptedException e) {
return false; // En caso de un error, devuelve false
}
});
}
// Función para enviar la transacción después de un inicio de sesión exitoso
private void sendTransactionAfterLogin(String transactionID, String anonymizedUserID, Map<String, Object> extraData) {
// Enviando la transacción
fraud.sendTransaction(transactionID, anonymizedUserID, extraData, () -> {
// Agrega aquí cualquier código que quieras ejecutar después de que la transacción haya finalizado.
}, exception -> {
// Agrega aquí cualquier código que quieras ejecutar en caso de un error durante la transacción.
});
}
// Función para recortar, convertir a minúsculas y hashear el userID
public static String anonymizeUserID(String userID) {
String trimmedLowercaseUserID = userID.trim().toLowerCase();
return hashString(trimmedLowercaseUserID);
}
// Función para realizar el hashing utilizando SHA-256
public static String hashString(String input) {
try {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hashBytes = digest.digest(input.getBytes(StandardCharsets.UTF_8));
StringBuilder hexString = new StringBuilder();
for (byte b : hashBytes) {
String hex = Integer.toHexString(0xff & b);
if (hex.length() == 1) {
hexString.append('0');
}
hexString.append(hex);
}
return hexString.toString();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("Error while calculating hash", e);
}
}
private String generateRandomTransactionID(int length) {
// Implementa tu método para generar un ID de transacción único.
const String chars = "AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz1234567890";
Random rnd = new Random();
return IntStream.range(0, length)
.mapToObj(i -> String.valueOf(chars.charAt(rnd.nextInt(chars.length()))))
.collect(Collectors.joining());
}