Fraud Detection
The Fraud Detection integration scores consent sessions for fraud risk in real time using IP address and device signals. Each session receives a fraud risk assessment that is automatically attached to the Verification Dossier on the certificate.
| Detail | Value |
|---|---|
| Provider | Anura via epcvip |
| Cost | $0.05 per check |
| Rate limit | 1,000 requests/min |
| Billing | Wallet-based (pre-paid), charged per lookup |
| Input | Consumer IP address (required), user agent, session ID |
How it works
Section titled “How it works”When a consent session is created, you can send the consumer’s IP address to the fraud detection endpoint. The integration forwards the request to Anura’s fraud scoring engine, which evaluates the IP and device signals against known fraud patterns. The response includes a fraud score, risk level, and whether the result was served from cache.
The fraud result is then attached to the session’s Verification Dossier, providing a permanent record of the fraud assessment alongside the certificate.
Endpoint
Section titled “Endpoint”POST https://api.econsent.org/api/integrations/:companyId/fraud/detectAuthentication
Section titled “Authentication”Use Bearer token authentication with your Fraud Detection integration token:
Authorization: Bearer YOUR_API_TOKENRequest parameters
Section titled “Request parameters”Path parameters
Section titled “Path parameters”| Parameter | Type | Description |
|---|---|---|
companyId | string | Your Company ID |
Request body
Section titled “Request body”| Field | Type | Required | Description |
|---|---|---|---|
ip_address | string | Yes | The consumer’s IP address to evaluate |
user_agent | string | No | The consumer’s browser user agent string |
session_id | string | No | The eConsent session ID to attach the result to |
timeout | number | No | Request timeout in seconds (default: 5) |
Example request
Section titled “Example request”curl -X POST https://api.econsent.org/api/integrations/YOUR_COMPANY_ID/fraud/detect \ -H "Content-Type: application/json" \ -H "Authorization: Bearer YOUR_API_TOKEN" \ -d '{ "ip_address": "203.0.113.42", "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36", "session_id": "sess-abc-123-def-456", "timeout": 5 }'Response
Section titled “Response”Success (200)
Section titled “Success (200)”{ "success": true, "status": 200, "data": { "fraud_score": 15, "risk_level": "low", "ip_address": "203.0.113.42", "session_id": "sess-abc-123-def-456", "cached": false }, "billing": { "currency": "USD", "cost_charged": 0.05, "remaining_balance": 99.95, "formatted": { "cost_charged": "$0.05", "remaining_balance": "$99.95" } }, "processing_time_ms": 220, "service": "fraud", "company_id": "comp-abc", "timestamp": "2026-03-15T14:22:08Z", "provider": "anura"}Response fields
Section titled “Response fields”| Field | Type | Description |
|---|---|---|
data.fraud_score | number | Fraud risk score (0—100, higher indicates greater risk) |
data.risk_level | string | Risk classification: low, medium, or high |
data.ip_address | string | The IP address that was evaluated |
data.session_id | string | The session ID the result is attached to |
data.cached | boolean | Whether the result was served from cache |
Risk levels
Section titled “Risk levels”| Score range | Risk level | Recommendation |
|---|---|---|
| 0—30 | Low | Session appears legitimate |
| 31—70 | Medium | Review recommended before acting on consent |
| 71—100 | High | Strong fraud indicators detected |
Error responses
Section titled “Error responses”| Status | Meaning |
|---|---|
400 | Bad request: missing or invalid IP address |
401 | Unauthorized: invalid API token |
402 | Payment required: insufficient wallet balance |
403 | Forbidden: integration not enabled |
429 | Rate limited: exceeded 1,000 requests/min |
Billing
Section titled “Billing”Each fraud detection lookup is charged from your wallet balance. Lookups served from cache are not billed.
Certificate integration
Section titled “Certificate integration”When a fraud detection lookup is performed for a session, the result is automatically included in the Verification Dossier section of the certificate. This provides a permanent, tamper-proof record of the fraud assessment at the time consent was captured.
The Verification Dossier on the certificate includes:
- Fraud score and risk level
- The IP address that was evaluated
- Timestamp of the fraud check
- Provider identification (Anura)
Health check
Section titled “Health check”You can verify your integration status, wallet balance, and available services using the health check endpoint:
GET https://api.econsent.org/api/integrations/:companyId/vzew/healthThe response includes your current wallet balance, available integrations, service costs, and routing configuration.
Code examples
Section titled “Code examples”async function detectFraud(ipAddress, userAgent, sessionId) { const companyId = process.env.ECONSENT_COMPANY_ID; const token = process.env.ECONSENT_FRAUD_TOKEN;
const response = await fetch( `https://api.econsent.org/api/integrations/${companyId}/fraud/detect`, { method: 'POST', headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${token}`, }, body: JSON.stringify({ ip_address: ipAddress, user_agent: userAgent, session_id: sessionId, timeout: 5, }), } );
const data = await response.json();
if (data.success) { console.log('Fraud Score:', data.data.fraud_score); console.log('Risk Level:', data.data.risk_level); console.log('Cached:', data.data.cached); return data.data; } else { throw new Error(data.error); }}import osimport requests
def detect_fraud(ip_address, user_agent=None, session_id=None): company_id = os.getenv('ECONSENT_COMPANY_ID') token = os.getenv('ECONSENT_FRAUD_TOKEN')
response = requests.post( f'https://api.econsent.org/api/integrations/{company_id}/fraud/detect', headers={ 'Content-Type': 'application/json', 'Authorization': f'Bearer {token}', }, json={ 'ip_address': ip_address, 'user_agent': user_agent, 'session_id': session_id, 'timeout': 5, }, )
data = response.json()
if data.get('success'): print(f"Fraud Score: {data['data']['fraud_score']}") print(f"Risk Level: {data['data']['risk_level']}") print(f"Cached: {data['data']['cached']}") return data['data'] else: raise Exception(data.get('error'))<?phpfunction detectFraud($ipAddress, $userAgent = null, $sessionId = null) { $companyId = getenv('ECONSENT_COMPANY_ID'); $token = getenv('ECONSENT_FRAUD_TOKEN');
$ch = curl_init("https://api.econsent.org/api/integrations/$companyId/fraud/detect"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([ 'ip_address' => $ipAddress, 'user_agent' => $userAgent, 'session_id' => $sessionId, 'timeout' => 5, ])); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, [ 'Content-Type: application/json', "Authorization: Bearer $token", ]);
$response = curl_exec($ch); curl_close($ch);
$result = json_decode($response, true);
if ($result['success']) { echo "Fraud Score: " . $result['data']['fraud_score'] . "\n"; echo "Risk Level: " . $result['data']['risk_level'] . "\n"; echo "Cached: " . ($result['data']['cached'] ? 'Yes' : 'No') . "\n"; return $result['data']; } else { throw new Exception($result['error']); }}?>Provider
Section titled “Provider”Fraud detection is powered by Anura, accessed through the epcvip integration layer. Anura specializes in ad fraud detection and provides real-time scoring based on IP reputation, device fingerprinting, and behavioral signals.
Pricing
Section titled “Pricing”- Cost per check: $0.05
- Rate limit: 1,000 requests/min
- Billing method: Wallet-based (pre-paid via Stripe)
Next steps
Section titled “Next steps”- Email Validation. Validate email addresses at $0.05/check
- Phone Validation. Validate phone numbers at $0.05/check
- Debt/Credit Lookup. Credit and debt lookups at $0.35/lookup
- Pricing & Billing. Full pricing breakdown