/
Contact usSee pricingStart building

    About Stytch

    Introduction
    Use cases
    Device Fingerprinting
      Overview
      Fingerprints
    Verdicts
      Verdicts overview
      Allow
      Block
      Challenge
      Not Found
    Getting started
      Device Fingerprinting API
      DFP Protected Auth
    Traffic shaping
      Setting rules with DFP
      Intelligent Rate LimitingBeta
      DFP Protected Auth
    Strong CAPTCHA
      Overview
      Getting started
Get support on SlackVisit our developer forum

Contact us

Fraud and Risk Prevention

/

Guides

/

About Stytch

/

Verdicts

/

Verdicts overview

Verdicts and metadata

Recommendations and actions

Stytch's Device Fingerprinting provides a set of customizable tools for your business to accurately identify users by device and take an ensuing action based on that information.

In addition to granular identifiers, each fingerprint has associated metadata:

  • Action: The suggested action based on the fingerprint review. The available actions are:
    • ALLOW - This is a known valid device grouping or device profile that is part of the default ALLOW listed set of known devices by Stytch. This grouping is made up of verified device profiles that match the characteristics of known/authentic traffic origins
    • BLOCK - This is a known bad or malicious device profile that is undesirable and should be blocked from completing the privileged action in question
    • CHALLENGE - This is an unknown or potentially malicious device that should be put through increased friction such as 2FA or other forms of extended user verification before allowing the privileged action to proceed
  • Detected Device Type: The operating system and architecture that took the fingerprint.
  • Is an Authentic Device: The assessment of whether this is an authentic device. It will be false if hardware or browser deception is detected
  • Reasons: A set of contextual clues to inform why a CHALLENGE or BLOCK action was suggested. For a list of possible Reasons, please contact support.

Together, these fingerprints and associated metadata provide a set of customizable tools for your business to accurately identify users by device and take an ensuing action based on that information.

Here's an example JSON response from our Device Fingerprinting API:

{
	"created_at": "2023-01-01T00:00:00Z",
	"expires_at": "2033-01-01T00:00:00Z",
	"fingerprints": {
		"browser_fingerprint": "browser-fingerprint-0b535ab5-ecff-4bc9-b845-48bf90098945",
		"browser_id": "browser-id-99cffb93-6378-48a5-aa90-d680232a7979",
		"hardware_fingerprint": "hardware-fingerprint-4af7a05d-cf77-4ff7-834f-0622452bb092",
		"network_fingerprint": "network-fingerprint-b5060259-40e6-3f29-8215-45ae2da3caa1",
		"visitor_fingerprint": "visitor-fingerprint-6ecf5792-1157-41ad-9ad6-052d31160cee",
		"visitor_id": "visitor-6139cbcc-4dda-4b1f-b1c0-13c08ec64d72"
	},
	"status_code": 200,
	"telemetry_id": "026ac93b-8cdf-4fcb-bfa6-36a31cfecac1",
	"verdict": {
		"action": "ALLOW",
		"detected_device_type": "...",
		"is_authentic_device": true,
		"reasons": [...]
	}
}