Prevent Fraud
Configure your integration to protect your application against fraud
Why prevent fraud?
The bigger your application, the more likely it is to be targeted by fraudsters. Fraudsters inspect and copy your app’s backend API requests and modify them to send OTP codes to themselves in order to retrieve the SMS charges. This is called SMS pumping or IRSF fraud (read more about it here).
Signals
Prelude’s machine learning models use a number of signals to distinguish fraudulent users from legitimate users. We infer some of these signals, but many depend on the information provided by your integration. The more data you provide, the more effective fraud prevention will be and the higher your conversion rate will be.
Important signals to send to Prelude
To increase the effectiveness of fraud prevention, we recommend that you send the following signals to Prelude:
| Data | Estimated improvement | Description |
|---|---|---|
| IP address | 50% | The IP address of the user’s device. |
| Device ID | 40% | The unique ID of the user’s device. |
| Returning user | 35% | This field should verify if the user is a returning user on your app, beyond just a basic validity check. It should ensure trust by confirming that the user is genuine within the context of your application. Examples of validation criteria include whether the user has completed onboarding steps, previously logged in, performed valid transactions, or completed a purchase. |
| Platform | 35% | The platform of the user’s device (iOS or Android). |
| Device model | 20% | The model of the user’s device. |
| OS Version | 20% | The version of the user’s device operating system. |
| App version | 10% | The version of your application. |
In the future, we plan to provide client-side SDKs to collect those signals automatically.
Allow and block lists
You can configure your integration to allow or block specific users from signing in. This can be useful if you want to manually block users you have identified as fraudulent or to disable anti-fraud algorithms for specific users.
To edit the allow or block lists, go to the Dashboard and navigate to the Settings > Numbers tab.
Allowlist
Next steps
Follow the API reference to get detailed information about the Prelude API.
API Reference
Learn more about Prelude’s API endpoints.