Introduction
For FinTech applications powered by Synctera, these interactions can occur via both mobile devices and web browsers. By leveraging information about an end-user’s device or browser, a FinTech can establish a unique device fingerprint, significantly enhancing a FinTech’s understanding of end-user behavior and identity. Device identification is achieved through a set of key data points collected from an end-user’s device at the initiation of an action. These data points include:- Device Type: Identifies whether the user is on a mobile phone, tablet, or desktop.
- Operating System: Specifies the operating system of the device (e.g., iOS, Android, Windows, macOS).
- Browser User Agent: Provides details about the user’s browser (e.g., Chrome, Safari, Firefox) and its version.
- IP Address: Records the network address from which the user is accessing the application.
- In the future, additional data points may be added to further enhance device fingerprinting capabilities.
The Importance of Device Tracking for Financial Products
It is especially crucial to track and build intelligence around end-user device identity when offering financial products & services. The integrity of the financial ecosystem depends on facilitating money movement for trusted users while restricting money movement for bad actors trying to exploit the system. Collecting end-user device information enables FinTechs to ensure that only authorized devices interact with their application, and thus Synctera’s system, bolstering security and compliance. For instance, when disputing an ACH R10 return, a bank needs verifiable evidence of customer-initiated transactions. Increasingly, user identities are intrinsically linked to their devices and digital behavior patterns, complementing traditional documentation.step 1The Synctera Platform Solution: Standardized Metadata for Enhanced Security and Compliance
To facilitate this, Synctera includes a standardized schema in its API headers that allows FinTechs to pass device identity metadata—such as device type, user agent, and IP address—with every API request made on behalf of an end-user. This data is securely stored ensuring platform integrity and regulatory compliance. Please see Synctera’s Developer Guide page for more details.FinTech system calls to Synctera APIs that are not on behalf of an end-user (e.g. end of day reporting calls, sandbox testing) do not require device ID data to be included.
- Enhanced Security: By identifying and monitoring devices, all parties can better detect and prevent unauthorized access and fraudulent activities.
- Improved Compliance: Facilitating the tracking of end-user actions and device origins helps manage risk.
- Deeper User Understanding: Gaining insights into how end-users interact with an application from different devices.