Email: helpdesk@telkomuniversity.ac.id

This Portal for internal use only!

All Categories

All Categories

Search

0 Wishlist

Cart

Categories
More Categories Less Categories

iconTicket Service Desk

All Categories

All Categories

Search

0 Wishlist

Cart

Menu
Home/Microsoft/Spotlight on Device Fingerprinting in DFP

Spotlight on Device Fingerprinting in DFP

/ 2024-10-31
Spotlight on Device Fingerprinting in DFP
Microsoft

 

We’re thrilled to bring you a weekly spotlight on various topics within our Microsoft Fraud Protection Tech Community. This week, we’re diving into the fascinating world of Device Fingerprinting in Microsoft Dynamics 365 Fraud Protection (DFP). 

 

Ever wondered how Device Fingerprinting works and how it can benefit you? Check out our detailed Q&A below where we answer all your burning questions about this innovative feature. 

 

If you have any questions or need further clarification on this topic, don’t hesitate to reply to this thread in the Fraud Protection Tech Community. Your feedback is incredibly valuable to us. 

 

Best regards, 
DFP Product Team 

 

——————  

 

 
1. Do I really need device fingerprinting?  Why is it important? 

 

Device fingerprinting is an essential feature in Microsoft Dynamics 365 Fraud Protection. It collects information about a computing device during online actions, which includes hardware, browser, geographic information, and IP address. This data is crucial as it helps the Fraud Protection service to track and link events in the fraud network, identifying patterns of fraud. The device fingerprinting feature uses artificial intelligence (AI) and machine learning to probabilistically identify devices, which can significantly improve the model detection rate for businesses by reducing false negatives. As a result, less fraud is detected on approved transactions after the fact.  

 

It’s important to note that while device fingerprinting has a high accuracy, it is probabilistic and not deterministic, meaning there is a possibility of false positives. However, the benefits it brings to fraud detection and prevention are significant and can help protect businesses from fraudulent activities.  

References:  

Overview of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn 

Set up device fingerprinting – Dynamics 365 Fraud Protection 

Web setup of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn 

Attributes in device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn 

 

 

2. We don’t use Fingerprinting will DFP still work? 

Yes, Dynamics 365 Fraud Protection (DFP) will still function without device fingerprinting.  However, its effectiveness in detecting fraud will be reduced.  Device fingerprinting is a powerful feature that enhances the ability of DFP to identify and link events in the fraud network, thereby improving the detection of fraudulent patterns. Without it, DFP can still assess risk based on other factors, but the absence of device fingerprinting data means it likely won’t be as accurate in identifying fraud. 

 

 

3. How to do end to end device fingerprinting integration? 

Integrating end-to-end device fingerprinting in Microsoft Dynamics 365 Fraud Protection involves several steps to ensure that device data is accurately collected and assessed for fraud risk. Here’s a high-level overview of the process:  

Set up DNS and Generate an SSL Certificate: 

Choose a subdomain under your root domain for device fingerprinting, such as fpt.yourcompany.com.  

Create a CNAME record that points to fpt.dfp.microsoft.com.  

Generate an SSL certificate for the subdomain and upload it to the Fraud Protection portal.  

Implement Device Fingerprinting: 

Your website or application must initiate device fingerprinting requests before a transaction is sent to Fraud Protection for risk evaluation.  

Modify the provided JavaScript code (see documentation) and insert it on the webpage or in the application where you want to collect device fingerprinting information.  

Enable Client-Side Integration: 

Ensure that the device fingerprinting script is correctly implemented and that the client-side integration is enabled to collect the necessary data.  

Test and Validate: 
After implementation, thoroughly test the device fingerprinting functionality to confirm that it is working as expected and that Fraud Protection is receiving the required data.  

Please follow the best practices and guidelines provided in the Microsoft documentation to ensure a successful integration.  

 

References:  

Overview of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn 

Web setup of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn 

Dynamics 365 Fraud Protection mobile SDK for iOS – Dynamics 365 Fraud Protection | Microsoft Learn 

Dynamics 365 Fraud Protection mobile SDK for Android – Dynamics 365 Fraud Protection | Microsoft Learn 

 

 

 4. What do I need to provide in order for Device Fingerprinting to work? 

 

To ensure Device Fingerprinting works effectively in Microsoft Dynamics 365 Fraud Protection, you need to provide the following:  

DNS Configuration and SSL Certificate: 

Select a subdomain under your root domain for device fingerprinting, such as fpt.yourcompany.com.  

Create a CNAME record that points to fpt.dfp.microsoft.com.  

Generate an SSL certificate for the subdomain and upload it to the Fraud Protection portal. Only .pfx files are supported, and if your certificate has a password, you’ll need to enter it during the upload process.  

Device Fingerprinting Implementation: 

Your website or application must initiate device fingerprinting requests a few seconds before a transaction is sent to Fraud Protection for risk evaluation. This ensures that all necessary data is received for an accurate assessment.  

Modify the provided JavaScript code and insert it on the webpage or in the application where you want to collect device fingerprinting information.  

Client-Side Integration: 

Ensure that the device fingerprinting script is correctly implemented and that the client-side integration is enabled to collect the necessary data.  

Testing and Validation: 
After implementation, thoroughly test the device fingerprinting functionality to confirm that it is working as expected and that Fraud Protection is receiving the required data.  

Please follow the best practices and guidelines provided in the Microsoft documentation to ensure a successful integration.  

 

References:  

Web setup of device fingerprinting – Dynamics 365 Fraud Protection … 

 

 

5. Do we need to send IP address if we use Device Fingerprinting? 

 

In Microsoft Dynamics 365 Fraud Protection, the IP address is an optional field when using device fingerprinting. While it is not mandatory to send the IP address, providing it can enhance the accuracy of the fraud protection service. The IP address can be set in the deviceFingerprinting.ipAddress field for assessments, and it helps in identifying the geographic location and network information of the device, which can be valuable in fraud detection scenarios.  

 

References:  

Web setup of device fingerprinting – Dynamics 365 Fraud Protection … 

 

 

6. What is the difference btw ‘device.ipaddress’ and ‘trueIp’? 

In Microsoft Dynamics 365 Fraud Protection, ‘device.ipaddress’ refers to the IP address that the merchant’s website receives when a customer uses the site. This is typically the public IP address that the customer’s device is using to access the internet. On the other hand, ‘trueIp’ is the actual IP address of the device as identified by device fingerprinting. It is used to assess the risk of fraud and is part of the device attributes collected during the fraud assessment process   

 

The ‘trueIp’ can be particularly useful in identifying fraud attempts because it can reveal if a customer is using a proxy or VPN to mask their actual IP address. This can be a red flag for fraudulent activity, as fraudsters often use such methods to hide their location and identity.  

 

 

7. What is TrueIP? What is “IP address (via Merchant)”?  Why is TrueIP blank, while “IP address (via Merchant)” is available? 

In Microsoft Dynamics 365 Fraud Protection, “TrueIP” refers to the actual IP address of the device identified by device fingerprinting, which is used to assess the risk of fraud. It is part of the device attributes collected during the fraud assessment process. The “IP address (via Merchant)” is the IP address that the merchant provides to Fraud Protection, which may be different from the TrueIP if, for example, the user is connected through a proxy or VPN.  

 

If “TrueIP” is blank, it could be due to several reasons such as the device fingerprinting data not being collected properly, the user using privacy features that prevent the collection of their true IP address, or simply that the TrueIP information was not available or not passed on at the time of the transaction.  

 

However, generally speaking, the true IP address is the one assigned to a device connected to the internet, while the IP address provided by the merchant could be the one they have on record for the transaction, which might be different due to the reasons mentioned above.  

 

References:  

View purchase protection schemas – Dynamics 365 Fraud Protection | Microsoft Learn 

 

 

 8. Any information collected beyond IP address? 

A detailed summary of what device fingerprinting attributes we attempt to collect for web, iOS, and Android can be found here: Attributes in device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn 

 

 

9. How do I renew the DFP Device Fingerprinting SSL Green ID certificate? 

Multiple steps:  

Obtain a renewed certificate.  These can be provided by whichever team within your organization manages certificates.  Typically, these are IT, Security or Engineering. The certificate should be a .pfx file.   

Upload your certificate.  From the DFP Portal, select “Integration” and “Enable device fingerprinting”.  

For the renewal process instructions and further details, please refer to the Microsoft Learn Page: Web setup of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn 

 

 

10. Does device fingerprinting work for different browsers and operating systems? 

Yes, DFP Device Fingerprinting works for different types of web browsers and operating systems.  Below is more information on support and how to integrate:  

Web setup of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn 

Dynamics 365 Fraud Protection mobile SDK for Android – Dynamics 365 Fraud Protection | Microsoft Learn 

Dynamics 365 Fraud Protection mobile SDK for iOS – Dynamics 365 Fraud Protection | Microsoft Learn 

Dynamics 365 Fraud Protection mobile SDK for React Native – Dynamics 365 Fraud Protection | Microsoft Learn 

 

​ 
We’re thrilled to bring you a weekly spotlight on various topics within our Microsoft Fraud Protection Tech Community. This week, we’re diving into the fascinating world of Device Fingerprinting in Microsoft Dynamics 365 Fraud Protection (DFP). 
 
Ever wondered how Device Fingerprinting works and how it can benefit you? Check out our detailed Q&A below where we answer all your burning questions about this innovative feature. 
 
If you have any questions or need further clarification on this topic, don’t hesitate to reply to this thread in the Fraud Protection Tech Community. Your feedback is incredibly valuable to us. 
 
Best regards, DFP Product Team 
 
——————  
 
  1. Do I really need device fingerprinting?  Why is it important? 
  
Device fingerprinting is an essential feature in Microsoft Dynamics 365 Fraud Protection. It collects information about a computing device during online actions, which includes hardware, browser, geographic information, and IP address. This data is crucial as it helps the Fraud Protection service to track and link events in the fraud network, identifying patterns of fraud. The device fingerprinting feature uses artificial intelligence (AI) and machine learning to probabilistically identify devices, which can significantly improve the model detection rate for businesses by reducing false negatives. As a result, less fraud is detected on approved transactions after the fact.  
  
It’s important to note that while device fingerprinting has a high accuracy, it is probabilistic and not deterministic, meaning there is a possibility of false positives. However, the benefits it brings to fraud detection and prevention are significant and can help protect businesses from fraudulent activities.  
References:  

Overview of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn  

Set up device fingerprinting – Dynamics 365 Fraud Protection  

Web setup of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn  

Attributes in device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn  

 
 
2. We don’t use Fingerprinting will DFP still work?  
Yes, Dynamics 365 Fraud Protection (DFP) will still function without device fingerprinting.  However, its effectiveness in detecting fraud will be reduced.  Device fingerprinting is a powerful feature that enhances the ability of DFP to identify and link events in the fraud network, thereby improving the detection of fraudulent patterns. Without it, DFP can still assess risk based on other factors, but the absence of device fingerprinting data means it likely won’t be as accurate in identifying fraud.  
 
 
3. How to do end to end device fingerprinting integration?  
Integrating end-to-end device fingerprinting in Microsoft Dynamics 365 Fraud Protection involves several steps to ensure that device data is accurately collected and assessed for fraud risk. Here’s a high-level overview of the process:  

Set up DNS and Generate an SSL Certificate:  

Choose a subdomain under your root domain for device fingerprinting, such as fpt.yourcompany.com.  

Create a CNAME record that points to fpt.dfp.microsoft.com.  

Generate an SSL certificate for the subdomain and upload it to the Fraud Protection portal.  

Implement Device Fingerprinting:  

Your website or application must initiate device fingerprinting requests before a transaction is sent to Fraud Protection for risk evaluation.  

Modify the provided JavaScript code (see documentation) and insert it on the webpage or in the application where you want to collect device fingerprinting information.  

Enable Client-Side Integration:  

Ensure that the device fingerprinting script is correctly implemented and that the client-side integration is enabled to collect the necessary data.  

Test and Validate:  
After implementation, thoroughly test the device fingerprinting functionality to confirm that it is working as expected and that Fraud Protection is receiving the required data.  

Please follow the best practices and guidelines provided in the Microsoft documentation to ensure a successful integration.  
  
References:  

Overview of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn  

Web setup of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn  

Dynamics 365 Fraud Protection mobile SDK for iOS – Dynamics 365 Fraud Protection | Microsoft Learn  

Dynamics 365 Fraud Protection mobile SDK for Android – Dynamics 365 Fraud Protection | Microsoft Learn  

 
 
 4. What do I need to provide in order for Device Fingerprinting to work?   
 
To ensure Device Fingerprinting works effectively in Microsoft Dynamics 365 Fraud Protection, you need to provide the following:  

DNS Configuration and SSL Certificate:  

Select a subdomain under your root domain for device fingerprinting, such as fpt.yourcompany.com.  

Create a CNAME record that points to fpt.dfp.microsoft.com.  

Generate an SSL certificate for the subdomain and upload it to the Fraud Protection portal. Only .pfx files are supported, and if your certificate has a password, you’ll need to enter it during the upload process.  

Device Fingerprinting Implementation:  

Your website or application must initiate device fingerprinting requests a few seconds before a transaction is sent to Fraud Protection for risk evaluation. This ensures that all necessary data is received for an accurate assessment.  

Modify the provided JavaScript code and insert it on the webpage or in the application where you want to collect device fingerprinting information.  

Client-Side Integration:  

Ensure that the device fingerprinting script is correctly implemented and that the client-side integration is enabled to collect the necessary data.  

Testing and Validation:  
After implementation, thoroughly test the device fingerprinting functionality to confirm that it is working as expected and that Fraud Protection is receiving the required data.  

Please follow the best practices and guidelines provided in the Microsoft documentation to ensure a successful integration.  
  
References:  

Web setup of device fingerprinting – Dynamics 365 Fraud Protection …  

 
 
5. Do we need to send IP address if we use Device Fingerprinting?  
 
In Microsoft Dynamics 365 Fraud Protection, the IP address is an optional field when using device fingerprinting. While it is not mandatory to send the IP address, providing it can enhance the accuracy of the fraud protection service. The IP address can be set in the deviceFingerprinting.ipAddress field for assessments, and it helps in identifying the geographic location and network information of the device, which can be valuable in fraud detection scenarios.  
  
References:  

Web setup of device fingerprinting – Dynamics 365 Fraud Protection …  

 
 
6. What is the difference btw ‘device.ipaddress’ and ‘trueIp’?  
In Microsoft Dynamics 365 Fraud Protection, ‘device.ipaddress’ refers to the IP address that the merchant’s website receives when a customer uses the site. This is typically the public IP address that the customer’s device is using to access the internet. On the other hand, ‘trueIp’ is the actual IP address of the device as identified by device fingerprinting. It is used to assess the risk of fraud and is part of the device attributes collected during the fraud assessment process   
  
The ‘trueIp’ can be particularly useful in identifying fraud attempts because it can reveal if a customer is using a proxy or VPN to mask their actual IP address. This can be a red flag for fraudulent activity, as fraudsters often use such methods to hide their location and identity.  
 
 
7. What is TrueIP? What is “IP address (via Merchant)”?  Why is TrueIP blank, while “IP address (via Merchant)” is available?  
In Microsoft Dynamics 365 Fraud Protection, “TrueIP” refers to the actual IP address of the device identified by device fingerprinting, which is used to assess the risk of fraud. It is part of the device attributes collected during the fraud assessment process. The “IP address (via Merchant)” is the IP address that the merchant provides to Fraud Protection, which may be different from the TrueIP if, for example, the user is connected through a proxy or VPN.  
  
If “TrueIP” is blank, it could be due to several reasons such as the device fingerprinting data not being collected properly, the user using privacy features that prevent the collection of their true IP address, or simply that the TrueIP information was not available or not passed on at the time of the transaction.  
  
However, generally speaking, the true IP address is the one assigned to a device connected to the internet, while the IP address provided by the merchant could be the one they have on record for the transaction, which might be different due to the reasons mentioned above.  
  
References:  

View purchase protection schemas – Dynamics 365 Fraud Protection | Microsoft Learn  

 
 
 8. Any information collected beyond IP address?  
A detailed summary of what device fingerprinting attributes we attempt to collect for web, iOS, and Android can be found here: Attributes in device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn  
 
 
9. How do I renew the DFP Device Fingerprinting SSL Green ID certificate?  
Multiple steps:  

Obtain a renewed certificate.  These can be provided by whichever team within your organization manages certificates.  Typically, these are IT, Security or Engineering. The certificate should be a .pfx file.   

Upload your certificate.  From the DFP Portal, select “Integration” and “Enable device fingerprinting”.  

For the renewal process instructions and further details, please refer to the Microsoft Learn Page: Web setup of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn  

 
 
10. Does device fingerprinting work for different browsers and operating systems?  
Yes, DFP Device Fingerprinting works for different types of web browsers and operating systems.  Below is more information on support and how to integrate:  

Web setup of device fingerprinting – Dynamics 365 Fraud Protection | Microsoft Learn  

Dynamics 365 Fraud Protection mobile SDK for Android – Dynamics 365 Fraud Protection | Microsoft Learn  

Dynamics 365 Fraud Protection mobile SDK for iOS – Dynamics 365 Fraud Protection | Microsoft Learn  

Dynamics 365 Fraud Protection mobile SDK for React Native – Dynamics 365 Fraud Protection | Microsoft Learn  

   Read More

Tags:

Related posts

Announcing the General Availability of Windows Server IoT 2025!
2024-11-05

Announcing the General Availability of Windows Server IoT 2025!

Power Automate to update columns for content stored in a document library
2024-11-05

Power Automate to update columns for content stored in a document library

America’s Partner Blog | Partners Make More Possible: Education
2024-11-05

America’s Partner Blog | Partners Make More Possible: Education

Leave a Reply

Your email address will not be published. Required fields are marked *

Adobe
Google for Education
IBM
Matlab
Microsoft
Wordpress
Visual Paradigm
Opensource

Portal Application Package Repository Telkom University, for internal use only, empower civitas academica in study and research.

Information

Contact Us

Copyright © Telkom University. All Rights Reserved. ch