Signal Score for Device is an intelligence layer that connects raw telemetry and actionable identity. By combining hardware fingerprinting, geolocation, and network intelligence with fuzzy-match identity linkage, Signal Score for Device provides a comprehensive view of every device session.
Integrating with Signal Score for Device requires the following:
-
An API key
-
A bearer token
-
API endpoints
-
Device Data Collection implementation
To get a Signal Score API response, you must submit device details in the API request to the Signal Score for Device API endpoint.
Sandbox endpoint
https://api-sandbox.kount.com/device/risk/v2
Production endpoint
https://api.kount.com/device/risk/v2
HTTP Request Details
Method: POST
Required headers:
-
Bearer <token> -
application/json
For Risk Factor Codes, request parameters, and response definitions, refer to the Signal Score for Device Reference Guide.
To begin using the API, you must generate an API Key in Kount 360, which is then used to obtain a temporary bearer token for secure requests.
In Kount 360, after you have activated your organization, you can generate API keys to send data securely to Equifax. Only users with the Owner role permissions can generate, delete, or edit API keys.
Caution
You must have an initialized client before you can create an API key.
-
Sign in to Kount 360.
There are two integration environments: sandbox and production. Only integrate into our sandbox environment if you are integrating a pre-production environment without production data for testing.
-
Select Admin, and then Product Configuration.
-
In System Settings, select API Keys.
All initialized clients display.
Note
You must be the organization Owner to access System Settings.
-
For the client you want to create an API key for, select Generate API Key.
The new API key is generated. A prompt displays with the ability to copy the API key and add a description.
-
Copy the API key, and then store it in a secure location.
Note
The API key is not provided again. You must store it in a secure location for future reference. If the API key is compromised or lost, create a new API key and delete the compromised one.
-
Enter a description detailing the store used for the API key, and then select Confirm.
API keys are organized under each client on the API Keys page. Expand the client to view your API keys, the descriptions, and when client details were created.
After you have provisioned your API credentials in the portal, retrieve a temporary bearer token to authenticate calls to the Kount 360 API. Provide the API key in an HTTP POST to a specific login.equifax.com URL.
With a successful exchange, the returned JSON provides a special bearer token, which is the access_token property. The exchange also provides an expiration date, the expires_in property, provided in seconds until expiration. The API to retrieve the bearer token depends on if you are calling the sandbox or production environment.
The values are:
Sandbox
Auth Server URL:
https://login-uat.equifax.com/as/token
API Service Host:
https://api-sandbox.kount.com
Production
Auth Server URL:
https://login.equifax.com/as/token
API Service Host:
https://api.kount.com
After obtaining the bearer token, use it to authenticate requests to the Kount 360 API. Include the token in the Authorization header of your HTTP API request, prefixed with Bearer {bearer token}.
To prevent authentication issues, refresh the token before it expires. Tokens issued by login.equifax.com expire after 20 minutes, but client credentials remain valid unless revoked. Minimize calls to the /token endpoint by implementing token expiration handling in your customer applications. Always check if a token has expired before requesting a new one, as excessive calls to the /token endpoint could result in rate limiting.
The Device Data Collector gathers information from a customer’s device by running client-side scripts and then sending that data to Equifax. This passive analysis conceals the Kount 360 interaction with the customer and does not affect the customer’s experience.
The flow for device data collection follows this pattern:
-
Generate Session ID: Generates a session ID and provides it to the Device Data Collector SDK.
-
Device Data Collector SDK collects and sends device data: The Device Data Collector sends the collected device data to Kount 360.
-
Submit event data with session ID to your server: When the event data (the order, login, or new account opening data) gets submitted to your server, include the session ID that was passed to the Device Data Collector.
-
Send event data with session ID to Kount 360: Pass the session ID in the call to Kount 360, along with the rest of the event data.
-
Associate device data and event data by matching the session ID: Kount 360 associates the device data and the event data by using the session ID that was passed to Kount 360.
For detailed instructions, use our guided Device Data Collector Content generator or follow the steps in the Native iOS and Android SDKs article.
The standard workflow involves passing device information to the API the moment a user attempts an action to evaluate their risk instantly.
After configuring your environment, make your first evaluation request. This test validates your integration by confirming that your application can connect to the API, submit data for analysis, and receive the resulting response.