Dynamics 365 Fraud Protection mobile SDK for iOS
This feature is designed and recommended for use with the Microsoft Dynamics 365 Fraud Protection service. Dynamics 365 Fraud Protection provides device fingerprinting that is based on artificial intelligence (AI); runs on Azure; and is cloud-scalable and reliable, and has enterprise-grade security. Fraud Protection's device fingerprinting feature enables the identification of devices (for example, computers, Xbox consoles, tablets, and mobile phones) across multiple sessions or interactions that engage with your business and other businesses in the Fraud Protection fraud network. Additionally, it enables Fraud Protection to link seemingly unrelated events to each other in the fraud network to identify patterns of fraud.
When you implement Fraud Protection device fingerprinting by instrumenting your iOS application with a Dynamics 365 Fraud Protection software development kit (SDK) for iOS, you agree to the terms of use for Microsoft application programming interfaces (APIs). You also direct Microsoft to process the following types of data from the devices that interact with the Fraud Protection services. (This data is collectively referred to as device fingerprinting data.)
- Device attributes, such as the device ID, screen information, the processor, and the class
- Operating system (OS) attributes, such as OS information, the OS version, and original equipment manufacturer (OEM) details
- Applicable browser-related attributes, such as the browser language and installed default apps
You have the following responsibilities:
- Receive consent from your users to collect and allow Microsoft to process the device fingerprinting data.
- Inform your customers about your data collection and processing practices. For example, disclose what data you collect and how it's used.
- Disclose your use of third parties that work on your behalf to process the data that you collect. These third parties include Fraud Protection service providers.
- Comply with all laws and regulations that are applicable to the use of Fraud Protection. These laws and regulations include data protection laws.
iOS technical reference
Minimum Deployment Target: 12.4
Install CocoaPods.
Create a new file that is named Podfile inside your project's root directory, and add the following statements to it. Replace YOUR_TARGET_PROJECT_NAME with the name of your Xcode project.
platform :ios, '12.4' target '${YOUR\_TARGET\_PROJECT\_NAME}' do use\_frameworks! pod ' FraudProtection', '$version' endInstall the pod by running the following command: pod install --repo-update
You can initiate the SDK in the AppDelegate class so that it can start to collect device attributes.
import FraudProtection FraudProtection.start(instanceId: $tenantId)In this code, tenantId is the globally unique identifier (GUID) or universally unique identifier (UUID) that is provided by Microsoft.
Send collected device attributes to Microsoft by calling send(). You can call send() in any UIViewController before or on the page that has the operation that you need a risk assessment for. For a sign-in/sign-up scenario, you can call send() immediately after start() in the base AppDelegate class.
import FraudProtection FraudProtection.send(pageId: $pageId)In this code, pageId is optional and can be set in the following way, depending on the scenario:
- SI – Sign In
- SU – Sign Up
- P – Purchase
- tst – Test
Call getSessionId() to obtain the SessionId value that is required when the risk assessment APIs are called.
import FraudProtection var sessionId = FraudProtection.getSessionId()
iOS runtime permissions
- The iOS SDK uses CLLocationManager, and checks for CLAuthorizationStatus.authorizedAlways or CLAuthorizationStatus.authorizedWhenInUse before it requests location data. The app should obtain CLLocationManager.requestWhenInUseAuthorization Or CLLocationManager.requestAlwaysAuthorization permission from the user.
- The iOS SDK uses AppTrackingTransparency and checks for ATTrackingManager.AuthorizationStatus.authorized before it collects AdvertisingId. The app should obtain ATTrackingManager.requestTrackingAuthorization permission from the user.
iOS additional references
Support
To log a support ticket, go to https://dfp.microsoft.com. (Global admin permissions are required.)