Progress Update - 2021-02-09

Finished Task:

Android assess All fields, assess SiftScience SDK, prioritize collecting core fields
iOS finish collecting mandatory data
Web finish web-data-collector module

Next Action:

Create standard field naming conventions for Android, iOS and Web

Define description for each field, to handle case like iOS ID and Android ID have a similar purpose

iOS will start to implement the module
Web start to publish library and start implement it to payment selection page

Find out how to get keyboard language setting, might be located in user headers (example: Accept-Language: de,en;q=0.7,en-us;q=0.3)
IP Address could be collected from API request header, FE might be able remove this since it will be collected from BE.

Budi will assess additional information from browser like CanvasHashId, is it needed or not (refer to https://fingerprintjs.com/demo)
BE will define timeline and estimate effort to implement tracking and encrypt-decrypt processes.

Context:

SiftScience fields assessment result:

Installed Apps list field not available
Battery State (Enum Charging, Discharging)
Device ID and Android ID similar
Build Device & Build Fingerprint
There’s no DeviceFingerprint in apps, only in browser (Browser Fingerprint)

Fields collected from SiftScience still not enough for Fraud Platform
Some information already sent to our BE, e.g Device ID, IP and other client header
Android ID always changing after re-install,

iOS ID similar like Android ID, but it could be prevented using keychain (except factory reset)

Web: Only collect geolocation info if the permission is allowed (don’t ask geolocation permission in payment page)