Web SDK

Credolab Web SDK is a JavaScript library that tracks and captures user behaviours and browser metadata on web pages to collect data used to calculate scores and insights.

Credolab Web SDK variations


Versions

Dependency NameVersion
@credolab/credoapp-sdk4.8.0
@credolab/credoapp-iovation-sdk4.8.0

Libraries

Common SDK

The list below shows the data collected by the common library.

Category

Definition

BehavioralData

Metadata related to the user's behavior on the website.  We collect 3 event type categories: keyboard, input, and pointer event.  An event type matching each user's action is recorded along with its time, event details (key type, mouse coordination), input details (if any), and DOM element information.

BrowserInfo

Metadata related to the user's browser/device information, such as operating system, browser type, and screen details.

DOM

Metadata related to Document Object Model. This information describes all available objects on the webpage (input fields, buttons, etc).

GeneralInfo

Metadata related to the SDK and other miscellaneous details such as data collection time and SDK version.

TracingInfo

Metadata related to the user's behavior while touching the screen with a finger or stylus. Represents every finger used during one event

Permissions

Metadata related to the permission statuses of the browser within a particular web page

Common SDK with TruValidate (formerly Iovation)

TruValidate (formerly known as iovation) is a part of the credolab's SDK, which runs analyses of the digital footprint based on fraud prevention rules. If the device and/or account are already known, it checks for any confirmed fraud and abuse history. Based on this risk assessment, the functionality returns a recommendation to allow, review, or deny the transaction.

Credolab SDK with the TruValidate feature fulfils a multi-domain recognition that employs scripts from both your domain (the First-party domain) and TruValidate's domain (the Third-party domain). Including scripts from both of these domains allows TruValidate to:

  • Third-Party JavaScript
    Share fraud history for devices and accounts across the network of TruValidate’s subscribers
  • First-Party JavaScript
    Collect device information for users whose browsers are configured to disable third-party JavaScript or to block the TruValidate domain.

Credolab will provide a script for you to include on your website. This script will load the appropriate resources from both sets of domains. The components loaded by the script are dynamically generated and, therefore, not included within the script provided, nor should they be directly included on your page.

The dynamic first-party script can be retrieved by setting up a reverse proxy to get the files from the TruValidate-hosted server.

🚧

Flutter Web

The SDK can track events that occur on the UI. However, due to the Flutter web rendering process, SDK is unable to recognize the elements where these particular events take place. As a result, the DOM area doesn't contain the actual list of elements with which the user interacts.