Device & Risk Data Collection

When you perform a server-to-server call to Fiant for an operation that must be risk-assessed, you need to use our SDK in the user facing App so it can collect device and network signals (IP address, device fingerprint, behavioral biometrics, etc.) used for fraud detection. This must be implemented for the following operations:

• User Onboarding or Assessment (only if not using our Elements)
• Deposits
• Withdrawals

1. Initialize the SDK

Option A — Provide your own sessionId (useful when your app already has an identifier for the user's current flow):

<script>
  window.ptiAsyncInit = async () => {
    PTI.init({
      clientId: "CLIENT_ID",
      ptiDomain: "api.dev.fiant.io",
      sessionId: "my-session-id"
    });
    await PTI.waitForDeviceData();
  };
</script>

Option B — Let the SDK generate one for you. If you don't pass a sessionId, the SDK auto-generates a UUID. You can retrieve it at any time after init() with PTI.getSessionId():

<script>
  window.ptiAsyncInit = async () => {
    PTI.init({
      clientId: "CLIENT_ID",
      ptiDomain: "api.dev.fiant.io"
    });
    await PTI.waitForDeviceData();
  };
</script>

const sessionId = PTI.getSessionId();

2. Use the sessionId when calling Fiant API

Once the flow is completed within your App, you will simply use thesessionIdas the value of the header x-pti-session-idwhen your backend does one of the following API calls to complete the desired operation:

• Create a Deposit
• Create a Withdrawal
• Create a User Assessment