Risk SDK for Web
Overview
This SDK integrates solutions from Checkout and Forter, two leading risk management providers, to collect user device information on merchant websites and submit risk data via OpenAPI during order creation.
It helps build a multi-layered intelligent defense system for your business. Checkout acts like a “device fingerprint detective,” identifying device-level risks (e.g., virtual machines, cheating tools) and preventing automated or repeated attacks. Forter acts like a “behavior analyst,” analyzing user behavior patterns in real-time using a global identity graph to accurately distinguish legitimate users from fraudsters.
By combining both, the SDK can significantly reduce fraud (such as carding or reward abuse) while minimizing false positives for genuine users, improving approval rates, and maximizing transaction revenue without compromising security.
Core functions
- Device fingerprint collection – Generates a unique device identifier (
deviceSessionId) via Checkout. - Risk behavior analysis – Generates a risk analysis token (
forterToken) via Forter.
Integration example
<!-- sandbox -->
<script src="https://ramptest.osl-pay.com/js/op-risk.min.js"></script>
<script>
// initialization pay deviceSessionId
async function getDeviceSessionId() {
try {
await OSLPayRisk.initDeviceSession();
const sessionId = OSLPayRisk.getDeviceSessionId();
console.log(sessionId);
} catch (error) {
console.log(error);
}
}
getDeviceSessionId();
// initialization forter token
async function initForterToken() {
try {
await OSLPayRisk.initForterToken();
const forterToken = OSLPayRisk.getForterToken();
console.log(forterToken);
} catch (error) {
console.log(error);
}
}
initForterToken();
</script>
<!-- production -->
<script src="https://ramp.osl-pay.com/js/op-risk.min.js"></script>
<script>
// initialization pay deviceSessionId
async function getDeviceSessionId() {
try {
await OSLPayRisk.initDeviceSession();
const sessionId = OSLPayRisk.getDeviceSessionId();
console.log(sessionId);
} catch (error) {
console.log(error);
}
}
getDeviceSessionId();
// initialization forter token
async function getForterToken() {
try {
await OSLPayRisk.initForterToken();
const forterToken = OSLPayRisk.getForterToken();
console.log(forterToken);
} catch (error) {
console.log(error);
}
}
getForterToken();
</script>If your website enforces a Content Security Policy (CSP) header, please allow the following directives:
connect-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.com https://*.forter.com
frame-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.com https://*.forter.com
script-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.com https://*.forter.com
SDK methods
| Method | Description | Return value |
|---|---|---|
| initDeviceSession() | Initializes and obtains the deviceSessionId | Promise<void> |
| getDeviceSessionId() | Retrieves the deviceSessionId | `string |
| initForterToken() | Initializes and obtains the forterToken | Promise<void> |
| getForterToken() | Retrieves the forterToken | `string |
Updated 3 days ago