Antifraud In Focus: SEON
Lets cut the bullshit. Were kicking off a new series called "Antifraud In Focus." Were gonna rip apart the top
antifraud systems piece by fucking piece. Why? Because
knowledge is power and if youre gonna try to outsmart these bastards you better understand how they tick.
Every
antifraud provider has its own damn territory.
Forter is sniffing around luxury retail
Riskified has its claws in the travel industry and today were putting
SEON under the microscope – a name that makes online gambling and crypto exchange operators shit their pants. Knowing their turf is crucial; its like knowing the layout of a bank before you rob it.
What the Fuck is SEON?
SEON emerged from the crypto chaos cooked up by some guys who were fed up with getting ripped off on their own exchange. These guys arent just checking if your card is hot; theyre all about
data enrichment. Theyre the digital equivalent of a stalker digging into your email phone IP and device to build what they call a "
trust score."
How Seon Operates:
1. Data Enrichment and Transaction Assessment:
SEON is that creepy ex who knows your entire life story. They conduct a full-blown investigation into your digital identity zeroing in on:
- Email history and social accounts: How old is your email? Does it have a Facebook or Instagram profile attached? A brand-new email with no social links is a surefire way to pump those risk scores. SEON loves old emails with a history of legit use. Lots of active social profiles linked to the email? You look more legit. Been in a breach? Believe it or not thats a good thing. It means your email isnt fresh out of the oven. Gmail or Outlook? Good. Some temporary email service? Bad.
- Phone number and linked profiles: Is your number legit? Can it be traced back to online accounts? A burner phone with no history is a red flag.
- IP address quality and hosting type: Are you using a clean residential IP or some shitty datacenter proxy? SEON checks your IPs reputation and whether its been linked to shady shit. Datacenter IPs raise eyebrows. Clean residential IPs are your best friend. Trying to hide your real IP? SEONs got a knack for detecting that shit. IP in one country billing address in another? Thats a red flag. IPs with a history of fraud are flagged.
- Device fingerprinting: Whats your device setup? Trying to hide something? SEON analyzes your browser OS and hardware. Weird configurations or masking attempts trigger alarms. A consistent normal setup blends right in. Common consistent setups are good. Consistent specs across sessions build trust. Frequent changes or spoofing? Red flag. SEON uses Canvas/WebGL fingerprints to track devices. Messing with them makes you look suspicious. VPNs proxies etc. can trigger alarms. Theyre often used to hide your true location and identity.
2. Scoring Engine: Every transaction gets a fraud score from 0 to 100. This score determines your fate:
- APPROVE (low risk): Youre in the clear. Aged email consistent device clean IP – you look like a regular Joe.
- REVIEW (manual check): Somethings fishy. Maybe a newish email or a slightly dodgy IP. A human will take a closer look.
- DECLINE (high risk): Youre toast. Brand-new email suspicious IP and a device that screams "fraudster." SEONs got your number.
SEONs logic is simple: legit people build a digital footprint over time. They have old social media accounts use the same devices and do normal shit online. Fraudsters? They use
fresh emails burner phones and try to cover their tracks.
SEON spots these inconsistencies. A real person leaves a trail of digital breadcrumbs. A fraudster is a ghost popping up out of nowhere with a fake identity.
SEONs job is to separate the ghosts from the real people.
Beating the System
If youre targeting a site protected by
SEON you need a multi-pronged attack. Youre not just trying to push through a transaction; youre crafting a believable digital persona. Heres the playbook:
1. Email Preparation
- Use aged email accounts: A couple of months old the older the better.
- Connect multiple social media accounts: Active and varied profiles. Make them look real for fucks sake.
- Ensure legitimate activity history: Newsletters sent/received emails – make it look like a real inbox.
- Avoid free/disposable email providers: Stick to Gmail Outlook or Yahoo.
2. Device Setup
- Avoid privacy tools and VPNs: Use a clean setup.
- Use common browser configurations: Dont over-spoof. Blend in with the sheep.
- Dont modify canvas/WebGL fingerprints: Keep them consistent and natural.
- Maintain consistent device profiles: Dont switch devices or configurations like you change your underwear
3. IP Selection
- Use clean residential IPs: Less likely to be flagged.
- Ensure IP location matches billing: Discrepancies are a huge red flag.
- Avoid IPs from known proxy services: SEONs got a list and theyre checking it twice.
- Maintain consistent IP throughout session: Dont switch IPs mid-transaction.
Understanding SEONs Rules
isnt some static piece of shit. It uses three types of rules:
1. Default Rules: These are the pre-configured rules based on known fraud patterns. Think of them as the basics like detecting disposable emails and known proxy IPs.
2. Custom Rules: These are tailored by the merchants. Theyre specific to each site and their unique fraud challenges.
3. Machine Learning Rules: This is
SEONs AI. These rules adapt in real time learning from new data. Even if you crack the default and custom rules the ML rules are a moving target.
SEONs machine learning models retrain multiple times a day. A tactic that works today might get flagged tomorrow. You need to constantly adapt monitor your success rates analyze declines and adjust your game plan. Its a damn game of cat and mouse.
Sneak Peek to An Actual SEON Panel
Lets talk about
SEONs panel the dashboard where all the juicy data is displayed. This thing is a fucking treasure trove of information for anyone trying to understand how
SEON operates. Heres a glimpse of what you can find with screenshots from yours truly:
Transaction Details
- Transaction Summary: Gives you the lowdown on each transaction including ID score user ID amount date and status. Actual images:
- Fraud Score Breakdown: Shows the individual scores for email IP phone and device as well as the overall fraud score.
- Identity: Details about the user including registration score full name username email password hash registration date and merchant ID.
- Addresses: Users address and IP geolocation.
- Devices & OS: Information about the device used in the transaction including device hash browser hash OS browser and device type.
- Phone Information: Phone number details including carrier country and social media profiles linked to the number.
- Email Information: Email address details including domain data breaches and social media profiles linked to the email.
- IP Information: IP address details including location type ISP and whether its a proxy or VPN.
- User Revenue: Tracks the users deposits withdrawals and revenue.
Actual Images:
Customer Connections
- Shows connections between users based on IP address phone number user address password hash browser hash device hash cookie hash and email address.
Activity
- Provides a timeline of user actions such as account logins with details like score action type amount IP address and device hash.
Raw Log
- Displays the raw JSON data sent to SEON for each transaction.
Alerts
- Lists alerts triggered by suspicious activity such as multiple users with the same IP address within a day.
Cases
- Provides a summary of fraud cases including case ID assigned analyst priority creation date affected amount linked transactions linked customers and alert triggers.
Manual Lookup
- Allows manual lookups for email addresses phone numbers IP addresses card BINs and AML information.
Scoring Engine
- Displays statistics on applied rules including rule ID name times triggered and approval/review/decline percentages.
- Shows a confusion matrix with the outcomes of SEONs decisions (approve review decline).
- Lists default rules custom rules and machine learning rules.
Conclusion
SEONs power comes from verifying digital legitimacy. Its not just about a valid card; its about a believable digital identity. Focus on building trusted digital profiles. A high-balance card with a fresh email will likely get you screwed. A smaller transaction from an established digital identity has a much better chance.
To pump up your emails trust create various social media accounts linked to it. Think of it like giving your email a fake ID that actually works. Make it look like a real person uses it not some throwaway account. This helps build a credible online presence like a digital disguise.
SEON is playing the long game looking at historical patterns and digital footprints. Your success depends on building and maintaining legit-looking digital profiles. Its a damn battle of digital attrition and only the most persistent will survive.
Stay tuned for the next installment where well dissect another major antifraud player. Each system has its quirks and weaknesses and well keep digging into them. Stay sharp you bastards.
