Evina Developer Portal

Welcome to the Evina developer portal. You'll find comprehensive guides and documentation to help you start working with Evina as quickly as possible, as well as support if you get stuck. Let's jump right in!

Fraud Definitions

2100 - Code Injection

Hackers are exploiting a flaw in the browser or the server to inject malicious code to end users. The injection can be done in different places, i.e. header, URL, etc.

How it could look like in real life: you click on a link and all the steps of the payment flow are clicked up automatically.

2200 - Malicious Apps

Application programmed to go through all the steps of the flow in place of the final user without notifying him.

How it could look like in real life: The user downloads an application on purpose, believing that it is a game (for example) and a subscription is processed in the background.

2300 - Clickjacking

The purpose of the hacker is to intercept the click, so the user believes that he has clicked on a specific button but in reality he did not and has clicked somewhere else.

How it could look like in real life: The payment page is transparent, and it is set up behind a page that is more interesting for the user, ie: funny kitten video.

2400 - Spoofing

The purpose of the hacker is to steal/usurp the network/sim identity of the user to make a payment on his behalf.

How it could look like in real life: The user uses a free VPN, sharing his connection, which will be used by fraudsters to perform subscription from other devices.

2500 - Remotely Controlled Fraud

As its name suggests, a fraudster takes control of the device via malware and uses this control for subscriptions.

How it could look like in real life: the user's phone is on the table and without touching it, the browser is launched and the purchase is made.

2700 - Replay Attack

A form of network attack in which a transmission is maliciously repeated by an attacker who has intercepted the transmission.

How it could look like in real life: Nothing is noticeable for the end user. Fraudsters tend to repeat the real end user flow.

2800 - Bypass Fraud

The fraudster deletes or blocks the script from the landing page hiding end users’ actions. He can also directly go to the URL post billing without making a click.

How it could look like in real life: The end user will “see” the page going directly from the landing page to the confirmation page.

Updated 6 months ago

Fraud Definitions

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.