Security Features

The dtect Security API helps you gather valuable insights about your visitors, improving the quality of your survey data by returning a Security Result with checks that classify each visitor as good, suspicious, or bad.

dtect Score

Every visitor is assigned a dtectScore:

good: No bad or suspicious checks were triggered.

suspicious: At least one suspicious check was triggered, but no bad checks.

bad: At least one bad check was triggered.

Security Result

Category	Check	Variable	Description
🔴 Bad	Location Validation	`isLocationInvalid`	Verifies the visitor’s location by cross-referencing their IP address, device, and browser details. This helps detect if they are trying to mask their location.
🔴 Bad	Location Lock	`isLocationBlocked`	Uses the list of allowed countries (`countriesAllowed`) you provided to ensure the visitor is located in an approved location.
🔴 Bad	Device Deduplication	`isDuplicateDevice`	Identifies whether the visitor's device has already been captured in your project (`projectId`).
🔴 Bad	IP Deduplication	`isDuplicateIp`	Identifies whether the visitor's IP address has already been captured in your project (`projectId`).
🔴 Bad	Duplicate ID	`isDuplicateId`	Identifies whether the `visitorId` has already been captured in your project (`projectId`).
🔴 Bad	Automation Detection	`isAutomationDetected`	Indicates whether automation or bot-like behavior was detected.
🔴 Bad	Untrusted Browser / OS	`isUntrustedBrowserOrOS`	Flags browsers or operating systems used for fraudulent behavior.
🔴 Bad	IP Blocklist	`isBlockedIP`	Flags if the visitor's IP address is found in our threat intelligence blocklist.
🔴 Bad	AI Detection	`isAIUsageDetected`	Flags if AI tools or behavior patterns were detected during the session. The value will be `null` unless you call `.isAIUsageDetected()`
🔴 Bad	Quality Questions	`isQualityRejected`	Flags if the participant failed validation through quality questions. The value will be `null` unless you call `.checkQualityQuestions()`
🟡 Suspicious	VPN Usage	`isVpnDetected`	Flags visitors whose connection is routed through a VPN provider.
🟡 Suspicious	Device Tampering	`isDeviceTampered`	Detects evidence of device or browser tampering (e.g., spoofed user-agent).
🟡 Suspicious	Virtual Machine	`isVirtualMachine`	Indicates the session is running inside a virtual machine environment.
🟡 Suspicious	Dev Tools	`isDevToolsOpened`	Flags visitors with browser developer tools open.
🟡 Suspicious	Privacy-Focused Settings	`isPrivacySettingsEnabled`	Detects hardened or privacy-focused settings/extensions that block us from capturing browser details.
🟡 Suspicious	Tor Exit Node	`isTorDetected`	Flags traffic coming from Tor exit nodes.
🟡 Suspicious	High-Activity Device	`isHighActivityDevice`	Detects devices generating an unusually high volume of activity in a short time window.
🟡 Suspicious	Incognito Mode	`isIncognito`	Detects private/incognito browsing mode in the visitor’s browser.

Technical Reference

You will be able to get a Security Result using our Frontend SDKs or by sending a security token to Retrieve Security Result with Security Token.

Security Result

dtect Score#

Security Result#

Technical Reference#

dtect Score

Security Result

Technical Reference