Security Checks documentation
This document contains the technical specifications to use Opticks Security Checks via Server to Server integration. For further clarifications feel free to reach us at tech@optickssecurity.com
Please contact your account manager if this feature is of interest.
Use case
This Security Checks system provides advanced security enhancements by adding a Server to Server check to the conversion flow by validating the checks performed on client side by OpticksJS or Opticks Firewall. It is a complement to the client side analysis, and has to be seen as a final validation phase before accepting a conversion event as valid.
The integration consists of performing a HTTP GET request whenever an intent to convert is detected. This check must be implemented strictly server to server and never on the client side. The ideal case for this implementation is to be performed the closer to the billing moment the better.
HTTP Request format
Example GET request to Opticks servers:
GET https://api.optickssecurity.com/analysis/find?id=opticks_identifier
Content-Type: application/json
Authorization: api-key
The request must include the Content-Type header set to application/json, as well as the Authorization header with the API key. API keys can be obtained via Opticks Back Office, and are easily invalidable.
HTTP Responses format
Ultimately, the Opticks response will provide the score of the visit and if the intent of subscription must be accepted or declined.
Analysis not found or timed out In case that Opticks is not able to find the transaction, the response will be the following:
HTTP/1.1 204 No Content
Date: Tue May 22 17:40:17 2018
If this is the case, it means that:
-
Opticks couldn’t match an analysis to any visit identified by the provided id and it should be treated as high risk.
-
The analysis is older than 30 minutes and has expired.
Analysis found
In case the analysis is found you will receive the following payload:
HTTP/1.1 200 OK
Date: Tue May 22 17:40:17 2018
Content-Type: application/json
{"analysis": {"level": "low","detections": [{"group": "Proxy Traffic","triggers": ["Hosting/CDN proxy"]}, {"group": "Harmful applications","triggers": ["Offer not rendered"]}]},"invalidClickReasons": ["offerNotRendered"], "opticksId": "track_20200528123016_7d53b47f_279f_42cc_8e52_2990aecf532b", "ts": "1590669016842","version": 3,"inTarget": "true", "ip": "80.24.9.30","delivered": "true", "fallbackUrl": "null"}
The response payload consists of a JSON encoded data, with the following relevant attributes:
| Field | Description |
|---|---|
| analysis | Object containing: *level: risk level defined as: “low”/”medium”/”high” *detections: struct containing information of each detection found |
| invalidClickReasons | Array containing each invalid reason in a different string if a security configuration is applied and Traffic Control is enabled. The array will be empty if no security configuration is applied or Traffic Control is not enabled |
| opticksId | The unique identifier generated by Opticks for this visit |
| timestamp | The UTC timestamp expressed in milliseconds indicating when the visit was analyzed by Opticks |