Identifying Jailbroken iPhones/rooted Android Phones To Stop Fraud

Award-winning mobile SDK enhancements identify jailbroken and rooted devices, expose location and device/operating system mismatches

October 28, 2014

3 Min Read


PORTLAND, Ore – Oct. 29, 2014 – iovation, the trusted source for mobile and online fraud prevention, launched an updated solution for identifying and preventing fraudulent mobile transactions while improving mobile user experience. The iovation Mobile Software Development Kit (SDK) leverages the world’s largest device behavior database to determine the trustworthiness of transactions conducted from iOS or Android phones and tablets.  Originally launched in 2010, the Mobile SDK was recently named the Most Innovative Online Product at the 2014 Retail Fraud Awards, the UK’s biggest loss prevention networking event featuring more than 80 percent of top 250 retailers.

“We expect mobile traffic to continue increasing and for fraud to follow,” said iovation’s Vice President of Product, Scott Olson. “That’s why it’s so important for app developers to have an SDK that doesn’t interfere with user experience but can detect fraud risk in real time.”
New features of the iovation Mobile SDK include:
·       Identifying jailbroken iOS or rooted Android devices. Jailbroken and rooted devices are more often the source of risky transactions.
·       Capturing location through IP address, network-based information and GPS data. The location services can be used to expose mismatches between reported time zone and location, long distances between transactions made in a short period of time, and other location-based anomalies.
·       Detecting transactions that are originating from virtual machines or emulators. These are tools that allow fraudsters to run mobile applications in a virtualized and controlled mobile device environment. iovation has found that the use of either suggests a higher risk of fraud.
·       Discovering mismatches between operating system versions and handsets/tablets, and mismatches with the app and orientation of the device. These both correlate to increased fraud risk.
·       Determining if a mobile device has already authenticated for an app so it doesn’t have to re-authenticate. By skipping this step, good customers can access an app without friction the second time while still maintaining a high level of security.
In a recent report, iovation determined Android apps are more likely to produce high-risk transactions than iOS apps. The iovation Mobile Fraud Trends and Impact Report found 0.41 percent of transactions on mobile websites and 0.32 percent of transactions coming from mobile apps were considered high risk on Android devices. On iOS devices, iovation reported 0.28 percent of transactions on mobile websites and 0.08 percent of mobile app transactions were considered high risk.

For more information about iovation’s Mobile SDK, go to
About iovation
iovation protects online businesses and their end users against fraud and abuse through a combination of advanced device identification, shared device reputation and real-time risk evaluation. More than 3,000 fraud managers representing global retail, financial services, insurance, social network, gaming and other companies leverage iovation’s database of 2 billion Internet devices and the relationships between them to determine the level of risk associated with online transactions. The company’s device reputation database is the world’s largest, used to protect more than 10 million transactions and stop an average of 200,000 fraudulent activities every day. The world's foremost fraud experts share intelligence, cybercrime tips and online fraud prevention techniques in iovation's Fraud Force Community, an exclusive virtual crime-fighting network. For more information, visit


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights