Incognia Onboarding

Incognia enables real-time address verification for streamlined mobile onboarding, resulting in increased account conversion and reduced application fraud. It leverages device intelligence and anonymized location behavior to deliver highly precise address verification for frictionless onboarding.

Incognia’s lightweight mobile SDK and intuitive APIs are easy to integrate, can be used alone or as an input into existing risk engines, and provide financial services and mcommerce applications with actionable intelligence from day 1.

Incognia supports mobile identity verification processes by leveraging device intelligence and location behavior to deliver highly precise address verification. This guide details how to use Incognia at new account onboarding in combination with Auth0, by installing both SDKs into your mobile app and activating a custom rule to communicate to Incognia servers.

As soon as your app starts, the Incognia SDK must be initialized. When the new user starts the sign up your app gets the Installation ID (provided by the SDK) to pass them through Auth0 as a custom parameter. Your app then initiates an authentication request to Auth0.

When executed, the Incognia Auth0 Rule communicates with the Incognia Onboarding API to gather the risk assessment for both the new device and user provided address. The default Rule relies on the existence of a home_address property on the user_metadata with the user mailing address. You can customize the rule to change the source of the address.

Prerequisites

• An Auth0 account and tenant. Sign up for free.
• An Incognia account. Sign up here.
• A mobile app to install the Incognia SDK. The app must ask the user for location permission. Foreground location permission is mandatory and background is preferred.

Add the Auth0 Rule

Please note: Selecting any of the three buttons on the Edit Rule screen will save and activate the Rule. After you install the Rule, Auth0 will skip it until you add the required configuration (explained below).

1. Select Add Integration (at the top of the page).
2. Activate the integration by selecting Save Changes.

To learn more about testing and debugging Rules, see Debug Rules.

Configure the Auth0 Rule

Note: Once you add the required configuration below, Auth0 will process all logins for your tenant using this Rule. Before activating the integration in production, please make sure you have configured all components correctly and verified on a test tenant.

1. Go to Auth0 Dashboard > Auth Pipeline > Rules.
2. Check the tenant name (on the top right of your screen).
3. Scroll down and locate the Settings section.
4. Add the following keys (to learn more, see Rules Configuration):

Required:

• INCOGNIA_CLIENT_ID: The client ID obtained from Incognia's dashboard (My Apps > API Credentials)
• INCOGNIA_CLIENT_SECRET: The client secret obtained from Incognia's dashboard (My Apps > API Credentials)

Optional:

By default, the Incognia Rule grabs the user address from user_metadata.home_address. Optionally, you can customize the name of the property that holds the user address by changing the INCOGNIA_HOME_ADDRESS_PROP configuration.

Also, in case you chose Brazil as the country when signing up at Incognia, please set the INCOGNIA_REGION configuration to br. Otherwise, don't mind filling this property.

Integrate the Incognia mobile SDK

Incognia relies on a SDK that collects device and location behavior (Wi-Fi and GPS scans). Integrating the SDK gives you access to an Installation ID, which is used to interact with the Incognia APIs. Learn how to integrate the SDK by accessing the Auth0 partner page.

Using the Incognia risk assessment

The risk assessment result is made available on the app_metadata user metadata property, which is accessible to downstream applications. You can either access it from other Rules or via the Management API. For suggestions on how to use the Incognia risk assessment, visit the Auth0 partner page.