Getting started

Knytify allows you to assess the quality of your visitors, by analyzing their devices and behavior.

First, you will need to choose an integration method.

Then, you will be able to analyze the indicators of the visitors.


We provide the following integration methods:

  • I want to protect my website. You can proceed to the regular integration.
  • I want to protect my e-commerce. Instead of the regular integration, you can simply use one of our available plug-ins.
  • I want to protect my advertisement campaign. We aim to provide support for this in the future.

Regular integration

This page explains the necessary steps to perform the regular installation of Knytify. If you are using a content management system (prestashop, shopify...), you can instead install one of our plug-ins.

Knytify Global Integration Overview

Authorize the domain

The first step is to make sure to have an account in Then, you will need to get a subscription, and finallly, authorizing your website domain(s):

Knytify Global Integration Overview

In this same page, once added a subscription and a domain, you will be able to configure your per-domain capping limits.

Note: all the sub-domains will be automatically authorized.

Front-end integration

Knytify uses a Javascript tag in your website(s), which communicates with our API to keep track of your visitors and what they do. This is an invisible process, and it only requires the installation and initialisation of the tag in your pages.

The minimal installation is as follows:

<script src=""></script>

If you want to perform custom actions depending on the visitor score, you should continue reading the back-end integration.

Note: the tag will only work in https websites

UTM Configuration

You can configure your UTM campaign in order to compare them, as follows:

<script src=""></script>
    "utm": {
      "utm_source": "test_source",
      "utm_medium": "test_medium",

The campaign name and ID are optional, but we recommend setting at least one of these.

Back-end integration

At this point, we already can score your visitors, but in order to react, you still need to retrieve the score in you back-end. To do that, you need to install a proxy in your server.

This proxy will be performing two tasks:

  1. Call our prediction API.
  2. Storing the score, so it can be used in other moment (for insance, at check-out).

We provide an example for a php website. PHP stand-alone file.

Note that in this example, the score is responded by the proxy. The recommended use is, however, instead storing it in the server (in memory, such as $_SESSION, or in a database), and to perform all conditional operations server-side.

Once put the file in your webserver, then you can configure your knytify.init() method:

<script src=""></script>
    endpoint: '/path/to/proxy.php'

You can now use the prediction with the API

This must be done in the server-side for two main reasons:

  • Authentication. The prediction is performed with your Api-Key, which is private.
  • Content delivery. The only real way to protect a particular content from being accessible to anyone, is not sending it at all from your server.


We aim to provide Plugins for most common e-commerce platforms, such as Shopify or Prestashop.

Prestashop 1.7.5 - 1.7.9

We provide a Prestashop plugin which will get you started really fast.
Enabling this plug-in will authorize your website with Knytify and start analyzing your visitors.
In the incoming versions, the plug-in will allow to configure a captcha or custom actions whenever an undesirable visitor is in your website.

Download it now

  • The visitor scoring API route, see here.
  • The dashboard global analytics, see here.
  • The advanced statistics table, see here.


We have a set of final indicators in the range of [0-1] that comprehend many smaller tests under the hood.

Even though it is invisible for the user, it might be important to understand that we have three types of scorings that we combine to give the final scores:

  • Immediate scorings.. These indicator scorings are created immediately upon the retrieval of the visitor payload. For instance: inconsistent/crafted device information.
  • In-Session scorings.. A few particular indicators might change during the user session, and only during it. For instance: automated behavior, flooding, manipulated requests.
  • Long-Term Fingerprinted scorings.. The long-term scorings represent the previous two types of scoring, except that they do not depend directly on the visitor payload, but on muliple carefully chosen fingerprints of the visitor browser, operating system, device and network.

At the same time, these scores use different weights:

  • Confidence. We assess how sure we can be that a single feature is actually present in the visitor.
  • Importance. We consider the contribution of each single feature detected to the final indicator.
  • Temporal weight. We use time intervals so that older fingerprints have less value.
  • Spatial weight. IP fingerprint has less significancy than a device-based fingerprint.

These weights are as well invisible to the user, as it is our job to keep them balanced. The final set of indicators that we provide is ready to use.

Indicator types

These indicators are live:

Name (as in the API) Description
manipincons Inconsistent/manipulated browser or device.
repetitive In-session repetitive patterns across pages.
botbehavior General bot behavior.
anonnet Visitor using anonymizing VPN, proxy or practices.
blacklistip IP associated with attacks or abuses.
flood Either session-related flood or IP-related flood.
botsig Direct detection of automated browser.
manippayload Manipulated request body.
maniprequest Manipulated request alternative ways.
anonbrowser Visitor configured his browser not to be tracked.

These are under development:

Name (as in the API) Description
anonmail Spam or one-time e-mail detected in some form.
spamclick The visitor, bot or not, spams too many clicks.
blacklistref Referer domain or IP is blacklisted.
toofastpay Payment request are too fast
multiaccount We detect the user using different e-mails or usernames in the same forms.

Scoring visitors

We currently provide the following methods to analyze your results

  • The visitor scoring API route, see here.
  • The dashboard global analytics, see here.
  • The advanced statistics table, see here.
  • Downloadable reports (In development)

Prediction with the API

You can use our API route to retrieve the indicator scores for a particular session.

Allow the Authenticated User to update their details.


URL :{session_id}

  • Parameter session_id : The session id as the JS tag sends it to your backend integration end-point. Example: UXRgMMgFunLqDjipAi42FA.1681735217

Method : GET

Header constraints : Api-Key: (your api key)


Code : 200 OK



Dashboard analytics

In the Dashboard you can have in a fast glimpse the evolution of your visitors fraud propensity.

Fraud Global Overview

The dashboard provides also an easy way to understand which types of fraud these are happening in your business, as well as in which devices and countries.

Fraud Classifications

If you have configured an UTM campaign, you will also have in the dashboard a comparison of the fraud amount between the campaigns and sources.

Fraud UTM

Advanced stats

In the advanced stats section, you can explore most of the value of the data, and group it as you prefer. For instance, you can pick only "Fraud Reason", and set "Weekly" interval, or make a different request:

Advanced Stats