Protect your business from fraud with Frame Sonar

Frame Sonar provides real-time fraud protection with no additional development or integration required. Using AI and machine learning, Sonar automatically evaluates every payment attempt for cards and bank accounts to assess fraud risk before transactions are processed.

Getting started

Sonar uses AI models to detect and block fraudulent transactions by evaluating signals from each payment. The more data your integration captures, the better Sonar can distinguish fraudulent payments from legitimate ones. Sonar aims to collect enough information for accurate risk assessment without adding friction to checkout.

Best practices

When submitting a payment to Frame, a customer is required. When creating a customer, provide as much data as possible, including their name, email address, billing address, and shipping address if physical goods are being shipped. Each customer object can store multiple payment methods, reducing friction at checkout. Sonar continues to track patterns for each customer regardless of which payment method they select.

Frame.js

Include Frame.js on every page of your site, not just the checkout page. This allows Frame to detect anomalous behavior as customers navigate your site, providing additional signals that improve Sonar's ability to detect fraud.

<script src="https://js.framepayments.com/v1/index.js"></script>

Always load Frame.js directly from https://js.framepayments.com. Using a local copy is not supported and can result in errors while significantly reducing the effectiveness of fraud detection.

Update your privacy policy

Sonar collects information on anomalous device and user behavior that may indicate fraud. Ensure your privacy policy discloses this type of data collection. If it doesn't, consider adding the following paragraph. This is not legal advice, please consult your legal counsel if necessary to ensure compliance with applicable privacy laws.

We use Frame for payment processing, analytics, and other business services. Frame collects information about devices that connect to its services and uses this data to operate and improve its services, including fraud detection. You can learn more about Frame and read its privacy policy at https://framepayments.com/privacy.

Integration steps

1. Set up Frame.js on your website

Include Frame.js on every page of your website. The simplest approach is to add the script reference in your site's <head> element, ensuring it loads automatically across all pages.

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>My Store</title>
  <script src="https://js.framepayments.com/v1/frame.js"></script>
</head>
<body>
  <!-- Your site content -->
</body>
</html>

2. Create a Sonar session from your client and send it to your backend

When you initialize Frame.js, a Sonar session is automatically created and stored in the browser's local storage. Retrieve this session ID and include it with your payment request to associate device and behavior data with the transaction.

// Initialize Frame
const frame = await Frame.init('pk_sandbox_your_publishable_key');

// Retrieve the Sonar session ID
const sonarSessionId = localStorage.getItem('frame_charge_session_id');

3. Send a Sonar session from your server to Frame

When creating a charge intent, include the sonar_session_id to link the transaction with the device and behavioral data collected by Frame.js. This enables Sonar to evaluate the payment for fraud.

curl -X POST https://api.framepayments.com/v1/charge_intents \
  -H "Authorization: Bearer sk_sandbox_your_secret_key" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 2999,
    "currency": "usd",
    "customer_id": "cus_abc123",
    "payment_method_id": "pm_xyz789",
    "sonar_session_id": "fps_sandbox_01H8X9Y2Z3A4B5C6D7E8F9G0H1",
    "description": "Order #12345"
  }'

4. Confirm your integration works

Verify your integration by checking that the sonar_session_id is present in the API response when creating a charge intent. You can also issue a GET request for the charge intent to confirm the Sonar session was successfully attached.