Forter

Forter

Enterprise fraud prevention platform used by fintech, insurance, and e-commerce companies. The Forter script assesses transaction risk in real time by analyzing device signals, behavioral patterns, and network intelligence — blocking fraudulent orders before they process.

Back to Vendor Library

Overview

Forter is an enterprise fraud prevention platform founded in Tel Aviv in 2013. It serves e-commerce retailers, fintech companies, insurance platforms, and marketplace operators, providing real-time approve/decline decisions on transactions, account logins, and account creations. Forter's platform processes billions of consumer interactions annually and maintains a shared fraud network — behavioral and device signals from one Forter customer's checkout are used to inform risk decisions across the entire Forter merchant network. This network effect makes Forter one of the most data-rich fraud prevention platforms in the industry. Its client-side script is present on checkout pages, login forms, and account registration flows of major retailers including Nordstrom, Sephora, and Priceline.

What This Script Does

Script Files and Domains

Forter's script loads from a customer-specific subdomain, typically formatted as {merchant-id}.forter.com or api.forter.com. Some deployments use a proxied endpoint on the merchant's own domain to avoid network-level blocking. The script filename is typically forter.js or a dynamically named variant. Telemetry data is sent to api.forter.com and events.forter.com via HTTPS POST requests with JSON payloads.

Device Fingerprinting Signals Collected

The Forter script performs a comprehensive device fingerprinting sweep upon page load:

  • Browser properties: userAgent, appName, platform, language, languages, cookieEnabled, doNotTrack, hardwareConcurrency, deviceMemory, maxTouchPoints
  • Screen: width, height, availWidth, availHeight, colorDepth, pixelDepth, orientation
  • Canvas fingerprint: Text rendering on a hidden canvas read as a pixel hash; reveals GPU driver and font rendering characteristics
  • WebGL fingerprint: RENDERER and VENDOR strings from the GPU, exposed via getParameter()
  • AudioContext fingerprint: Processes a sine wave through OfflineAudioContext to generate a device-specific audio rendering signature
  • Font probing: Measures rendered dimensions of test strings in known fonts to detect installed font set
  • Network: connection.effectiveType, connection.rtt, connection.downlink
  • Storage probing: Checks for localStorage, sessionStorage, IndexedDB, openDatabase availability
  • Plugin enumeration: Lists installed browser plugins and their MIME types

Behavioral Signal Collection

Beyond passive fingerprinting, Forter actively monitors behavioral signals during the page session:

  • Mouse trajectory: coordinates, velocity, acceleration, and direction changes across the entire page
  • Keyboard dynamics: key press timing, inter-keystroke intervals, key hold duration (used to detect auto-fill bots and credential stuffing scripts)
  • Touch events: touch start/end coordinates, pressure, and timing (mobile)
  • Scroll behavior: scroll speed, direction changes, pause patterns
  • Form interaction: time-to-first-keystroke, field tab order, copy-paste detection

Cookies and Persistence

  • forterToken — Forter's primary device identifier. Persistent cookie, typically 1-year expiry. Set on the merchant's first-party domain. Encodes a signed device identity token used for returning visitor recognition.
  • ftr_ncd — "New Customer Determination" cookie. Tracks whether this device has previously transacted on the site.
  • ftr_blst_1h, ftr_blst_24h — Short-lived blacklist flag cookies set when a session is flagged as fraudulent.

Risk Scoring API

Device signals and behavioral data are transmitted to Forter's scoring API, which applies machine learning models trained on the shared merchant network's historical fraud patterns. The API returns a real-time verdict: approve, decline, or not reviewed (requiring manual review). This verdict is typically consumed server-side by the merchant's payment processor integration.

Consent & Compliance

Category: Essential (fraud prevention)

Fraud prevention represents one of the clearest cases of legitimate interest and strict necessity under privacy law.

GDPR: GDPR Recital 47 explicitly identifies fraud prevention as a legitimate interest. Article 6(1)(f) permits processing without consent when necessary for a legitimate interest that overrides the data subject's fundamental rights. The proportionality test is satisfied when Forter operates only during transactional flows (checkout, login, account creation) where fraud risk is actively present. Forter's data processing agreement (DPA) positions it as a data processor acting on the merchant's instructions.

ePrivacy Directive: Article 5(3) exempts cookies "strictly necessary in order to provide an information society service explicitly requested by the subscriber or user." A user initiating a purchase has explicitly requested the checkout service; the forterToken cookie is strictly necessary to complete that fraud risk assessment as part of the requested service.

CCPA/CPRA: California Civil Code § 1798.145(a)(1) exempts fraud prevention from CCPA opt-out requirements. Forter's data collection falls under this security exception.

Best Practice — Scope Limitation: The strongest legal justification for Forter applies on transactional pages. If Forter scripts run on non-transactional content pages (e.g., blog articles, homepage), the necessity argument weakens. Limit Forter to checkout, login, account creation, and payment update pages for the cleanest compliance posture.

Should You Block This Without Consent?

No. Forter is an essential fraud prevention platform protecting transaction security. Blocking it would expose checkout flows to credential stuffing, carding, account takeover, and payment fraud. Fraud prevention qualifies as a legitimate interest under GDPR and a security exception under CCPA. Restrict the script to transactional pages to maintain the narrowest possible data collection scope.

Visit website

Consent Categories

Essential

Also Known As

Forter fraud preventionForter scriptdevice fingerprinting ecommerceForter checkoutfraud detection cookieForter GDPR

Industries

Programming and Developer SoftwareComputers Electronics and Technology

Tracked Domains (1)

forter.comEssential

Frequently Asked Questions

Does Forter fraud prevention require user consent?

No. Forter qualifies as strictly necessary under ePrivacy Article 5(3) for transactional pages. GDPR Recital 47 identifies fraud prevention as a legitimate interest. CCPA Section 1798.145(a)(1) explicitly exempts fraud prevention from opt-out requirements, so no consent gate is needed.

What signals does the Forter script collect?

It collects canvas, WebGL, and audio fingerprints; navigator, screen, and network properties; and behavioral signals including mouse trajectory, keystroke timing, scroll patterns, and form interaction sequences. These generate a real-time risk verdict used to approve, decline, or flag the transaction.

How does ConsentStack treat Forter on checkout pages?

ConsentStack classifies Forter as an essential vendor and allows it to load without consent. For the strongest compliance posture, ConsentStack recommends limiting Forter to transactional pages — checkout, login, and account creation — rather than running it site-wide, keeping data collection proportionate to the security purpose.

Related Vendors

Firebase
Firebase
Firebase is Google's mobile and web application development platform offering authentication, real-time database, cloud functions, and analytics. Web SDK scripts initialize Firebase services and may track app events via Firebase Analytics, which is powered by Google Analytics 4. Widely used in single-page apps and PWAs for backend infrastructure and usage tracking.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Google Tag Manager
Google Tag Manager
Google Tag Manager is a tag management system that lets marketers deploy and update analytics and marketing scripts without code changes. The GTM container script loads synchronously in the page head and injects configured tags, triggers, and variables on behalf of other vendors. No data collection of its own — acts as a loader for other scripts.
Google Fonts
Google Fonts
Google Fonts is a free font hosting service that serves hundreds of typeface families via a global CDN. Stylesheets and font files load from fonts.googleapis.com and fonts.gstatic.com to deliver web fonts to visitors. No advertising or tracking functionality is included.
reCAPTCHA
reCAPTCHA
Google reCAPTCHA is a bot detection and spam prevention service protecting web forms, login pages, and checkout flows. Scripts analyze user behavior, mouse movements, and browser fingerprints to distinguish humans from bots. The invisible reCAPTCHA v3 scores interactions without requiring user challenges.
Sign in with Google
Sign in with Google
Sign in with Google is an OAuth-based authentication service that enables users to log into websites using their Google account credentials. Scripts load the Google Identity Services library, display sign-in buttons, and handle token exchange for secure authentication. Stores session tokens and authentication cookies to maintain login state across page visits.

Manage consent for Forter

ConsentStack automatically detects and manages Forter trackers so your site stays compliant with global privacy regulations.

Get started free