Skip to main content
Session IDs are the key to linking device data collected by the Kount SDK with transactions in your backend system. Every data collection event generates a unique session ID that you pass to your server for fraud analysis.

What is a Session ID?

A session ID is a unique identifier generated by the Kount SDK that represents a single data collection event. Think of it as a “receipt” that proves device data was collected for a specific user interaction.
Session IDs are automatically generated by the SDK. You don’t need to create them manually.

Session ID Format

Session IDs follow a specific format validated by the SDK: 
Example: a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
  • Alphanumeric string (letters and numbers)
  • Typically 32 characters long
  • Unique for each collection event
  • Case-sensitive
Starting with version 4.3.1, the SDK includes improved regex validation and auto-generation for session IDs. If you pass null or an empty string to collectForSession(), the SDK automatically generates a valid ID.

How Session IDs Work

Here’s the complete flow of how session IDs connect your app to Kount’s fraud detection:

The Session Workflow

1

Collection Starts

When you call collectForSession(), the SDK generates a new session ID and begins collecting device data.
KountSDK.collectForSession(
    this,
    { sessionId ->
        // Use this sessionId
    },
    { sessionId, error ->
        // Handle error
    }
)
2

Data is Transmitted

The SDK sends the collected device data to Kount’s servers along with the session ID. This happens automatically in the background.
3

Session ID is Returned

Once collection completes, your success callback receives the session ID. Store this ID—you’ll need it for your backend.
var currentSessionId: String? = null

KountSDK.collectForSession(this, { sessionId ->
    currentSessionId = sessionId
    Log.d("Kount", "Session ID: $sessionId")
}, { sessionId, error ->
    Log.e("Kount", "Failed: $error")
})
4

Send to Your Backend

When the user submits a transaction (purchase, signup, etc.), include the session ID in your API request.
// Example: Submitting a purchase
val purchaseData = mapOf(
    "amount" to 99.99,
    "currency" to "USD",
    "kountSessionId" to currentSessionId
)

submitPurchase(purchaseData)
5

Backend Queries Kount

Your backend sends the session ID to Kount’s API along with transaction details. Kount returns a fraud risk score based on the device data.
# Example: Python backend
response = kount_client.inquire(
    session_id=request.json['kountSessionId'],
    amount=request.json['amount'],
    # ... other transaction data
)

if response.risk_score > 70:
    return "DECLINE"
else:
    return "APPROVE"

Retrieving Session IDs

There are two ways to get the current session ID: The most reliable way is to retrieve the session ID from the success callback: 
KountSDK.collectForSession(
    this,
    { sessionId ->
        // Session ID available immediately after collection
        sendToBackend(sessionId)
    },
    { sessionId, error ->
        // Handle failure - you can still get the session ID
        // even if collection partially failed
        Log.e("Kount", "Collection failed but session was $sessionId")
    }
)
Even if collection fails, you’ll receive a session ID in the failure callback. This allows you to proceed with your transaction and let your backend handle the risk assessment.

Method 2: Query the SDK Directly

You can also query the current session ID at any time: 
val sessionId = KountSDK.getSessionId()
Log.d("Kount", "Current session ID: $sessionId")
Timing matters: getSessionId() returns the most recent session ID. If you call it before collectForSession(), it may return null or an empty string.

Session Lifecycle

Understanding when sessions begin and end is important:
A new session is created every time you call collectForSession(). Each call generates a new, unique session ID.
// First collection
KountSDK.collectForSession(this, { id1 ->
    Log.d("Kount", "Session 1: $id1")
}, { _, _ -> })

// Second collection (later in the app)
KountSDK.collectForSession(this, { id2 ->
    Log.d("Kount", "Session 2: $id2")
    // id1 != id2 (different session IDs)
}, { _, _ -> })
Sessions don’t expire on the client side. Once created, a session ID remains valid until you create a new one. However, Kount’s servers may have their own time windows for accepting session data.
Consult your Kount integration documentation for server-side session expiration policies.
You can call collectForSession() multiple times in your app:
  • Once per transaction: Most common pattern
  • Once per screen: For apps with multiple transaction points
  • On-demand: When user performs high-risk actions
Each call creates a new session with a new ID.
Session IDs are not persisted across app restarts. If the user closes and reopens your app, you should collect a new session.
class MainActivity : AppCompatActivity() {
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        
        // Collect fresh session on app start
        KountSDK.collectForSession(this, { sessionId ->
            // Store in memory for this session
        }, { _, _ -> })
    }
}

Best Practices

One Session Per Transaction

Create a new session for each transaction or user flow. Don’t reuse session IDs across multiple transactions.
// Good: New session for each checkout
fun onCheckoutClicked() {
    KountSDK.collectForSession(this, { sessionId ->
        proceedToPayment(sessionId)
    }, { _, _ -> })
}

// Bad: Reusing the same session ID
val globalSessionId = "abc123" // Don't do this!

Store Session ID Temporarily

Store the session ID in memory (not persistent storage) until your transaction completes.
class CheckoutViewModel : ViewModel() {
    private var currentSessionId: String? = null
    
    fun startCheckout() {
        KountSDK.collectForSession(context, { sessionId ->
            currentSessionId = sessionId
        }, { _, _ -> })
    }
    
    fun submitPayment(amount: Double) {
        apiService.purchase(
            amount = amount,
            sessionId = currentSessionId
        )
    }
}

Handle Collection Failures

Even if collection fails, your app should continue. Let your backend decide whether to proceed based on the risk score.
KountSDK.collectForSession(
    this,
    { sessionId ->
        // Success - proceed with high confidence
        submitTransaction(sessionId, highConfidence = true)
    },
    { sessionId, error ->
        // Failure - proceed with caution
        Log.w("Kount", "Collection failed: $error")
        submitTransaction(sessionId, highConfidence = false)
    }
)

Include in All Risk Events

Send the session ID for any event that requires fraud assessment:
  • Purchases and payments
  • Account creation
  • Login attempts
  • Password changes
  • Address updates
  • High-value actions

Common Patterns

E-commerce Checkout

class CheckoutActivity : AppCompatActivity() {
    private var kountSessionId: String? = null
    
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        setContentView(R.layout.activity_checkout)
        
        // Collect session when checkout screen loads
        KountSDK.collectForSession(
            this,
            { sessionId ->
                kountSessionId = sessionId
                enablePaymentButton()
            },
            { sessionId, error ->
                kountSessionId = sessionId
                showWarning("Data collection incomplete")
                enablePaymentButton()
            }
        )
    }
    
    fun onPaymentButtonClick() {
        // Include session ID in payment request
        paymentService.processPayment(
            amount = cartTotal,
            kountSessionId = kountSessionId
        )
    }
}

Account Registration

class SignupActivity : AppCompatActivity() {
    
    fun onSignupFormSubmit(email: String, password: String) {
        // Collect session just before signup
        KountSDK.collectForSession(
            this,
            { sessionId ->
                // Submit signup with session ID
                authService.registerUser(
                    email = email,
                    password = password,
                    kountSessionId = sessionId
                )
            },
            { sessionId, error ->
                // Still submit, but with warning
                authService.registerUser(
                    email = email,
                    password = password,
                    kountSessionId = sessionId,
                    lowConfidence = true
                )
            }
        )
    }
}

Troubleshooting

Cause: getSessionId() was called before any collection occurred.Solution: Always call collectForSession() first, or rely on the callback instead of getSessionId().
Cause: The session ID may not have been transmitted to Kount’s servers yet, or there was a network failure.Solution: Ensure the success callback completes before submitting to your backend. Add retry logic for network failures.
Cause: Reusing the same session ID instead of creating a new one.Solution: Call collectForSession() for each transaction to generate a new session ID.
Cause: Manually creating or modifying session IDs (pre-4.3.1 SDK versions).Solution: Always use the session ID provided by the SDK. Upgrade to version 4.3.1+ for improved validation.

Next Steps

Data Collection

Learn what data is collected with each session

Integration Examples

See complete code examples for common scenarios

Backend Integration

Learn how to use session IDs in your backend

API Reference

Explore the complete SDK API documentation

Build docs developers (and LLMs) love

Get started for freeTalk to us