Skip to main content

SEON

Active competitor

Fraud + AML platform combining 900+ first-party signals. IP-only geolocation — not compliance grade. New IDV product launched Jan 2026, unproven.

seon.iomaxim.mosinVerified 1mo ago
Compare
USEUUKGlobalFintechiGamingE-commerceCryptoPayments#new-verticals#p0#fraud#aml#kyc#ip-only-geo#behavioural-biometrics#compete

Detection scorecard

How SEON handles every spoofing technique we test for. Click any cell for findings.

Full matrix →
  • Detected
  • Partial
  • Missed
  • Not tested
CompetitorVPNProxyRemote accessFake GPS appGPS spooferEmulatorDevice farmJailbreak / RootResigned / tampered appSideload (PlayCover)Browser extensionMITM / replayTor

Strongest findings

Failed and partial test outcomes ranked for sales impact — what to lean on in a call.

No findings yet

Once tests land in updates/ with an outcome, they'll surface here.

All findings

Test results and intel tagged to SEON.

Operator
Threat
No findings on file for this competitor yet.

Battle card

Talking points for a live sales call.

SEON (Austin, TX; founded 2017 by Tamas Kadar + Bence Jendruszák in Budapest) is a fraud + AML compliance platform built API-first around 900+ first-party risk signals — digital footprint (email/phone/social), device intelligence, behavioural biometrics, IP geolocation, transaction monitoring, AML screening. The wedge is pricing + breadth of fraud signals + 14-day average integration. **Priority: P0** in the new-verticals competitor set. SEON's growth (80% APR growth in 2026, $80M Series C September 2025 led by Sixth Street Growth, $187M total raised) makes them a credible threat in fintech and iGaming evaluations where buyers are consolidating fraud + AML + IDV under one vendor. **The structural gap is geolocation.** SEON's location signal is IP-only — they themselves acknowledge that IP-based geolocation "should be taken with a grain of salt" (their own docs). For compliance-grade jurisdictional enforcement — particularly OFAC and state-licensed gaming — IP is insufficient. A user behind a residential VPN passes SEON's location check; GeoComply flags them.

Watch out for

  • Unified platform: fraud + AML + IDV + transaction monitoring in a single API — strong consolidation argument for buyers tired of point solutions.
  • Speed: 14-day average integration with a no-code rules engine. Fraud analysts can build rules in dashboards without engineering tickets.
  • Signal breadth: 900+ first-party signals across email, phone, IP, device, and behavioural data.
  • AI investment: 'AML Screening Agent' (cross-references customer info against multiple sources), explainable risk scoring, no-code rules engine.
  • Premium customer base: Revolut, Plaid, NuBank, Afterpay, Spotify, Entain, Lottoland, Bilt, Rank Interactive.
  • Strong commercial trajectory: 80% APR growth in 2026, $187M raised.

How we win

  • IP-only geolocation — not compliance-grade. Their own documentation says IP-based geolocation 'should be taken with a grain of salt' (variance by ISP; mobile IPs especially unreliable).
  • No GPS spoofing detection. No multi-signal (GPS / Wi-Fi / Bluetooth / Cell) location fusion.
  • Phone API recall gap: at the high-precision threshold (0.85), recall is only 12% — 9 out of 10 fraudulent phone numbers pass undetected.
  • Email API at high-precision threshold: recall drops to 32% (7 in 10 fraudsters pass).
  • IDV (Identity Verification) is new + unproven — wide-scale launch January 2026, no published accuracy metrics.
  • No-code rules engine places fraud-pattern maintenance burden on the customer's team — rules built by different analysts can create gaps or conflicts; can be silently outdated.
  • Data privacy concerns: stores PII for up to 12 months; concentration of PII in a single API creates cyber-attack exposure. Their own privacy policy admits they 'cannot ensure or warrant the security' of submitted information.
  • No published independent VPN/proxy detection benchmark (vs GeoGuard 99.1% VPN detection / 0% FPR — Kingsmead Security, Sept 2025).
  • Cannot reliably confirm a user is NOT located in a sanctioned jurisdiction if they employ VPN, proxy, or residential proxy — direct OFAC compliance gap.

Capability claims

What they say they do, grouped by category. Cross-check against the detection scorecard above — claims and tests don't always match.

Geolocation

How accurately and reliably the product determines a user's real location.

  • GPS / OS locationUses native device GPS or OS-level location services.
    Noverified

    Mobile SDKs claim GPS data 'can be leveraged' but their core location is IP-derived. Subject to GPS spoofing.

  • Wi-Fi triangulation
    Noverifiedstale
  • IP geolocation
    Yesverifiedstale

    Core capability — IP API returns country, city, coordinates based on IP analysis.

  • IP-change detectionContinuously monitors IP and re-runs geolocation on Wi-Fi ↔ cellular or VPN swap (GeoComply MyIP equivalent).
    Partialinferredstale

    Impossible-travel detection between login locations.

  • Boundary / state-lineHandles users moving across regulated boundaries during an active session.
    Noverifiedstale
  • Near-border accuracyMulti-point aggregation + buffer-zone handling near regulated borders; measured as pass rate at 250m.
    Noverifiedstale
  • Pre-login pre-check
    Partialverifiedstale

    Returns numerical fraud score (0-100) + categorical risk level + signal-level explainability.

  • Multi-jurisdictionSingle integration handling operators in multiple regulated states (GeoComply Multipass / Dynamic Boundaries equivalent).
    Noverifiedstale

    Geofence API exists but no Multipass / Dynamic Boundaries equivalent.

  • Desktop plugin (PLC-class)Native desktop client / plugin required by PA, NJ, MS and most US iGaming regulators.
    Noverifiedstale
  • On-property BLE geofenceBluetooth Low Energy precision geofencing for tribal / on-property venues (PinPoint-class).
    Noverifiedstale

Anti-spoofing detection

Detection coverage for the spoof vectors tested by the Competitive Intelligence team. Cell values reflect SDK-level detection of the listed vector at the most recently tested operator.

  • VPN exit nodesDetects commercial VPN exit nodes (NordVPN, ExpressVPN, Surfshark, etc.).
    Partialverifiedstale

    Identifies whether IP belongs to residential ISP, data centre, public network, or known TOR exit node. No published accuracy metric.

  • Proxy / residentialDetects datacenter and residential proxies — the harder class of IP obfuscation.
    Partialverifiedstale

    Same residential/data-centre/TOR classification as VPN.

  • Tor exits
    Yesverifiedstale

    TOR exit node detection.

  • Remote desktop (RDP)Detects AnyDesk, TeamViewer, FaceTime, Assistant, HopToDesk, iPhone screen mirroring, RustDesk and similar remote-control sessions.
    Yesverifiedstale

    Remote Access Tool detection in Device Intelligence SDK (TeamViewer, etc).

  • Fake-location appsDetects iAnyGo / Fake GPS / mock-location apps on iOS and Android.
    Noverifiedstale

    No multi-signal location, so fake-location-app detection on mobile is limited.

  • Hardware GPS spooferDetects HackRF / BladeRF and GPS-simulator-device signal injection.
    Noverifiedstale
  • Emulator / VMDetects Xcode iOS Simulator, BlueStacks, Genymotion and similar virtual environments.
    Yesverifiedstale

    Emulator + rooted device detection in Device Intelligence SDK.

  • Device farm / VMOSDetects VMOS / virtualized Android device-farm environments used for multi-accounting.
    Partialinferredstale

    Visitor Fingerprint system for multi-accounting / device-sharing detection.

  • Jailbreak / rootDetects jailbroken iOS, rooted Android (incl. Magisk hidden root), and Frida / runtime-hook tampering.
    Partialverifiedstale

    Rooted device detection claimed; depth on hidden-root (Magisk) unknown.

  • Resigned / tampered appDetects iOS apps that have been re-signed / Android apps that have been repackaged with injected code.
    · Unknownrumorstale
  • Sideload (PlayCover)Detects ARM-macOS iOS sideloading via PlayCover and equivalent hardware-abstraction loaders.
    · Unknownrumorstale
  • Browser extension spoofDetects Chrome / browser extensions that spoof location (Location Guard, Hola, etc.).
    Partialinferredstale

    WebRTC discrepancy detection — flags mismatches between local network and stated external IP.

  • Session terminationTerminates session when location services are disabled mid-game or device leaves the jurisdiction.
    Yesverifiedstale

    Visitor Fingerprint persistent identifiers; ongoing login monitoring.

  • MITM / replay attackResists network-level interception, request tampering, and replay attacks against the SDK ↔ backend channel.
    · Unknownrumorstale

Identity & KYC

Document verification, biometric liveness, sanctions screening.

  • Document scan / OCR
    Yesverifiedstale

    Own AI-powered IDV product launched Jan 2026; 10,000+ document types across 200+ countries. No published accuracy metrics.

  • Biometric liveness
    Yesverifiedstale

    Biometric liveness detection + face matching.

  • Sanctions / PEP
    Yesverifiedstale

    AML Customer Screening: 197 countries, 24M risk profiles, 528 entities. Global sanctions, PEP, SDN, adverse media.

  • AML / responsible gaming
    Yesverifiedstale

    Continuous Monitoring + Transaction Monitoring + Movement of Funds visualisation + AML Screening Agent.

  • Reusable identity
    · Unknowninferredstale

Platform coverage

Which surfaces the SDK / product runs on.

  • iOS native
    Yesverifiedstale

    Native iOS SDK.

  • Android native
    Yesverifiedstale

    Native Android SDK.

  • Web / browser
    Yesverifiedstale

    Web JavaScript SDK.

  • React Native
    · Unknownrumorstale
  • Flutter
    · Unknownrumorstale
  • Unity
    · Unknowninferredstale
  • .NET / desktop
    · Unknownrumorstale
  • Server-side API
    Yesverifiedstale

    REST API.

Compliance & certification

Regulatory coverage and certifications.

  • US state-licensed (iGaming/sportsbook)
    Noverifiedstale

    Not a gaming-commission-certified geo-compliance vendor. Entain + Lottoland + Rank Interactive use SEON for fraud/AML, not geo-compliance.

  • US tribal / on-property
    Noverifiedstale
  • Canadian provincial
    Noinferredstale
  • European (MGA/UKGC)
    Partialverifiedstale

    EU presence via Revolut, Lottoland, Entain.

  • LatAm (Brazil SPA)
    · Unknowninferredstale
  • SOC 2 Type II
    Partialinferredstale
  • ISO 27001
    · Unknowninferredstale
  • GLI-certified
    · Unknowninferredstale

Fraud & device intelligence

Device fingerprinting, IP intelligence, behavioral signals, account-takeover detection.

  • Device fingerprint
    Yesverifiedstale

    Visitor Fingerprint — persistent user identifiers across device, browser, network, behavioural signals.

  • IP intelligence DBMaintained DB of VPN / TOR / proxy / hijacked-residential IPs with documented refresh cadence (GeoGuard equivalent).
    Yesverifiedstale

    IP API: VPN, proxy, data-centre, TOR classification.

  • Behavioral signals
    Yesverifiedstale

    Typing rhythm, scrolling patterns, tap pressure, gyroscope, accelerometer.

  • Velocity / impossible travel
    Yesverifiedstale

    Velocity + aggregation features across 50+ dimensions.

  • Bot detection
    Yesverifiedstale
  • Account takeover
    Yesverifiedstale
  • Chargeback mgmt
    Partialinferredstale

Ops & integration

How easy the product is to integrate, observe, and operate.

  • Self-serve onboarding
    Partialverifiedstale

    14-day average integration; no-code rules engine in dashboard.

  • Case management UI
    Yesverifiedstale
  • Webhook delivery
    Yesverifiedstale
  • Real-time API
    Yesverifiedstale

    Real-time risk scoring.

  • Analytics dashboard
    Yesverifiedstale

    User-friendly dashboard, no-code rules engine.

  • Audit log export
    Partialinferredstale

    Whitebox ML — signal-level explainability for every decision. Court-defensibility for OFAC unclear.

  • Encrypted responseDetection flag names hidden from the end user (GeoComply uses encrypted XML; most challengers expose JSON flag names).
    · Unknownrumorstale
  • SDK hardeningSDK is signed, obfuscated, and license-bound — not findable / patchable to inject coordinates client-side.
    · Unknownrumorstale

Commercial

Pricing model and go-to-market shape.

  • Usage-based pricing
    Yesverifiedstale

    API-call pricing per Fraud API call.

  • Flat license / enterprise
    Partialinferredstale
  • Free tier / trial
    · Unknowninferredstale
  • Publicly listed pricing
    Noverifiedstale
  • Bundled with platformGeo is bundled inside a broader platform deal (OpenBet, GeoLocs/Mkodo, Playtech).
    Yesverifiedstale

    Fraud + AML + IDV bundled under one platform — primary commercial pitch.

P0 in the new-verticals set

SEON is the highest-priority new-verticals competitor. The structural pitch — "fraud + AML + IDV + transaction monitoring in one API, integrated in 14 days" — is a real threat in fintech, crypto, and iGaming evaluations where buyers are consolidating vendors. The structural gap is the same one shared across this whole vertical set: IP-only geolocation, not compliance-grade.

Talking points for displacement / co-sell deals

  1. "SEON is fraud + AML; GeoComply is location compliance" — these are complementary, not substitutable. A SEON deployment leaves the location-spoofing surface (VPN, residential proxy, GPS simulator) detectable only at the IP layer; GeoComply closes that gap.
  2. The OFAC line is the strongest message. SEON's own docs say IP-based geolocation "should be taken with a grain of salt." For sanctioned-jurisdiction enforcement that's a regulatory non-starter — IP can be spoofed with $5 of residential proxy.
  3. IDV is new and unproven (wide-scale launch Jan 2026, no published accuracy metrics). For prospects evaluating SEON's "unified platform" pitch in 2026, the IDV component is the weakest link — frame the comparison against dedicated KYC vendors.
  4. Phone-API recall gap (12% at high-precision threshold) is a concrete weakness to surface against the "900+ signals" narrative — signal count doesn't equal signal quality.
  5. No-code rules engine is a double-edged sword. Customers love the autonomy at signing; their fraud teams discover the maintenance burden 6 months in. Reference this to procurement leads.
  6. Co-sell story: SEON for fraud + AML + IDV signal enrichment; GeoComply for compliance-grade location enforcement. Joint deployment in regulated iGaming / fintech / crypto closes both surfaces.

Where they overlap with GeoComply

  • iGaming customers: Entain, Lottoland, Rank Interactive — SEON is the fraud/AML layer; GeoComply is or should be the geo-compliance layer.
  • Crypto / fintech: shared evaluation funnel; SEON appears as the "consolidated platform" alternative to a best-of-breed stack.
  • Compliance positioning: SEON markets AML + KYC as compliance. The risk is that buyers conflate "AML compliance" with "jurisdictional compliance" — these are different requirements.

Open testing scope

  • Independent VPN/proxy detection benchmark — SEON has no published accuracy metric vs GeoGuard's 99.1% / 0% FPR.
  • Residential proxy detection — claimed but unbenchmarked.
  • IDV accuracy retest — once SEON publishes Jan-2026 launch metrics.