# Finix.Auth

Finix.js includes built-in fraud detection through `Finix.Auth`. It establishes a session that tracks behavioral signals during the buyer's checkout flow. When the buyer submits a payment, you send the session key to your backend, which includes it in the payment request so Finix can score the transaction for fraud.

There are two parts to integrating fraud detection:

1. **Client side** — initialize `Finix.Auth` and retrieve the session key at submit time
2. **Backend side** — include `fraud_session_id` when creating an `Authorization` or `Transfer`


## Client-side setup

Initialize `Finix.Auth` **before** `Finix.PaymentForm`, at page load. This gives the session time to establish before the buyer submits the form.


```text
Finix.Auth(environment, merchantId, callback)
```

| Parameter | Type | Required | Description |
|  --- | --- | --- | --- |
| `environment` | `string` | Yes | `"sandbox"` or `"live"` |
| `merchantId` | `string` | Yes | Your Finix Merchant ID |
| `callback` | `function(sessionKey)` | No | Called once initialization completes |


Pass a callback to receive the session key as soon as it's available. This is useful if you need the key before the buyer submits the form.

Returns the current fraud session key. Call this inside `onSubmit` — by the time the buyer submits the form, the session will have initialized.


```text
finixAuth.getSessionKey() → string
```

## Sending to your backend

Inside `onSubmit`, retrieve the session key and send it to your backend alongside the token. Your backend uses the session key when creating the payment request.

Your backend should include `fraud_session_id` when creating an `Authorization` or `Transfer` with the Finix API. Finix uses the session key to correlate the buyer's checkout behavior with the payment for fraud scoring.

For full details on the backend payment request and how to handle blocked transactions, see the [Fraud Detection guide](/guides/online-payments/fraud-and-risk/fraud-detection#step-4-send-session-id-in-payment).

## Managing multiple merchants

Call `connect()` to reinitialize tracking for a different Merchant ID. This generates a new session key for that merchant.


```text
finixAuth.connect(merchantId, callback)
```

| Parameter | Type | Required | Description |
|  --- | --- | --- | --- |
| `merchantId` | `string` | Yes | The Finix Merchant ID to switch tracking to |
| `callback` | `function(sessionKey)` | No | Called once the new session key is ready |