Email Verification
Email Verification enables you to assess the risk of email addresses provided by the end user. It is a fundamental risk check that analyzes an email address to provide an overall risk. It, adds email intelligence as a layer of defense to fraud prevention. It assesses risks by evaluating email address metadata points such as domain details, email details, and risk indicators.
Use Case
For those with onboarding and account login workflows, who wish to understand and assess the risks of a given email address.
Supported Credentials
The following values can be uploaded as Prepared Data. Alternatively, they can be extracted by an upstream capability in a workflow.
To use Prepared Data with email verification as a standalone capability use workflow key 10066
| Key | Type | Mandatory | Description |
|---|---|---|---|
| Email address | String | yes | Email Address of Applicant |
| ipAddress | String | no | The IP address entered as a string. Either IPv4 or IPv6 format is accepted. |
Example Prepared Data Body
{
"email": "martin***ng@gmail.com"
}
Response
Response data is available for transactions that include the risk signal. For information on transaction data see View or Retrieve Workflow Transactions.
Example Response
{
"workflow": {
"id": "203cf33c-77f8-443d-ac4d-ad52121f94f8",
"status": "PROCESSED",
"definitionKey": "10066",
"userReference": "abc",
"customerInternalReference": "dd"
},
"account": {
"id": "4363fce6-6197-46e6-9840-39cda6860c97"
},
"createdAt": "2025-05-08T12:45:43.518Z",
"startedAt": "2025-05-08T12:45:51.122Z",
"completedAt": "2025-05-08T12:45:53.801Z",
"credentials": [
{
"id": "a0c4d666-9718-49a0-a120-d259f1cea0a4",
"category": "DATA",
"parts": [
{
"classifier": "PREPARED_DATA",
"href": "https://retrieval.amer-1.jumio.ai/api/v1/accounts/4363fce6-6197-46e6-9840-39cda6860c97/credentials/a0c4d666-9718-49a0-a120-d259f1cea0a4/parts/PREPARED_DATA"
}
]
}
],
"decision": {
"type": "PASSED",
"details": {
"label": "TXN_PASSED"
},
"risk": {
"score": 0
}
},
"steps": {
"href": "https://retrieval.amer-1.jumio.ai/api/v1/accounts/4363fce6-6197-46e6-9840-39cda6860c97/workflow-executions/203cf33c-77f8-443d-ac4d-ad52121f94f8/steps"
},
"capabilities": {
"emailVerification": [
{
"id": "0790a7f1-5ebf-451a-98b1-d6ad60f2ffe0",
"credentials": [
{
"id": "a0c4d666-9718-49a0-a120-d259f1cea0a4",
"category": "DATA"
}
],
"decision": {
"type": "PASSED",
"details": {
"label": "LOW_RISK"
}
},
"data": {
"emailVerificationStatus": "ValidDomain",
"firstVerifiedAt": "2022-07-10T00:00:00.000Z",
"totalHits": "6",
"domainExists": true,
"domainName": "jumio.com",
"domainCompany": "Jumio",
"domainRiskLevel": "LOW",
"domainCreationDate": "2004-03-30T07:07:55.000Z",
"advice": "LOWER_FRAUD_RISK",
"domainCountry": "USA",
"domainCategory": "Technology",
"domainCorporate": true,
"reason": "EMAIL_CREATED_AT_LEAST_YEARS_AGO",
"emailDeterminedStatus": "Not Sure",
"countForReason": 2
},
}
]
},
}
Decision Details Labels
Details
| Decision Type | Label | Description |
|---|---|---|
| PASSED | LOW_RISK | No significant risk associated with the data. |
| REJECTED | HIGH_RISK | High risk associated with the data. |
| WARNING | MEDIUM_RISK | Moderate risk associated with the data. |
| NOT_EXECUTED | PERMISSION_DENIED | Cannot be executed because the required permissions or credentials are missing. Verify your API key and access rights. |
| NOT_EXECUTED | BAD_REQUEST | Malformed or missing required parameters. Ensure that all mandatory fields are included and correctly formatted before retrying. |
| NOT_EXECUTED | PRECONDITION_NOT_FULFILLED | Preconditions were not met to process the data. |
| NOT_EXECUTED | TECHNICAL_ERROR | There was an error in processing the request. |
Data
Details
| Parameter | Type | Description |
|---|---|---|
| firstVerificationDate | date time (UTC) | The oldest date found for records associated with the query. This date can also be considered the First Seen Date. If it's the first time an email is seen, the field will be set to the current date. Returned in UTC format. |
| emailVerificationStatus | string | Possible values:
|
| totalHits | integer | Number of times the email address was queried through the risk signal or overall vendor platform in the last 7 days. |
| emailExists | boolean | Indicates whether or not the email address exists. Possible values:
|
| domainExists | boolean | Indicates whether or not the email domain exists. Possible values:
|
| domainName | string | The email domain. |
| domainCompany | string | Owner of the email domain. |
| domainRiskLevel | string | Possible values:
|
| domainCreationDate | string | The creation date of the domain. This field may be blank for some queries. Returned in UTC format: YYYY-MM-DDThh:mm:ssZ. |
| advice | string | Possible values:
|
| domainCountry | string | The country that issued the domain. Can be any ISO 3166-1 alpha-3 country code, and XKX for Kosovo. Examples: USA, AUT, DEU, FRA. |
| domainCategory | string | The category of the domain. For example,
|
| domainCorporate | boolean | Indicates if the domain is corporate. Possible values:
|
| reason | string | Refer the table below |
| emailDeterminedStatus | string | Uncertainty in determining whether the email exists. This field is included only when the emailExists field has the value Not Sure. Possible values: Not Sure |
| domainDeterminedStatus | string | Uncertainty in determining whether the domain exists. This field is included only when the domainExists field has the value Not Sure. Possible values: Not Sure |
Reason Type
Reason Type
| Reason Type | Description |
|---|---|
| FRAUD_LEVEL | Number of unique customers in the Emailage Network who marked the email as fraud. |
| EMAIL_DOES_NOT_EXIST_EMAIL_DOES_NOT_EXIST_ANYMORE | The email address does not exist or no longer exists. |
| DOMAIN_DOES_NOT_EXIST | Domain is not found in registry. |
| RISKY_DOMAIN | Domain has a high fraud rate. |
| RISKY_COUNTRY | Email owner, domain, or IP location originates from a high-risk country. |
| RISKY_EMAIL_SYNTAX | Email pattern is known to be associated with fraud. |
| NUMERIC_EMAIL | Email handle contains numeric patterns, often seen in fraudulent emails. |
| LIMITED_HISTORY_FOR_EMAIL | Insufficient historical data to determine fraud risk. |
| EMAIL_RECENTLY_CREATED | Email was created recently (determined by machine learning). |
| EMAIL_LINKED_TO_HIGH_RISK_ACCOUNT | Email is associated with high-risk accounts. |
| GOOD_LEVEL | Number of unique customers who marked the email as good. |
| LOW_RISK_DOMAIN | Domain has a low fraud rate. |
| EMAIL_CREATED_YEARS_AGO | Email creation timestamp provided in years. |
| EMAIL_CREATED_AT_LEAST_YEARS_AGO | Approximate number of years since email creation. |
| EMAIL_LINKED_TO_LOW_RISK_ACCOUNT | Email is associated with low-risk accounts. |
| INVALID_EMAIL_SYNTAX | Email format is syntactically incorrect. |
| MAILBOX_IS_FULL | Mailbox has reached its storage limit. |
| MAILBOX_IS_INACTIVE | Email address is no longer active. |
| MAILBOX_IS_EXPIRED | Email existed previously but is now expired. |
| USER_DEFINED_RISK_DOMAIN | Domain marked as high-risk by the client/company. |
| USER_DEFINED_LOW_RISK_DOMAIN | Domain marked as low-risk by the client/company. |
| VELOCITY_LEVEL | High query frequency for the email in a short period. |
| RISK_DOMAIN_CATEGORY | Domain falls under high-risk category (e.g., webmail, banking). |
| LOW_RISK_DOMAIN_CATEGORY | Domain falls under a low-risk category. |
| HIGH_RISK_EMAIL_ACCOUNT | Email has a high probability of fraud association. |
| EMAIL_CREATED_AT_LEAST_MONTHS_AGO | Approximate number of months since email creation. |
| POTENTIALLY_BREACHED_EMAIL | Email was exposed in a known breach. |
| GOOD_POPULARITY | Email has positive associations via social or public sources. |
| RISK_DOMAIN_CATEGORY_REVIEW | Domain category has a high fraud rate. |
| TUMBLING_ABUSE | Slight email variations suggest potential abuse (e.g., a.bc@gmail.com vs ab.c@gmail.com). |
| EMAIL_ENUMERATION_FOR_COMPANY | Multiple similar email handles were queried by the same company. |
| EMAIL_ENUMERATION_FOR_INDUSTRY | Multiple similar email handles were queried by companies in the same industry. |
| CREATION_DATE_VELOCITY | Email creation dates show suspicious timing patterns across the network. |
| CUSTOMER_EMAIL_NOT_PROVIDED | No customer email provided; a dummy email is used for processing. |
| RISK_EMAIL_PATTERN | Email follows a pattern associated with fraud per global risk analysis. |
| SUSPECTED_FRAUD | Email explicitly marked as "Suspected Fraud." |
| LIMITED_EMAIL_INFORMATION | Very little information available about the email. |
| DOMAIN_RECENTLY_CREATED | Domain was registered recently, suggesting potential risk. |
| VELOCITY_OTHER | High velocity of usage flagged by external sources. |
| VALID_EMAIL_FROM_DOMAIN | Email is valid and correctly associated with its domain. |
| VALID_DOMAIN | Domain is valid and exists. |
| LOW_RISK_EMAIL_DOMAIN_FOR_COMPANY | Email domain is low-risk for the querying company. |
| LOW_RISK_EMAIL_DOMAIN_FOR_INDUSTRY | Email domain is low-risk within the industry. |
| LOW_RISK_EMAIL_DOMAIN_FOR_NETWORK | Email domain is low-risk at the network level. |
| VERY_LOW_RISK_EMAIL_DOMAIN_FOR_COMPANY | Email domain is very low-risk for the querying company. |
| VERY_LOW_RISK_EMAIL_DOMAIN_FOR_INDUSTRY | Email domain is very low-risk within the industry. |
| VERY_LOW_RISK_EMAIL_DOMAIN_FOR_NETWORK | Email domain is very low-risk at the network level. |
| HIGH_RISK_EMAIL_DOMAIN_FOR_COMPANY | Email domain is high-risk for the querying company. |
| HIGH_RISK_EMAIL_DOMAIN_FOR_INDUSTRY | Email domain is high-risk within the industry. |
| HIGH_RISK_EMAIL_DOMAIN_FOR_NETWORK | Email domain is high-risk at the network level. |
| VERY_HIGH_RISK_EMAIL_DOMAIN_FOR_COMPANY | Email domain is very high-risk for the querying company. |
| VERY_HIGH_RISK_EMAIL_DOMAIN_FOR_INDUSTRY | Email domain is very high-risk within the industry. |
| VERY_HIGH_RISK_EMAIL_DOMAIN_FOR_NETWORK | Email domain is very high-risk at the network level. |