> ## Documentation Index
> Fetch the complete documentation index at: https://docs.verisoul.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Best Practices

> Best practices for integrating Verisoul

For optimal fraud detection and user experience, follow these two critical best practices when integrating Verisoul

## 1. Initialize the Client SDK as Early as Possible

**Why this matters:** Early initialization allows Verisoul to collect the maximum amount of behavioral and device signals, resulting in more accurate risk assessments.

### Implementation by Platform

#### Web SDK

Add the Verisoul script to the `<head>` section of your HTML to ensure it loads before the rest of your page content. For production web integrations, use a [custom hostname](/integration/custom-hostname) so the SDK loads from your own subdomain:

```html theme={null}
<head>
  <!-- Other head elements -->
  
  <!-- Verisoul script - place as early as possible -->
  <script async src="https://{custom_hostname}/bundle.js" verisoul-project-id="{project_id}"></script>
</head>
```

If your custom hostname is not active yet, you can use `https://js.verisoul.ai/{env}/bundle.js` for sandbox, pilots, or initial testing.

#### Mobile SDK

For our mobile SDKs, initialization happens automatically when the SDK is integrated. Ensure you're following the platform-specific integration guides:

* [iOS](/integration/frontend/ios)
* [Android](/integration/frontend/android)
* [React Native](/integration/frontend/react-native)
* [Flutter](/integration/frontend/flutter)

### Benefits of Early Initialization

* Allows more time for signal collection
* Captures the full user journey
* Improves accuracy of behavioral analysis
* Enables detection of suspicious patterns from the start

## 2. Call the Verisoul API at the Time of Critical Actions

**Why this matters:** While you should initialize the SDK early, you should wait to call the authenticate endpoint until the moment of a critical action.

### Critical Action Examples

* User registration
* User login
* Payment processing
* Rewards redemption
* Account withdrawal
* Profile or settings changes
* High-value transactions

### Implementation Guidance

1. Initialize the SDK early in the user journey
2. Collect the session ID when needed
3. Call the [Authenticate](/integration/backend/authenticated) endpoint at the exact moment of the critical action
4. Use the decision to allow, block, or verify the action

### Why This Approach Works

* **Maximum signal collection**: Client SDKs continuously collect data, so waiting allows more time for signals to be gathered
* **Defeats "human in the loop" fraud**: Fraudsters often create accounts manually but later automate actions
  * Example: A fraudster creates an account as a human, verifies their email, and then logs in and starts a bot
* **Captures intent signals**: The most revealing behavioral signals often occur right before a critical action
* **Reduces false positives**: More context leads to more accurate decisions