Email Risk
Checker Category: Risk — Communication
Used In Steps: Session Risk (as add-on), PII Validation (as add-on)
Used In Workflows: Any workflow where an email address is collected
Supported Countries: Global
Overview
Email Risk checkers screen the provided email address for fraud signals and deliverability issues before proceeding with verification. Two variants are available: LexisNexis provides comprehensive fraud intelligence including email age, domain risk, IP correlation, and behavioral signals; NeverBounce focuses on deliverability validation and disposable address detection.
Both variants run as zero-friction add-ons — no additional user input required beyond the email address already collected by the step.
End User Requirements
Email address (collected in the current step or passed via Login Hint).
Role in Layered Verification
Early-stage risk filter. Flags disposable addresses, high-risk domains, and fraud-associated email patterns before any PII is verified. Reduces downstream friction by blocking obvious fraud signals at the lowest-cost point in the flow.
Overview
Comprehensive email fraud intelligence from LexisNexis. Assesses email age, domain characteristics, IP correlation, behavioral fraud patterns, and cross-network reputation signals.
Acquired Attributes
| Attribute Name | Attribute Code | Fields | Description |
|---|---|---|---|
| Email Creation Date | EmailCreationDate | — | Date the email address was first created. |
| Email Age (Days) | EmailAge | — | Age of the email address in days. |
| Email Domain Age | EmailDomainAge | — | Age of the email domain. |
| Email Domain Age (Days) | DaysSinceEmailDomainCreation | — | Days since the email domain was created. |
| First Email Verification Date | FirstEmailVerificationDate | — | Date the email address was first verified in LexisNexis systems. |
| Time since Email Verification Age (Days) | DaysSinceFirstEmailVerification | — | Days since the first email verification. |
| Last Email Verification Date | LastEmailVerificationDate | — | Date of the most recent email verification. |
| Email Address Status | EmailAddressStatus | — | Current deliverability status of the email address. |
| Email Risk Score | EmailageScore | — | Numeric risk score for the email address. |
| Email Score Reason | EmailageScoreReason | — | Reason code for the email risk score. |
| Fraud Type | FraudType | — | Type of fraud pattern detected, if any. |
| Email Domain Risk Level | EmailDomainRiskLevel | — | Risk classification of the email domain. |
| Email Score Risk Level | EmailageScoreRiskBand | — | Risk band associated with the email risk score. |
| IP Address Risk Level | IPAddressRiskLevel | — | Risk level of the IP address associated with the email. |
| Overall Digital Identity Score | OverallDigitalIdentityScore | — | Composite digital identity risk score. |
| Email Address Location | EmailAddressLocation | — | Geographic location associated with the email address. |
| Email Risk Level | EmailRiskBand | — | Overall email risk classification band. |
| Fraud Risk | FraudRisk | — | Fraud risk indicator for the email address. |
| Source Industry | SourceIndustry | — | Industry most commonly associated with this email. |
| Company associated with Domain | DomainCompany | — | Company name associated with the email domain. |
| Domain Corporate | DomainCorporate | — | Indicates whether the domain is a corporate domain. |
| Number of Social Media Friends | SmFriends | — | Number of social media connections associated with the email. |
| Image URL | ImageUrl | — | Profile image URL associated with the email address. |
| Email To IP Confidence | EmailToIpConfidence | — | Confidence score for the email-to-IP address correlation. |
| Total Hits | TotalHits | — | Number of times this email has been seen in LexisNexis systems. |
| Domain Country | DomainCountry | — | Country associated with the email domain. |
| Domain Category | DomainCategory | — | Category classification of the email domain. |
| Email to Billing Address Confidence | EmailToBillAddressConfidence | — | Confidence score for email-to-billing-address correlation. |
| First Verification Date | FirstVerificationDate | First Verification Date | First date this email was verified anywhere in the network. |
| First Seen Days | FirstSeenDays | First Seen Days | Days since this email was first seen in the network. |
Assertions
| Assertion Name | Assertion Key | Description |
|---|---|---|
| Provided Full Name Linked to Provided Email in Identity Record | link.fullName_Email | Confirms that the provided full name corresponds to the provided email address in identity records. Passes if a correspondence is found; fails if none is found. |
| Provided Country Matches IP Address Country | link.ipAddress_address | Compares the provided country to the country of the device's IP address. Passes if they match; fails if they do not. |
| Email Account Existence Check | test.emailAddressExists | Confirms that the provided email address exists as an active, registered account. Passes if the email account exists; fails if it does not. |
| Email Address Active Check | test.emailAddressValid | Confirms that the email address exists as an active account with sufficient history. Passes if activity and history is sufficient; fails if it is not. |
| Email Domain Exists Check | test.emailDomainExists | Confirms that the provided email domain exists and has valid DNS records. Passes if the domain is valid; fails if it does not exist or has no valid DNS records. |
| IP Address Local Whitelist Check | test.ipAddressTrusted | Confirms that the IP address is present on the local whitelist. Passes if found on the whitelist; fails if it is not. |
| IP Address Country Risk Check | test.ipCountryRisk | Assesses the risk level associated with the IP address country. Passes if the country risk is within acceptable levels; fails if the risk is elevated. |
| Email Domain Local Whitelist Check | test.isDomainTrusted | Confirms that the email domain is present on the local whitelist. Passes if found on the whitelist; fails if it is not. |
| Email Address Local Whitelist Check | test.isEmailTrusted | Confirms that the email address is present on the local whitelist. Passes if found on the whitelist; fails if it is not. |
| IP Address Tor Network Check | test.torNetworkIP | Indicates whether the IP address is associated with the Tor network. Passes if the IP has no Tor association; fails if it does. |
| Phone Number Format Check | test.validPhoneFormat | Confirms that the provided phone number is in a valid format. Passes if the format is valid; fails if it is not. |
Testing & Expected Results
Deny path: use a known disposable address (e.g., [email protected]).
Approve path: use a standard business or personal email address.
Related Resources
→ Session Risk | → PII Validation | → Identity Verification | → Continuous Re-Authentication
Updated 2 days ago