When providing an email address as an input to the minFraud services, you can provide it either as plain text or as an MD5 hash.
If you provide the email as an MD5 hash, it’s important that you normalize it before generating the hash. Otherwise minor, inconsequential differences could cause minFraud to consider it a different address.
Our API clients do this for you if you enable sending the MD5 hash. This is the recommended way to do this.
Normalizing email addresses
If you are not able to use our API clients, you can normalize an email address yourself. Below are the steps to take to do this.
- Trim whitespace from both ends of the address
- Lowercase the address
- Find the local part of the email (before the @) and the domain (after the @)
- Trim whitespace from both ends of the domain
- If the domain ends with a period, trim it off
- Convert international domain names (IDNs) to ASCII. For example, you can do this in Java using java.net.IDN.
- Fix common typos in domain names. You can see a list of typos we map in our Java API client.
- Remove alias parts from the local part. For yahoo.com addresses, this is everything after and including the first “-” character, if present. For other email domains, this is everything after and including the first “+” character, if present.
- Put the local part and the domain back together to form the normalized email address
- Calculate the MD5 hash
You can review the code in our API clients see how to normalize an email address in various languages.