Mobile Enforcement Verification

Using the Developer tab

The Developer tab allows you to verify that your installed SDK is running correctly and monitoring and blocking traffic as intended.
Users with Admin, Developer and Dev Tools credentials have access to the Developer tab.
Enforcement verification is applicable to both Android and iOS

Extracting Visitor ID (VID)

PerimeterX servers assign a unique visitor ID (VIDVID - A unique visitor ID, used to track a single user, based on their cookie.) to every user. In order to use the verification tool, you need to extract the VIDVID - A unique visitor ID, used to track a single user, based on their cookie. assigned to the device being used for testing.

  1. Access the application being tested with the device.
  2. Click VID Extractor (Platform Settings > Developer)to open the VID Extractor window.
  3. Enter the device IP address and click Search
    • Note: This may take a few minutes*
  4. Locate your device based on the device, app and carrier attributes listed in the table, and click Select. The required parameters are automatically inserted in the relevant fields.

Simulating the Captcha Response

To verify that the app is blocking correctly:

  1. Click the Captcha button to flag all traffic from your device as a possible bot.
  2. Move the app to the background and then to the foreground to refresh the SDK token. The first request sent to your mobile app’s server will receive a 403 response with a Captcha challenge in the response body.
  3. By calling PXManager.handleResponse a Captcha page is displayed.
  4. To clear your VIDVID - A unique visitor ID, used to track a single user, based on their cookie., you can either solve the Captcha, or click the Clear button.


When testing with a mobile emulator

As some of our detections may block mobile emulator based solving, make sure to pass the x-px-captcha-testing header to the request.
You can find our testing recommendations here.


Configuring an Android Emulator to use Charles Proxy

To configure your Android Emulator:

  1. Set the HTTP proxy settings in the Wi-Fi menu.
  2. In the Wi-Fi menu long press the connected network, select Modify Network, and fill in the proxy settings.
    If you are running Charles Proxy on your local machine then use the local IP (not the loopback).
  3. To intercept HTTPS requests follow the guidelines at:

In Android Nougat special permissions are required to use a certificate added to the trust store.


Click the Clear button at any point to remove the simulated mode assigned to your device. After restarting your application all traffic between your device and the server should pass.

Did this page help you?