API Integration vs SDK: Security Tool Comparison
Compare APIs and SDKs for security tools — trade-offs in integration, performance, risks, and best use cases for fraud detection and compliance.
When deciding between API integration and SDKs for security tools, it's all about what your project needs. APIs are lightweight, flexible, and great for adding specific security features to existing systems. SDKs, on the other hand, are pre-packaged tools that simplify development, especially for platform-specific applications.
Here’s the quick takeaway:
- APIs: Best for real-time data exchange, cross-platform use, and custom workflows. They’re ideal for email validation, fraud detection, and user authentication tasks.
- SDKs: Great for deep integration, offline functionality, and rapid development with built-in security features like encryption and multi-factor authentication.
Quick Comparison:
| Feature | API Integration | SDK |
|---|---|---|
| Integration | Lightweight, requires custom coding | Pre-built tools, faster setup |
| Flexibility | High for custom workflows | Platform-specific, but customizable |
| Performance | Minimal impact, network-dependent | Larger footprint, optimized for platforms |
| Security Features | Requires manual implementation | Built-in, automated handling |
| Use Cases | Real-time validation, fraud detection | Mobile apps, offline security |
Both approaches can work together. APIs handle backend tasks, while SDKs simplify frontend development. Your choice depends on whether you prioritize control or convenience.
API Integration vs SDK Security Tools Comparison Chart
What Is API Integration for Security Tools
API integration connects systems to exchange data through APIs, acting as a bridge for sharing information between applications. In the realm of cybersecurity, APIs play a key role by enabling smooth data exchange, which supports the advanced security measures outlined below.
Here's how it works: a client sends a request to an API endpoint and gets an immediate response. This instant communication allows real-time decisions, like verifying an email during signup to prevent abuse. By facilitating this exchange of data and insights, API integration helps security tools work together to detect and prevent fraud effectively.
Using machine learning and artificial intelligence, API integration analyzes data, flags irregularities, and predicts fraudulent activities that traditional rule-based systems might miss. It also offers continuous traffic and user behavior monitoring, identifying unusual patterns that could signal a potential attack.
Main Features of API Integration
API integration comes with several standout features that enhance security operations:
- Ease of Implementation: Developers can quickly add strong security features without building systems from scratch.
- Scalability: API-based solutions handle growing traffic seamlessly. For example, DataDome processes 3 trillion signals daily, delivering real-time analysis with 99.99% accuracy.
- Real-Time Data Sharing: Instant communication ensures quick decision-making, crucial for fraud prevention.
- Standardized Architecture: Most security APIs use REST architecture, a lightweight framework that relies on JSON for data exchange. Many also follow a pay-per-request pricing model, letting businesses align costs with actual use.
API Integration Use Cases
API integration shines in several cybersecurity scenarios:
- Email Validation: Email validation APIs help prevent abuse by instantly identifying typos, invalid entries, or disposable addresses. For instance, SendGrid uses a machine learning model trained on data from 100 billion emails per month to detect risky or fake addresses in real time. When added to signup forms, these APIs reduce fake accounts and keep contact lists clean.
-
Fraud Detection: Fraud detection APIs analyze transactions in real time to prevent financial losses. SEON's API, for example, assigns risk scores based on location, device, and transaction amount. It flags suspicious activity for review and blocks high-risk transactions within seconds, even during heavy transaction loads. A Chief Compliance Officer at Soft2Bet shared:
"SEON significantly enhanced our fraud prevention efficiency, freeing up time and resources for better policies, procedures and rules".
- User Authentication and Verification: These APIs verify user identities by checking emails, phone numbers, and other data. They detect fake accounts, monitor logins with device fingerprinting, and prevent account takeovers. In e-commerce, such tools ensure order confirmations and shipping notifications reach real customers while identifying risky or disposable email addresses to minimize fraudulent transactions and chargebacks.
- Behavioral Analysis: Machine learning-powered behavioral analysis APIs spot unusual activities, like odd spending patterns or unexpected login times, which may indicate fraud. For example, IPQualityScore's API suite offers tools for bot detection, proxy and VPN identification, email validation, device fingerprinting, and risk scoring - all in real time to combat fake accounts and fraudulent payments.
These examples underscore the importance of API integration in modern cybersecurity, paving the way for a deeper dive into how it compares with SDKs.
What Are SDKs for Security Tools
A Software Development Kit (SDK) is a comprehensive collection of tools, libraries, documentation, examples, and debugging utilities designed to help developers create applications for specific platforms or services. Unlike APIs, which provide a way to interact with a service, SDKs go a step further by managing tasks like authentication, rate limiting, retries, and token refreshes, making complex processes easier for developers.
In cybersecurity, SDKs offer pre-built components that allow developers to seamlessly integrate advanced security features into their applications. These features help combat digital abuse and fraud by simplifying the implementation of measures like multi-factor authentication (MFA), secure payment processing, and user verification. For instance, Rublon provides SDKs that enable MFA for applications built with Java, PHP, and .NET. This protects users of Active Directory and Entra ID by incorporating phishing-resistant FIDO security keys and passkeys, adding an extra layer of security against hackers.
Another important function of SDKs is ensuring that applications meet platform-specific security guidelines and best practices. This is especially critical in industries like finance and healthcare. The next sections explore the key features of SDKs and their practical applications in creating secure digital environments.
Main Features of SDKs
SDKs streamline security integration by offering pre-built libraries for tasks like encryption and data validation, cutting down on repetitive coding. Many SDKs also include APIs with standardized methods for secure communication with external security services.
A major advantage of SDKs is their detailed documentation and sample code, which make it easier for developers to understand and implement security features. These resources act as a safety net, helping to avoid misconfigurations and ensuring tools are used securely.
Flexibility is another strength. Modern SDKs allow significant customization while maintaining a solid security foundation. As Stytch puts it:
"The best SDKs on the market today are flexible and allow for extensive customizations, so developers can enjoy the same range they'd get with an API but with significantly fewer headaches".
Beyond flexibility, SDKs handle many routine security tasks automatically, freeing developers to focus on the core functionality of their applications. This built-in support speeds up development timelines and makes deploying security features faster and more efficient. These capabilities are especially valuable for strengthening fraud detection and preventing digital abuse, complementing the use of APIs in security strategies.
SDK Use Cases
SDKs shine in scenarios where security features need to be deeply embedded into applications. For example, payment gateways benefit from SDKs by using encryption libraries, validation tools, and secure communication channels to safeguard sensitive financial data during transactions.
For custom authentication workflows, Stytch's SDKs allow developers to integrate multi-factor authentication and fraud prevention with ease. These SDKs also support importing and customizing secure login templates for e-commerce platforms, improving user authentication and preventing unauthorized access.
In the healthcare sector, the WHO FHIR-based SMART Guidelines Android SDK enables ministries to quickly embed evidence-based decision support into mobile health apps. This illustrates how SDKs can help regulated industries integrate secure and compliant features efficiently. Similarly, the AWS SDK for Python (Boto3) allows Python developers to connect their applications to AWS services, including secure login functionality, by leveraging pre-built templates.
SDKs are also highly effective in offline scenarios, where constant internet access isn’t guaranteed. By embedding security logic directly into the application, SDKs enable critical security checks and fraud detection, even when a network connection is unavailable. This makes them a reliable choice for maintaining security in diverse environments.
API Integration vs SDK: Main Differences
When it comes to cybersecurity, understanding the core differences between API integration and SDKs is crucial for enhancing fraud detection and abuse prevention strategies.
Both APIs and SDKs enable the integration of security features into applications, but they differ in their scope, implementation methods, and technical details. APIs are lightweight interfaces designed for communication, focusing on endpoint configuration, authentication, and request handling. They offer flexibility but require custom coding to manage connections and handle errors effectively.
On the other hand, SDKs provide a more comprehensive development environment, complete with pre-built tools and libraries. Implementing an SDK involves installing packages and configuring ready-made components. While this process is more involved compared to APIs, it delivers an all-in-one experience with built-in security features and automated authentication handling.
From a technical standpoint, APIs scale with vendor infrastructure. For example, AWS API Gateway can automatically manage traffic. SDKs, however, depend on local infrastructure, which can increase the application’s size. As noted in Cloudflare's 2024 API Security and Management Report, 57% of all internet traffic now consists of API requests, with Stripe alone handling 500 million API requests daily.
These differences help determine whether to prioritize rapid integration or a more comprehensive development environment. Below is a side-by-side comparison highlighting the unique strengths of each approach:
Comparison Table: API Integration vs SDK
| Aspect | API Integration | SDK | Winner/Use Case |
|---|---|---|---|
| Integration Method | Endpoint setup requiring custom code. | Package installation with pre-built components. | SDK for rapid development; API for precise control. |
| Security Features | Manual implementation of security and authentication. | Built-in security features with automatic handling. | SDK for built-in protection; API for custom workflows. |
| Performance Impact | Minimal application size impact; network-dependent. | Larger code footprint but platform-optimized. | API for lightweight solutions; SDK for advanced features. |
| Customization Level | Full control over implementation and data handling. | High customization within a guided framework. | API for cross-platform needs; SDK for platform-specific depth. |
| Maintenance Requirements | Regular API key rotation and manual updates. | Frequent updates and potential breaking changes. | API for stability; SDK for integrated tooling support. |
Security Benefits and Risks of API Integration
In the world of cybersecurity, finding the right balance between the benefits and risks of API integration is essential for building an effective fraud detection strategy. APIs bring powerful tools to the table, enhancing security systems, but they also introduce vulnerabilities that require careful management. Understanding these trade-offs empowers security teams to make smarter choices when safeguarding their systems.
API Integration Benefits
APIs play a key role in fraud detection by enabling real-time identification and prevention of fraudulent activities, significantly narrowing the window for potential exploitation. They also streamline security processes by automating updates and patches, reducing the need for constant manual oversight.
By leveraging advanced machine learning and AI algorithms, APIs can adapt to emerging threats while minimizing false positives. Their versatility allows them to tackle multiple types of fraud simultaneously, such as chargeback fraud, bot attacks, fake accounts, credit card fraud, account takeovers, identity theft, money laundering, and even API abuse.
Additionally, APIs enhance fraud detection systems through behavioral analytics, which identify unusual user patterns that could signal fraudulent activity.
Despite these advantages, organizations must address the vulnerabilities that API integration can bring.
API Integration Risks
While APIs offer robust capabilities, they also introduce distinct security challenges. For instance, nearly 94% of organizations have encountered security issues with production APIs, and 17% have experienced a breach as a result. One major concern is the expanded attack surface APIs create, especially in microservice architectures where each service exposes remote procedure calls that attackers could exploit.
Another risk is the reliance on third-party uptime, which can lead to cascading failures. If a third-party API or microservice goes down, it can disrupt the entire system, potentially opening the door to denial-of-service attacks. A stark example of this was the Log4J vulnerability discovered in 2022, where systems using the Java-based logging library were left exposed to remote code execution until patches were applied.
Data privacy compliance is another pressing concern. APIs frequently handle sensitive customer information, and organizations must ensure compliance with relevant laws and regulations, even when working with third-party APIs. Additionally, vulnerabilities like broken authentication, injection attacks, insecure communication channels, and poorly implemented access controls can allow attackers to compromise tokens, inject malicious code, or gain unauthorized access to resources.
Even well-written code isn’t immune to flaws. High-quality code can still contain up to 600 defects per million lines, while average-quality code may have as many as 6,000 defects per million lines. Many of these defects can be exploited, making thorough testing and monitoring critical.
Security Benefits and Risks of SDKs
SDKs come with built-in security features and customization options, making them powerful tools for developers. However, they also introduce certain risks, particularly in terms of supply chain vulnerabilities and performance issues. Like APIs, SDKs are effective in combating digital abuse, but their integration can be complex and requires careful management.
SDK Benefits
One of the standout advantages of SDKs is their built-in security features, which handle tasks like authentication automatically. This reduces the chances of implementation errors that could lead to vulnerabilities. By embedding best practices and offering strongly-typed interfaces, SDKs simplify coding and minimize integration mistakes, making it harder for attackers to exploit weaknesses. Additionally, their customization capabilities allow developers to create more effective fraud detection systems tailored to specific app requirements.
Take Stytch, for instance. It provides fully customizable SDKs for building authentication flows that include features like fingerprinting, active risk assessment, and detailed enforcement measures to prevent fraud. Another example is Iris® Powered by Generali, which offers web and Android SDKs for identity monitoring, credit services, high-risk transaction tracking, and fraud prevention. These SDKs also protect user data through encryption and hashing, meeting rigorous standards like PCI DSS Level 1, SOC 2 Type 1, and CSA STAR Level 2.
SDKs also align well with platform-specific requirements, which is essential for industries like healthcare and finance that demand high-security standards and certifications. They support features such as biometric logins, secure in-app communication, and compliance with specific protocols, bolstering an app’s defenses against abuse. Moreover, SDKs often include built-in privacy controls, simplifying secure data collection and reducing the risk of data misuse.
While SDKs offer these security benefits, they are not without their challenges.
SDK Risks
In February 2025, a breach involving Gravy Analytics highlighted the dangers of compromised third-party SDKs. Popular apps like Tinder and Spotify were affected, leading to the exposure of over 10 TB of sensitive location data and impacting millions of users worldwide. This incident underscores how a vulnerable SDK can compromise an entire application.
The numbers paint a concerning picture: 90% of organizations faced mobile app security issues in 2023. A study by AppCensus found that 42% of SDKs collect sensitive user data without proper encryption, raising serious privacy concerns and potential violations of laws like GDPR and CCPA. Even widely used SDKs are not immune. For example, a vulnerability (CVE-2014-8889) in an Android SDK from a popular file-sharing service exposed sensitive information in roughly 6,000 applications.
Another challenge is the large code footprint that SDKs often bring. This requires careful version management to avoid introducing vulnerabilities. Developers must thoroughly vet SDK providers to ensure they are trustworthy. There have been cases where malicious SDKs enabled fraudulent activities without the developers' knowledge. Additionally, poorly optimized SDKs can negatively impact app performance, causing issues like increased memory usage, slower startup times, and battery drain.
Security Feature Comparison for Fraud Detection and Abuse Prevention
When tackling fraud detection and abuse prevention, APIs and SDKs each bring their own strengths to the table. APIs are ideal for integrating specific fraud detection functionalities without having to build an entire infrastructure from scratch. On the other hand, SDKs embed a full suite of security tools directly into your applications, offering a more integrated approach.
SDKs often include APIs, libraries, and other components, making them especially useful for industries with strict security demands, like healthcare or finance. For example, Iris® Powered by Generali provides features such as High-Risk Transaction Monitoring, Caller ID Fraud Monitoring, and Personal Web Defense (VPN) through API, web SDK, and Android SDK options. This ensures businesses can seamlessly integrate fraud detection into both legacy systems and new platforms.
If your project requires lightweight and targeted security measures, APIs are a better fit. For deeper, platform-specific security integration, SDKs are the way to go. For instance, fintech companies creating mobile banking apps often use SDKs to build the app’s core structure while adding fraud detection and compliance systems through APIs.
Comparison Table: Security Features
| Security Feature | API Integration | SDK | AbuseReport.org Implementation |
|---|---|---|---|
| Real-Time Validation | Requires manual handling of requests, responses, and error handling for each validation check | Pre-built components simplify method calls, ensure type safety, and reduce code complexity | Both options support email validation (MX, SPF, DMARC, disposable), IP validation, and VPN/proxy detection |
| Data Privacy & Compliance | Provides a security layer with access controls; developers must manually implement GDPR/CCPA best practices | Built-in privacy controls simplify compliance with platform-specific guidelines in regulated sectors | Privacy-focused operations with flexible integration options using both API and SDK implementations |
| Attack Surface | Smaller attack surface - only exposes specific endpoints needed for fraud detection | Larger code footprint requires careful version management and thorough vetting of SDK providers | Minimal attack surface achieved through a focused abuse data API and lightweight SDKs for PHP, Python, and JavaScript |
| Update Frequency | Immediate server-side updates without requiring client changes | SDK updates require app releases and user adoption; can transparently handle minor API updates | Server-side API updates paired with backward-compatible SDK releases ensure seamless integration |
Performance and Implementation Comparison
When implementing security tools, you have two main options: API integration or an SDK. Each has its strengths, and the choice often depends on your specific goals and technical needs.
APIs are ideal for quickly adding specific functionalities to existing systems. For instance, 63% of teams managed to ship production-ready APIs in under a week. With just a few lines of code, APIs enable seamless communication with external software, making them perfect for tasks like integrating targeted fraud detection features.
On the other hand, SDKs are better suited for building new, platform-specific applications or handling complex features. They come packed with pre-built components and standardized methods, which automate low-level processes. This not only speeds up development but also reduces the likelihood of errors. As Boris Bambo, a Backend Engineer, explains:
"APIs will give you finesse and allow for more customization while SDKs take a more integrated approach that can help you get going faster and save you time and cost".
Resource usage is another key difference. APIs tend to have a smaller footprint since they only add the necessary communication code, keeping the application lean. SDKs, however, include tools, libraries, and documentation in a single package. While this comprehensive setup is helpful for developers, it can lead to a larger installation size, potentially impacting mobile performance.
When it comes to scalability, APIs shine in scenarios requiring cross-platform communication and high-volume data exchange, especially with modern technologies like GraphQL and gRPC. SDKs, while offering deep platform optimization, require careful version management. Frequent API updates can sometimes cause synchronization issues.
Here’s a quick breakdown of the differences:
Comparison Table: Performance and Implementation
| Aspect | API Integration | SDK | Recommendations |
|---|---|---|---|
| Deployment Speed | Quick integration of specific functionalities | Faster for new, platform-specific apps due to pre-built components (requires setup) | Use APIs for rapid integration; choose SDKs for building new features quickly |
| Code Footprint | Minimal communication code added | Larger due to bundled tools and libraries | APIs are better for minimal overhead; SDKs suit feature-rich environments |
| Scalability | Excellent for cross-platform communication | Optimized for specific platforms but needs version management | APIs are best for broad, scalable needs; SDKs excel in platform-specific tasks |
| Resource Usage | Minimal, focused on data exchanges | Higher due to additional tools and libraries | APIs are more efficient for simple operations; SDKs offer a richer toolkit |
This comparison highlights how APIs and SDKs serve distinct purposes, helping guide strategic decisions when integrating tools for digital abuse prevention.
When to Use API Integration or SDK
Deciding between API integration and an SDK comes down to your specific security requirements and the level of integration needed for fraud detection. Each option has its strengths, and understanding when to use one over the other can help you optimize both time and resources. Here's how to determine the best fit for your needs.
When to Use API Integration
API integration is perfect for scenarios where you need targeted security functionality without the overhead of a full toolkit. It’s a great choice for lightweight integration, offering precise control over request timing, error handling, and data processing tasks.
One of the standout benefits of APIs is their cross-platform compatibility. Whether you're working with web, mobile, or backend systems, APIs seamlessly integrate across platforms. This makes them particularly useful for tasks like real-time data validation or implementing custom security workflows.
For example, APIs shine during critical moments like user registration, login, or checkout. They allow you to validate data in real-time, ensuring that security checks happen exactly when needed. Plus, they ensure only the required information is exchanged, enhancing overall data protection.
Another strong use case for APIs is in building custom security workflows. They’re ideal when you need to combine multiple third-party services or apply specific data transformation rules. However, with this flexibility comes responsibility. You’ll need to implement security best practices, such as managing authentication tokens carefully, enforcing rate limits, and encrypting sensitive data to guard against common API vulnerabilities.
If your priority is precision and efficiency in fraud prevention, API integration is a solid choice.
When to Use SDK
On the other hand, SDKs are designed for deeper integration and are best suited for building applications that require native platform features. They come loaded with pre-built components, code samples, and integrated tools, which can save a significant amount of development time compared to starting from scratch .
SDKs are particularly helpful for rapid development. Their standardized methods and pre-built classes simplify the process, reducing the need for extensive custom coding. This makes them a go-to option for developers creating new apps or enhancing existing ones.
For platform-specific projects - like iOS or Android apps - SDKs offer a distinct advantage. They can tap into device-level fraud signals and integrate seamlessly with native features, making them ideal for mobile app security . Additionally, SDKs are a great fit for applications that need to work offline or require platform-specific optimizations.
In industries with strict compliance requirements, such as healthcare or finance, SDKs provide built-in support for common security patterns. Features like automatic multi-factor authentication can simplify adherence to regulations .
However, working with SDKs comes with its own challenges. You’ll need to carefully vet third-party providers to avoid potential security risks from external code. Plus, frequent updates to underlying APIs can lead to ongoing maintenance demands, requiring diligent version management.
If your project demands robust platform integration and compliance-ready tools, an SDK is the way to go.
AbuseReport.org: Using Both API and SDK for Security
AbuseReport.org employs a combination of API integrations and SDKs to cater to the diverse security needs of its system components. This dual approach takes advantage of the specific strengths of APIs and SDKs, creating a well-rounded strategy for combating digital abuse.
The API integration layer focuses on backend security, offering lightweight access to essential features like real-time abuse detection, email and IP validation, and VPN/proxy identification. These API endpoints can be seamlessly integrated into processes such as user registration, login, or checkout, giving you precise control over when and where security checks are executed. Additionally, the API supports fraud monitoring within payment systems by enabling Stripe and PayPal dispute reporting.
For developers working on native apps or requiring deeper integration, AbuseReport.org provides SDKs for PHP, Python, and JavaScript. These SDKs come with pre-built components and standardized methods that simplify development while maintaining consistency. They also include automatic authentication and built-in security patterns, helping to minimize the risk of errors during implementation. Together, the APIs and SDKs create a well-coordinated, multi-layered security framework.
This combined approach allows you to use the API for server-side validation and tailored workflows while leveraging SDKs in mobile or web apps for native functionality. To further enhance flexibility, the platform offers no-code tool integrations and a Telegram bot API, enabling security features to extend across various channels without the need for extensive custom development.
Conclusion
Deciding between API integration and SDKs for digital abuse prevention and fraud detection isn't about picking a one-size-fits-all solution. It’s about aligning the right tool with your specific needs. APIs shine when you need flexibility and control over security workflows, making them a great fit for cross-platform environments or microservices architectures. On the other hand, SDKs are invaluable for speeding up development with pre-built components and platform-specific optimizations, especially when building native applications or working under tight deadlines.
Your choice should consider factors like project scope, technical requirements, and security priorities. For instance, if your goal is to integrate targeted fraud detection modules into an existing system, APIs offer the granular control needed to customize security logic. Alternatively, if you're developing a comprehensive application that demands seamless platform integration, SDKs provide a ready-to-use toolkit that simplifies development while adhering to platform standards.
APIs often require manual handling of security measures, such as implementing best practices like the OWASP API Security Top 10 and managing authentication tokens carefully. SDKs, by contrast, typically come with built-in security features and automatic authentication. That said, it’s critical to thoroughly vet SDK providers to guard against risks like security vulnerabilities or malicious code.
As highlighted earlier, many modern security systems combine both approaches to maximize their strengths. Danika Rockett from RudderStack explains:
"Modern systems often combine both: SDKs for client-side development and APIs for backend services and data integration".
This hybrid approach allows you to use SDKs for creating rich, user-friendly experiences while leveraging APIs for flexible backend communication. By evaluating your team’s expertise and security requirements, you can strike the right balance between fast integration and robust, platform-optimized protection. This approach ensures that both methods work together to strengthen digital abuse prevention across your systems.
FAQs
What security advantages do APIs offer compared to SDKs?
APIs come with several important security benefits compared to SDKs. For starters, they allow for granular access control, meaning users and systems can be restricted to only the permissions they genuinely require. This minimizes unnecessary access and strengthens overall security.
Another advantage is their support for encryption protocols, which safeguard sensitive data during transmission. By encrypting the data, APIs help reduce the risk of it being intercepted or tampered with.
On top of that, APIs offer monitoring and rate limiting capabilities. These tools are essential for spotting and blocking suspicious or excessive requests, helping to prevent misuse or attacks. With these features, APIs not only protect systems from potential threats but also maintain the flexibility and scalability needed for modern applications.
How do SDKs help businesses meet security standards specific to their industry?
SDKs come equipped with security features baked right in and are built to align with industry best practices. They often include tools, libraries, and documentation that adhere to well-known frameworks like ISO/IEC 27034 or NIST SP 800-204A. This setup makes it much easier for developers to create secure applications.
With pre-configured components and clear instructions, SDKs streamline the process of adding security measures to apps. This approach not only helps meet important compliance standards but also minimizes the chances of introducing vulnerabilities during development.
How do I decide between API integration and an SDK for my security solution?
If you're looking for a quick and adaptable way to link your system with existing services, API integration is a great option. It's perfect for tasks like email validation or fraud detection, as it eliminates the need for large downloads or platform-specific tweaks.
Meanwhile, an SDK is your go-to when developing applications for specific platforms. It offers a full suite of tools and resources that streamline development and ensure consistency. SDKs shine when you need advanced features seamlessly built into your application.