Risk evaluation returned fault C008 because Intelligent Authentication (IA) could not accept the IAAuthData field: the value is not a valid encoded device fingerprint for this service, failed field validation, or a related device-engine check (including some mobile fingerprint digest paths) failed.

Symptoms

• SOAP/REST client receives an IA fault with Status: C008 and message IAAuthData is not valid.
• May appear on login, risk evaluation, device registration, or feedback flows that send IAAuthData.

VIP Service

1. Client/SDK bug or misintegration — fingerprint not built or not encoded per the supported version (missing _v02 when required, wrong XOR, double-encoding, truncation).
2. Corruption in transit — proxies, gateways, or logging that alter the string (line breaks, URL decoding errors, character set issues).
3. Wrong field content — placeholder text, HTML, JSON, or XML sent where a Base64-encoded fingerprint is expected.
4. Unsupported or malformed fingerprint — invalid fpdt / mobile OS, missing required fields, or values that fail server-side validators.
5. Mobile-specific issues — problems with encrypted client key or message-digest calculation may surface as C008 (check server logs for the more specific internal message).

1. Confirm integration — Use the supported IA/mobile SDK or browser collector; ensure IAAuthData is taken from the official API and passed unchanged to IA.
2. Compare with a known-good client — Same user/agent/version should produce a successful call; diff request size, prefix (_v02), and Base64 alphabet (no spaces/newlines).
3. Fix the integration so IAAuthData matches the expected encoding and a valid fingerprint from the supported client.