diff --git a/app/controllers/concerns/mfa_setup_concern.rb b/app/controllers/concerns/mfa_setup_concern.rb
index 6f673afde94..e3c1e07ad51 100644
--- a/app/controllers/concerns/mfa_setup_concern.rb
+++ b/app/controllers/concerns/mfa_setup_concern.rb
@@ -97,6 +97,7 @@ def threatmetrix_attrs
       request_ip: request&.remote_ip,
       threatmetrix_session_id: session[:threatmetrix_session_id],
       email: EmailContext.new(current_user).last_sign_in_email_address.email,
+      uuid_prefix: current_sp&.app_id,
     }
   end
 
diff --git a/app/jobs/account_creation_threat_metrix_job.rb b/app/jobs/account_creation_threat_metrix_job.rb
index aa5b439e01d..1644cee124e 100644
--- a/app/jobs/account_creation_threat_metrix_job.rb
+++ b/app/jobs/account_creation_threat_metrix_job.rb
@@ -5,12 +5,14 @@ def perform(
     user_id: nil,
     threatmetrix_session_id: nil,
     request_ip: nil,
-    email: nil
+    email: nil,
+    uuid_prefix: nil
   )
     device_profiling_result = AccountCreation::DeviceProfiling.new.proof(
       request_ip: request_ip,
       threatmetrix_session_id: threatmetrix_session_id,
       user_email: email,
+      uuid_prefix: uuid_prefix,
     )
   ensure
     user = User.find_by(id: user_id)
diff --git a/app/services/account_creation/device_profiling.rb b/app/services/account_creation/device_profiling.rb
index 7cccde45b12..c74fae53642 100644
--- a/app/services/account_creation/device_profiling.rb
+++ b/app/services/account_creation/device_profiling.rb
@@ -5,15 +5,18 @@ class DeviceProfiling
     attr_reader :request_ip,
                 :threatmetrix_session_id,
                 :user_email,
-                :device_profile_result
+                :device_profile_result,
+                :uuid_prefix
     def proof(
       request_ip:,
       threatmetrix_session_id:,
-      user_email:
+      user_email:,
+      uuid_prefix:
     )
       @request_ip = request_ip
       @threatmetrix_session_id = threatmetrix_session_id
       @user_email = user_email
+      @uuid_prefix = uuid_prefix
 
       @device_profile_result = device_profile
     end
@@ -27,6 +30,7 @@ def device_profile
         threatmetrix_session_id: threatmetrix_session_id,
         email: user_email,
         request_ip: request_ip,
+        uuid_prefix: uuid_prefix,
       )
     end
 
diff --git a/spec/jobs/account_creation_threat_metrix_job_spec.rb b/spec/jobs/account_creation_threat_metrix_job_spec.rb
index cffb09cfda7..091df7d8fda 100644
--- a/spec/jobs/account_creation_threat_metrix_job_spec.rb
+++ b/spec/jobs/account_creation_threat_metrix_job_spec.rb
@@ -3,6 +3,7 @@
 RSpec.describe AccountCreationThreatMetrixJob, type: :job do
   let(:user) { create(:user, :fully_registered) }
   let(:request_ip) { Faker::Internet.ip_v4_address }
+  let(:service_provider) { create(:service_provider) }
   let(:threatmetrix_session_id) { SecureRandom.uuid }
   let(:authentication_device_profiling) { :collect_only }
   let(:lexisnexis_threatmetrix_mock_enabled) { false }
@@ -28,6 +29,7 @@
         user_id: user.id,
         threatmetrix_session_id: threatmetrix_session_id,
         request_ip: request_ip,
+        uuid_prefix: service_provider.app_id,
       )
     end
 
diff --git a/spec/services/account_creation/device_profiling_spec.rb b/spec/services/account_creation/device_profiling_spec.rb
index 3178f51170e..03f3c69bfec 100644
--- a/spec/services/account_creation/device_profiling_spec.rb
+++ b/spec/services/account_creation/device_profiling_spec.rb
@@ -5,6 +5,7 @@
   let(:threatmetrix_proofer_result) do
     instance_double(Proofing::DdpResult, success?: true, transaction_id: 'ddp-123')
   end
+  let(:service_provider) { create(:service_provider) }
   let(:threatmetrix_proofer) do
     instance_double(
       Proofing::LexisNexis::Ddp::Proofer,
@@ -24,6 +25,7 @@
         request_ip: Faker::Internet.ip_v4_address,
         threatmetrix_session_id: threatmetrix_session_id,
         user_email: Faker::Internet.email,
+        uuid_prefix: service_provider.app_id,
       )
     end
 
diff --git a/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb b/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
index 199cef5e19a..4e541595f69 100644
--- a/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
+++ b/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
@@ -81,6 +81,25 @@
         expected_json = JSON.parse(LexisNexisFixtures.ddp_authentication_request_json)
         expect(response_json).to eq(expected_json)
       end
+
+      context 'with service provider associated with user' do
+        let(:applicant) do
+          {
+            threatmetrix_session_id: 'UNIQUE_SESSION_ID',
+            email: 'test@example.com',
+            request_ip: '127.0.0.1',
+            uuid_prefix: 'SPNUM',
+          }
+        end
+
+        it 'returns a properly formed request body' do
+          response_json = JSON.parse(subject.body)
+
+          base_json = JSON.parse(LexisNexisFixtures.ddp_authentication_request_json)
+          expected_json = base_json.merge({ 'local_attrib_1' => 'SPNUM' })
+          expect(response_json).to eq(expected_json)
+        end
+      end
     end
   end