This thread discusses extracting information from the user agent to determine the type of device being used.
But keep in mind that it’s easy to fake the user agent. Most browsers even provide the tools to preview websites as different devices by allowing you to change the user agent.
So, if fraud is a major concern, then restricting device usage based on the user agent is not going to be a secure method. At most the user agent just provides general info to the developer and if programmed accordingly, allows for websites to display differently based on info from the user agent. It can easily be changed and didn’t be relied upon for securely identifying users and their devices.