Protect your users from stolen credentials
Castle detects and mitigates account takeover in web and mobile apps
Nice! We've sent you an email with a confirmation link.
Oops! Try again
Castle detects and mitigates account takeover in web and mobile apps
Track events in your web and mobile apps. We analyze device, location and usage patterns to make sure they are consistent for each user.
Get up and running by simply adding a snippet of code. It’s as easy as installing Google Analytics.
Machine learning that stops account takeovers from day one and evolves over time to reduce false positives.
Only clearly malicious activity alerts your team. Authentication APIs lets your users resolve the rest.
Get complete visibility into your users’ devices and access patterns. Drill down into individual sessions to see who is using Tor or hopping between locations.
We've tailored Castle to make developers feel right at home.
Include the snippet on all your pages. Call identify when the user is logged in. The snippet improves device recognition, but is optional.
<script type="text/javascript">
(function(e,t,n,r){function i(e,n){e=t.createElement("script");e.async=1;e.src=r;n=t.getElementsByTagName("script")[0];n.parentNode.insertBefore(e,n)}e[n]=e[n]||function(){(e[n].q=e[n].q||[]).push(arguments)};e.attachEvent?e.attachEvent("onload",i):e.addEventListener("load",i,false)})(window,document,"_castle","//d2t77mnxyo7adj.cloudfront.net/v1/c.js")
_castle('setAppId', '1234567890');
_castle('identify', '1234', {
created_at: '2012-12-02T00:30:08.276Z',
email: 'johan@castle.io',
name: 'Johan B'
});
</script>
Track security events or any unstructured data from your web backend or mobile app, and Castle will look for anomalies.
# Ruby example
castle.track(
name: '$login.succeeded',
user_id: '1234')
castle.track(
name: '$login.failed',
properties: {
'$login' => 'admin@yoursite.com'
})
