Protect your users from stolen credentials

Castle detects and mitigates account takeovers in web and mobile apps

Start your 14-day trial
Thanks! Check your email to get started.
Oops! Try again

Put account security on autopilot

Track events in your web and mobile apps. We analyze device, location, and usage patterns to detect fraudulent activity.

Feature 1@2x

Integrate in minutes

Get up and running by simply adding a snippet of code. It’s as easy as installing Google Analytics.

Feature 3@2x

Self-learning risk models

Machine learning that stops account takeovers from day one and evolves to keep false positives at a minimum.

Feature computer@2x

Automate manual work

Choose the malicious activity patterns that alert your team. Authentication APIs let your users resolve the rest.

Behavioral security analytics

Get complete visibility into your users’ devices and access patterns. Drill down into individual sessions to see who is using Tor or hopping between locations.


As easy to integrate as any analytics API

We've tailored Castle to make developers feel right at home.

Alt 1. JavaScript snippet

Include the snippet on all your pages. Call identify when the user is logged in.

<script type="text/javascript">
  (function(e,t,n,r){function i(e,n){e=t.createElement("script");e.async=1;e.src=r;n=t.getElementsByTagName("script")[0];n.parentNode.insertBefore(e,n)}e[n]=e[n]||function(){(e[n].q=e[n].q||[]).push(arguments)};e.attachEvent?e.attachEvent("onload",i):e.addEventListener("load",i,false)})(window,document,"_castle","//")
  _castle('setAppId', '4512367890');
  _castle('identify', '1234', {
    created_at: '2012-12-02T00:30:08.276Z',
    email: '',
    name: 'Johan B'

Alt 2. Enable via Segment with one click

Castle has partnered with Segment so you can use your existing Segment deployment to launch Castle with a single click.

Enable with segment@2x