We make account
security easy

Drop-in APIs to help developers prevent new account abuse, account takeovers, and transaction fraud.

Protecting over 500M user accounts
Server-Side API

Protect signup, login,and beyond

In-line protection for your application using risk scores and signals.

Request Submit payload to Castle's risk endpoint
Post api.castle.io/v1/risk
Payload here
Response Castle will return a risk analyzed response
{ 
  "risk": 0.83,
  "signals": {
    "bot_behavior": {},
    "proxy_ip": {},
    "disposable_email": {},
    "spoofed_device": {},
    "new_country": {}
    "multiple_accounts_per_device": {}
  },
  "policy": {
    "action": "challenge",
    "name": "Verify risky logins",
    "id": "e14c5a8d-c682-4a22-bbca-04fa6b98ad0c",
    "revision_id": "b5cf794e-88c0-426e-8276-037ba1e7ceca"
  },
  "device": {
    "token": "eyiOi1geyJhbJIUzI1geyJhbGcUacawiao0KQh"
  }
}
{ 
  "risk": 0.83,
  "signals": {
    "bot_behavior": {},
    "proxy_ip": {},
    "disposable_email": {},
    "spoofed_device": {},
    "new_country": {}
    "multiple_accounts_per_device": {}
  },
  "policy": {
    "action": "challenge",
    "name": "Verify risky logins",
    "id": "e14c5a8d-c682-4a22-bbca-04fa6b98ad0c",
    "revision_id": "b5cf794e-88c0-426e-8276-037ba1e7ceca"
  },
  "device": {
    "token": "eyiOi1geyJhbJIUzI1geyJhbGcUacawiao0KQh"
  }
}
{ 
  "risk": 0.83,
  "signals": {
    "bot_behavior": {},
    "proxy_ip": {},
    "disposable_email": {},
    "spoofed_device": {},
    "new_country": {}
    "multiple_accounts_per_device": {}
  },
  "policy": {
    "action": "challenge",
    "name": "Verify risky logins",
    "id": "e14c5a8d-c682-4a22-bbca-04fa6b98ad0c",
    "revision_id": "b5cf794e-88c0-426e-8276-037ba1e7ceca"
  },
  "device": {
    "token": "eyiOi1geyJhbJIUzI1geyJhbGcUacawiao0KQh"
  }
}
{ 
  "risk": 0.83,
  "signals": {
    "bot_behavior": {},
    "proxy_ip": {},
    "disposable_email": {},
    "spoofed_device": {},
    "new_country": {}
    "multiple_accounts_per_device": {}
  },
  "policy": {
    "action": "challenge",
    "name": "Verify risky logins",
    "id": "e14c5a8d-c682-4a22-bbca-04fa6b98ad0c",
    "revision_id": "b5cf794e-88c0-426e-8276-037ba1e7ceca"
  },
  "device": {
    "token": "eyiOi1geyJhbJIUzI1geyJhbGcUacawiao0KQh"
  }
}
Client-Side Integration

Drop-in device fingerprinting

The key to detecting malicious users.

100+ device properties

Hardware specs, proxy, headless browser, incognito, emulator, jailbreak, and much more.

Bot and human behavior

Continuous analysis of mouse movements, keystrokes, taps, swipes, and app navigation.

For Developers

Flexible building blocks

Leverage our full set of APIs to create custom protection workflows.

The Dashboard

Get everyone on thesame page

Investigate security, fraud, and compliance incidents, configure policies, and block bad devices.

Professional
$33/mo
per 10,000 good events

No minimum commitment
Start for free
  • Bot Detection
  • Account Takeover Prevention
  • Policy Management
  • Device Management
  • User Behavior Analytics
  • REST API & Webhooks
  • Email & chat support
  • Credit card payments
Enterprise
$28/mo*
per 10,000 good events

$2,800/mo minimum commitment
Get in touch
  • Enterprise SLAs
  • Enterprise support
  •  
  • * Volume discounts available
  • Customizable billing
  • Invoice payments