Fraud starts at account opening
Few people will commit fraud using their true identity. Instead, malicious users will mispresent themselves when an account is created. However, telling good from bad, or even bot from human, can be difficult. If you're a financial services firm, you will likely require physical proof of identity. However, that process has known vulnerabilities.
Synthetic identities
Fraudsters combine stolen social security numbers with fake names, addresses and made up dates of birth. These false identities are used, sometimes for years, to build a positive history before ultimately being used to commit fraud.
Stolen identities
According to the FTC, there were 4.8 million reports of identity theft in 2020, with 47% of Americans experiencing some form of idenity theft. Fraudsters regularly use these identities to register for services where financial fraud is then committed.
Fake identities
Most websites want humans using their service, not software bots. However, bots are often used by fraudsters to commit fraud on a large scale, since software functions more quickly than a human.
Behavioral
verification
Digital behavioral signals can be used to filter malicious activity, upstream of a KYC solution. These signals include identity traits (IP address, device, email, phone) as well as behavioral traits (keystrokes, mouse movements, how quickly the user moves through the signup flow). Combining these signals with Castle policies allows you to fine tune who to filter out or let through.

Use Castle to stop fraud at
account opening
Stop fraud by using Castle's behavioral signals to identify high risk users.
Assessing identity risk
Looking at identity characteristics of a user can provide information about whether something suspicious is happening.
Blocking software bots
The majority of malicious activity on the web comes from software bots. Use the Castle Filter API in-line, at the edge of your app, to detect and block bots.
Mitigating fraud with policies
When you learn about new types of attacks, use Castle policies to implement protection in real-time. Once Castle's APIs are integrated into your application, policies can be used (with no further code changes) to alter which users you allow, challenge or deny.
- Bot Detection
- Account Takeover Prevention
- Policy Management
- Device Management
- User Behavior Analytics
- REST API & Webhooks
- Email & chat support
- Credit card payments
- Includes all Pro features
- Enterprise SLAs
- Enterprise support
- * Volume discounts available
- Customizable billing
- Invoice payments