Use Case

Protect from account takeovers in minutes

Efficiently weed out account takeovers with a five minute Segment or Javascript integration.

Start for free

Real-time blocking

Rules execute in milliseconds to block Account Takeovers inline without noticable delay.

Custom definitions

Define Account Takeovers your way using advanced filtering and real-time velocity queries.

Granular analytics

Leverage BI-grade analytics to expose Account Takeovers and fraud rings at scale.

Data enrichment

Enriched with device intelligence, risk scores, velocity metrics, and much more.

Segmentation

Define account takeovers using custom logic

Castle lets you use advanced filtering, real-time velocity queries, and custom lists to segment out account takeovers with high precision.

99
stephc@gmail.com
Active 2 minutes ago
Malaysia
Kuala Lumpur
  • Credential Stuffing
  • New Device
  • Datacenter IP
  • Abuse-repored IP
74
steve.smith@yahoo.uk.co
Active 2 minutes ago
Mexico
Mexico City
  • New Device
  • New Country
  • Impossible Travel
64
johanb@hotmail.com
Active 2 minutes ago
Denmark
Copenhagen
  • Proxy IP
  • Users per Device (2)
Automation

Action on account takeovers in real-time

Rules execute in milliseconds and can be used to adapt the user experience based on risk in real-time.

Real-time decisions

Assessments of data like user count per device or hourly failed logins executed in the blink of an eye.

Inline blocking

Initiate request blocks or step-up verifications anywhere in your app without disrupting the user experience.

Alerts & notifications

Ensure your team and users stay informed with triggered Slack notifications or webhooks.

Analytics

A holistic view
of account takeovers

Harness the power of BI-grade analytics to expose account takeovers attacks and unravel fraud rings with precision.

Pattern exploration

Uncover patterns in on login attacks, signup spam campaigns, and repetitive in-app transactions.

Network analysis

Spot interconnected users via shared devices, emails, IPs, payment methods, or addresses.

Session monitoring

Get a complete history of each user and company, down to individual page views and any custom actions.

Rule backtesting

Test complex risk logic on historical data first, ensuring zero disruption to legitimate users.

Enrichment

All the data you need to pinpoint account takeovers

Every interaction is enriched with comprehensive device intelligence, risk scores, location data, and much more.

Proxy
Datacenter IP
Tor IP
Device Fingerprint
cRigW25...
👪
Users per device
4
Battery Level
88%
Battery State
Charging
Emulator
Rooted
Device Fingerprint
cRigW25...
Memory
.
Storage
256GB
Screen Resolution
1920x1080
OS
Android Nougat
Timezone
Europe/Stockholm
Screen Time
13:12:30
Uptime
43:48:01
IP Address
28.182.2.1
Device Fingerprint
cRigW25...
Device Fingerprint
cRigW25...
ASN
39183
Excessive Login Attemps in 24h
325
ATO Score
76
Bot Score
32
Carrier
AT&T
🖥
Headless Browser
✅
Signups per IP over 1h
5

Risk Scores

Out of the box risk scores for account abuse, account takeover, and bot abuse.

Velocities

Compute personalized signals based on real-time metrics like counts, sums, averages, and more.

Device fingerprinting

Persistent device identifiers resilient to storage resets and resistant to privacy plug-ins.

Bot detection

Identify bot actions via bot scores, headless indicators, or velocity and rate limit checks.