Castle was designed as an API first solution to give developers flexibility when implementing account protection. With Castle you can respond to password attacks based on risk and formalize a response that works for you and your users. You can also automate intrusion alerts, step-up authentication, and account recovery workflows that align with your risk tolerance. Deny the riskiest logins and in-app transactions (such as profile changes or abnormal transactions) while ensuring legitimate users can use your application with minimal friction. For each login or transaction attempt, Castle returns a verdict - allow, deny or challenge -a risk score and risk signals. Castle also offers higher fidelity bot detection by layering on the context of a user's identity to traditional bot detection risk signals. By analyzing Identity behavioral analytics in addition to traditional risk patterns, Castle can stop automated attacks such as fake account creations, credit card stuffing, and account takeovers by tying a user to their device and application activity.
Languages supported: English
