How FraudGuard Works

At FraudGuard our expertise is collecting real-time internet attacks and non-attack data through an automated, programmatic process.

We have created a massive network of dynamic honeypots with multiple different cloud providers leveraging several industry standard technologies to pinpoint attackers based off of severity, location, and frequency to assist with collecting attack data. Non-attack data like public anonymizer services (like TOR or open public proxies) is collected and correlated to assist in validating source, etc.

By utilizing our constantly updating Threat Feed, FraudGuard can drastically reduce the chances of your network or organization being attacked by any number of threats.

The FraudGuard service was originally designed as a data only service. We provide an easy way to validate usage by continuously collecting and analyzing real-time internet traffic. Utilizing just a few API endpoints, we make integration as simple as possible for developers and engineers alike.

FraudGuard Use Cases

The most typical use case for the FraudGuard service is utilizing our threat and risk levels to determine if traffic inbound to your network, infrastructure or application is considered safe. This usually results in developers integrating FraudGuard into applications critical components such as login pages, 2FA, account update, email/password change, checkout, etc. The easiest way to get started with FraudGuard is to rely on our data gathered in our attack correlation engine. For more info and our recommendations on what to block please see our Threat & Risk levels

Another popular use case is utilizing the country code to determine the source of traffic and blocking or changing application settings based on this information. For example using our data for to determine if a client living in Texas then logs in from Japan from a source IP that is a frequent open public proxy its safe to assume a verification request should be sent via SMS or email to confirm the identity of the user before granting them account access.

We also offer extremely simple ways to further secure your application by geographic blacklist as well. For example, in the case that you only do business in the US, you can restrict any application function from any country, for example China or Russia in just one API call. This is an extremely simple and reliable way to block up to billions of malicious actors.

Quite a few of our customers already rely on FraudGuard APIs to change application components like session state, cookie duration, verbose logging components, remember my password options, even in some cases customer notification and security engineer escalation of possible attack.

We also have other customers testing our FraudGuard v2 APIs. In FraudGuard v2 we released bulk API management including, geographic blacklist, custom whitelist, custom blacklist, and top tracked IPs by both threat and risk. These bulk APIs allow easy integration into either network components like on-premise firewalls, network access control lists, cloud security appliances, web application firewalls, etc. This bulk data could also be cached inside your own application code to further secure components without relying on FraudGuard to process each API request sent.

The options for implementation are nearly limitless. Every individual has their own need for the data we provide and how you use that data is completely up to you.

API Documentation

For our most up to date API docs please check out:

API Documentation