This article takes an honest look at Sardine and where it overlaps with cside.
Since you're on the cside website, we acknowledge our bias. That said, we've built our case honestly and based our analysis on publicly available information, industry information, and our own or our customers' experiences.
If you want to verify their claims yourself, please go to their product page.
Let's be clear up front: Sardine and cside are not the same product. Sardine is a well-established fraud, AML, and transaction-monitoring platform with strong reviews and a large enterprise customer base, and it does plenty cside doesn't — fraud and AML decisioning, sanctions and PEP screening, KYC/KYB, case management, and agentic fraud operations. This page compares the two on the layer where they actually overlap — in-browser device signals, bot, and AI-agent detection — and on how cside reads it: behavioral patterns like mouse movement, scroll behavior, and typing cadence captured from your own first-party JavaScript, plus an engine that flags AI-generated text in your forms. cside also goes beyond bot detection into client-side script security and PCI DSS coverage, which we cover at the end.
| Criteria | cside | Sardine | Why It Matters | What the Consequences Are |
|---|---|---|---|---|
| Category | Client-side security + first-party device signals | Fraud prevention, AML compliance & transaction monitoring (risk scores + decisioning) | Different jobs that meet at the signal layer | |
| Signal collection | First-party JavaScript on your own domain | Vendor-hosted JavaScript SDK loaded in the browser, plus server-side APIs | Signal integrity and ownership | |
| Survives privacy extensions / ad blockers | Full support first-party, no third-party origin to block |
Browser SDK is a third-party script and can be affected by filter lists (server-side API signal still flows) | Browser-collected device intelligence can degrade for privacy-tool users | Risk of false positives on privacy-conscious legitimate customers |
| Device fingerprinting + bot / AI agent detection | Full support 102+ signals; detects + classifies agentic traffic in real time from first-party JS, reading in-session behavior (mouse, scroll, typing cadence) on the live page |
Full support device fingerprinting, behavior biometrics, bot detection, and explicit agentic-automation detection |
Both cover the device + agentic layer — a genuine overlap | |
| AI-generated text detection (form inputs) | Full support pass a form field's contents and cside flags whether a human or an AI wrote it |
No support not offered |
Fake reviews, spam sign-ups, and AI-written abuse pass network checks | Text-origin abuse stays invisible without a content-level signal |
| AML, sanctions/PEP, KYC/KYB, case management | No support not in scope |
Full support full AML, screening, onboarding & investigations suite |
Regulated fintechs/banks need compliance operations | Where Sardine does a job cside does not |
| Public pricing & self-serve | Full support published pricing, free tier, trial |
Sales-led; contact sales for a quote and demo | Evaluate without a sales cycle | Procurement friction and repricing risk at renewal |
What is Sardine?
Sardine is an agentic fraud-prevention, AML-compliance, and transaction-monitoring platform, founded in 2020 (co-founded and led by CEO Soups Ranjan) and headquartered in San Francisco. It unifies device and behavior intelligence, identity verification (KYC/KYB), sanctions and PEP screening, real-time and batch transaction monitoring, case management, and an AI/GenAI investigations layer into one platform, and it returns risk scores and decisions across payment fraud, account takeover, money laundering, and abuse. Per its own site, it serves hundreds of enterprise customers across banking, fintech, e-commerce, and marketplaces, and reports a 4.9/5 rating on G2. It states it is SOC 2 Type II, ISO 27001, PCI DSS, and GDPR compliant via its Trust Center. It is a mature, well-funded, sales-led platform.
How Sardine works
Per Sardine's own developer documentation, a lightweight web JavaScript SDK (plus iOS and Android SDKs) loads Sardine's script in the browser and captures device fingerprint and behavior-biometric signals tied to a session key, while your backend posts payments, sanctions, and AML transaction events to Sardine's server-side APIs. Machine-learning models and a low-code rule builder (Sardine cites hundreds of pre-built fraud and AML rules) then produce risk scores, customer risk ratings, and case workflows, with AI agents to speed investigations. On the device side, Sardine explicitly advertises detection of agentic browser automation — naming OpenAI Operator, Perplexity, BrowserUse, and BrowserBase — alongside headless browsers, bots, and VPN/proxy "piercing."
Two things follow from that design that matter for a client-side security buyer. First, the in-browser collector is a vendor-hosted third-party script with a fixed origin — so, like other third-party browser collectors, it can be affected by privacy extensions and filter lists for some visitors (the server-side API signal still flows). Second, that browser SDK is itself an unmonitored third-party script on your pages — precisely what PCI DSS 6.4.3 asks merchants to inventory and watch. Sardine being PCI-compliant as an organization is a separate thing from giving a merchant a tool to satisfy 6.4.3 / 11.6.1, which its site does not describe.
How cside fits
cside isn't a replacement for Sardine's fraud and AML decisioning, and we won't pretend otherwise. If you need transaction monitoring, sanctions screening, KYC/KYB, or case management, that's Sardine's job, not ours. What cside does is the layer underneath and around the device signal.
On the layer the two share — device signals, bot, and AI-agent detection — cside collects device and behavioral signals from your own first-party JavaScript, so there's no third-party origin for a filter list to block and no fixed collector for a fraudster to detect and feed. It reads in-session behavior on the live page — mouse-movement patterns, scroll behavior, and typing cadence — alongside device fingerprinting (96% accuracy, 102+ signals including IP, geolocation, VPN/proxy, and bot activity), with integrated AI agent detection. It also adds a signal Sardine doesn't offer: an AI-generated-text detection engine — pass the contents of a form field (a review, a signup bio, a support message) and cside tells you whether a human or an AI wrote it. There's more on our bot detection and AI agent detection pages, and Avneh's posts on behavioral cursor detection and the two-stage neural detection stack explain the underlying motion and session signals in more detail.
Beyond bot detection, cside does the thing Sardine doesn't: it inventories, justifies, and tamper-monitors every script on your payment pages — including collectors like Sardine's — to satisfy PCI DSS 4.0.1 requirements 6.4.3 and 11.6.1, with QSA-ready reports (VikingCloud-validated) and a single first-party script tag that adds no proxy, no DNS changes, and zero added latency. It also gives you evidence you own, usable in chargeback disputes through our Chargebacks911 integration. Many teams run a fraud and AML platform and cside together; if the first-party device-signal layer or PCI script coverage is your gap, that's where cside fits.
Sign up or book a demo to get started.
Founder and CEO of cside. Previously a product manager on Cloudflare Page Shield (now Cloudflare Client-Side Security). Co-chair of the W3C Anti-Fraud Community Group and a Forbes 30 Under 30 honoree. Building accessible security against client-side attacks — web security is not an enterprise-only problem.