Turn every signup into a trust verdict
Email checks and CAPTCHA verify the inbox, not the human behind it. Signup Shield fuses email anatomy, domain forensics, business substance, federated identity, behavioral telemetry, and a cross-tenant fraud graph into one explainable verdict, in real time, at registration. See how browser-layer detection catches what email verification misses.
Three signups you can't afford to wave through
Throwaway and disposable domains
Burner inboxes and relay domains spin up in seconds, pass a basic email check, and disappear the moment they've abused your free tier or promo.
Hijacked and compromised accounts
Credentials surface in breach dumps and get reused at scale. The address looks real because it is real, it just isn't the person signing up.
Consumer and free email, on your terms
A real employee on Gmail can be exactly who you want. Free email is a signal you tune per segment, not an automatic block. Signup Shield reads federation and other proofs before it decides.
- Score every signup on email anatomy, disposable and relay domains, DNS and domain forensics, and business-substance lookups, not just whether the inbox exists.
- Treat verified federation (Google Workspace, SSO and IdP discovery) as a positive trust signal, so real users sail through and risky password signups get a step-up.
- Link coordinated fake accounts across the whole network with a cross-tenant fraud graph, behavioral telemetry, and ground-truth labels from honeypots and DMARC reporting.
- Return one explainable verdict with reason codes and an immutable audit log, in real time, then wire it into your flow to allow, step up, or block.
Every signup, checked against ten classes of evidence
Signup Shield fuses signals from across the open web, the DNS and mail infrastructure, public business registries, and your own network into one real-time verdict.
Email anatomy
Entropy, role addresses, faker and Markov patterns, TLD risk, and IDN homoglyphs, read straight from the address itself.
Disposable and relay detection
Four open-source blocklists plus MX fingerprinting catch burner domains, while privacy relays are treated neutrally.
DNS and domain forensics
RDAP and WHOIS age, newly-registered domains, DNSSEC, parking, and MX provider class tell you how real the domain is.
Mailserver reputation
SPF and DMARC policy, DMARC RUA aggregation, Spamhaus DROP and SBL, and null-MX checks score the sending infrastructure.
Compromised-account intelligence
Breached-account checks flag addresses that have surfaced in known credential dumps.
Company and business registries
Official records across 15+ countries confirm a real business behind the domain, with coworking-address blocklists to catch the fakes.
Web substance
Public discussion of the email and domain across the web: archived content continuity, structured data, knowledge graphs, and crawl rank.
Federated identity proofs
A verified Google Workspace claim is the strongest signal we read; Microsoft tenants, Apple, GitHub orgs, and passkeys add more.
Behavioral and device telemetry
IP, ASN and Tor, device-fingerprint reuse, headless and anti-detect browsers, TLS and HTTP consistency, honeypots, form timing, and velocity.
Cross-tenant fraud graph
A device caught committing fraud at one customer flags matching signups across the whole network, coverage no single tenant can build alone.
Corroborated across federation, domain age, and email anatomy.
From signals to a verdict in under 500ms
Collect the signals
At registration, Signup Shield gathers email anatomy, domain and DNS forensics, business-substance and registry data, federation proofs, and behavioral telemetry in a single call.
Check the network graph
Each signup is matched against a cross-tenant fraud graph and ground-truth labels from honeypots and DMARC reporting, surfacing rings that single-tenant rules never see.
Return an explainable verdict
Signals fuse into one score with reason codes in real time, so every decision is auditable and you know exactly why it fired, not just that it did.
Decide in your flow
Allow clean signups, step up risky ones with federation or extra checks, and block high-confidence fraud, by API or webhook, before the account exists.
Built for the platforms fraud targets at signup
SaaS Platforms
Free-tier and trial abuse depends on creating many accounts cheaply; one operator runs hundreds.
FinTech & Payments
Account-opening fraud blends synthetic identities with throwaway domains at signup.
Online Gaming
Bonus abuse, smurfing, and multi-accounting all begin at account creation.
Marketplaces & Crypto
Fake sellers and mule accounts pollute marketplaces and move funds.
Why Signup Shield outperforms single-signal signup checks
| vs. Email/OTP verification | vs. CAPTCHA | vs. Device-only fraud tools |
|---|---|---|
| Reads email anatomy, domain forensics, and business substance, not just inbox existence | Scores the whole signup context, not a single checkpoint | Adds email, domain, business, and federation signals on top of the device |
| Catches throwaway and relay domains that still pass an OTP | Flags automation and AI agents that solve the challenge | Links coordinated accounts with a cross-tenant graph across customers |
| Returns a verdict with reason codes before the account exists | Runs passively, with no added user friction | Treats verified federation as a positive signal to preserve conversion |
Questions, answered
01 What is Signup Shield?
Signup Shield turns every signup attempt into a real-time trust verdict. It fuses email anatomy, disposable and relay detection, DNS and domain forensics, business-substance lookups, federated identity proofs, behavioral telemetry, and a cross-tenant fraud graph into one explainable score with reason codes, then sends that verdict into your signup flow so you can allow, step up, or block.
02 How is this different from email or OTP verification?
Email and OTP verify the endpoint, not the registrant. A valid inbox receipt and a valid OTP are fully compatible with an automated, fully fake signup, because disposable-email APIs provision throwaway inboxes and read back codes programmatically. Signup Shield evaluates the whole context around the registration, including signals an attacker cannot swap out as easily as an email address.
03 Which sources does Signup Shield check?
Every signup is checked against ten classes of evidence: email anatomy, disposable and relay detection, DNS and domain forensics, mailserver reputation, compromised-account intelligence, company and business registries, web substance, federated identity proofs, behavioral and device telemetry, and a cross-tenant fraud graph. The signals fuse into one score with reason codes, so you can see exactly which evidence drove the verdict.
04 Do you automatically block free or consumer email?
No. Free email is a tunable signal, not an automatic block. A real employee on a Gmail address, or a real freelancer, should still pass, so Signup Shield weighs free email alongside federation proofs, domain forensics, and the rest of the context. You decide how much weight free email carries per segment, so a strict B2B flow and a consumer flow can score the same address differently.
05 Will it block real users with privacy-relay emails or brand-new domains?
No. A single thin signal is not treated as guilt. Signup Shield weighs many signals together, so a privacy-relay address, a freelancer, a brand-new startup, or a small business on a long-tail domain reads very differently from a coordinated fake. You set the threshold and the response, so legitimate signups stay frictionless.
06 How does federation improve both trust and conversion?
A signup arriving with a verified federation proof, such as a Google Workspace domain claim, is high-confidence and can be approved with no friction. For password signups on domains that have a discoverable identity provider, Signup Shield can prompt a step-up to federation, which raises trust and improves conversion at the same time. No competitor productizes federation as a scoring signal rather than just an auth method.
07 How fast is the verdict and how do I act on it?
The verdict returns in real time during the signup request, with reason codes that explain it. Consume it by API or webhook and decide in your own flow: allow clean signups, apply step-up friction only when the score crosses your threshold, and block high-confidence fraud before the account is created.
08 How is Signup Shield deployed?
Through a developer-friendly API and the cside JavaScript SDK that already runs on your pages. It sits alongside your existing signup, fraud, and rules stack and feeds it a verdict, so it is a layer you add, not a rip-and-replace of your auth provider.
09 What is the difference between fake account creation and account takeover?
Fake account creation builds a new fraudulent account from scratch at signup; account takeover compromises an existing legitimate account through stolen credentials or session theft. Signup Shield focuses on the registration moment, while account takeover protection covers existing sessions. cside covers both surfaces.
Didn't find what you were looking for?
Book a demoTurn every signup into a trust verdict
One API call. Fuse email, domain, business, federation, behavioral, and cross-tenant signals into one explainable verdict, before the account exists.