Stytch Introduces the Next Generation of Authentication Infrastructure with Advanced Fraud and Bot Protection

New device fingerprinting capabilities, including powerful AI functionality, enable developers to easily integrate leading security into any authentication flow


SAN FRANCISCO, Sept. 17, 2024 (GLOBE NEWSWIRE) -- Stytch, the most powerful identity platform built for developers, today unveiled advanced capabilities for its Device Fingerprinting technology, empowering developers to seamlessly integrate sophisticated fraud prevention into their applications, enhancing user and application security. Coupled with its deterministic, rules-based approach to security, Stytch Device Fingerprinting now incorporates supervised machine learning to detect and classify new devices, providing unparalleled protection against zero-day threats. The result combines the precision of a proprietary, deterministic approach to security with the dynamic, real-time insights of AI.

Unlike traditional methods like reCAPTCHA and Web Application Firewalls, Stytch creates a unique, persistent fingerprint and threat verdict for every visitor. This solution is completely invisible to users and detects bots and fraud with industry-leading 99.99% accuracy, eliminating the need for blunt security tools that add friction to the user experience. Additionally, unlike other methods, Stytch Device Fingerprinting has built-in protection against reverse-engineering and network spoofing techniques or tools such as CAPTCHA-solving API services, AI-based vision models like GPT-4o, or click-farms.

Stytch Device Fingerprinting creates a reliable identifier by analyzing deep sub-signals of device hardware, network TLS profile, active browser markers, and more. The identifier persists even under conditions like incognito and stealth headless browsing, requests via TOR nodes, multiple web views, VPNs, and user agent changes.

Authentication is rapidly evolving to counter increasingly sophisticated threats, many of which are AI-generated. A more robust, adaptive approach to authentication is needed that not only uses a more holistic understanding of user identity, but also reduces the engineering burden of building a natural and frictionless experience for users.

Stytch Device Fingerprinting, along with these new capabilities, can be enabled in minutes with any application or used as a seamlessly integrated part of Stytch’s authentication infrastructure, making it easy for developers to add advanced bot and fraud prevention to an authentication flow.

New capabilities include:

  • Intelligent Rate Limiting: Uses predictive analysis of device, user, and traffic sub-signals to detect unusual traffic volumes and apply precise rate limiting. Because it’s built on precision fingerprinting, it won’t restrict legitimate users and will adapt to new attacker profiles in real time.
  • ML-Powered Device Detection: A supervised machine learning model trained on a global device dataset will programmatically detect and assess the risk of new device types to determine if they are malicious. For example, if a new browser is identified claiming to be Chrome, it can evaluate that new browser against every historical Chrome version ever created to determine its validity and risk potential. Stytch’s fingerprinting model is then updated with that determination.
  • Security Rules Engine: Allows for programmatic or UI-based configurability of Stytch’s automated Allow, Challenge, or Block verdicts, making it easier to handle unique exceptions. This enables easy customization of preset rules via API or with a single click in the dashboard, ensuring a balance between security and flexibility.

“As we define and shape the next generation of authentication and identity management, our Device Fingerprinting solution exemplifies what this should be about,” said Reed McGinley-Stempel, Stytch CEO and Co-founder. “It’s about establishing a more holistic understanding of user identity and providing developers with core infrastructure to make authentication feel like it’s a native part of the application.”

These new capabilities are available today with any Stytch plan. For more information and to request access, please visit: https://www.stytch.com/fraud.

Quotes
Wade Tandy, Staff Software Engineer, Hubspot
“With the move to a PLG model, we knew we'd need to do more to be able to trust the accounts coming in. When we started talking to Stytch, the device fingerprinting solution was perfect for that - it was in the right place at the right time.”

Luke Barwikowski, Founder and CTO, Pixels
“After seeing a huge spike in traffic from bot farms, we turned to Stytch Device Fingerprinting and made significant breakthroughs in reducing bot and fraud activity, all within a matter of weeks.”

About Stytch
Stytch provides the most powerful Identity and Access Management infrastructure for developers allowing companies to incorporate frictionless authentication options into apps and websites. Stytch APIs and SDKs improve user onboarding and retention by removing passwords from applications and replacing them with more secure and low-friction authentication options including email magic links, one-click user invitations, biometrics, social logins, and SMS and Whatsapp passcodes. Stytch also offers products that build a bridge to passwordless for those who are more comfortable using traditional passwords. Customers include Tome, Cisco, Groq, Zapier, Clearbit, and more. The company is headquartered in San Francisco and is backed by Benchmark, Coatue, Index Ventures and Thrive Capital. For more information, visit https://stytch.com/.

Press Contact
Karbo Communications on behalf of Stytch
stytch@karbocom.com