Stytch Launches Advanced Device Fingerprinting to Bolster Application Security and Combat Fraud
2 Sources
2 Sources
[1]
Stytch unveils advanced device fingerprinting features to enhance application security - SiliconANGLE
Stytch unveils advanced device fingerprinting features to enhance application security Identity platform startup Stytch Inc. today unveiled advanced capabilities for its Device Fingerprinting technology that allows developers to integrate fraud prevention into their applications. Stytch Device Fingerprinting now includes supervised machine learning to detect and classify new devices to provide protection against zero-day threats, those too new to have been patched yet. The addition combines the precision of a deterministic approach to security with real-time insights from artificial intelligence, according to the company. Varying from traditional methods such as reCAPTCHA and web application firewalls, Stytch creates a unique, persistent fingerprint and threat verdict for every visitor. Unlike CAPTCHAs, the solution is completely invisible to users and detects bots and fraud with 99.99% accuracy, eliminating the need for security tools that add friction to the user experience, the company claims. Stytch Device Fingerprinting also differs from existing solutions with built-in protection against reverse-engineering and network spoofing techniques or tools such as CAPTCHA-solving application programming interface services, AI-based vision models such as GPT-4o, and click-farms. The new capabilities include intelligent rate limiting, which uses predictive analysis of device, user and traffic sub-signals to detect unusual traffic volumes and apply precise rate limits. By leveraging precision fingerprinting, it ensures legitimate users are not restricted and adapts to new attacker profiles in real time. Another new feature, ML-Powered Device Detection, uses a supervised machine learning model trained on a global device dataset to assess the risk of new device types. For example, if a new browser claims to be Chrome, it can evaluate the browser against all historical Chrome versions to verify its authenticity and risk potential, with Stytch's fingerprinting model continuously updated based on those findings. The third new feature, Security Rules Engine, allows for programmatic or user interface-based configuration of Stytch's automated Allow, Challenge or Block verdicts. The system simplifies the handling of unique exceptions, allowing easy customization of preset rules either through API or with a single click in the dashboard, helping ensure a balance between strong security measures and the need for adaptability to varying circumstances. "As we define and shape the next generation of authentication and identity management, our Device Fingerprinting solution exemplifies what this should be about," said co-founder and Chief Executive Reed McGinley-Stempel. "It's about establishing a more holistic understanding of user identity and providing developers with core infrastructure to make authentication feel like it's a native part of the application." McGinley-Stempel, along with Julianna Lamb, Stytch's co-founder and chief technology officer, spoke with SiliconANGLE in December on what the company's goals are and the challenges developers face in implementing and addressing security issues.
[2]
Stytch Introduces the Next Generation of Authentication Infrastructure with Advanced Fraud and Bot Protection
SAN FRANCISCO, Sept. 17, 2024 (GLOBE NEWSWIRE) -- Stytch, the most powerful identity platform built for developers, today unveiled advanced capabilities for its Device Fingerprinting technology, empowering developers to seamlessly integrate sophisticated fraud prevention into their applications, enhancing user and application security. Coupled with its deterministic, rules-based approach to security, Stytch Device Fingerprinting now incorporates supervised machine learning to detect and classify new devices, providing unparalleled protection against zero-day threats. The result combines the precision of a proprietary, deterministic approach to security with the dynamic, real-time insights of AI. Unlike traditional methods like reCAPTCHA and Web Application Firewalls, Stytch creates a unique, persistent fingerprint and threat verdict for every visitor. This solution is completely invisible to users and detects bots and fraud with industry-leading 99.99% accuracy, eliminating the need for blunt security tools that add friction to the user experience. Additionally, unlike other methods, Stytch Device Fingerprinting has built-in protection against reverse-engineering and network spoofing techniques or tools such as CAPTCHA-solving API services, AI-based vision models like GPT-4o, or click-farms. Stytch Device Fingerprinting creates a reliable identifier by analyzing deep sub-signals of device hardware, network TLS profile, active browser markers, and more. The identifier persists even under conditions like incognito and stealth headless browsing, requests via TOR nodes, multiple web views, VPNs, and user agent changes. Authentication is rapidly evolving to counter increasingly sophisticated threats, many of which are AI-generated. A more robust, adaptive approach to authentication is needed that not only uses a more holistic understanding of user identity, but also reduces the engineering burden of building a natural and frictionless experience for users. Stytch Device Fingerprinting, along with these new capabilities, can be enabled in minutes with any application or used as a seamlessly integrated part of Stytch's authentication infrastructure, making it easy for developers to add advanced bot and fraud prevention to an authentication flow. New capabilities include: Intelligent Rate Limiting: Uses predictive analysis of device, user, and traffic sub-signals to detect unusual traffic volumes and apply precise rate limiting. Because it's built on precision fingerprinting, it won't restrict legitimate users and will adapt to new attacker profiles in real time.ML-Powered Device Detection: A supervised machine learning model trained on a global device dataset will programmatically detect and assess the risk of new device types to determine if they are malicious. For example, if a new browser is identified claiming to be Chrome, it can evaluate that new browser against every historical Chrome version ever created to determine its validity and risk potential. Stytch's fingerprinting model is then updated with that determination.Security Rules Engine: Allows for programmatic or UI-based configurability of Stytch's automated Allow, Challenge, or Block verdicts, making it easier to handle unique exceptions. This enables easy customization of preset rules via API or with a single click in the dashboard, ensuring a balance between security and flexibility. "As we define and shape the next generation of authentication and identity management, our Device Fingerprinting solution exemplifies what this should be about," said Reed McGinley-Stempel, Stytch CEO and Co-founder. "It's about establishing a more holistic understanding of user identity and providing developers with core infrastructure to make authentication feel like it's a native part of the application." These new capabilities are available today with any Stytch plan. For more information and to request access, please visit: https://www.stytch.com/fraud. Quotes Wade Tandy, Staff Software Engineer, Hubspot "With the move to a PLG model, we knew we'd need to do more to be able to trust the accounts coming in. When we started talking to Stytch, the device fingerprinting solution was perfect for that - it was in the right place at the right time." Luke Barwikowski, Founder and CTO, Pixels "After seeing a huge spike in traffic from bot farms, we turned to Stytch Device Fingerprinting and made significant breakthroughs in reducing bot and fraud activity, all within a matter of weeks." About Stytch Stytch provides the most powerful Identity and Access Management infrastructure for developers allowing companies to incorporate frictionless authentication options into apps and websites. Stytch APIs and SDKs improve user onboarding and retention by removing passwords from applications and replacing them with more secure and low-friction authentication options including email magic links, one-click user invitations, biometrics, social logins, and SMS and Whatsapp passcodes. Stytch also offers products that build a bridge to passwordless for those who are more comfortable using traditional passwords. Customers include Tome, Cisco, Groq, Zapier, Clearbit, and more. The company is headquartered in San Francisco and is backed by Benchmark, Coatue, Index Ventures and Thrive Capital. For more information, visit https://stytch.com/. Press Contact Karbo Communications on behalf of Stytch [email protected] Market News and Data brought to you by Benzinga APIs
Share
Share
Copy Link
Stytch, a leading authentication platform, introduces new device fingerprinting features to enhance application security and fight against fraud and bot attacks. The company's latest offerings aim to provide developers with powerful tools for user authentication and risk assessment.
Stytch's New Device Fingerprinting Technology
Stytch, a prominent player in the authentication infrastructure space, has unveiled a suite of advanced device fingerprinting features designed to bolster application security and combat fraud
1
. This latest offering represents a significant step forward in the company's mission to provide developers with cutting-edge tools for user authentication and risk assessment.Enhanced Security Measures
The new device fingerprinting capabilities introduced by Stytch aim to provide a more comprehensive approach to identifying and authenticating users. By analyzing various device attributes, the system can create a unique "fingerprint" for each device, making it easier to detect suspicious activities and potential security threats
2
.Key Features of Stytch's Device Fingerprinting
-
Device Attributes: The system collects and analyzes a wide range of device characteristics, including operating system, browser type, screen resolution, and installed fonts
1
. -
IP Intelligence: Stytch's technology incorporates IP address analysis to identify potential risks associated with specific geographic locations or known malicious networks
2
. -
Browser Fingerprinting: Advanced techniques are employed to create unique browser profiles, adding an extra layer of security to the authentication process
1
.
Benefits for Developers and Businesses
Stytch's new features offer several advantages to developers and businesses:
-
Improved Fraud Detection: The advanced fingerprinting techniques help identify and prevent fraudulent activities more effectively
2
. -
Enhanced User Experience: By reducing false positives in fraud detection, legitimate users can enjoy a smoother authentication process
1
. -
Customizable Risk Scoring: Developers can tailor the risk assessment algorithms to suit their specific application needs and security requirements
2
.
Related Stories
Integration and Accessibility
Stytch has designed its new device fingerprinting features to be easily integrated into existing applications. The company provides comprehensive documentation and support to ensure developers can quickly implement these advanced security measures
1
.Industry Impact and Future Outlook
The introduction of these advanced device fingerprinting features by Stytch is expected to have a significant impact on the authentication and security landscape. As cyber threats continue to evolve, such innovative solutions play a crucial role in safeguarding digital assets and user information
2
.As the digital landscape continues to evolve, Stytch's commitment to advancing authentication infrastructure positions the company as a key player in shaping the future of online security and user verification
1
2
.References
Summarized by
Navi
[1]
Related Stories
Recent Highlights
Recent Highlights
Today's Top Stories
Your Daily Dose of Curated AI News
Don’t drown in AI news. We cut through the noise - filtering, ranking and summarizing the most important AI news, breakthroughs and research daily. Spend less time searching for the latest in AI and get straight to action.
