Navigation

Product changelog

November 2025
Smarter Challenges, Faster Performance, and Open Source Releases

Added

  • Signal-based challenge variants (Enterprise) – Configure different challenge types depending on risk signal (e.g., impossible travel vs. concurrency).
  • IPv6 support – Full IPv6 compatibility including geolocation, concurrency detection, and impossible-travel checks.
  • Markdown support in challenges – Markdown links now supported inside select boxes.
  • Manual bounced-email reset – Reset bounced emails so users can receive future messages again.

Improved

  • Mobile challenge experience – UI and SDK enhancements for better mobile support.
  • Latency reductions – Reduced system latency by ~50%, with further optimizations underway.

Open Source

  • Sendook – Scalable email sending and receiving service.
  • EmailHawk – High-scale email validation service.
August 2025
Customization, Variants, and Stronger Deliverability

Added

  • Challenge CSS injection (Enterprise) – Inject custom CSS for full brand customization.
  • Challenge variants (Enterprise) – Create multiple challenge variations to support testing or multi-brand setups.
  • Expanded fake-account controls – Greater flexibility in deciding when and why users are challenged.

Improved

  • New settings UX – Refreshed settings interface for easier challenge customization.
  • 2FA email deliverability protection – Automatic blocking of bounced two-factor emails to protect domain reputation.
March 2025
Deeper Fraud Signals and Integration Enhancements

Added

  • Device-swapping detection – Identify users repeatedly switching devices, helping detect account sharing or suspicious activity.
  • New webhook events – Additional webhooks for improved system integrations.

Improved

  • Refined challenge conditions – More accurate concurrency and impossible-travel detection logic.
February 2025
High-Velocity Detection and Device Controls

Added

  • High-velocity behavioral signals – Detect abnormal usage spikes (e.g., scraping behavior).
  • Account takeover challenge flows – Purpose-built challenges for ATO prevention.
  • Device-level controls – Allow or suspend individual devices per account, and selectively bypass challenges for trusted devices.
January 2025
Fingerprinting Beta and Dashboard Improvements

Added

  • Rupt fingerprinting (Public Beta) – New fingerprinting engine outperforming major alternatives.
  • Challenge "viewed" status – Track when users have seen a challenge.

Improved

  • Dashboard overview navigation – Metrics now link directly to detailed views.
  • Performance and reliability upgrades – Platform-wide optimizations and fixes.
November 2024
Expanded Revenue Protection

Added

  • Browser fingerprinting-based abuse detection.
  • Sign-up fraud (fake accounts) detection.
  • Account takeover attempt detection.
  • Account sharing / seat abuse detection.

New

  • Unified evaluation dashboard – View verdicts across all fraud types in one place for clear visibility into revenue protection.
May 22, 2024
User devices being challenged for account and password sharing activity.

Added

  • Rupt is a sensitive part of your products. So we introduced measures to protect unwanted changes to the settings.
  • 1) Double confirmation and preview of changes when updating settings.
  • 2) Email notifications on settings changes.
  • 3) A settings change log to keep track of all changes made to your account sharing protection settings.
  • System-level dark mode preference. You can now set the dark mode to match your system settings.
  • New device states: `pending` and `in_challenge`. A device starts in the `pending` state and moves to `in_challenge` when it is challenged. If the challenge is successful or is not needed, the device moves to the `attached` state. This will reduce the number of challenges issued and will only issue challenges when attached devices exceed the limit (discount ones in pending or in_challenge states).

Changed

  • Sun-setting whitelisted devices
April 26, 2024
User account sharing activity, security signals, impossible travel and more.

Added

  • Weekly summary emails sent to project users. You can change the notification settings in your profile.
  • Geolocation and activity heatmap on the account details page.
  • Security signals in the access history table. Current signals include: VPN, Tor, and Proxy.
  • Usage sparklines on the accounts table.
  • Settings to challenge concurrent devices and impossible travel.
  • Account sharing signals in the user details page.
  • All new webhook events including: challenge state, account sharing signals, and more.

Changed

  • 100% of the settings are now separated by environment. This means you can have entirely different settings for production, and development.