[{"data":1,"prerenderedAt":385},["ShallowReactive",2],{"docsv3-nav":3,"\u002Fdocs\u002Fv3\u002Fguides\u002Ffake-account-detection":198},[4],{"title":5,"path":6,"stem":7,"children":8,"page":188},"V3","\u002Fdocs\u002Fv3","1.docs\u002Fv3",[9,13,17,21,38,87,189],{"title":10,"path":11,"stem":12},"Introduction","\u002Fdocs\u002Fv3\u002Fintroduction","1.docs\u002Fv3\u002F1.Introduction",{"title":14,"path":15,"stem":16},"Quick start","\u002Fdocs\u002Fv3\u002Fquick-start","1.docs\u002Fv3\u002F2.Quick start",{"title":18,"path":19,"stem":20},"Challenge flow","\u002Fdocs\u002Fv3\u002Fchallenge-flow","1.docs\u002Fv3\u002F3.Challenge flow",{"title":22,"path":23,"stem":24,"children":25},"Fundamentals","\u002Fdocs\u002Fv3\u002Ffundamentals","1.docs\u002Fv3\u002F4.fundamentals",[26,30,34],{"title":27,"path":28,"stem":29},"Signup protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Fsignup-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F00.Signup protection",{"title":31,"path":32,"stem":33},"Login protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Flogin-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F01.Login protection",{"title":35,"path":36,"stem":37},"Access protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Faccess-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F02.Access protection",{"title":39,"path":40,"stem":41,"children":42},"Guides","\u002Fdocs\u002Fv3\u002Fguides","1.docs\u002Fv3\u002F5.guides",[43,47,51,55,59,63,67,71,75,79,83],{"title":44,"path":45,"stem":46},"Account sharing prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Faccount-sharing-prevention","1.docs\u002Fv3\u002F5.guides\u002F1.Account sharing prevention",{"title":48,"path":49,"stem":50},"Web scraping prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fweb-scraping-prevention","1.docs\u002Fv3\u002F5.guides\u002F13.Web scraping prevention",{"title":52,"path":53,"stem":54},"Ban enforcement","\u002Fdocs\u002Fv3\u002Fguides\u002Fban-enforcement","1.docs\u002Fv3\u002F5.guides\u002F14.Ban enforcement",{"title":56,"path":57,"stem":58},"Chargeback dispute","\u002Fdocs\u002Fv3\u002Fguides\u002Fchargeback-dispute","1.docs\u002Fv3\u002F5.guides\u002F15.Chargeback dispute",{"title":60,"path":61,"stem":62},"Multi-accounting prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fmulti-accounting-prevention","1.docs\u002Fv3\u002F5.guides\u002F16.Multi-accounting prevention",{"title":64,"path":65,"stem":66},"Account takeover prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Faccount-takeover-prevention","1.docs\u002Fv3\u002F5.guides\u002F2.Account takeover prevention",{"title":68,"path":69,"stem":70},"Risky transaction prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Frisky-transaction-prevention","1.docs\u002Fv3\u002F5.guides\u002F20.Risky transaction prevention",{"title":72,"path":73,"stem":74},"Fake account detection","\u002Fdocs\u002Fv3\u002Fguides\u002Ffake-account-detection","1.docs\u002Fv3\u002F5.guides\u002F3.Fake account detection",{"title":76,"path":77,"stem":78},"Bot detection","\u002Fdocs\u002Fv3\u002Fguides\u002Fbot-detection","1.docs\u002Fv3\u002F5.guides\u002F4.Bot detection",{"title":80,"path":81,"stem":82},"Card testing prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fcard-testing-prevention","1.docs\u002Fv3\u002F5.guides\u002F5.Card testing prevention",{"title":84,"path":85,"stem":86},"Incentive abuse prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fincentive-abuse-prevention","1.docs\u002Fv3\u002F5.guides\u002F9.Incentive abuse prevention",{"title":88,"path":89,"stem":90,"children":91,"page":188},"Concepts","\u002Fdocs\u002Fv3\u002Fconcepts","1.docs\u002Fv3\u002F6.concepts",[92,96,100,104,108,112,116,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184],{"title":93,"path":94,"stem":95},"Evaluations","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fevaluations","1.docs\u002Fv3\u002F6.concepts\u002F01.evaluations",{"title":97,"path":98,"stem":99},"Actions","\u002Fdocs\u002Fv3\u002Fconcepts\u002Factions","1.docs\u002Fv3\u002F6.concepts\u002F02.actions",{"title":101,"path":102,"stem":103},"Signals","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fsignals","1.docs\u002Fv3\u002F6.concepts\u002F03.signals",{"title":105,"path":106,"stem":107},"Checks","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchecks","1.docs\u002Fv3\u002F6.concepts\u002F04.checks",{"title":109,"path":110,"stem":111},"Risks","\u002Fdocs\u002Fv3\u002Fconcepts\u002Frisks","1.docs\u002Fv3\u002F6.concepts\u002F05.risks",{"title":113,"path":114,"stem":115},"Verdicts","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fverdicts","1.docs\u002Fv3\u002F6.concepts\u002F06.verdicts",{"title":117,"path":118,"stem":119},"Policies","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fpolicies","1.docs\u002Fv3\u002F6.concepts\u002F07.policies",{"title":121,"path":122,"stem":123},"Challenges","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchallenges","1.docs\u002Fv3\u002F6.concepts\u002F08.challenges",{"title":125,"path":126,"stem":127},"Concurrency","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fconcurrency","1.docs\u002Fv3\u002F6.concepts\u002F09.concurrency",{"title":129,"path":130,"stem":131},"Impossible travel","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fimpossible-travel","1.docs\u002Fv3\u002F6.concepts\u002F10.impossible-travel",{"title":133,"path":134,"stem":135},"Bots","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fbots","1.docs\u002Fv3\u002F6.concepts\u002F11.bots",{"title":137,"path":138,"stem":139},"Devices","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fdevices","1.docs\u002Fv3\u002F6.concepts\u002F12.devices",{"title":141,"path":142,"stem":143},"Fingerprints","\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffingerprints","1.docs\u002Fv3\u002F6.concepts\u002F13.fingerprints",{"title":145,"path":146,"stem":147},"People","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fpeople","1.docs\u002Fv3\u002F6.concepts\u002F14.people",{"title":149,"path":150,"stem":151},"Lists","\u002Fdocs\u002Fv3\u002Fconcepts\u002Flists","1.docs\u002Fv3\u002F6.concepts\u002F15.lists",{"title":153,"path":154,"stem":155},"Account takeover","\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-takeover","1.docs\u002Fv3\u002F6.concepts\u002F16.account-takeover",{"title":157,"path":158,"stem":159},"Account sharing","\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-sharing","1.docs\u002Fv3\u002F6.concepts\u002F17.account-sharing",{"title":161,"path":162,"stem":163},"Fake account","\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffake-account","1.docs\u002Fv3\u002F6.concepts\u002F18.fake-account",{"title":165,"path":166,"stem":167},"Scraping","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fscraping","1.docs\u002Fv3\u002F6.concepts\u002F19.scraping",{"title":169,"path":170,"stem":171},"Linked accounts","\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts","1.docs\u002Fv3\u002F6.concepts\u002F20.linked-accounts",{"title":173,"path":174,"stem":175},"New IP","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fip","1.docs\u002Fv3\u002F6.concepts\u002F21.ip",{"title":177,"path":178,"stem":179},"Anonymizing network","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fanonymizing-network","1.docs\u002Fv3\u002F6.concepts\u002F22.anonymizing-network",{"title":181,"path":182,"stem":183},"Email quality","\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail","1.docs\u002Fv3\u002F6.concepts\u002F23.email",{"title":185,"path":186,"stem":187},"Velocity","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fvelocity","1.docs\u002Fv3\u002F6.concepts\u002F24.velocity",false,{"title":190,"path":191,"stem":192,"children":193,"page":188},"Advanced","\u002Fdocs\u002Fv3\u002Fadvanced","1.docs\u002Fv3\u002F7.Advanced",[194],{"title":195,"path":196,"stem":197},"Proxy setup","\u002Fdocs\u002Fv3\u002Fadvanced\u002Fproxy-setup","1.docs\u002Fv3\u002F7.Advanced\u002F1.Proxy-setup",{"id":199,"title":72,"body":200,"description":378,"extension":379,"meta":380,"navigation":381,"path":73,"rawbody":382,"seo":383,"stem":74,"__hash__":384},"docsv3\u002F1.docs\u002Fv3\u002F5.guides\u002F3.Fake account detection.md",{"type":201,"value":202,"toc":371},"minimark",[203,207,216,221,230,234,244,341,344,351,355],[204,205,72],"h1",{"id":206},"fake-account-detection",[208,209,210,211,215],"p",{},"A ",[212,213,214],"a",{"href":162},"fake account"," is one that isn't a real person who intends to use your product, usually a bot creating accounts in bulk.",[217,218,220],"h2",{"id":219},"step-1-set-up-login-and-signup-protection","Step 1: Set up login and signup protection",[208,222,223,224,226,227,229],{},"Before anything else here, set up ",[212,225,27],{"href":28}," and ",[212,228,31],{"href":32},". They're the basis this builds on, and without them the policies below can be bypassed. With those in place, the rest of this guide covers the policies that actually stop fake accounts.",[217,231,233],{"id":232},"step-2-add-the-policies","Step 2: Add the policies",[208,235,236,237,243],{},"Add these in your ",[212,238,242],{"href":239,"rel":240},"https:\u002F\u002Fapp.rupt.dev\u002Fpolicies",[241],"nofollow","policies dashboard",":",[245,246,247,266],"table",{},[248,249,250],"thead",{},[251,252,253,257,260,263],"tr",{},[254,255,256],"th",{},"Policy",[254,258,259],{},"Trigger",[254,261,262],{},"Conditions",[254,264,265],{},"Verdict",[267,268,269,298,319],"tbody",{},[251,270,271,275,281,295],{},[272,273,274],"td",{},"Block fake contacts",[272,276,277],{},[278,279,280],"code",{},"signup",[272,282,283,286,287,290,291],{},[278,284,285],{},"email_is_invalid",", ",[278,288,289],{},"email_is_disposable",", or a VoIP \u002F bought phone number ",[292,293,294],"em",{},"(coming soon)",[272,296,297],{},"Deny",[251,299,300,303,307,316],{},[272,301,302],{},"Verify new accounts",[272,304,305],{},[278,306,280],{},[272,308,309,312,313],{},[278,310,311],{},"is_email_verified"," is ",[278,314,315],{},"false",[272,317,318],{},"Challenge",[251,320,321,324,328,339],{},[272,322,323],{},"Challenge bot sign-ups",[272,325,326],{},[278,327,280],{},[272,329,330,312,333,336,337],{},[278,331,332],{},"bot_risk_severity",[278,334,335],{},"high","+ ",[292,338,294],{},[272,340,318],{},[208,342,343],{},"Give the block policy higher priority than the challenge, so a clear-cut fake is denied outright instead of just challenged. Everything else falls through to the verify challenge: a real person clears the email or SMS code, a bot or throwaway can't.",[208,345,346,347,350],{},"From here you can stack more onboarding protections on top, like ",[212,348,349],{"href":61},"multi-accounting prevention",".",[217,352,354],{"id":353},"related","Related",[356,357,358,363,367],"ul",{},[359,360,361],"li",{},[212,362,60],{"href":61},[359,364,365],{},[212,366,161],{"href":162},[359,368,369],{},[212,370,181],{"href":182},{"title":372,"searchDepth":373,"depth":373,"links":374},"",2,[375,376,377],{"id":219,"depth":373,"text":220},{"id":232,"depth":373,"text":233},{"id":353,"depth":373,"text":354},"A fake account is one that isn't a real person who intends to use your product, usually a bot creating accounts in bulk.","md",{},true,"---\ntitle: Fake account detection\n---\n\n# Fake account detection\n\nA [fake account](\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffake-account) is one that isn't a real person who intends to use your product, usually a bot creating accounts in bulk.\n\n## Step 1: Set up login and signup protection\n\nBefore anything else here, set up [Signup protection](\u002Fdocs\u002Fv3\u002Ffundamentals\u002Fsignup-protection) and [Login protection](\u002Fdocs\u002Fv3\u002Ffundamentals\u002Flogin-protection). They're the basis this builds on, and without them the policies below can be bypassed. With those in place, the rest of this guide covers the policies that actually stop fake accounts.\n\n## Step 2: Add the policies\n\nAdd these in your [policies dashboard](https:\u002F\u002Fapp.rupt.dev\u002Fpolicies):\n\n| Policy                 | Trigger  | Conditions                                                                                 | Verdict   |\n| ---------------------- | -------- | ------------------------------------------------------------------------------------------ | --------- |\n| Block fake contacts    | `signup` | `email_is_invalid`, `email_is_disposable`, or a VoIP \u002F bought phone number _(coming soon)_ | Deny      |\n| Verify new accounts    | `signup` | `is_email_verified` is `false`                                                             | Challenge |\n| Challenge bot sign-ups | `signup` | `bot_risk_severity` is `high`+ _(coming soon)_                                             | Challenge |\n\nGive the block policy higher priority than the challenge, so a clear-cut fake is denied outright instead of just challenged. Everything else falls through to the verify challenge: a real person clears the email or SMS code, a bot or throwaway can't.\n\nFrom here you can stack more onboarding protections on top, like [multi-accounting prevention](\u002Fdocs\u002Fv3\u002Fguides\u002Fmulti-accounting-prevention).\n\n## Related\n\n- [Multi-accounting prevention](\u002Fdocs\u002Fv3\u002Fguides\u002Fmulti-accounting-prevention)\n- [Fake account](\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffake-account)\n- [Email quality](\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail)\n",{"title":72,"description":378},"GfkWDAjILKC5s0_2VJgkPzjTv-OzmMaz3qbiTVQ-0kk",1780344893074]