We’ve simplified the syntax for signals in the rules engine to make it easier to read and write rules. Everything still works just like it did before, but you’ll notice that you no longer need to prefix some signals with signals.
The risk score API has officially been deprecated so that risk score can be included in our rules engine. You can now check risk scores for the email, ip, phone or all of the above directly in a rule.
Two new features: Track negative login events and easily add your co-workers to your workspace!
Track Negative Events
Every event you send to Verosint can now have a type to track more than just successful sign-ups and logins. We’ve also added a bunch of new signals to the rules engine to make it easy to make decisions based on failed activity.
Types now tracked
Login Success
Login Failure
Verification Success (Identity Proofing)
MFA Failure
MFA Success
New Signals
loginSuccessCount
loginFailureCount
mfaFailureCount
mfaSuccessCount
verificationSuccessCount
These are available over various time ranges Last Hour, Last 24 Hours, Last 7 Days, Last 30 Days, Total.
Multi User Support
You can now easily invite your coworkers to your workspace to manage rules, see signalprint and analyze dashboards. New users can be invited from the Admin settings page and given full admin or read-only privileges. Learn more about managing administrators
A big update to close out the month of May! Adaptive Identity Proofing, Verified Prints, a new dashboard and more.
Adaptive Identify Proofing
Through a partnership with ID Dataweb, we now offer adaptive identity proofing to all customers. Use fraud and risk signals to dynamically proof anyone signing up for your product. Learn more about Adaptive Identity Proofing. Learn more about the partnership.
Verified Prints
Verified prints increase the life of your identity proofing. The SignalPrint used to successfully verify a user's identity is automatically tracked. You can check during any rule if the current print matches the verified print on file to have higher confidence you’re dealing with the real user.
ATO Dashboard
Our new account takeover dashboard gives you insight into key indicators of where account takeovers may be happening in your user base. It’s available now in the Dashboards section.
Custom Tags via API
You can now assign tags to accounts via API or the CLI. Making it even easier to tag banned users, keep track of internal accounts, or any other additional context about an account.
We’ve made sending your event data to Verosint for fraud analysis even easier. You can stream your Auth0 logs directly to us and we will automatically process them. We created a handy guide to learn how to set this up for your account. https://docs.verosint.com/docs/log-file-ingestion
Introducing Fraud Insights!
These dashboards are designed to make it effortless to identify and prevent fraudulent activity among your user base, ensuring your platform remains secure and reliable.
With Fraud Insights, you'll be able to understand the habits and actions of fraudulent users at a glance, helping you prevent future occurrences of fraud. In addition, you can gather more information about specific users and their activities with detailed dashboards for each type of fraud we track. This data can be incredibly beneficial in identifying the root cause of fraudulent behavior and taking the necessary measures to prevent it from happening again.
Additionally, Fraud Insights will allow you to monitor the effectiveness of your prevention measures. By keeping an eye on the data and metrics provided by the dashboards, you'll be confident that your efforts to prevent fraud are working effectively.
Note: the new Fraud Insights dashboards have replaced the usage dashboard.
Risk score now available in our rules engine!
There is now a risk score for each of the identifiers, email, IP, and phone. Additionally, there is a handy blended score available for the whole event. You can use the score just like any other signal in the rules engine.
We added a few more handy signals for you as well!
- Free Email -- Triggers any time there is an email detected from one of many known free email providers. Especially helpful for businesses wanting to restrict sign ups to non-free email domains.
- Email Alias -- Triggers any time someone uses the
username+1style alias. This works across multiple providers and captures the most common alias styles such as+,-and.. This is a great way to keep users from referring themselves on your platform multiple times.
Removal of Custom Risk Policies
With the move to Risk Scores being available in rules, we've begun the deprecation of custom risk policies. As a result, you'll notice a few pages no longer in the app (Risk Scoring, Playground, and Evaluator).
The original risk score endpoint continues to be available while we transition current integrations
Published a number of bug fixes, security updates, and added new onboarding feature!
- You can now upload a sampling of event data directly from the UI if you don't have any SignalPrint events! It's a great way to get started quickly without needing to build any integration 🎉
- Improved the labeling on the Signals dashboard of some metrics to better reflect what the number represents
- Squashed a number of bugs across the app, including in the rules editor, signals dashboard, and billing page.
- Made various security updates
With the new date icon on the SignalPrint graph, you can filter which events you see by when they happened. It supports quick dates like today, yesterday or last week in addition to custom date ranges.
A few additional notes:
- The tag filters will automatically adjust based on your date range, only showing you the tags on event data in your date range.
- If you need to see everything again, just hit Clear to remove the filter
Some exciting improvements to share! 🎉
Improved Account Information Panel
The panel in the SignalPrint explorer now has clickable links for emails and IP addresses. The locations of the IP addresses are also displayed on map.
Additional Changes
- Command-line interface has been updated to include signals in risk score evaluations.
- Fixed an issue that affected domains in Spain for domain registration date signals.
- The SignalPrint event ingestion endpoint has been updated to validate input parameters.