/
Contact usSee pricingStart building

    About Stytch Fraud and Risk

    Introduction
    Use cases
    Device Fingerprinting
      Overview
      Fingerprints
    • Verdicts

      • Verdicts overview
        Allow
        Block
        Challenge
        Not Found
    Getting started
      Device Fingerprinting API
      DFP Protected Auth
    Decisioning
      Decisioning overview
      Setting rules with DFP
      Intelligent Rate Limiting
    Enforcement
      Enforcement overview
    • Protected Auth

      • Overview
        Handling challenges
    • Strong CAPTCHA

      • Overview
        Getting started
Get support on SlackVisit our developer forum

Contact us

Fraud and Risk Prevention

/

Guides

/

About Stytch Fraud and Risk

/

Device Fingerprinting

/

Verdicts

/

Allow

Allow verdict

When we return an ALLOW verdict, we have a high level of confidence that the request was made by a legitimate user. Requests that result in ALLOW verdicts originate from devices with verified profiles that match the characteristics of known/ authentic traffic origins.

If you'd like to block a device or group of devices that's receiving an ALLOW verdict, you may use the Set rule endpoint to change the verdict to BLOCK for that device's identifier. Rules can also be viewed, added, removed, and modified via the Authorization rules tab within the Device Fingerprinting section of the Stytch Dashboard.

Allow verdicts in DFP API

When you receive an ALLOW verdict in the Fingerprint lookup response, you should allow the request(s) associated with that telemetry_id to proceed.

If you maintain your own risk score based on cumulative DFP verdicts, you should assign a low level of risk to an ALLOW verdict.

Allow verdicts in DFP Protected Auth

When DFP Protected Auth is enabled, our SDK will always allow requests to proceed when an ALLOW verdict is returned.

Allow verdicts in DFP API

Allow verdicts in DFP Protected Auth