> ## Documentation Index
> Fetch the complete documentation index at: https://stytch.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Fraud & risk protections

> Ways to protect your application using Device Fingerprinting and Protected Auth.

## Protected Auth

Ensure that only legitimate users can access your authentication flows.

<Columns cols={2}>
  <Card title="Get started with Protected Auth" icon="arrow-up-right" href="/fraud-risk/get-started/using-protected-auth">
    Using Protected Auth to defend your signup and login flows.
  </Card>
</Columns>

### Modes

* **Enforcement:** React to Device Fingerprinting verdicts for your traffic.
* **Observation:** Only observe Device Fingerprinting verdicts.

### Protected methods

These authentication methods collect fingerprints and prevent actions when a fingerprint receives a `BLOCK` verdict:

<Columns cols={2}>
  <Columns cols={1}>
    * `impersonation.authenticate`
    * `magicLinks.authenticate`
    * `magicLinks.discovery.authenticate`
    * `magicLinks.email.discovery.send`
    * `oauth.authenticate`
    * `oauth.discovery.authenticate`
    * `otps.email.authenticate`
    * `otps.email.discovery.authenticate`
    * `otps.email.discovery.send`
    * `otps.email.loginOrSignup`
    * `otps.sms.authenticate`
    * `otps.sms.send`
    * `passwords.authenticate`
  </Columns>

  <Columns cols={1}>
    * `passwords.discovery.authenticate`
    * `passwords.discovery.resetByEmail`
    * `passwords.discovery.resetByEmailStart`
    * `passwords.resetByEmail`
    * `passwords.resetByEmailStart`
    * `passwords.resetByExistingPassword`
    * `passwords.resetBySession`
    * `recoveryCodes.recover`
    * `recoveryCodes.rotate`
    * `sso.authenticate`
    * `totp.authenticate`
    * `totp.create`
  </Columns>
</Columns>

<Tip>
  Protected Auth is a ready-made feature provided in the [frontend](/api-reference/b2b/frontend-sdks/react/overview) and [mobile](/api-reference/b2b/mobile-sdks/react-native/overview) SDKs.
</Tip>

***

## New device notifications

Alert your users if a login is detected from a new device, IP address, or location so they can take immediate action if needed:

<Columns cols={2}>
  <Card title="New device notifications guide" icon="arrow-up-right" href="/fraud-risk/get-started/use-case/new-device-notifications">
    Detect new devices to trigger user notifications.
  </Card>
</Columns>

***

## Additional ways to use Device Fingerprinting

Both features integrate Stytch's Device Fingerprinting, which offers a device intelligence layer that can be used to prevent fraud and risk or provide device information as an additional user identifier.

More examples on how to use Device Fingerprinting:

<Columns cols={2}>
  <Card title="Invisible CAPTCHA" icon="arrow-up-right" href="/fraud-risk/get-started/use-case/invisible-captcha">
    Add an invisible bot protection for a smooth user experience.
  </Card>

  <Card title="Prevent free trial abuse" icon="arrow-up-right" href="/fraud-risk/get-started/use-case/prevent-free-trial-abuse">
    Stop fake account creation abuse.
  </Card>

  <Card title="Block traffic by country" icon="arrow-up-right" href="/fraud-risk/get-started/use-case/block-countries">
    Use IP-based geographic filters for access control.
  </Card>

  <Card title="Remembered device" icon="arrow-up-right" href="/fraud-risk/get-started/use-case/remembered-device">
    Add a remembered device flow.
  </Card>
</Columns>