EN PL
Duplicate detection & abuse prevention
Fraud prevention for high-risk digital platforms

Detect duplicate accounts and stop short-lived abusive signups before they become a cost.

FraudGuard.dev helps partner platforms identify duplicate accounts, disposable email abuse, bonus and promo misuse, and short-lived registrations created only to exploit onboarding or commercial flows.

Talk to us See pricing
56
real, unique checks
<200ms
median response time
4
industries served
Why teams choose FraudGuard.dev

Stop duplicate accounts

Identify repeat registrations and suspicious account clusters before they impact promotions, payouts, bonuses, or trust in your platform.

Catch disposable emails

Reduce abuse linked to temporary email providers and low-quality signups with automated screening in your onboarding flow.

Screen emails against breach databases

Automatically check whether a registering email has appeared in known data breaches. Breach names, exposed data types, and recency are surfaced directly in the alert detail — no manual lookups needed.

Analyse email domain reputation

Check MX records, SPF/DMARC authentication, domain age, TLD risk, and optionally EmailRep.io — three layers of free DNS-based checks that fire before any paid API is called.

Detect ring fraud with graph clustering

Go beyond pairwise comparisons — build an identity graph and surface account rings where no individual pair exceeds the threshold but the cluster as a whole is a clear fraud signal.

Score accounts with neural network predictions

GraphSAGE-based fraud detection scores every account independently using graph-embedded behavioural features — surfacing coordinated abuse that hides below pairwise detection thresholds.

Configure your detection pipeline visually

Drag-and-drop pipeline builder lets you decide which checks fire on registration, deposit, update, or login — and whether slow checks (OSINT, GNN) run synchronously or asynchronously with a callback.

Policy Builder — conditional routing

Add condition nodes to your pipeline that branch based on player attributes: route UK deposits over £2 000 through a mandatory sanctions re-check, or skip heavy async checks for low-risk countries — all without writing code.

Alert assignment & case management

Assign open alerts to specific team members directly from the alert modal. Track ownership, prevent duplicate investigations, and measure individual reviewer throughput — all within the dashboard.

Payment velocity detection

Detect shared payment instruments — card fingerprint, IBAN, or crypto wallet — across multiple accounts in your tenant. Any deposit event that shares a financial token with an existing player triggers an immediate high-confidence alert.

Cross-tenant community signal network

Opt in to share privacy-preserving SHA-256 hashes of blocked player PII with the FraudGuard.dev network. Incoming registrations are checked against the community blacklist before the player has a chance to act.

Fraud savings ROI dashboard

Record the registration bonus value for each player at sign-up. When duplicates are blocked the platform automatically sums the prevented bonuses, subtracts platform fees, and shows your net return on fraud prevention spend.

Full check-level billing transparency

Every individual check is recorded with its price, sanitised result, player identifier, and timestamp. Tenants can query their full transaction log — no more "why is my bill this high?" questions.

React in real time

Use FraudGuard.dev as a lightweight service in signup, login, KYC review, underwriting, bonus control, or operational risk workflows.

Continuous sanctions monitoring

MGA and UKGC regulations require ongoing screening — not just at registration. FraudGuard.dev re-screens every active player against OFAC, EU Consolidated, and UN Security Council lists daily, automatically raising an alert when a player transitions from Clear to Hit.

Responsible Gaming Guard — self-exclusion lookalike detection

When a new registration fuzzy-matches a self-excluded player's identity, FraudGuard.dev flags the alert immediately with a self-exclusion risk warning. Prevent problem gamblers from bypassing exclusions with slight name or email variations — before they deposit.

Custom disposition reason codes

Standardise how your team closes fraud alerts. Require analysts to select a reason — Bonus Abuse, Multi-accounting, Identity Theft, Underage, or False Positive — when confirming or blocking. Reason codes feed directly into ROI analytics and compliance reports.

Audit-ready per-player PDF export

One click generates a branded Due Diligence audit PDF for any player: full check-transaction history, operator audit log, resolved alerts, and sanctions screening record. Ready to hand to an MGA or UKGC inspector on demand — no manual compilation.

Withdrawal risk pipeline

Extend fraud coverage to the cashout stage. A dedicated withdrawal event webhook runs duplicate detection, abuse scoring, and payment velocity checks — catching cash-out fraud by ring accounts before funds leave the platform.

Trusted device velocity detection

Flag coordinated account farms sharing a common device fingerprint. When the same device ID appears across a configurable number of distinct accounts, FraudGuard.dev raises an automatic alert — catching device-farm multi-accounting that bypasses name and email checks.

Community pattern signatures

Go beyond single-signal blacklists. When a player is blocked, privacy-preserving cross-player signal combinations — email+card, phone+IBAN — are stored as pattern hashes. New registrations matching a community-seen combination are flagged before duplicate checks run.

GNN temporal proximity edges

The Graph Neural Network connects players who log in from the same IP within a 5-minute window. These time-based edges reveal coordinated ATO groups and deposit-then-withdraw rings that rotate IPs — invisible to static signal matching alone.

56 checks. Every one real.

Some fraud vendors advertise 500+ or 800+ "signals". Those numbers usually count the same data field multiple ways, or list sub-features of a single lookup. FraudGuard.dev runs 56 distinct checks — each one resolves a different data point from a different source. Here's the full breakdown:

12 identity matching checks

Payment card · IBAN · crypto wallet · device fingerprint · phone · email (exact + fuzzy) · full name (fuzzy) · date of birth + surname · date of birth · residential address · country. Each is independently scored and contributes to a weighted confidence total.

25 abuse & threat checks

Disposable email domain · email in breach database (XposedOrNot) · domain MX record · SPF authentication · DMARC policy · domain age (WHOIS) · risky TLD · EmailRep.io score · VPN CIDR · proxy CIDR · Tor exit node · Spamhaus DNSBL · SpamCop DNSBL · SORBS DNSBL · IP country vs declared country (MaxMind GeoLite2) · IP jurisdiction vs licensed countries · prepaid card (BIN DB, 343 k BINs) · card country mismatch · commercial card · tenant phone blacklist · phone country mismatch (libphonenumber) · VoIP number · landline number · unknown line type · invalid phone format · new device for existing account · country change on login · impossible travel · brute force login · VoIP/proxy login.

3 sanctions lists

Name + date-of-birth fuzzy match against EU consolidated sanctions, UN Security Council list, and OFAC SDN list. Stored locally for sub-millisecond lookup with optional live OpenSanctions API fallback.

11 social footprint checks (optional add-on)

OSINT presence check across 11 social platforms via Holehe — GitHub · Twitter/X · Instagram · Spotify · Reddit · Pinterest · Tumblr · Flickr · MySpace · WordPress · eBay. Uses each platform's "forgot password" flow to detect registration without sending any credentials. A real person typically appears on 2+ platforms; zero presence is a strong signal of a throwaway account. Results stored per-player and available in the dashboard.

Designed for platforms across regulated industries

"We were losing significant bonus budget to repeated registrations every month. After integrating FraudGuard.dev into our onboarding flow, duplicate account detections went up immediately and the manual review queue shrank."

— Risk & Compliance Lead, online gaming operator

"Integration was straightforward — a single webhook endpoint, a secret header, and results back in under 200 ms. Our team had it running in a day. The confidence scoring made it easy to decide what to auto-block versus send to a reviewer."

— Head of Product, digital lending platform
Industries we can support

Insurance

Screen suspicious account creation and repeated identities across quote, application, and customer onboarding flows.

Insurance

Lending

Reduce repeated applications, promo abuse, disposable email usage, and other patterns linked to short-lived borrower accounts.

Lending

Online gaming

Detect duplicate player accounts, bonus hunting, and throwaway registrations created only to exploit an offer or a loophole.

Online gaming

Sports betting

Support anti-abuse controls for welcome bonuses, repeated signups, and account churn tied to abusive user behavior.

Sports betting
Common abuse patterns
Disposable and temporary email addresses used to create accounts that exist only briefly
Duplicate or repeated signups targeting welcome offers, credits, promotions, or free trials
Account farms and short-lived identities created to trigger specific operational or commercial flows
Ring fraud — groups of accounts linked through a chain of shared signals where no individual pair exceeds the review threshold but the cluster as a whole is statistically significant
Low-quality registrations that inflate acquisition metrics but add no long-term value
Suspicious re-entry by users previously blocked, reviewed, or limited
How it works

Three steps from sign-up to live duplicate detection — no machine learning dependencies, no infrastructure to manage.

1

Provision your tenant

Create your account and receive a webhook secret. One API call or a few clicks in the dashboard — your isolated tenant is ready immediately.

2

Send player events via webhook

POST registration and deposit events to your dedicated endpoint. FraudGuard.dev normalises the data, runs matching across all configured signals, and returns a verdict in real time.

3

Act on the confidence score

Each response includes a confidence score, a recommendation (ALLOW / REVIEW / FLAG / AUTO_BLOCK), and a signal breakdown so your team always knows why a decision was made.

Registration webhook — example request 
POST /api/v1/webhook/your-slug/main/registration
X-Webhook-Secret: your-app-secret

{
  "player_id":     "PLAYER_001",
  "email":         "[email protected]",
  "first_name":    "James",
  "last_name":     "Martin",
  "date_of_birth": "1988-07-22",
  "phone":         "+12025550147",
  "country":       "US"
}

← 200 OK
{
  "status":          "ok",
  "alerts_raised":   1,
  "alerts": [{
    "confidence":     0.94,
    "recommendation": "AUTO_BLOCK",
    "explanation":   "Identical phone; Same DOB + last name 97%; Normalised email match"
  }],
  "clusters_found": 1
}
Graph identity resolution — catching ring fraud

Standard duplicate detection compares accounts in pairs. Ring fraud defeats this by distributing shared signals across a chain: account A shares a phone with B, B shares an address with C, C shares a card with D — no single pair exceeds the review threshold, but the group as a whole is obvious fraud.

Identity graph

Every player account is a node. Edges are drawn between accounts with pairwise similarity above a low threshold (0.15), capturing weak links invisible to standard pairwise checks.

Connected components

Union-Find algorithm groups accounts into clusters. A cluster of 10 accounts linked through a chain — even with no single pair exceeding the flag threshold — surfaces as a single high-confidence ring alert.

Cluster scoring

Each cluster receives a composite score based on average pairwise confidence, graph density, and cluster size. Clusters above the review threshold are persisted as ring alerts reviewable in the dashboard.

Runs automatically after each webhook event for tenants with up to 200 players
Triggered manually via POST /dashboard/clusters/detect for larger tenants
Cluster alerts can be confirmed as ring fraud or dismissed as false positives from the dashboard
Existing clusters are updated in-place when membership or confidence changes
Built for risk, compliance, and product teams
API-first architecture for easy integration
Fast verification designed for real-time workflows
Flexible rule-based screening for different business models
Clear results for operational teams and analysts
Support for account abuse and signup quality checks
Designed for scalable fraud prevention programs
Simple, transparent pricing

Start free. Pay only for what you use. No hidden fees, no setup costs.

14-day free trial — 1,000 checks included. No credit card required.

Starter

For smaller operators getting started.

€45
/ month  ·  5,000 checks
€0.009 per check  ·  hard stop at quota
  • Duplicate account detection
  • Ring fraud cluster detection
  • Abuse detection (VPN, proxy, Tor, disposable email)
  • Phone blacklist management
  • Sanctions screening (OFAC, EU, UN)
  • Compliance report export (PDF)
  • Real-time API (<200 ms)
  • Dashboard & alert management
  • CSV bulk import & multi-app support

Checks pause when quota is reached. Upgrade anytime to continue without interruption.

Start free trial

Growth

Most popular

For active operators with steady registration volume.

€89
/ month  ·  15,000 checks
€0.006 per check  ·  €0.012 overage
  • Everything in Starter
  • Automatic overage — flow never stops
  • Clear per-check rate above quota
Start free trial

Business

For high-volume operators and multi-property platforms.

€169
/ month  ·  40,000 checks
€0.004 per check  ·  €0.010 overage
  • Everything in Growth
  • Best per-check rate
  • Dedicated onboarding support
Start free trial
Pay as you go €0.022 per check  ·  no subscription  ·  min €10/month
Ideal for pilots and low-volume testing before committing to a plan.

Need higher volumes, custom SLAs, or white-label options? Talk to us about enterprise pricing →

Want to see how FraudGuard.dev fits your platform?

Tell us about your traffic, onboarding flow, and abuse patterns, and we will help you choose the right setup.

Talk to us
Frequently asked questions
How long does integration take?

Most teams are live within one business day. The integration involves a single webhook endpoint per event type (registration, deposit) and a secret header for authentication. No SDK required — any HTTP client works. We provide full documentation and can do a live walkthrough on request.

What data do I need to send?

At minimum: player_id, email, first_name, and last_name. Each additional field you provide (date of birth, phone, address, country, payment card fingerprint, IBAN, crypto wallet) adds more detection signals and improves accuracy. Sending partial data is fine — the engine scores based on what is available.

Does it work in real time?

Yes. The API is synchronous — you receive the verdict in the same HTTP response, typically in under 200 ms. This makes it suitable for use inside registration flows, KYC gates, bonus allocation checks, and any other latency-sensitive workflow.

Where is my data stored, and is it shared between tenants?

Every tenant operates in complete isolation. Player records, alerts, and settings are scoped to your tenant at the database level and never shared with other operators. Data is stored in a secure European datacenter and encrypted at rest. We do not use your data to train models or share it with third parties.

Is there a pilot or trial period?

Yes. We offer a structured pilot for qualified operators — a limited volume of checks at no charge so you can validate detection quality on your own data before committing to a subscription. Contact us to discuss eligibility and setup.

What happens if I exceed my prepaid quota?

On the Growth and Business plans, additional checks above your monthly quota continue automatically at a fixed overage rate (€0.012 or €0.010 per check respectively), so your onboarding flow is never interrupted. On the Starter plan, checks pause when the quota is reached — this is intentional for cost predictability. You can upgrade to Growth or Business at any time from the dashboard to remove the hard stop.

Do you support bulk import of historical player data?

Yes. You can upload a CSV file from the dashboard or via the API to import existing player records. The system runs duplicate detection across the imported data and surfaces alerts for any matches found, so you can act on historical fraud before it carries forward.

Contact form

Use this form to request a demo, discuss your use case, or ask about commercial terms.