ShieldLabs FAQ

Question 1

What is ShieldLabs?

Accepted Answer

ShieldLabs is an anonymous visitor identification and traffic quality platform. It analyzes device, browser, IP, and network signals, detecting mismatches between them to identify anonymous visitors and assign a real-time explainable risk score to every visit, as well as detect abuse patterns across your traffic.

Question 2

What is ShieldLabs used for?

Accepted Answer

ShieldLabs is used to identify anonymous visitors, assess traffic quality, and detect abuse activity such as multi-accounting, fake account creation, account takeover, free trial abuse, bonus abuse, ban evasion, referral fraud, account sharing, coupon abuse, subscription abuse, giveaway fraud, voting manipulation, and survey fraud.

Question 3

Who is ShieldLabs for?

Accepted Answer

ShieldLabs is best for startups, small-to-mid-sized businesses, and digital platforms with medium to high traffic volume that need a cost-effective anonymous visitor identification solution. Built for product, fraud, and growth teams at SaaS platforms, fintech, iGaming, e-commerce, Web3, media and streaming, travel, and technology platforms - any business dealing with anonymous traffic and abuse.

Question 4

How accurate is ShieldLabs?

Accepted Answer

ShieldLabs detects anonymized connections and environment spoofing with up to 99% accuracy through multi-layer analysis.

Question 5

How is ShieldLabs different from traditional abuse prevention platforms?

Accepted Answer

ShieldLabs delivers the same level of visitor identification and abuse detection used by platforms like Google and X / Twitter — with transparent per-request pricing, self-serve integration in 5 minutes, and an explainable risk score. No "Contact Sales," no enterprise contracts.

Question 6

Can a visitor be recognized when IP changes?

Accepted Answer

Yes. ShieldLabs generates a persistent visitor ID. This identifier remains stable across sessions even when the visitor changes IP, clears cookies, switches to incognito mode, or creates a new account.

Question 7

What is a persistent visitor ID?

Accepted Answer

A persistent visitor ID is a stable identifier assigned to each visitor. Unlike cookies or IP addresses, it survives IP rotation, cookie clearing, incognito mode, and account changes - allowing real-time recognition of returning visitors regardless of how they try to hide.

Question 8

What is browser fingerprinting?

Accepted Answer

Browser fingerprinting is a technique for identifying website visitors by collecting unique browser signals such as browser version, preferred language, screen resolution, installed fonts, and graphics rendering. These signals are combined to generate a unique identifier that recognizes the visitor across sessions — even without cookies.

Question 9

What is device fingerprinting?

Accepted Answer

Device fingerprinting identifies a visitor based on hardware and operating system signals such as device type, OS version, memory, processor, and screen parameters. Combined with browser fingerprinting, it produces a more stable and accurate identification.

Question 10

How does device fingerprinting differ from browser fingerprinting?

Accepted Answer

Browser fingerprinting collects signals from the browser — version, language, plugins, screen resolution. Device fingerprinting collects signals from the hardware and operating system — device type, OS, memory, processor. ShieldLabs combines both to generate a persistent visitor ID with higher accuracy than either method alone.

Question 11

Does ShieldLabs do device fingerprinting or browser fingerprinting?

Accepted Answer

Both. ShieldLabs analyzes 70+ signals across device, operating system, and browser to generate a persistent visitor ID. It then cross-validates these signals against network and IP data to detect mismatches and expose anonymous visitors.

Question 12

Is browser fingerprinting safe?

Accepted Answer

For businesses, browser fingerprinting is used to identify anonymous visitors and distinguish between legitimate users and potentially fraudulent ones. ShieldLabs does not track users across sites and does not collect personally identifiable information during the fingerprinting process. For visitors, the process is invisible and adds no friction to their experience.

Question 13

Can ShieldLabs detect a visitor in incognito mode or on a VPN?

Accepted Answer

Yes. Device and browser fingerprinting signals remain consistent even in incognito mode. VPN connections are detected through IP intelligence and cross-layer mismatch analysis. ShieldLabs identifies the visitor in both cases.

Question 14

What can ShieldLabs detect?

Accepted Answer

ShieldLabs detects VPN, proxy, TOR, iCloud Private Relay, anti-detect browsers, tampered browsers, anti-fingerprint tools, data center and hosting infrastructure, environment spoofing, device tampering, location spoofing, timezone mismatches, and abuse activity. All detection works in real time.

Question 15

Does ShieldLabs detect anti-detect browsers?

Accepted Answer

Yes. Anti-detect browsers are designed to mask device fingerprints and rotate identities. ShieldLabs detects them through cross-layer mismatch analysis, identifying the difference between what the browser claims and what is actually detected.

Question 16

Can ShieldLabs detect fake accounts and multi-accounting?

Accepted Answer

Yes. The system builds an identity graph linking visitors, devices, and accounts across sessions. When the same person creates multiple accounts — even using different IPs, browsers, or anti-detect tools — the system connects them through shared device and network characteristics.

Question 17

Can ShieldLabs detect account takeover?

Accepted Answer

Yes. When an account is accessed from an unrecognized device, suspicious connection, or unusual location, the system flags it as a potential account takeover.

Question 18

Can ShieldLabs detect location spoofing?

Accepted Answer

Yes. The system detects timezone and geolocation mismatches between what the browser reports and what the IP and network reveal — indicating masked or spoofed visitor location.

Question 19

Does ShieldLabs detect account sharing?

Accepted Answer

Yes. When multiple devices, locations, and network signatures access the same account, the system flags it as potential account sharing — helping protect subscription value and enforce per-user access.

Question 20

What is Risk Score?

Accepted Answer

Risk Score is a numerical assessment of explainable risk for every visit. It is calculated from anonymity indicators, cross-layer mismatches, and network signals. A high score indicates an increased probability of an anonymous or masked visit. Every score includes clear reasons for every contributing factor.

Question 21

How is Risk Score calculated?

Accepted Answer

Each detected signal contributes to the final score - VPN detection, proxy connection, OS mismatch between browser and network, timezone conflict, data center IP, and more. Risk score reflects the cumulative risk level and explains each factor.

Question 22

What is traffic risk level?

Accepted Answer

Traffic risk level is an overall assessment of anonymity across all your traffic. It shows what percentage of visitors are clean, low risk, medium risk, or high risk - giving you visibility into overall traffic quality.

Question 23

Does ShieldLabs automatically block users?

Accepted Answer

No. ShieldLabs provides risk score, scoring reasons, and detailed visitor data. The blocking decision is made by you - either manually or through automated rules you configure.

Question 24

What is an identity graph?

Accepted Answer

An identity graph is a map of connections between visitors, devices, and accounts. ShieldLabs builds this graph automatically by linking persistent visitor IDs, device fingerprints, and network signals across all sessions — revealing which accounts are connected and the risk level of each connection.

Question 25

What are abuse patterns?

Accepted Answer

Abuse patterns are ready-made detection rules that identify suspicious connections between visitors, devices, and accounts — such as many accounts on one device, changing IDs on one account, or many devices on one account. Each pattern flags potential multi-accounting, account sharing, ban evasion, or coordinated abuse.

Question 26

What is traffic quality?

Accepted Answer

Traffic quality is a measure of how much of your traffic comes from real, identifiable visitors versus anonymous, masked, or suspicious traffic. ShieldLabs assigns a risk level to your overall traffic and a risk score to every visitor.

Question 27

How long does integration take?

Accepted Answer

Integration takes approximately 5 minutes. Add a code snippet to your site, and the system immediately begins anonymous visitor identification and real-time traffic analysis.

Question 28

Which frameworks are supported?

Accepted Answer

ShieldLabs supports JavaScript, Next.js, React, Angular, Vue.js, Preact, and Svelte.

Question 29

Does ShieldLabs provide API and Webhooks?

Accepted Answer

Yes. Risk score, visitor IDs, and detailed detection signals are available via API and Webhooks in real time for automation of fraud prevention rules and protection scenarios.

Question 30

Does ShieldLabs affect real users?

Accepted Answer

No. The system operates in the background and does not require any additional actions from visitors. No CAPTCHAs, no challenges, no friction.

Question 31

How does pricing work?

Accepted Answer

ShieldLabs offers transparent per-request pricing with a free tier. Start free, scale as you grow. No enterprise contracts, no "Contact Sales."

Question 32

Is there a free plan?

Accepted Answer

Yes. The free plan includes 5,000 requests for initial traffic quality check and anonymous visitor identification.

Network signals

What is TLS fingerprinting? How JA3 and JA4 identify a client

What IP reputation is, and why an IP score alone won't catch fraud

JA4 fingerprinting explained: how it improves on JA3, and what it actually identifies

How to detect VPNs in 2026

Proxy detection for fraud prevention: how to identify hidden traffic sources