ShieldLabs

ShieldLabs

Frequently asked questions

Answers about how ShieldLabs works: identification, anonymity detection, explainable risk scoring, patterns, pricing, and the five-minute install. Still have a question? Contact us.

Browse all questions

What is ShieldLabs?
ShieldLabs is a visitor identification and anonymous-visitor detection platform, and a visitor identification API for fraud prevention. It helps you identify anonymous visitors, detects anonymity at any level, and returns an explainable risk score with the signals behind it, along with ready-made patterns that point to abuse and fraud.
How does ShieldLabs work?
You add one JavaScript snippet to your site. On every visit, ShieldLabs collects 100+ signals across device and network, identifies the visitor, and delivers an explainable risk score from 0 to 100 through an API and webhooks. Your own code decides what to do with each score.
What is ShieldLabs used for?
ShieldLabs is used to identify anonymous visitors, assess traffic quality, and detect abuse activity such as multi-accounting, fake account creation, account takeover, free trial abuse, bonus abuse, ban evasion, referral fraud, account sharing, coupon abuse, subscription abuse, giveaway fraud, voting manipulation, and survey fraud.
Who is ShieldLabs for?
ShieldLabs is best for startups, small-to-mid-sized businesses, and digital platforms with medium to high traffic volume that need a cost-effective anonymous visitor identification solution. Built for product, fraud, and growth teams at SaaS platforms, fintech, iGaming, e-commerce, Web3, media and streaming, travel, and technology platforms - any business dealing with anonymous traffic and abuse.
Can I use ShieldLabs as a visitor identification API for fraud prevention?
Yes. ShieldLabs is a visitor identification API for fraud prevention. You add one JavaScript snippet, and every visit returns a persistent visitor ID, the anonymity signals behind it such as VPN, proxy, Tor, and anti-detect browser, and an explainable risk score from 0 to 100 over an API and webhooks. Your own code decides whether to allow, review, or block, so ShieldLabs surfaces the signals and you set the rules.
How is ShieldLabs different from traditional abuse prevention platforms?
ShieldLabs gives you the kind of visitor identification and abuse detection that large platforms build in-house, but as a self-serve service: transparent pricing that scales with traffic, integration in about 5 minutes, and an explainable risk score you control. No "Contact Sales," no enterprise contracts.
What can ShieldLabs detect?
ShieldLabs detects VPN, proxy, Tor, iCloud Private Relay, anti-detect browsers, datacenter and hosting infrastructure, IP reputation, environment spoofing, device tampering, OS mismatch, location and geolocation spoofing, timezone mismatches, and incognito mode. It also recognizes returning visitors even after cleared cookies and rotated IPs, and surfaces patterns that point to multi-accounting, account sharing, account takeover, and ban evasion. All detection works in real time.
Does ShieldLabs detect anti-detect browsers?
Yes. Anti-detect browsers are designed to mask device fingerprints and rotate identities. ShieldLabs detects them through cross-layer mismatch analysis, identifying the difference between what the browser claims and what is actually detected.
Can ShieldLabs detect a visitor in incognito mode or on a VPN?
Yes. Device and browser fingerprinting signals remain consistent even in incognito mode. VPN connections are detected through IP intelligence and cross-layer mismatch analysis. ShieldLabs identifies the visitor in both cases.
Can ShieldLabs detect fake accounts and multi-accounting?
Yes. The system builds an identity graph linking visitors, devices, and accounts across sessions. When the same person creates multiple accounts, even using different IPs, browsers, or anti-detect tools, the system connects them through shared device and network characteristics.
Can ShieldLabs detect account takeover?
Yes. When an account is accessed from an unrecognized device, suspicious connection, or unusual location, the system flags it as a potential account takeover.
Does ShieldLabs detect account sharing?
Yes. When multiple devices, locations, and network signatures access the same account, the system flags it as potential account sharing, helping protect subscription value and enforce per-user access.
Can ShieldLabs detect location spoofing?
Yes. The system detects timezone and geolocation mismatches between what the browser reports and what the IP and network reveal, indicating masked or spoofed visitor location.
Can a visitor be recognized when IP changes?
Yes. ShieldLabs generates a persistent visitor ID. This identifier remains stable across sessions even when the visitor changes IP, clears cookies, switches to incognito mode, or creates a new account.
What is a persistent visitor ID?
A persistent visitor ID is a stable identifier assigned to each visitor. Unlike cookies or IP addresses, it survives IP rotation, cookie clearing, incognito mode, and account changes - allowing real-time recognition of returning visitors regardless of how they try to hide.
What is browser fingerprinting?
Browser fingerprinting is a technique for identifying website visitors by collecting unique browser signals such as browser version, preferred language, screen resolution, installed fonts, and graphics rendering. These signals are combined to generate a unique identifier that recognizes the visitor across sessions, even without cookies.
What is device fingerprinting?
Device fingerprinting identifies a visitor based on hardware and operating system signals such as device type, OS version, memory, processor, and screen parameters. Combined with browser fingerprinting, it produces a more stable and accurate identification.
How does device fingerprinting differ from browser fingerprinting?
Browser fingerprinting collects signals from the browser, version, language, plugins, screen resolution. Device fingerprinting collects signals from the hardware and operating system, device type, OS, memory, processor. ShieldLabs combines both to generate a persistent visitor ID with higher accuracy than either method alone.
Does ShieldLabs do device fingerprinting or browser fingerprinting?
Both. ShieldLabs analyzes 100+ signals across device, operating system, and browser to generate a persistent visitor ID. It then cross-validates these signals against network and IP data to detect mismatches and expose anonymous visitors.
Is browser fingerprinting safe?
For businesses, browser fingerprinting is used to identify anonymous visitors and distinguish between legitimate users and potentially fraudulent ones. ShieldLabs does not track users across sites and does not collect personally identifiable information during the fingerprinting process. For visitors, the process is invisible and adds no friction to their experience.
What is an identity graph?
An identity graph is a map of connections between visitors, devices, and accounts. ShieldLabs builds this graph automatically by linking persistent visitor IDs, device fingerprints, and network signals across all sessions, revealing which accounts are connected and the risk level of each connection.
What is Risk Score?
Risk Score is a numerical assessment of explainable risk for every visit. It is calculated from anonymity indicators, cross-layer mismatches, and network signals. A high score indicates an increased probability of an anonymous or masked visit. Every score includes clear reasons for every contributing factor.
How is Risk Score calculated?
Each detected signal contributes to the final score - VPN detection, proxy connection, OS mismatch between browser and network, timezone conflict, data center IP, and more. Risk score reflects the cumulative risk level and explains each factor.
What is traffic risk level?
Traffic risk level is an overall assessment of anonymity across all your traffic. It shows what percentage of visitors are clean, low risk, medium risk, or high risk - giving you visibility into overall traffic quality.
What are patterns?
Patterns are pre-built detections that correlate suspicious connections between visitors, devices, and accounts, such as many accounts on one device, changing IDs on one account, or many devices on one account. Each pattern flags potential multi-accounting, account sharing, ban evasion, or coordinated abuse, graded by severity in the analytics dashboard.
What is traffic quality?
Traffic quality is a measure of how much of your traffic comes from real, identifiable visitors versus anonymous, masked, or suspicious traffic. ShieldLabs assigns a risk level to your overall traffic and a risk score to every visitor.
Does ShieldLabs block fraud?
No. ShieldLabs is the detection layer. It surfaces the anonymity signals and an explainable risk score, and your own code owns the decision to allow, review, or block. You set the rules and build them in your own code using the API and webhooks.
Does ShieldLabs affect real users?
No. The system operates in the background and does not require any additional actions from visitors. No CAPTCHAs, no challenges, no friction.
How accurate is ShieldLabs?
ShieldLabs identifies visitors with up to 99% accuracy by correlating signals across device and network layers, rather than relying on a single cookie or IP address that breaks within weeks.
How long does integration take?
Integration takes approximately 5 minutes. Add a code snippet to your site, and the system immediately begins anonymous visitor identification and real-time traffic analysis.
Which frameworks are supported?
ShieldLabs works with any stack. The JavaScript snippet drops into a framework, a CMS, or a no-code builder, with ready integrations for JavaScript, WordPress, Shopify, Tilda, Next.js, React, Angular, Vue.js, Preact, and Svelte.
Does ShieldLabs provide API and Webhooks?
Yes. Risk score, visitor IDs, and detailed detection signals are available via API and Webhooks in real time, so your own code can automate the fraud prevention rules you build on top.
How does pricing work?
ShieldLabs has transparent, self-serve pricing that scales with your traffic, billed per identification. It starts at $0 for a one-time 5,000 identifications, then $99 per month for 25,000, $399 per month for 150,000, and $999 per month for 500,000, with the full feature set on every tier. No enterprise contracts, no "Contact Sales."
Is there a free tier?
Yes. ShieldLabs starts at $0 with a one-time 5,000 free identifications, so you can identify anonymous visitors and score your traffic today. From there, transparent pricing scales with your needs, starting at $99 per month for 25,000 identifications. Every tier includes the API and webhooks.