How often do you feel that there is something wrong with the email address of that new customer? The username and the domain look suspicious. With the new risk assessment features of the Email Verification API, you can get enough insights to make informed decisions about your users in real-time.
The Problem
There is a rising wave of abusers that sign up to services offering freemium or free-trial. Typically they want to exploit the resource you offer (compute, streaming, APIs, etc). The tension lies between converting more vs stopping these abusers.
One way to stop them, without introducing much friction, is to verify if their email is legitimate (without sending all users an email). This is what the Auth0 Signals Email Verification API provides.
What is the Auth0 Signals API?
The Auth0 Signals API is a standalone free service for the community. The service consists of an HTTP API that allows you to detect the reputation of an Email address or the IP address. The API checks the Email and/or IP address against several public denylists to evaluate its reputation. It responds with data about the originator and a score indicating the reliability level of the Email or IP address. Having this information enables you to detect malicious activities proactively.
Join the Auth0 Hackathon to win $10,000 in prizes and swag!
When to use Email Verification signal?
The Email Verification signal provides a continually curated and accurate Email reputation data. It takes the hard work out of consuming Open-Source Intelligence (OSINT) by curating, parsing, and normalizing numerous denylists. Auth0 uses this data to protect its own service.
There are two main use cases for this API:
- Real-time risk assessment: Developers can embed into their code requests to the API and detect malicious activity proactively, not reactively. For example, automatically checking Email reputation during the authentication flow. With a disclaimer that it’s free, no SLA and rate limits are in place.
- Incident response and forensics: When security experts identify an incident, they begin investigation and response processes to determine if a genuine security incident occurred, its scope, and the best way to remediate the threat. The API and some assessment tools will become part of the Security professionals swiss army knife.
Auth0 Email verification signal enables all users to obtain a score that indicates the risk level of an analyzed Email address. The overall process involves an in-depth analysis of each email, combining several validation techniques based on custom-built algorithms scoring the legitimacy of an email. Clean and valid email addresses will have a neutral score. Suspicious addresses will have a negative rating: the more negative the score, the more probability of being an address with a low reputation.
#auth0 #api #auth0 signals
