[{"data":1,"prerenderedAt":319},["ShallowReactive",2],{"docsv3-nav":3,"\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffake-account":198},[4],{"title":5,"path":6,"stem":7,"children":8,"page":188},"V3","\u002Fdocs\u002Fv3","1.docs\u002Fv3",[9,13,17,21,38,87,189],{"title":10,"path":11,"stem":12},"Introduction","\u002Fdocs\u002Fv3\u002Fintroduction","1.docs\u002Fv3\u002F1.Introduction",{"title":14,"path":15,"stem":16},"Quick start","\u002Fdocs\u002Fv3\u002Fquick-start","1.docs\u002Fv3\u002F2.Quick start",{"title":18,"path":19,"stem":20},"Challenge flow","\u002Fdocs\u002Fv3\u002Fchallenge-flow","1.docs\u002Fv3\u002F3.Challenge flow",{"title":22,"path":23,"stem":24,"children":25},"Fundamentals","\u002Fdocs\u002Fv3\u002Ffundamentals","1.docs\u002Fv3\u002F4.fundamentals",[26,30,34],{"title":27,"path":28,"stem":29},"Signup protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Fsignup-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F00.Signup protection",{"title":31,"path":32,"stem":33},"Login protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Flogin-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F01.Login protection",{"title":35,"path":36,"stem":37},"Access protection","\u002Fdocs\u002Fv3\u002Ffundamentals\u002Faccess-protection","1.docs\u002Fv3\u002F4.fundamentals\u002F02.Access protection",{"title":39,"path":40,"stem":41,"children":42},"Guides","\u002Fdocs\u002Fv3\u002Fguides","1.docs\u002Fv3\u002F5.guides",[43,47,51,55,59,63,67,71,75,79,83],{"title":44,"path":45,"stem":46},"Account sharing prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Faccount-sharing-prevention","1.docs\u002Fv3\u002F5.guides\u002F1.Account sharing prevention",{"title":48,"path":49,"stem":50},"Web scraping prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fweb-scraping-prevention","1.docs\u002Fv3\u002F5.guides\u002F13.Web scraping prevention",{"title":52,"path":53,"stem":54},"Ban enforcement","\u002Fdocs\u002Fv3\u002Fguides\u002Fban-enforcement","1.docs\u002Fv3\u002F5.guides\u002F14.Ban enforcement",{"title":56,"path":57,"stem":58},"Chargeback dispute","\u002Fdocs\u002Fv3\u002Fguides\u002Fchargeback-dispute","1.docs\u002Fv3\u002F5.guides\u002F15.Chargeback dispute",{"title":60,"path":61,"stem":62},"Multi-accounting prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fmulti-accounting-prevention","1.docs\u002Fv3\u002F5.guides\u002F16.Multi-accounting prevention",{"title":64,"path":65,"stem":66},"Account takeover prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Faccount-takeover-prevention","1.docs\u002Fv3\u002F5.guides\u002F2.Account takeover prevention",{"title":68,"path":69,"stem":70},"Risky transaction prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Frisky-transaction-prevention","1.docs\u002Fv3\u002F5.guides\u002F20.Risky transaction prevention",{"title":72,"path":73,"stem":74},"Fake account detection","\u002Fdocs\u002Fv3\u002Fguides\u002Ffake-account-detection","1.docs\u002Fv3\u002F5.guides\u002F3.Fake account detection",{"title":76,"path":77,"stem":78},"Bot detection","\u002Fdocs\u002Fv3\u002Fguides\u002Fbot-detection","1.docs\u002Fv3\u002F5.guides\u002F4.Bot detection",{"title":80,"path":81,"stem":82},"Card testing prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fcard-testing-prevention","1.docs\u002Fv3\u002F5.guides\u002F5.Card testing prevention",{"title":84,"path":85,"stem":86},"Incentive abuse prevention","\u002Fdocs\u002Fv3\u002Fguides\u002Fincentive-abuse-prevention","1.docs\u002Fv3\u002F5.guides\u002F9.Incentive abuse prevention",{"title":88,"path":89,"stem":90,"children":91,"page":188},"Concepts","\u002Fdocs\u002Fv3\u002Fconcepts","1.docs\u002Fv3\u002F6.concepts",[92,96,100,104,108,112,116,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184],{"title":93,"path":94,"stem":95},"Evaluations","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fevaluations","1.docs\u002Fv3\u002F6.concepts\u002F01.evaluations",{"title":97,"path":98,"stem":99},"Actions","\u002Fdocs\u002Fv3\u002Fconcepts\u002Factions","1.docs\u002Fv3\u002F6.concepts\u002F02.actions",{"title":101,"path":102,"stem":103},"Signals","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fsignals","1.docs\u002Fv3\u002F6.concepts\u002F03.signals",{"title":105,"path":106,"stem":107},"Checks","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchecks","1.docs\u002Fv3\u002F6.concepts\u002F04.checks",{"title":109,"path":110,"stem":111},"Risks","\u002Fdocs\u002Fv3\u002Fconcepts\u002Frisks","1.docs\u002Fv3\u002F6.concepts\u002F05.risks",{"title":113,"path":114,"stem":115},"Verdicts","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fverdicts","1.docs\u002Fv3\u002F6.concepts\u002F06.verdicts",{"title":117,"path":118,"stem":119},"Policies","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fpolicies","1.docs\u002Fv3\u002F6.concepts\u002F07.policies",{"title":121,"path":122,"stem":123},"Challenges","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchallenges","1.docs\u002Fv3\u002F6.concepts\u002F08.challenges",{"title":125,"path":126,"stem":127},"Concurrency","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fconcurrency","1.docs\u002Fv3\u002F6.concepts\u002F09.concurrency",{"title":129,"path":130,"stem":131},"Impossible travel","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fimpossible-travel","1.docs\u002Fv3\u002F6.concepts\u002F10.impossible-travel",{"title":133,"path":134,"stem":135},"Bots","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fbots","1.docs\u002Fv3\u002F6.concepts\u002F11.bots",{"title":137,"path":138,"stem":139},"Devices","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fdevices","1.docs\u002Fv3\u002F6.concepts\u002F12.devices",{"title":141,"path":142,"stem":143},"Fingerprints","\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffingerprints","1.docs\u002Fv3\u002F6.concepts\u002F13.fingerprints",{"title":145,"path":146,"stem":147},"People","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fpeople","1.docs\u002Fv3\u002F6.concepts\u002F14.people",{"title":149,"path":150,"stem":151},"Lists","\u002Fdocs\u002Fv3\u002Fconcepts\u002Flists","1.docs\u002Fv3\u002F6.concepts\u002F15.lists",{"title":153,"path":154,"stem":155},"Account takeover","\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-takeover","1.docs\u002Fv3\u002F6.concepts\u002F16.account-takeover",{"title":157,"path":158,"stem":159},"Account sharing","\u002Fdocs\u002Fv3\u002Fconcepts\u002Faccount-sharing","1.docs\u002Fv3\u002F6.concepts\u002F17.account-sharing",{"title":161,"path":162,"stem":163},"Fake account","\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffake-account","1.docs\u002Fv3\u002F6.concepts\u002F18.fake-account",{"title":165,"path":166,"stem":167},"Scraping","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fscraping","1.docs\u002Fv3\u002F6.concepts\u002F19.scraping",{"title":169,"path":170,"stem":171},"Linked accounts","\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts","1.docs\u002Fv3\u002F6.concepts\u002F20.linked-accounts",{"title":173,"path":174,"stem":175},"New IP","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fip","1.docs\u002Fv3\u002F6.concepts\u002F21.ip",{"title":177,"path":178,"stem":179},"Anonymizing network","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fanonymizing-network","1.docs\u002Fv3\u002F6.concepts\u002F22.anonymizing-network",{"title":181,"path":182,"stem":183},"Email quality","\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail","1.docs\u002Fv3\u002F6.concepts\u002F23.email",{"title":185,"path":186,"stem":187},"Velocity","\u002Fdocs\u002Fv3\u002Fconcepts\u002Fvelocity","1.docs\u002Fv3\u002F6.concepts\u002F24.velocity",false,{"title":190,"path":191,"stem":192,"children":193,"page":188},"Advanced","\u002Fdocs\u002Fv3\u002Fadvanced","1.docs\u002Fv3\u002F7.Advanced",[194],{"title":195,"path":196,"stem":197},"Proxy setup","\u002Fdocs\u002Fv3\u002Fadvanced\u002Fproxy-setup","1.docs\u002Fv3\u002F7.Advanced\u002F1.Proxy-setup",{"id":199,"title":161,"body":200,"description":312,"extension":313,"meta":314,"navigation":315,"path":162,"rawbody":316,"seo":317,"stem":163,"__hash__":318},"docsv3\u002F1.docs\u002Fv3\u002F6.concepts\u002F18.fake-account.md",{"type":201,"value":202,"toc":306},"minimark",[203,207,211,224,229,240,269,280,284],[204,205,161],"h1",{"id":206},"fake-account",[208,209,210],"p",{},"A fake account is one created by someone who isn't a genuine new customer: bulk signups for fraud, trial farming, review manipulation, ban evasion, or seeding a botnet. The goal is volume, so the fastest tell is the identity attached to the signup. Real people sign up with an email address they actually keep. Bulk registration leans on throwaway inboxes and shortcuts no human bothers with.",[208,212,213,214,218,219,223],{},"Rupt scores this risk on the ",[215,216,217],"code",{},"signup"," ",[220,221,222],"a",{"href":98},"action",".",[225,226,228],"h2",{"id":227},"what-rupt-looks-for","What Rupt looks for",[208,230,231,232,235,236,239],{},"The headline ",[220,233,234],{"href":106},"checks"," are all about the ",[220,237,238],{"href":182},"email"," provided:",[241,242,243,251,257,263],"ul",{},[244,245,246,250],"li",{},[247,248,249],"strong",{},"Disposable email",": the address comes from a throwaway provider built to vanish after one use.",[244,252,253,256],{},[247,254,255],{},"Invalid email",": the domain has no working mail server, so the address can't receive anything.",[244,258,259,262],{},[247,260,261],{},"Unverified email",": the user never confirmed they control the inbox.",[244,264,265,268],{},[247,266,267],{},"Webmail email",": a free consumer provider. Weak on its own (most real people use Gmail), but it adds up with the others.",[208,270,271,272,275,276,279],{},"Rupt also scores ",[220,273,274],{"href":170},"linked accounts"," at signup: if the same ",[220,277,278],{"href":142},"fingerprint"," is registering account after account, that's a stronger fraud signal than any single email property.",[225,281,283],{"id":282},"severity-and-response","Severity and response",[208,285,286,287,218,290,293,294,297,298,301,302,305],{},"The checks combine into a ",[215,288,289],{},"fake_account",[220,291,292],{"href":110},"risk"," severity. Because email quality is cheap to fake and easy to get wrong honestly, blocking outright catches real users too. Most teams ",[220,295,296],{"href":122},"challenge"," the borderline cases and reserve a hard ",[215,299,300],{},"deny"," for the unmistakable ones: a disposable address from a fingerprint that just made ten other accounts. Your ",[220,303,304],{"href":118},"policies"," draw the line.",{"title":307,"searchDepth":308,"depth":308,"links":309},"",2,[310,311],{"id":227,"depth":308,"text":228},{"id":282,"depth":308,"text":283},"A fake account is a signup that doesn't belong to a real person, created in bulk for fraud, abuse, or farming free trials. Rupt scores it at signup, mostly from the quality of the email provided.","md",{},true,"---\ntitle: Fake account\ndescription: A fake account is a signup that doesn't belong to a real person, created in bulk for fraud, abuse, or farming free trials. Rupt scores it at signup, mostly from the quality of the email provided.\n---\n\n# Fake account\n\nA fake account is one created by someone who isn't a genuine new customer: bulk signups for fraud, trial farming, review manipulation, ban evasion, or seeding a botnet. The goal is volume, so the fastest tell is the identity attached to the signup. Real people sign up with an email address they actually keep. Bulk registration leans on throwaway inboxes and shortcuts no human bothers with.\n\nRupt scores this risk on the `signup` [action](\u002Fdocs\u002Fv3\u002Fconcepts\u002Factions).\n\n## What Rupt looks for\n\nThe headline [checks](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchecks) are all about the [email](\u002Fdocs\u002Fv3\u002Fconcepts\u002Femail) provided:\n\n- **Disposable email**: the address comes from a throwaway provider built to vanish after one use.\n- **Invalid email**: the domain has no working mail server, so the address can't receive anything.\n- **Unverified email**: the user never confirmed they control the inbox.\n- **Webmail email**: a free consumer provider. Weak on its own (most real people use Gmail), but it adds up with the others.\n\nRupt also scores [linked accounts](\u002Fdocs\u002Fv3\u002Fconcepts\u002Flinked-accounts) at signup: if the same [fingerprint](\u002Fdocs\u002Fv3\u002Fconcepts\u002Ffingerprints) is registering account after account, that's a stronger fraud signal than any single email property.\n\n## Severity and response\n\nThe checks combine into a `fake_account` [risk](\u002Fdocs\u002Fv3\u002Fconcepts\u002Frisks) severity. Because email quality is cheap to fake and easy to get wrong honestly, blocking outright catches real users too. Most teams [challenge](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fchallenges) the borderline cases and reserve a hard `deny` for the unmistakable ones: a disposable address from a fingerprint that just made ten other accounts. Your [policies](\u002Fdocs\u002Fv3\u002Fconcepts\u002Fpolicies) draw the line.\n",{"title":161,"description":312},"HdXMLCt-tgP--0hRoinRBrwmKJpQYhSjzdCTGjwY68Q",1780344893598]