Quickstart

Stop fraud in under 10 minutes with Guardian's comprehensive fraud detection platform.

Guardian Stack is a fraud detection platform that helps businesses protect their applications from bots, account takeover, VPN abuse, browser tampering, and sophisticated fraud attempts. Guardian Stack capabilities include:

Real-time fraud detection

Identify bots, VPNs, incognito browsing, and browser tampering with enterprise-grade accuracy.

Risk assessment

Get actionable fraud signals and confidence scores for every visitor interaction.

Developer-friendly

Simple 3-line integration that works with any stack.

1. Get your API keys

Copy your Site Key (for client-side integration)
Copy your Secret Key (for server-side event retrieval)

👉 Get started for free: Sign up and get your API keys

2. Add the client-side agent

Install the Guardian JS SDK to collect fraud signals from browsers:

npm install @guardianstack/guardian-js
# or
yarn add @guardianstack/guardian-js

Usage:

import { loadAgent } from '@guardianstack/guardian-js';

// Initialize the agent once when your app starts
const guardian = await loadAgent({ 
  siteKey: 'YOUR_SITE_KEY' 
});

// Call .get() when you need fraud protection (login, signup, payment, etc.)
// Don't call on every page load - only for critical user actions
const response = await guardian.get();

const requestId = response?.requestId;

// Send requestId to your server for fraud analysis
// Your backend will use this ID to get the full fraud assessment

3. Get fraud signals on your server

Install the server SDK to analyze fraud signals:

import {
  createGuardianClient,
  isBot,
  isVPN,
  isTampering,
  isIncognito,
  isVirtualized,
} from '@guardianstack/guardianjs-server';

// Initialize the client once in your app with your secret key
const client = createGuardianClient({
  secret: process.env.GUARDIAN_SECRET_KEY
});

// In your API route handler (e.g., /api/login, /api/signup)
// Use the requestId from the client-side guardian.get() call
const event = await client.getEvent(requestId);

// Get simple boolean fraud indicators for quick decisions
const risks = {
  bot: isBot(event),                 // Selenium, Puppeteer, headless browsers
  vpn: isVPN(event),                 // VPN/proxy usage detection
  tampering: isTampering(event),     // Anti-detect browsers, spoofed APIs
  incognito: isIncognito(event),     // Private/incognito browsing mode
  virtualized: isVirtualized(event)  // VM or emulated environments
};

// Now make your fraud decision based on these risks

You can also call the Guardian Stack API directly from your backend without using the server SDK:

curl --location \
  --retry 5 \
  --retry-max-time 60 \
  --header 'Accept: application/json' \
  'https://api.guardianstack.ai/request/event/YOUR_EVENT_ID?secret=YOUR_GUARDIAN_SECRET_KEY'

Make sure to replace YOUR_EVENT_ID and YOUR_GUARDIAN_SECRET_KEY.

Example response:

{
    "identification": {
        "id": "example-request-id",
        "visitorId": "example-visitor-id",
        "ip": "192.0.2.1",
        "timestamp": "2025-01-01T12:00:00.000Z",
        "url": "https://example.com/",
        "location": {
            "is_eu_member": true,
            "calling_code": "1",
            "currency_code": "USD",
            "continent": "NA",
            "country": "United States",
            "country_code": "US",
            "state": "California",
            "city": "San Francisco",
            "latitude": 37.7749,
            "longitude": -122.4194,
            "zip": "94103",
            "timezone": "America/Los_Angeles",
            "local_time": "2025-01-01T04:00:00-08:00",
            "is_dst": false
        },
        "browser": {
            "browserName": "Chrome",
            "browserMajorVersion": "120",
            "browserFullVersion": "120.0.0.0",
            "platform": "Win32",
            "os": "Windows",
            "osVersion": "10",
            "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
        }
    },
    "botDetection": {
        "detected": true,
        "score": 0.85,
        "automationSignalsPresent": true,
        "indicators": [
            {
                "source": "automation_api",
                "confidence": "high"
            }
        ]
    },
    "ipInfo": {
        "ip": "192.0.2.1",
        "rir": "ARIN",
        "is_bogon": false,
        "is_mobile": false,
        "is_satellite": false,
        "is_crawler": true,
        "is_datacenter": true,
        "is_tor": false,
        "is_proxy": true,
        "is_vpn": true,
        "is_abuser": false,
        "company": {
            "name": "Example Hosting",
            "abuser_score": "0.2 (Low)",
            "domain": "example.com",
            "type": "hosting",
            "network": "192.0.2.0/24"
        },
        "abuse": {
            "name": "Abuse Department",
            "address": "123 Example St, San Francisco, CA",
            "email": "[email protected]",
            "phone": "+1-555-123-4567"
        },
        "asn": {
            "asn": 12345,
            "abuser_score": "0.1 (Low)",
            "route": "192.0.2.0/24",
            "descr": "EXAMPLE-ASN",
            "country": "us",
            "active": true,
            "org": "Example Organization",
            "domain": "example.com",
            "abuse": "[email protected]",
            "type": "hosting",
            "created": "2000-01-01",
            "updated": "2020-01-01",
            "rir": "ARIN"
        },
        "location": {
            "is_eu_member": true,
            "calling_code": "1",
            "currency_code": "USD",
            "continent": "NA",
            "country": "United States",
            "country_code": "US",
            "state": "California",
            "city": "San Francisco",
            "latitude": 37.7749,
            "longitude": -122.4194,
            "zip": "94103",
            "timezone": "America/Los_Angeles",
            "local_time": "2025-01-01T04:00:00-08:00",
            "local_time_unix": 1735837200,
            "is_dst": false
        },
        "elapsed_ms": 0.5
    },
    "vpn": {
        "detected": true,
        "confidence": "high",
        "browserTimezone": "Europe/London",
        "ipTimezone": "America/Los_Angeles",
        "timezoneDifference": 8
    },
    "tampering": {
        "detected": true,
        "anomalyScore": 0.75,
        "antiDetectBrowser": true,
        "indicators": [
            {
                "source": "browser_api_inconsistency",
                "severity": "high"
            },
            {
                "source": "viewport_screen_mismatch",
                "severity": "medium"
            }
        ]
    },
    "privacySettings": {
        "detected": true,
        "score": 0.6,
        "indicators": [
            {
                "source": "storage_blocked",
                "confidence": "medium"
            }
        ]
    },
    "virtualization": {
        "detected": true,
        "confidence": "high",
        "indicators": [
            {
                "source": "vm_hardware_detected",
                "confidence": "high"
            },
            {
                "source": "performance_metrics",
                "confidence": "medium"
            }
        ]
    },
    "incognito": {
        "detected": true,
        "score": 0.9,
        "indicators": [
            {
                "source": "storage_anomaly",
                "confidence": "high"
            }
        ]
    },
    "velocity": {
        "5m": 25,
        "1h": 120,
        "24h": 500
    }
}

4. Make fraud decisions

Use the fraud signals to protect your application:

// Example fraud prevention logic in your API endpoint
// Adjust thresholds based on your risk tolerance and user experience goals

if (risks.bot || risks.tampering || risks.virtualized) {
  // High-risk indicators: automated attacks, spoofed environments
  // These almost always indicate malicious intent
  return { action: 'block', reason: 'Suspicious automation detected' };
}

if (risks.vpn && risks.incognito) {
  // Medium-risk: privacy tools + anonymization
  // Could be legitimate privacy-conscious users or fraud attempts
  return { action: 'challenge', reason: 'Additional verification required' };
}

// Low-risk: Normal user behavior
// Let the request proceed without friction
return { action: 'allow' };

// Pro tip: You can also combine with other signals like:
// - Geographic anomalies (user suddenly in different country)
// - Velocity checks (too many requests too quickly)
// - Account history (new account vs established user)

🎉 You're protected!

Congratulations! You now have enterprise-grade fraud detection running in your application. Here's what you've accomplished:

✅ Real-time fraud detection - Your app now identifies bots, VPNs, and suspicious behavior

✅ Risk-based decisions - You can block, challenge, or allow users based on fraud signals

✅ Production-ready - Your integration is secure and scales with your traffic

👉 See Guardian in action, Get started for free: Sign up and get your API keys

PreviousWelcome to Guardian NextGuardian Engine

Last updated 3 days ago

Was this helpful?

Good morning

Real-time fraud detection

Risk assessment

Developer-friendly

1. Get your API keys

2. Add the client-side agent

3. Get fraud signals on your server

4. Make fraud decisions

🎉 You're protected!