Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Stytch's Fraud Prevention Framework: Beyond Whack-a-Mole

2025-06-11
Stytch's Fraud Prevention Framework: Beyond Whack-a-Mole

Traditional fraud prevention feels like a never-ending game of whack-a-mole. Stytch introduces a four-stage framework: signal gathering, decisioning, enforcement, and analysis/feedback. This framework collects user activity data, makes decisions based on that data, enforces security measures, and iteratively improves detection. The article uses sophisticated credential stuffing attacks as an example, showing how device fingerprinting enhances signal gathering and decision-making to effectively counter attacks. Stytch's Device Fingerprinting focuses on signal gathering and decisioning, avoiding a 'black box' approach and empowering users with flexible control over enforcement, acting as a reliable partner in the fight against fraud.

Read more
(stytch.com)
Tech device fingerprinting security framework

LLM Agents: The New DX Standard for API Development

2025-05-20
LLM Agents: The New DX Standard for API Development

LLM-powered agents are becoming tireless junior developers. They read API docs, issue requests, parse errors, and retry until success. However, API developer experience (DX) is crucial. If an agent stalls due to poor documentation or unclear error messages, human developers will likely hit the same roadblocks. Improving API documentation, providing clear and detailed error messages, and ensuring consistency significantly enhances DX and makes agents more efficient. This benefits human developers and allows agents to act as automated testers, catching issues early.

Read more
(stytch.com)
Development API Development

AI Agent Traffic: The New Bot Detection Challenge

2025-02-14
AI Agent Traffic: The New Bot Detection Challenge

AI agent tools like OpenAI's Operator can mimic real user behavior, improving UX but also enabling abuse. Traditional bot detection methods (CAPTCHAs, IP blocking, user-agent filtering) are ineffective against modern AI agents, as they simulate real IP addresses, user agents, and mouse behavior. OpenAI and BrowserBase's agents are easier to detect because they run in cloud datacenters; Anthropic's agents can run locally, making them harder to detect. Some sites (like Reddit and YouTube) are blocking AI agent traffic, but many lack effective detection mechanisms, creating opportunities for malicious attacks. Future detection will rely on machine learning-based browser "lie detectors".

Read more
(stytch.com)
Tech bot detection

Agent Experience (AX): Designing for the Rise of AI Agents

2025-02-07
Agent Experience (AX): Designing for the Rise of AI Agents

AI agents like ChatGPT are revolutionizing how we interact with apps. This article argues that we need to shift from focusing solely on User Experience (UX) to Agent Experience (AX), emphasizing secure, transparent, and user-consented machine access to data and actions. OAuth is presented as the key to secure, controlled agent access, offering granular permissions and revocation. Key elements for great AX include clean APIs, easy onboarding, frictionless agent operations, and tiered authentication. The article concludes by advocating for all apps to become OAuth providers, building an open AX ecosystem for a competitive advantage.

Read more
(stytch.com)
AI AI Agents Agent Experience