Castle can now detect when a user is on a phone call during sensitive actions like login or transactions. This helps you catch social engineering attacks, where a scammer calls the victim and walks them through actions while simultaneously taking over their account.
Export the entries of any List to CSV. Click Export in the list toolbar and download your data.
Version 4.0.0 is a major update to the Castle iOS SDK. This release includes several improvements detailed below. Please review the breaking changes below before upgrading.
Castle now lets you choose which API Secret is used for webhook signing. This makes it easier to isolate integrations and rotate secrets independently.
Castle now supports dark mode.
Create multiple Publishable API Keys and API Secrets. Rotate or revoke one key without breaking your other integrations.
Castle now detects email domains that have been confirmed as actively used in fraud and abuse campaigns. Unlike disposable email services (Mailinator, TempMail), these are domains registered specifically for fraud that appear legitimate but exist solely for bot signups and fake accounts.
We’ve expanded authentication_method.type with two new options:
We’ve completely redesigned how you get started with Castle! Our new interactive 3-step guide makes onboarding simple and engaging:
We’ve introduced a new challenge payload object for the $challenge events. It contains a trigger_event field, which describes the event that triggered the challenge (for example, a Login Attempted event).
