Castle can be used to detected and mitigate many types of fraud, including Account Takeover fraud, and provides ways of informing your users when suspicious activities happens to their accounts.
To keep your customers in the loop, the Castle webhooks can power automated notifications when there is some action they need to take in order to secure their account. Your app listens for these webhooks so that it knows when to send an end user notification, usually in the form of an email, and what information it should include in that notification.
When the location of a device can be determined at login, the notification to the customer can use this information to help the user decide whether a specific login attempt could have originated from one of their devices. The webhooks pass a
location object containing
region, and other data when available.
It is important to know that this location data is approximate and is completely unavailable about 10% of the time.
The formatting of a notification to the customer must take these caveats into account. Specifically, the
region parameters will show
null when location data is not available. When the information is available, the notification should be worded in such a way that the user will understand that the location is approximate. For example, it may name a city nearby rather than the actual city that the device connected from at the time of login.
Updated 4 months ago