Account Takeover Detection via ThisData
What does it do?
This rule is designed to detect phished or compromised user accounts, and optionally send an email or SMS notification to the user asking "Was This You?". This is similar to the emails you get signing in to Google or Facebook from a new device or location. The users' response can be used to take further action, like shutting down a compromised account.
It uses ThisData's anomaly detection algorithms which take into account many behavioral factors including:
- Location & Velocity
- Time of day
- Tor usage
- Risky IP addresses
- And more...
This rule works in the background, and will never stop your users from logging in to your application. Use our "Account Takeover Prevention via ThisData" Auth0 rule to stop suspicious log-ins in their tracks.
You will need a ThisData API Key. Sign up for a free ThisData account at https://thisdata.com/sign-up
Notifications are disabled by default - you have full control over how we contact your users. Visit ThisData.com to configure:
- Sending "Was This You" notifications via email or SMS (text message)
- Slack notifications
- webhooks to your app
Read our guide "How to add login anomaly detection to Auth0" https://thisdata.com/blog/how-to-add-login-anomaly-detection-to-auth0/
Contact ThisData: firstname.lastname@example.org
How do I use it?
Just create a new rule in the Auth0 dashboard, and copy the following code replacing the placeholders with the appropriate values.
What is Rule-Based Authentication?
Rules can be used to enrich and transform the user profile, deny access to specific users under certain conditions, retrieve information from external services and much more. For more information about rules, please check the documentation