Shameless plug but I have a client that got rid of almost 90% by blocking residential proxies or HTTP proxies in general using our service [1]. I tend to think people try some measures that are very hard to maintain going for behavioural data and other indicators where all fraud sits on this L1 being a proxy or a vpn.
Agreed - I'm pretty skeptical of invasive behavioral data like mouse movements. It feels like a popular meme from an earlier time, jiggle your mouse more before clicking the CAPTCHA checkbox, but in practice it's not a very high-value signal anymore (especially with the rise of mobile). TLS fingerprinting is a significantly more useful signal for us at Stytch.
Flimm•8mo ago
How did they measure the number of legitimate customers that they lost because they blocked those IPs? It's not enough to estimate the change in unwanted traffic, you also need to estimate the change in desirable traffic.
arewethereyeta•8mo ago
[1] https://visitorqueey.com
conception•8mo ago
bobbiechen•8mo ago
Agreed - I'm pretty skeptical of invasive behavioral data like mouse movements. It feels like a popular meme from an earlier time, jiggle your mouse more before clicking the CAPTCHA checkbox, but in practice it's not a very high-value signal anymore (especially with the rise of mobile). TLS fingerprinting is a significantly more useful signal for us at Stytch.
Flimm•8mo ago