Case StudiesDocsBlogContact
Log InGet started
Stop Multi-Accounting

Stop Multi-Accounting, Ban Evasion & Duplicate Account Farms

One operator with an antidetect browser and a rotating proxy list can look like fifty different users to your platform. Sentinel links those accounts to the hardware underneath — invisibly, in under 40ms.

< 40msResponse time globally
Free1,000 requests/hour — no card, no expiry
0CAPTCHAs required
400+Device signals per session

What you're up against

Ban evasion with a fresh fingerprint

Ban a bad actor and they are back in minutes: new email, new residential IP, new browser profile from Kameleo or GoLogin. IP bans and cookie-based device checks never see the same "user" twice.

Referral and promo farming

One operator self-refers dozens of accounts to drain signup bonuses, referral rewards, and promo credits. Each account passes email verification and looks like an ordinary new user in isolation.

Sock-puppet reviews and engagement

Marketplace sellers review their own listings, community accounts upvote their own posts, and creator profiles inflate their numbers — all from one desk, spread across accounts your moderation tools treat as unrelated strangers.

One person, fifty accounts in your metrics

Duplicate accounts poison everything that assumes one account is one person: matchmaking and ranked ladders, per-user limits, DAU numbers, and the trust systems your community depends on.

What Sentinel does for you

  • Link every new account to the device that created it — across browsers, IPs, and email addresses
  • Flag antidetect browsers (Kameleo, GoLogin, AdsPower) by the artifacts their spoofing leaves behind
  • Watch the cross-browser "times seen" counter climb as one device opens account after account
  • Read proxy rotation directly: vpn, proxy, datacenter, and residential flags on every request
  • Score signups and logins in under 40ms — no CAPTCHAs, no extra steps for real users
94%

drop in fraudulent pledges within 30 days at a creator funding platform hit by a coordinated ring hiding behind residential proxies

[ Read Full Case Study ]

Where the check goes

The highest-leverage call site is signup: ask Sentinel for a verdict before the account row exists, and the device's times-seen counter tells you whether this is the first account from that hardware or the fifteenth. Add the same check at login and wherever value moves — referral redemptions, promo claims, payouts — to catch operators who age accounts quietly before activating them. Device linking is per-customer and hash-only: you see which of your own accounts share hardware, nothing else.

// Count prior accounts from this device before creating another
const res = await fetch('https://sntlhq.com/v1/evaluate', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer ' + process.env.SENTINEL_KEY,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({ token: req.body.sentinel_token })
});
const risk = await res.json();
if (risk.decision === 'block') return res.status(403).json({ error: 'Request rejected' });
if (risk.decision === 'review') flagForReview(risk.reasons);

The signals that matter here

One device, many accounts. Antidetect profiles hand every account a fresh surface fingerprint, but the hardware underneath persists. Sentinel keys a cross-browser device ID to that hardware and counts how many of your accounts it has touched — the times-seen counter that turns fifty "strangers" back into one operator. Linking is scoped to your account and stored hash-only; Sentinel never links devices across customers.

Antidetect tooling betrays itself. Kameleo, GoLogin, and AdsPower spoof canvas, WebGL, and fonts — but the spoofing is itself measurable. Sentinel surfaces it as device.antidetect and a tampering_score, alongside automation, emulator, and virtual-machine checks, so a clean-looking new user running an antidetect browser stops looking clean.

Proxy rotation is a signal, not camouflage. Rotating residential proxies beat IP blocklists, but Sentinel returns the network context on every request: vpn, proxy, datacenter, residential, tor. A device that arrives from a different residential exit each session, paired with yet another fresh account, reads nothing like a regular on a home connection — and the reason codes (proxy_detected, vpn_detected, datacenter_asn) tell you why.

Verdicts you can shape to your platform. Every response carries decision ('allow', 'review', 'block'), a 0–100 risk_score, and the raw reasons behind them. A marketplace might tolerate two accounts per household but hold payouts on review; a competitive game might hard-block the third account from one device. The policy is yours — Sentinel supplies the evidence.

Common questions

How does Sentinel know two accounts belong to the same person?
It links accounts through a hardware-level device ID that survives browser switches, incognito windows, and fresh antidetect profiles, and counts how many of your accounts each device has touched. The link is stored as a hash and scoped to your Sentinel account only — there is no cross-customer or cross-site device graph.
What about legitimate shared devices — families, offices, internet cafes?
That is why Sentinel returns evidence instead of auto-banning. A shared family laptop shows a low times-seen count with no antidetect or proxy signals; an account farm shows dozens of accounts plus a high tampering_score and rotating proxies. You choose the threshold and whether the verdict maps to review or block.
Can it really detect antidetect browsers?
Sentinel detects the artifacts the spoofing leaves — inconsistent canvas, WebGL, and font surfaces — and reports them as device.antidetect alongside a tampering_score. It is an arms race, and no vendor catches every new build the week it ships; the device-linking layer exists as a second line precisely so a profile that slips through still links to its hardware.
Do I have to block accounts at signup?
No. Many platforms allow the signup and instead gate the things multi-accounters actually want — referral rewards, promo credits, payouts, ranked play — on the decision and risk_score. Blocking value extraction is often safer for conversion than blocking account creation.
What does it cost to try?
The free tier includes 1,000 requests per hour with no credit card, which covers signup and login checks for most small and mid-size platforms. Sentinel is in open beta: the API only changes additively, and if you hit an edge case the team is directly reachable.

Start catching duplicate accounts

Free tier: 1,000 requests/hour. No card, no expiry. Detects residential proxies, antidetect browsers, and AI bots.

Fraud BriefOnce a month · no spam · unsubscribe anytime
Get the new VPN, proxy & bot patterns we see each month
Short, technical breakdowns of what fraudsters changed last month — written for engineers, not marketers.
Stop fraud before it hides — try Sentinel free. Free tier: 1,000 requests/hour. No card, no expiry.