Case StudiesDocsBlogContact
Log InGet started
Stop Trial Abuse

Stop Serial Trials, Quota Farming & Perpetual Evaluators

Serial trialers change emails, cookies, and IPs because those are free to change; the laptop underneath stays the same. Sentinel's device counter links trial #2 through #50 back to that hardware — with an invisible check that returns in under 40ms.

< 40msResponse time globally
Free1,000 requests/hour — no card, no expiry
0CAPTCHAs required
400+Device signals per session

What you're up against

Trial resets that never end

New email, cleared cookies, fresh residential-proxy IP — and the free trial starts over. Nothing in a typical signup flow connects attempt #12 to attempt #11, so the reset loop runs for as long as the abuser cares to keep it going.

Quota farming on AI products

When the free tier includes model inference, every farmed account has a direct marginal cost. Scripted signups harvest quota across dozens of accounts, and the bill lands on your inference invoice, not the abuser's.

Competitors who evaluate forever

A rival's team can rotate trial accounts for months — benchmarking features, probing limits, demoing your product to their own prospects — without ever crossing the paywall or showing up as a single named account.

IP limits that proxies walk around

Per-IP signup caps and disposable-email blocklists are exactly the controls residential proxies and inbox aliases were built to defeat. The abuser adapts once; the control is dead permanently.

What Sentinel does for you

  • Count how many of your accounts each device has opened — the times-seen counter survives new emails, fresh IPs, and clean browser profiles
  • Flag VPNs, residential proxies, and datacenter IPs on brand-new signups before you provision anything
  • Catch the antidetect browsers and automation that make scripted trial farming economical
  • Get an allow / review / block decision with reason codes, so trial policy stays in your code
  • Score every signup in under 40ms — no CAPTCHA, no extra verification step for honest evaluators
€96K

recovered by a B2B SaaS in six months after linking perpetual trial resets to the devices behind them

[ Read Full Case Study ]

Where the check goes

For trial abuse there is one call site that matters most: the signup endpoint, before you provision a workspace, mint an API key, or grant any quota. If your product meters usage, run the same check wherever quota is granted or reset — that is the moment a farmed account starts costing you money. The verdict arrives before your provisioning logic runs, so a flagged device never gets trial #2.

// Check the device's account count before granting a new trial
const res = await fetch('https://sntlhq.com/v1/evaluate', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer ' + process.env.SENTINEL_KEY,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({ token: req.body.sentinel_token })
});
const risk = await res.json();
if (risk.decision === 'block') return res.status(403).json({ error: 'Request rejected' });
if (risk.decision === 'review') flagForReview(risk.reasons);

The signals that matter here

The times-seen counter is the whole product here. Serial trialers change everything that is free to change: email address, cookies, IP, browser profile. The hardware underneath is not free to change, so Sentinel keys a per-customer counter to a cross-browser hardware ID — when signup #14 arrives from the same laptop as signups #1 through #13, the counter says so and the high_activity_device reason fires, whatever the form claims. That one number is the difference between stopping trial abuse at scale and playing whack-a-mole with email domains.

Network signals mean different things at signup. A commercial VPN on a paying customer's login is usually privacy hygiene. The same vpn_detected or datacenter_asn reason on a brand-new trial signup is a much stronger prior, because genuine evaluations overwhelmingly start from home and office networks. Sentinel returns the raw network block (network.vpn, network.proxy, network.datacenter, network.residential) so you can be strict with anonymized signups and invisible to everyone else.

Automation artifacts before the quota grant. Farming a free tier only pays if account creation is cheap, which in practice means scripts, emulators, or antidetect browsers. Sentinel surfaces automation_detected, antidetect_browser, and emulator_detected at the signup itself — so the farmed account never receives an API key and never burns a token of inference quota.

A score and a decision, not a black box. Every check returns a risk_score from 0 to 100, a decision of allow, review, or block, and the reasons behind it. That lets you run asymmetric policy: hard-block automated signups, ask review-band devices for a card on file, and keep a competitor's fifth anonymous trial on the shortest leash you offer.

Common questions

How does Sentinel know trial #2 came from the same device as trial #1?
Each check returns a device.visitor_id derived from hardware-level signals that persist across browsers, incognito sessions, and cleared cookies, plus a times-seen counter of how many of your accounts that device has touched. The linking is per-customer and hash-based — a device's history with your product is never correlated across other Sentinel customers.
What about legitimate users who open a second account?
It happens — a freelancer with two clients, someone who changed jobs. That is why the response is a risk_score and reason codes rather than a bare yes/no: a second account from a clean residential device looks nothing like a twelfth account from a device that also trips automation_detected. Most teams enforce only at higher counts, or when the device counter combines with proxy or automation signals.
Does this work for AI products where abuse burns inference quota?
Yes, and call placement matters more there: check the device before you grant or reset quota, not after. A farmed account refused at signup costs you one sub-40ms API call; one that gets through costs real inference spend until someone notices the usage graph.
Will the check add friction for honest evaluators?
No visible friction — there is no CAPTCHA, no challenge page, and the verdict returns in under 40ms inside your existing signup request. If you want friction for risky signups, you add it yourself on the review decision (a card-on-file requirement is common), so a borderline call costs one extra prompt instead of a lost prospect.
How do we roll this out without breaking real signups?
Run it in shadow mode first: call the API on every signup, log the decision and reasons, and enforce nothing. The free tier's 1,000 requests per hour covers that for most trial funnels, so you can read a week of your own verdicts before turning on a single block.

End the perpetual free trial

Free tier: 1,000 requests/hour. No card, no expiry. Detects residential proxies, antidetect browsers, and AI bots.

Fraud BriefOnce a month · no spam · unsubscribe anytime
Get the new VPN, proxy & bot patterns we see each month
Short, technical breakdowns of what fraudsters changed last month — written for engineers, not marketers.
Stop fraud before it hides — try Sentinel free. Free tier: 1,000 requests/hour. No card, no expiry.