How does BigShield detect fake signups?

BigShield uses multiple signals including format validation, burner/disposable domain detection (945+ known providers), MX record checks, domain reputation analysis, and SMTP verification to produce a 0-100 risk score for every email address.

How fast is the email validation API?

Tier-1 signals (format, domain, burner detection, MX records) return in under 100ms — fast enough for inline signup validation without impacting user experience.

How much can I save by blocking fake signups?

Up to 40% of signups on AI and SaaS platforms use fake or disposable emails. A single abusive account can consume $5-50 in AI tokens. Email validation costs pennies per check, potentially saving thousands in wasted compute.

What programming languages are supported?

BigShield provides 5 official SDKs for TypeScript/Node.js, Python, PHP, Ruby, and Go. All SDKs include typed responses, automatic retries with exponential backoff, and typed error classes. The REST API can also be called from any language using standard HTTP requests with Bearer token authentication.

Can I create custom validation rules?

Yes. BigShield includes a custom rules engine with 6 rule types (domain block/allow, email pattern, IP range, country, and risk threshold), 4 actions (block, allow, review, require verification), and priority ordering. Rules can be managed via the dashboard or the API.

30+ checks per email. 99% confidence.

BigShield runs 15 email validation signals and 15 detection layers on every signup. Most fakes are caught in under 100ms. Borderline cases get the full treatment.

Signup Fraud Detection

Catch fake accounts at the door. Stop users from spinning up burner emails to farm your free tier. BigShield checks every email against 945+ known disposable domains and analyzes patterns that humans would miss.

Protect Your AI Spend

Every fake signup burns real tokens. Whether you run an LLM wrapper, image generator, or code assistant, validating emails first means you only provision resources for real users. Customers report saving 20 to 40 percent on wasted compute.

Under 100ms Response

Fast enough for inline signup validation. Add BigShield to your registration flow and users will not notice any delay. The API returns a risk score before your signup form finishes its own client-side validation.

945+ Burner Domains

Mailinator, Guerrilla Mail, Tempmail, and hundreds more. Our database of disposable email providers is updated continuously as new services appear. When a new burner domain pops up, we catch it within hours.

Risk Score 0 to 100

Not just pass or fail. Granular scoring lets you set different thresholds for different actions: gate free tiers at 40, require email verification at 60, block outright at 80. Your rules, your thresholds.

Domain Intelligence

MX records, domain age, provider classification, SPF and DMARC configuration. Spot freshly registered domains being used for abuse campaigns before they make it into traditional blocklists.

Smart Caching

Same domain checked twice? Cached. Same email pattern seen before? We remember. You only pay for unique lookups, not repeat validation of the same abusers hitting your signup form.

Batch Cleaning

Already have a user list full of suspicious accounts? Validate up to 100 emails per request with our batch endpoint. Find the fakes you are already paying for and clean your database.

TypeScript and Python SDKs

npm install or pip install, import, call. Full type safety with TypeScript. Async support with Python. Drop into Next.js, Express, Django, FastAPI, or any framework in minutes.

15 email validation signals + 15 detection layers

30+ total checks per email for 99% confidence scoring. Most fakes are caught instantly. Borderline cases get deeper analysis across every layer.

15 Email Validation Signals

Layer 1

Deep email analysis that goes far beyond format checking. Every email is validated across 15 sub-signals covering syntax, infrastructure, reputation, and behavioral patterns.

Syntax Validation

RFC 5322 compliance, malformed address detection, and common domain typo correction (gmial.com, yaho.com).

Disposable/Burner Detection

Matches against 945+ known disposable email providers. Updated continuously. Catches aliases and subdomains.

Domain Age Check

Flags freshly-registered domains commonly used for abuse campaigns before they appear in traditional blocklists.

DNS Validation

Verifies domain has valid DNS records and is properly configured to send and receive email.

MX Records Check

Validates mail exchange records exist and point to legitimate mail servers with proper priority ordering.

SMTP Connectivity

Tests connection to the mail server to verify it accepts inbound connections on port 25.

Mailbox Existence Verification

Verifies the specific mailbox exists via SMTP RCPT TO handshake with the mail server.

Domain Reputation

Checks MX, SPF, DMARC configuration. Classifies provider type (corporate, free, educational, government).

Email Format Pattern Matching

Identifies firstname.lastname, role-based, random string, numeric-heavy, and other local part patterns.

Entropy/Randomness Scoring

Shannon entropy analysis to detect machine-generated gibberish addresses that pass basic format checks.

Common Domain Detection

Identifies major providers (Gmail, Outlook, Yahoo) and applies provider-specific validation rules.

Generic Address Detection

Flags role-based addresses like info@, admin@, noreply@ commonly used to bypass filters.

Catch-All Detection

Identifies domains that accept mail for any address — a common pattern for disposable services.

SMTP Score

Composite SMTP health score (-1 to 3) based on connectivity, server response, and mailbox verification.

Honeypot/Spam Trap Detection

Catches known spam traps, honeypot prefixes used by anti-spam orgs, and typo-squat domains.

14 Additional Detection Layers

Layers 2-15

Beyond email analysis, BigShield layers IP intelligence, device fingerprinting, behavioral analysis, network graphs, and cross-customer threat intelligence for 99% confidence.

IP Reputation

Identifies proxies, VPNs, Tor exit nodes, and datacenter IPs behind signup requests.

IP History & Attack Ring Detection

Tracks accounts per IP over 1h/24h windows. Detects coordinated attack rings across IP ranges.

Email Pattern Detection

Detects auto-generated names: sequential digits, keyboard walks, bot patterns, leetspeak substitutions.

Domain Velocity & Clustering

Tracks signup volume per domain across all customers. Flags coordinated signup campaigns.

Device Fingerprinting

Correlates browser, OS, and device signals to identify multi-account abuse from the same device.

Pre-Signup Behavioral Signals

Analyzes form interaction patterns, timing, and mouse/keyboard behavior before form submission.

Network Graph Analysis

Maps relationships between accounts, IPs, and devices to uncover connected fraud rings.

Campaign Attribution

Identifies coordinated signup campaigns by correlating timing, behavioral, and infrastructure patterns.

Temporal Correlation & Prediction

Detects time-based anomalies and predicts abuse windows from historical attack patterns.

Cross-Customer Threat Intelligence

Shared intelligence feed across all BigShield customers for real-time threat detection.

Vendor Intelligence

Tracks VPN, proxy, and hosting provider abuse patterns across known infrastructure.

Domain Registration Intelligence

WHOIS analysis for domain age, registrant patterns, and bulk registration detection.

Post-Signup Behavioral Analysis

Monitors account activity after creation to catch sleeper accounts and delayed abuse patterns.

Timezone Mismatch Detection

Flags when browser timezone, IP geolocation, and claimed location contradict each other.

Ready to add 30+ detection checks to your signup flow?

Start for free. See results in under 100ms. No credit card required.

Start Blocking Fakes

Learn about our pricing Read the docs See the AI apps use case