Enforcement provides future-proof protection, compelling fraudsters to abandon attacks

Scroll to learn more

Adaptive Authentication to protect an enterprise from fraud and abuse

Arkose Labs’ innovative approach to step-up authentication provides graduated, risk-based friction that drains fraudsters’ resources – while allowing real customers a fun way to prove they are legitimate. Enforcement is a challenge-response mechanism, which works in conjunction with Telemetry to authenticate unrecognized requests. Only legitimate activity is passed onto the enterprise, giving digital businesses full confidence that they are transacting with legitimate customers.

Shifting the Attack Surface

Arkose Labs’ approach shifts the attack surface from the business to our platform. Redirecting suspicious sessions to an intermediate platform for independent verification provides a buffer between fraudsters and the sites they are so practiced in attacking - rewriting the rulebook on how to successfully launch attacks. Businesses no longer need to divert their precious resources to deal with attacks and can benefit from shared intelligence from across the Arkose Labs network.

Challenge–response mechanism: A platform that presents user requests with a question (‘challenge’) to determine their authenticity based on the accuracy of the provided answer (‘response’).

For security, this live example of Enforcement has been sandboxed to present one challenge type with canned visual data. In production, the mechanism presents varied tasks with never-before-seen visual data and comprehensive accessibility support

For security, this live example of Enforcement has been sandboxed to present one challenge type with canned visual data. In production, the mechanism presents varied tasks with never-before-seen visual data and comprehensive accessibility support

Click on the screen to see the functionality

Enforcement presents evolving challenges that cannot be bypassed at scale

Attackers have learnt the tools and techniques required to fool legacy fraud and authentication steps. They use low-cost image processing tools to categorize third-party visual data, providing responses that can dupe other visual challenge-response authentication technologies. In contrast, responses to Enforcement are generated from proprietary visual data that has no residual benefit to computer vision for training machine learning models. These secure responses augment in real-time and prevent attackers from anticipating how Enforcement will behave in future. Enforcement prevents automation at-scale and increases the operational costs for attackers.

Enforcement validates Telemetry data in real-time to stamp out false positives

Real-time insights from Telemetry train the Enforcement responses to accurately model inauthentic requests with continuous machine learning. This validates how the system makes decisions and incrementally restricts the presentation of Enforcement to inauthentic requests only.

The only authentication system with 100% SLA

Enforcement differentiates between legitimate and malicious activity with unprecedented accuracy. Requests that cannot be recognized by Telemetry are challenged with Enforcement and not blocked. Secondary screening ensures that unrecognized requests of human origin are always afforded the right to prove their authenticity. As a result, it never blocks humans, has no negative effect on user experience and no decrease in authentic throughput.

Learn how Roblox deployed Enforcement to 90M users without impacting conversion

Zero-tolerance to automated attacks and digital sweatshops

Attackers launch account takeover, fake new account and payments attacks using automated tools, bots and digital sweatshops. Enforcements counter such attacks by programmatically introducing uncharacteristic visual data into secure responses. This targeted friction causes automated responses to fail and puts strain on sweatshop-originated attacks, demanding additional time and money to be spent on attacks. This undermines the return on investment, leading to fraudsters abandoning attacks due to lack of profitability.

Enforcement remediates threats faster than any other fraud prevention technology

Dynamic Defenses

Enforcement continuously adjusts the challenge to protect it against computer vision, brute force, and Single Request Attacks.

Throughput Efficacy

Enforcement has been statistically proven to achieve the same throughput as when an enterprise uses no defense.

Definitive Classifications

Enforcement determines whether a request is authentic or inauthentic with new certainty.


Enforcement is Section 508-compliant and can authenticate people of varied abilities in 31 languages.

Shrinking Friction

Enforcement validates decisioning from Telemetry to incrementally minimize false positives.

SLA Guarantee

Enforcement is commercially guaranteed to prevent inauthentic requests from achieving viable scale.


More than $100,000,000 of fraud has been prevented by Arkose Labs

Talk to an Arkose Labs expert to see how you can remediate automated threats faster by putting risk on consignment