Foil
Detect AI agents, bots, and malicious devices
Developer Tools·AI & Machine Learning·Security
About
What is Foil?
Foil is a device intelligence platform that tells you exactly who and what is visiting your site or mobile app. We offer a set of cutting-edge SDKs for Web, iOS, and Android that help you live stream hundreds of facts, behaviors, and tests collected from your user's mobile devices to power better fraud scores and rules.
This data helps reduce fraud — everything from detecting malicious AI agents, to finding users tampering with their device, network, or browser to circumvent detection and your defenses.
Features
- See if it's a person, a bot, or an AI agentHundreds of known AI agents, crawlers and bot types - classified and named.
- Tell when a device is lying about itselfHardware, network, and TLS signals that can't be spoofed from JavaScript.
- Allow good bots and block bad onesAgent taxonomy with Web Bot Auth verification for legitimate crawlers and AI.
- Replay what happened without seeing what was typedMouse, touch, scroll, orientation, form interactions. Privacy by design.
- Show your auditors exactly why a session was flaggedEvery signal, category, and confidence level. Exportable.
- Trust that the SDK can't be reverse-engineeredWASM, chain hashing, sealed scoring. Hardened and red-teamed.
- Ship on web, mobile, or bothNative SDKs for Web, iOS, and Android. 350+ signals each.
Use cases
- Safe AI agent onboardingLet your users safely sign up for your business using their AI agents by separating malicious AI agents from good ones.
- Unofficial integration defenseStop AI agents from turning your product into their backend through browser automation and synthetic user traffic.
- AI agent access controlAllow, throttle, or block AI agents based on identity and risk characteristics.
- Account takeover, fake accounts & free tier abuseDurable device identity links users across resets, incognito, and new signups.
- Scraping detectionIdentify headless browsers, stealth automation, and anti-detect browsers harvesting your content.
- Payment fraudDetect spoofed devices and tampered browsers at checkout with unforgeable signals.
- Personalized returning user experienceRecognize returning visitors and reduce login friction and serve them personalized content, or reduce MFA challenges.
Ready to launch?
Submit your product and get discovered by builders and creators worldwide.
Launch Now
FounderPlaybooks.
What other founders did to grow.
2722 dispatches from hundreds of founders, pulled from the week's best podcasts.
We launched on Product Hunt. It got us a couple hundred installs. Two of those installs converted to subscribers. At which point we knew we had validated the product. We knew that we had something that people were willing to pay for.
Validate Willingness to Pay With Only Two Paying Subscribers
Steve didn't need thousands of users to feel confident — just two paying strangers proved real willingness to pay. A Product Hunt launch served as a zero-budget validation gate before committing to paid acquisition. This forces founders to confirm demand before spending money on growth.
we knew that someone had to listen to six stories to become hard activated what we did then was we gave everybody 10 free stories to make sure that they would get to that point so you don't just give six just in case some people might be a bit more or less because six is the average and the average is never the truth.
Find Your Hard-Activation Threshold — Then Give Users 10 Free When the Number Is 6
Hannah identifies a 'hard activation' number — the minimum core actions that embed a product in a user's life. For a content app it was six listens; for others it might be three workouts or four restaurant check-ins. Once found, give users slightly more than the threshold for free (she gave 10 when the threshold was 6) because the average is never the truth and you don't want people to fall one action short of retention.
There's a play for whatever you're stuck on.
Read all 2722 playbooks
Comments
0