Skip to main content

Signal Strength

Signal Strength is what BotShield returns. It is the single value platforms receive and act on. Everything else in this documentation supports it. Signal Strength is a composite, time-gated tier that reflects how confidently BotShield attests to a user’s humanity on a given device. It is not a probability score. It is a computed tier that reflects reality — the state of four independent inputs at the moment of query.

The Four Tiers

TierAPI valueMeaning
NewnewbornDevice registered. Signal beginning. No history yet. No Trusted Accounts linked.
StablegrowingConsistent presence demonstrated. Signal building. Limited account depth.
StrongstrongConsistent presence established. Multiple Trusted Accounts linked. Eligible for most verified actions.
TrustedtrustedDeep signal. Long-standing presence. Signal Boost required. High account depth. Pre-cleared for highest-trust actions with no additional friction.
The tier appears in the claims.signal_strength field of every verification token: 
{
  "valid": true,
  "claims": {
    "verified": true,
    "botshield_user_id": "728bc0c7-fb96-4ac9-b0e7-fa560374a079",
    "signal_strength": "strong",
    ...
  }
}
Platforms use the tier to calibrate their own enforcement: a financial platform may require trusted, a low-stakes platform may accept growing. BotShield has no opinion on this. BotShield attests. Platforms enforce.

The Four Inputs

Signal Strength is computed server-side on every session open and every state-changing event. The result is not stored on the client or cached longer than the verification token’s TTL.

1. Device Verification

Hardware-backed biometric verification via the registered device. A binary input — the device is either registered and verified, or it is not. Without a verified device, Signal Strength is locked at New regardless of other inputs.

2. Signal Durability

Consecutive days the device has been signed into BotShield. Time is the primary gate — accounts alone cannot advance a user to Strong or Trusted. Duration must be satisfied first.

3. Trusted Account Depth

Count of actively linked Trusted Accounts (PayPal, LinkedIn, X). Each linked account that has been in place for at least 14 days contributes to depth.

4. Signal Boost

The user has linked both Apple and Google as identity providers on a single BotShield account. Optional but powerful — reduces tier gates and is required to reach Trusted.

Tier Resolution

Signal Strength is computed top-down. The first matching rule wins:
  1. If no verified device → return newborn
  2. If days ≥ 90 AND durability ≥ 90 days AND Signal Boost active AND trusted accounts ≥ 3 (each linked ≥ 14 days) → return trusted
  3. If Signal Boost active AND days ≥ 20 AND durability ≥ 20 days AND trusted accounts ≥ 2 → return strong
  4. If Signal Boost inactive AND days ≥ 30 AND durability ≥ 30 days AND trusted accounts ≥ 2 → return strong
  5. If Signal Boost active AND days ≥ 7 AND durability ≥ 7 days → return growing
  6. If Signal Boost inactive AND days ≥ 14 AND durability ≥ 14 days → return growing
  7. Default → return newborn

Tier Requirements Summary

TierDays Signed InTrusted Accounts (≥ 14 days old)Signal DurabilitySignal Boost
New00None
Stable14 (7 with Boost)0–1≥ 14 days (≥ 7 days with Boost)Optional
Strong30 (20 with Boost)2+≥ 30 days (≥ 20 days with Boost)Optional
Trusted90+3+ (each ≥ 14 days old)≥ 90 daysRequired
All four conditions must be satisfied to hold a tier. Dropping below any condition threshold does not immediately demote — see Demotion Logic below.

Design Principles

1

Time is the primary gate

A stronger tier requires real elapsed time. Accounts alone cannot move a user to Strong or Trusted — duration must be satisfied first.
2

Accounts add depth

Trusted Accounts strengthen the composite but do not substitute for time. They reduce re-verification frequency and increase platform trust at a given tier.
3

No user starts at a penalty state

New is a neutral starting point, not a failure. The label is descriptive, not judgmental.
4

Trusted is earned, not configured

No manual override. No admin bump. The system computes it.
5

Attackers cannot compress time

A bot farm can create accounts. It cannot age them cheaply across all four inputs simultaneously on real hardware.
6

Privacy and consent is the architecture

BotShield witnesses the Face ID event on the device, attests it happened, returns Signal Strength, and gets out of the way. No records kept. No identity shared.

Demotion Logic

Grace windows apply to passive events only. Active choices — such as unlinking an account — result in immediate recompute with no grace.
  • Streak drops below tier threshold → start a 7-day grace timer. If the streak recovers, the timer resets. If the timer expires, demote one tier.
  • Trusted Account delinked or revoked → immediate removal from depth count. Tier recomputed immediately. No grace.
  • Device deregistered → immediate demotion to New. No grace.

Signal Boost — The Dual Provider

Signal Boost is active when a user has linked both Apple and Google as identity providers on a single BotShield account. When active, it changes four things:
  1. Verification window extension. The verification window extends by 12 hours per session. A normal day is 24 hours; with Boost it is 36 hours.
  2. Sustained durability contribution. Signal Boost contributes a +0.5 weight to the durability input. A user with Signal Boost active continuously builds a stronger composite over time.
  3. Tier gate reduction. Stable requires 7 days instead of 14. Strong requires 20 days instead of 30.
  4. Required for Trusted. No amount of time or account depth qualifies a user for Trusted without Signal Boost.
Signal Boost is optional — never required to use BotShield. A user can use BotShield fully with one provider only. Signal Boost is an incentive, not a gate.
Signal Anchor permanence. Apple and Google identity providers are permanently anchored once linked. They cannot be unlinked without deleting the BotShield account. This is by design — the accumulated time investment cannot be transferred. This cost is the anti-gaming mechanism.

What Platforms Do With It

Signal Strength is the value platforms query and act on. BotShield never makes the attestation determination — platforms do.

BotShield attests

BotShield attests the Signal Strength value — the composite result of device verification, Signal Durability, Trusted Account depth, and Signal Boost. BotShield guarantees the accuracy of that value.

Platforms enforce

Platforms determine what tier meets their requirements. A financial platform may require Trusted. A lower-stakes platform may accept Stable. BotShield has no opinion on this.

What Signal Strength Does Not Do

  • It is not a fraud score. BotShield does not score users. Signal Strength reflects the state of four observable inputs.
  • It is not identity verification. BotShield does not verify the user’s legal identity. Trusted Account linkages confirm that a verified human authorized a relationship with that platform — not that the human is who they claim to be.
  • It is not continuous presence. Signal Strength reflects the last verified presence event within the signal window, not that the human is present at every subsequent moment.