About Fraud Prevention

TrustGate provides comprehensive fraud prevention tools to detect and block fraudulent applications, protecting your business from identity fraud, synthetic identities, and account takeover.

Fraud Landscape

Common Fraud Types

Fraud Type	Description	Detection Method
Identity Fraud	Using stolen identity documents	Document verification, biometrics
Synthetic Identity	Fabricated identities using mixed data	Data correlation, device intelligence
Document Fraud	Altered or fake documents	AI document analysis
Account Takeover	Hijacking existing accounts	Device fingerprinting, behavioral analysis
Application Fraud	Multiple fraudulent applications	Velocity checks, deduplication

Fraud Prevention Stack

+----------------------------------------------------------+
|                  FRAUD PREVENTION                          |
+--------------+---------------+---------------+------------+
|   Document   |   Biometric   |    Device     |  Velocity  |
|   Analysis   |  Verification | Intelligence  |   Checks   |
+--------------+---------------+---------------+------------+
| - Tampering  | - Face match  | - Fingerprint | - Rate     |
| - Forgery    | - Liveness    | - Risk score  | - Volume   |
| - Expiry     | - Deepfake    | - Geo/IP      | - Pattern  |
+--------------+---------------+---------------+------------+
                            |
                            v
+----------------------------------------------------------+
|              RISK ENGINE + ML MODELS                      |
|      Combines signals for fraud probability score         |
+----------------------------------------------------------+
                            |
                            v
+----------------------------------------------------------+
|              AUTOMATED DECISIONS                          |
|      Accept / Review / Reject based on thresholds         |
+----------------------------------------------------------+

Key Features

Document Fraud Detection

AI-powered analysis detects:

Physical tampering: Cut-and-paste attacks, laminate manipulation
Digital manipulation: Photoshop edits, font inconsistencies
Forgery indicators: Template mismatches, security feature absence
Data consistency: MRZ validation, date logic checks

Biometric Verification

Verify the person matches their documents:

Face matching: Compare selfie to document photo
Liveness detection: Confirm live person, not photo/video
Deepfake detection: Identify AI-generated faces
Passive liveness: Detect spoofing without user action

Device Intelligence

Assess risk from device signals:

Device fingerprinting: Identify unique device characteristics
Fraud scoring: Risk assessment based on device history
Geolocation: IP location vs claimed location
Proxy/VPN detection: Identify connection masking

Velocity Controls

Detect rapid fraudulent activity:

Application velocity: Multiple apps from same device/IP
Document reuse: Same document across applications
Data clustering: Shared data points across applicants

How Risk Assessment Works

Fraud signals are combined by the risk engine into an overall risk score and risk level. The risk engine evaluates AML screening results, document verification, country risk, device signals, and behavioral patterns.

Get Risk Breakdown for an Applicant

curl -X GET "https://api.bytrustgate.com/api/v1/applicants/{applicant_id}/risk-breakdown" \
  -H "Authorization: Bearer YOUR_API_KEY"

This returns a CEO-friendly breakdown with:

Geographic Risk (25%): Country + IP mismatch
Product Risk (15%): Product type scoring
Channel Risk (20%): Device/network signals
Customer Risk (40%): AML + identity + address + document signals

Recalculate Risk and Apply Workflow Rules

curl -X POST "https://api.bytrustgate.com/api/v1/workflows/risk/{applicant_id}/recalculate?apply_workflow=true" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
  "applicant_id": "...",
  "overall_level": "high",
  "overall_score": 78,
  "recommended_action": "manual_review",
  "signals": [
    {
      "category": "document",
      "signal_name": "document_verification_failed",
      "score": 80,
      "weight": 0.25,
      "description": "Document verification did not pass",
      "details": {}
    },
    {
      "category": "device",
      "signal_name": "vpn_detected",
      "score": 40,
      "weight": 0.15,
      "description": "VPN connection detected",
      "details": {}
    }
  ],
  "assessment_time": "2026-01-20T14:30:00Z",
  "applied_rule_name": "Review high risk",
  "final_action": "manual_review"
}

Risk Score Ranges

Score	Risk Level	Typical Action
0-25	Low	Auto-approve (via workflow rule)
26-50	Medium	Standard review
51-75	High	Manual investigation
76-100	Critical	Auto-reject or escalation

Configuring Fraud Detection

Screening Settings

Configure AML screening behavior via the screening settings endpoint:

curl -X GET "https://api.bytrustgate.com/api/v1/settings/screening" \
  -H "Authorization: Bearer YOUR_API_KEY"

curl -X PUT https://api.bytrustgate.com/api/v1/settings/screening \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "auto_screen": true,
    "match_threshold": 0.85,
    "datasets": ["sanctions", "pep", "adverse_media"]
  }'

Workflow Rules for Automated Decisions

Set up workflow rules to automate actions based on risk assessment results. See Workflow Rules for full documentation.

curl -X POST https://api.bytrustgate.com/api/v1/workflows/rules \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Auto-reject critical risk",
    "conditions": {
      "risk_level": ["critical"]
    },
    "action": "auto_reject",
    "notify_on_match": true,
    "priority": 900
  }'

Analytics

View analytics for your verification pipeline:

curl -X GET "https://api.bytrustgate.com/api/v1/analytics/overview?start_date=2026-01-01&end_date=2026-01-31" \
  -H "Authorization: Bearer YOUR_API_KEY"

Or get all analytics data in a single request:

curl -X GET "https://api.bytrustgate.com/api/v1/analytics/all?start_date=2026-01-01&end_date=2026-01-31" \
  -H "Authorization: Bearer YOUR_API_KEY"

Available analytics endpoints:

GET /analytics/all - All data in one request
GET /analytics/overview - KPI metrics
GET /analytics/funnel - Verification funnel
GET /analytics/trends - Time series trends
GET /analytics/risk - Risk score distribution
GET /analytics/geography - Geographic distribution
GET /analytics/sla - SLA performance
GET /analytics/export - Export as CSV

Best Practices

Layer defenses: Use multiple fraud signals together
Tune thresholds: Balance fraud prevention vs customer friction
Review edge cases: Manually review borderline scores
Monitor trends: Watch for new fraud patterns
Update rules: Adapt to evolving fraud tactics

Next Steps

Device Intelligence - Device fingerprinting and risk scoring
Email Verification - Email risk assessment
Phone Verification - Phone number validation
Risk Signals - All fraud signals explained

Fraud Landscape​

Common Fraud Types​

Fraud Prevention Stack​

Key Features​

Document Fraud Detection​

Biometric Verification​

Device Intelligence​

Velocity Controls​

How Risk Assessment Works​

Get Risk Breakdown for an Applicant​

Recalculate Risk and Apply Workflow Rules​

Response​

Risk Score Ranges​

Configuring Fraud Detection​

Screening Settings​

Workflow Rules for Automated Decisions​

Analytics​

Best Practices​

Next Steps​