v1.0.0 — Initial Release

VertexY Fraud Detection Platform — general availability.

Released: March 2024

ℹ️

This entry is historical. Some endpoint paths and billing provider names listed below refer to the platform at the time of release and may differ from the current client API.

What's new

Risk Engine v1

  • Real-time composite fraud scoring combining graph topology (45%), velocity analysis (35%), and indicator similarity (20%)
  • Sub-50 ms p99 latency for POST /api/risk-engine/assess
  • 12 machine-readable reason codes across 4 categories: threat intelligence, velocity, graph topology, and degraded mode

Policy engine

  • Three enforcement modes: hybrid, advisory, and shadow
  • Configurable score thresholds for allow, review, and block actions
  • Degraded mode fallback with configurable minimum actions
  • One-hop contagion guard with independent minimum action override
  • Full audit log of all policy changes

Event ingestion

  • POST /api/events/ingest — accepts 11 event types with HMAC-SHA256 authentication
  • Replay protection with 300-second timestamp window and per-nonce deduplication
  • Idempotent delivery via idempotencyKey

Feedback loop

  • POST /api/risk-engine/feedback — 5 outcome types: approved, rejected, chargeback, confirmed_fraud, false_positive
  • Feedback recalibrates indicator confidence in real time

Threat Intelligence subscriptions

  • Outbound webhook delivery of new global threat indicators to subscriber endpoints
  • HMAC-SHA256 signed payloads using per-subscription signing secrets
  • Automatic retry with exponential backoff (up to 8 attempts)

Dashboard

  • Overview analytics: KPI cards, action time-series, score distribution, top reason codes
  • Event Explorer: full paginated history with filtering, CSV export, and live mode
  • Policy Management: UI for tuning score thresholds and policy mode
  • Reviews: fraud case management tied to specific assessments
  • Audit Logs: immutable history of all admin configuration changes
  • Developer Settings: API key management, webhook secret rotation
  • Billing: plan management via Razorpay

Breaking changes

None — this is the initial release.

Known limitations

  • OpenAPI spec not yet published (coming in v1.1)
  • Billing history and invoice download not yet available
  • Delivery health metrics for threat intel subscriptions in development