v1.1.0

Graph Explorer, Reviews, Analytics, Policy Management, Audit Logs, Billing, and Marketing site.

Released: April 2026

ℹ️

This entry is a release snapshot. If any example here differs from the current guides or API reference, prefer the current documentation pages for active integrations.

What's new

Graph Explorer

  • 2-hop fraud graph anchored to any risk assessment via GET /graph/explore/:assessmentId
  • Historical mode: graph is locked to the indicator snapshot captured at assessment time — peer nodes reflect who was connected then, not now
  • Cyber-Noir dark canvas with node-type colour coding (seed = cyan, fraud = crimson, indicators = purple/amber/teal/pink)
  • Hover dimming and 1-hop neighbour highlighting
  • Toolbar toggles: hide safe users, geo nodes, card BIN nodes to reduce visual noise
  • Super-connector filter: indicator nodes with >500 degree are excluded automatically
  • PII masking on all graph node properties (email, phone, IP addresses redacted)
  • Assessment-mode fraud label suppression: is_confirmed_fraud is stripped from peer users to prevent leaking labels set after the assessment

Reviews & Case Management

  • GET /reviews, GET /reviews/:id, POST /reviews, PATCH /reviews/status
  • 7 review statuses: open, in_review, escalated, confirmed_fraud, false_positive, closed, resolved
  • Reviews link to a specific assessment via assessmentId
  • Analyst assignment: analystId and analystEmail populated from JWT on create
  • Dashboard: tabbed Open/Closed views, stats row, slide-out detail panel with assessment mini-view

Overview Analytics

  • GET /risk-engine/analytics/summary — KPI cards (total assessments, block rate, avg score, review queue depth)
  • GET /risk-engine/analytics/time-series — hourly/daily action counts
  • GET /risk-engine/analytics/score-distribution — score histogram
  • GET /risk-engine/analytics/reason-codes — top reason codes ranked by frequency
  • GET /risk-engine/analytics/recent-blocks — last 5 blocked evaluations

Policy Management

  • GET /risk-engine/policy and PUT /risk-engine/policy (Admin only)
  • Configurable thresholds for allow, review, and block score bands
  • Policy mode toggle: hybrid, advisory, shadow
  • Every policy change writes an immutable audit log entry

Audit Logs

  • GET /audit-logs (Admin only, paginated)
  • Records actor, timestamp, before/after JSON diff for every admin configuration change
  • Dashboard: read-only table with expandable before/after diff view

Billing & Plans

  • GET /api/plans — public endpoint, no auth required; returns active plans ordered by price
  • GET /subscriptions/me — caller's active subscription and plan details
  • GET /subscriptions/me/usage — monthly usage metrics (e.g. fraud_events_ingested)
  • POST /billing/razorpay/subscriptions — create a Razorpay subscription; returns a shortUrl for payment redirect
  • Dashboard billing page: current plan card with usage progress bar, plan upgrade cards, billing history placeholder

Marketing Site

  • Full landing page redesign: Cyber-Noir dark theme (#0A0E17)
  • Live pricing section: plans loaded from GET /api/plans at build time (SSR, revalidated hourly) with client-side hydration fallback
  • Subscription banner for logged-in users: current plan name, status badge, monthly usage progress bar, and "Manage plan" deep-link

Bug fixes

  • Graph: reset selected node when switching assessments
  • Graph: stale node selection cleared when node leaves the graph
  • Graph: react-force-graph-2d canvas now sized to actual container via ResizeObserver — no more 800×600 default
  • Graph: neighborhood truncation made deterministic (ORDER BY before COLLECT/SLICE) — same query always returns the same set of nodes
  • Graph: assessment-mode branch correctly triggered for BIN/geo-only assessments (no indicator hashes)

Breaking changes

None — all endpoints are additive. The featureContributions field was extended with additional keys; consumers should handle unknown keys gracefully.