Fraud detection

Fraud detection systems score transactions in real time — usually in under 100ms — and decide whether to approve, challenge (e.g. with 3DS), or block. Signals that matter: device fingerprint, IP reputation, velocity (how many cards tried from this device in 10 minutes), behavioural biometrics (typing rhythm, mouse movement), geo mismatch, amount deviation from the user's pattern. The hard part isn't catching fraud — it's not killing legitimate users with false positives, because a blocked customer churns. Modern stacks are ML models (Sift, Stripe Radar, in-house at large issuers) layered on top of rule engines, with the rules handling regulated scenarios and the ML handling the long tail. It's a close cousin of AML, but AML cares about money-laundering patterns over weeks; fraud detection cares about this one transaction right now.