Skip to content

Problem Statement

The 2026 fraud landscape

AI-generated fraud has broken the assumptions behind legacy detection systems:

  • Social engineering now uses LLM voice clones indistinguishable from real people, coaching victims into authorizing fraudulent wires
  • Synthetic identities are generated by AI with perfect document rendering and deepfake faces — passing traditional KYC that was designed for human forgeries
  • Account takeover botnets run on mobile emulators at geographic velocities no human can achieve, making velocity rules based on individual credentials ineffective
  • Nacha 2026 creates regulatory liability: fintechs that cannot prove proactive monitoring face 100% loss liability plus federal fines

None of these attack patterns are well-addressed by the fragmented vendor stack most mid-market fintechs rely on today.

The fragmented vendor problem

A typical neobank risk stack involves 3–5 specialized vendors:

  • Device intelligence vendor (emulator detection, fingerprinting)
  • Behavioral biometrics vendor (keystroke/mouse dynamics)
  • Identity verification vendor (KYC, document checks)
  • Fraud scoring vendor (black-box ML score)
  • Rules engine (hard-coded by engineering)

This creates a "Transparency Tax":

  1. Data silos — each vendor sees only their slice; no single system correlates device + behavior + transaction
  2. Opacity — black-box scores cannot be explained to regulators or customers
  3. Latency — 3–5 sequential API calls; hard to stay under 30ms
  4. Policy lag — engineering must hard-code new rules; 14–21 day cycle to respond to emerging attacks
  5. Cost — $0.40–$0.50 per transaction across multiple vendors at scale

SentryFlow's approach

SentryFlow consolidates these signals into a single policy layer:

  • DIBB signals (device + behavioral biometrics) are first-class fields in the request payload — correlated at evaluation time, not siloed
  • JsonLogic rules authored by Risk Managers in the dashboard — no engineering deploy, < 10 minutes to respond to a new attack pattern
  • XGBoost ensemble provides a continuous fraud probability that can override or augment rule decisions
  • Isolation Forest detects novel synthetic identity clusters that have no labeled training examples
  • SHA256 policy signature on every decision — regulators can reconstruct the exact logic used at any point in time
  • Async SHAP — every decision has a feature-level explanation without blocking the < 30ms response path

Target customer

Mid-market fintechs and neobanks ($100M–$5B annual transaction volume) that:

  • Are subject to Nacha 2026 reporting requirements
  • Face AI-augmented fraud that bypasses their current black-box vendor
  • Want to move fraud policy ownership from engineering to a Risk Manager without a 2-week deployment cycle
  • Need explainable decisions for CFPB adverse action compliance