InferX is not a rules engine with an ML wrapper. It's an end-to-end scoring system designed around the data structures, latency requirements, and attack patterns specific to fintech payment processors.
From the moment a transaction event hits the API to a score returned to your authorization system — five deterministic steps, consistently under 50ms.
The ingest layer accepts transaction payloads in JSON or protobuf format. Supported schemas map directly to Stripe Events, Adyen WebhookHandler, Braintree Webhooks, and custom processor payloads. Required fields: transaction ID, amount, currency, merchant ID, card BIN, device fingerprint token, and IP address. Optional but recommended: 3DS result, AVS response, CVV match code, and shipping address delta.
Extracted from each transaction: 200+ computed features including velocity metrics (transactions per card per 1h, 6h, 24h), BIN-level risk indicators, device-to-card binding age, merchant category risk index, and geographic anomaly score. Extraction runs in a single-pass pipeline optimized for sub-10ms processing time even on complex payloads.
Features are scored by a gradient-boosted ensemble trained on your specific transaction history. The base model runs first (gradient boosted trees, XGBoost-based), followed by a behavioral recency layer that weights recent device and card activity patterns. The ensemble output is a float between 0 and 1, scaled to a 0-1000 score.
Simultaneously, a graph lookup checks whether the involved entities (card, device, merchant, IP, account) appear in known fraud networks. If a device was seen in a card-testing event 3 hours ago across a different merchant, that signal is incorporated into the final score with a configurable decay function.
The API response includes: risk score, recommended decision (accept/review/decline), confidence interval, and the top 5 contributing factors in plain English. Example: "Device seen testing 14 cards in past 2 hours" or "BIN historically associated with CNP fraud in this merchant category." Responses are signed and auditable.
REST and gRPC endpoints. REST follows JSON:API spec. gRPC proto files are available in the developer portal. Rate limits: 10,000 requests/second on Growth and Enterprise plans, 1,000/second on Starter. SLA guarantees sub-50ms at the 99th percentile for all paid plans. Regional endpoints in us-east-1, eu-west-1, and ap-southeast-1.
Models retrain every 6 hours by default (configurable down to 1-hour cadence on Enterprise). Retraining is triggered on new labeled data, not just elapsed time. When your fraud operations team marks a decision outcome, the signal is queued for the next training cycle. Model version history is retained for 90 days for audit and comparison.
Ingests device fingerprint data from the InferX.js browser SDK or from existing fingerprint providers (FingerprintJS, ThreatMetrix). Tracks typing velocity, scroll behavior, session duration, and multi-tab patterns. These behavioral features carry a 40% weight in the ensemble model for card-present-simulation attacks where static card data is valid but session behavior is automated.
The fraud graph indexes 17 entity types including cards, devices, email addresses, phone numbers, IP subnets, merchants, and account IDs. Edges are typed (shared device, shared IP, same-merchant burst, etc.) and carry temporal weights. Graph queries execute in under 8ms against an in-memory index updated in real time.
Real-time transaction feed with filter by score range, merchant, geography, and decision type. One-click labeling for dispute resolution teams. Threshold adjustment UI with live preview showing how changes would affect current-day transaction distribution. No SQL queries required for routine analysis.
Push score results to your systems via webhooks (HTTPS POST, configurable retry with exponential backoff) or consume from a Kafka topic. Supported event types: transaction.scored, transaction.flagged, model.retrained, threshold.breached. Webhook signatures use HMAC-SHA256 for authenticity verification.
Measured end-to-end at the scoring endpoint. Contractual SLA on Growth and Enterprise plans.
Per account on Growth/Enterprise. Horizontal autoscaling handles burst traffic without manual provisioning.
Computed features per transaction. Velocity, behavioral, graph, BIN, and merchant-level signals combined.
Transaction payloads encrypted at rest and in transit. TLS 1.3 for all API communication. SOC 2 Type II certified.
Multi-region active-active deployment. Automatic failover in under 30 seconds. Uptime tracked at getinferx.com/status.
PCI DSS Level 1 compliant. Data residency options for EU (GDPR) and US. Annual penetration testing by an independent QSA.
InferX connects to the payment gateways, data warehouses, and alerting tools your team already uses. Native connectors available in the developer portal.
Native Stripe event schema support. Authorize transactions via Stripe Radar replacement or parallel scoring.
Webhook-based integration with Adyen's authorization flow. Pre-auth scoring supported.
Drop-in connector for Braintree webhook events with full payload mapping.
Export scored transaction data to Snowflake for BI and long-term fraud analytics.
Automatic PagerDuty incidents when fraud rate exceeds configured thresholds.
Real-time fraud alerts and daily summary reports delivered to your Slack channels.
Most payment processors are live with InferX in under 5 business days. Book a technical walkthrough with our integration team.
Request a Demo View Pricing