Fraud Scoring
Score transactions for fraud risk in real time without LLM latency.
The Challenge
Fraud scoring lives in the most latency-sensitive path in your application: the payment flow. Every millisecond of delay between "Place Order" and "Order Confirmed" costs conversions. But every missed fraud signal costs chargebacks, fees, and customer trust.
The requirements are competing:
- Fast — The scoring must complete within the payment flow. Customers abandon carts at 3+ seconds of total checkout time. Your fraud check is one of many steps competing for that budget.
- Accurate — False positives block legitimate customers and generate support tickets. False negatives let fraud through and cost real money.
- Cheap — Every transaction needs scoring. At 100K+ transactions per day, per-call pricing matters.
Rules engines handle simple patterns (velocity checks, geo-blocking, amount thresholds) but miss sophisticated fraud — account takeovers using legitimate credentials, social engineering, and coordinated fraud rings.
LLM-based scoring offers more nuance but adds 500-1500ms per call — unacceptable in a payment flow where the total budget might be 2 seconds.
How Sparkient Solves It
A compiled fraud scoring model evaluates transaction risk in under 100ms by combining structured signals (amount, velocity, device fingerprint) with text analysis (shipping address anomalies, message content in P2P payments).
The Three Decisions
approve— Low risk. Process the transaction immediately.review— Medium risk. Flag for manual review but don't block the transaction. Optionally hold funds pending review.block— High risk. Decline the transaction and trigger fraud investigation.
Multi-Signal Analysis
The compiled model evaluates:
- Transaction signals — Amount, currency, time of day, device fingerprint
- Behavioural signals — Purchase velocity, category deviation, shipping address changes
- Account signals — Account age, verification status, previous chargebacks
- Text signals — Shipping instructions, payment notes, gift messages (for P2P or marketplace platforms)
CEL rules enforce hard limits:
// Block transactions over the velocity limit
ctx.transactions_last_hour > 10 ? "block" : null
// Review first-time large transactions
ctx.account_age_days < 30 && ctx.amount > 500 ? "review" : null
// Auto-approve small transactions from verified accounts
ctx.verified && ctx.amount < 50 ? "approve" : nullThe compiled classifier scores everything else — the transactions that aren't obviously safe or obviously fraudulent.
Code Example
import httpx
response = httpx.post(
"https://api.sparkient.ai/api/v1/decide",
headers={"Authorization": "Bearer YOUR_API_KEY"},
json={
"decision_type_id": "fraud-scoring",
"input": {
"amount": 299.99,
"currency": "USD",
"account_age_days": 12,
"verified": False,
"transactions_last_hour": 3,
"shipping_country_matches_billing": False,
"device_fingerprint_seen_before": True,
"category": "electronics",
"gift_message": "Happy birthday! Enjoy your new headphones."
}
}
)
result = response.json()
# {
# "decision": "review",
# "confidence": 0.84,
# "latency_ms": 37,
# "stage": "classifier"
# }Payment Flow Integration
async def process_payment(transaction):
# Score the transaction — adds ~35ms to the flow
risk = await sparkient_decide("fraud-scoring", {
"amount": transaction.amount,
"currency": transaction.currency,
"account_age_days": transaction.user.account_age_days,
"verified": transaction.user.is_verified,
"transactions_last_hour": await get_velocity(transaction.user),
"shipping_country_matches_billing": transaction.addresses_match,
"device_fingerprint_seen_before": transaction.device_known,
"category": transaction.category
})
if risk["decision"] == "approve":
return await charge_payment(transaction)
elif risk["decision"] == "review":
await charge_payment(transaction, hold=True)
await queue_for_review(transaction, risk)
return {"status": "pending_review"}
else: # block
await log_blocked_transaction(transaction, risk)
return {"status": "declined", "reason": "Transaction flagged for security review"}Why Compiled Fraud Scoring
| Approach | Latency | In payment flow? | Nuance | |----------|---------|-------------------|--------| | Rules only | <1ms | ✅ | Low — misses subtle patterns | | LLM scoring | 500-1500ms | ❌ Too slow | High | | Traditional ML (trained on labelled data) | 5-20ms | ✅ | Medium — needs historical fraud data | | Compiled model (Sparkient) | <100ms | ✅ | High — trained from LLM teacher |
The key advantage over traditional ML: you don't need a historical fraud dataset to get started. The LLM teacher generates synthetic training data that covers fraud patterns, so you can deploy an accurate scorer from day one — even if you've never had a chargeback.
For teams that do have historical fraud data, you can upload real examples alongside synthetic data to improve accuracy on your specific fraud patterns.
Get Started
Define your risk thresholds and transaction schema, then train a compiled fraud scorer. Start with the free tier — 5,000 credits, no credit card required.
Import this template
Get started in minutes. Import a pre-built decision type and customise it for your use case.
Import Template