Skip to main content
Case Study · Finance

A Real-Time Fraud Detection Engine

Hybrid rules-plus-machine-learning fraud detection for payments at scale — catching fraud in milliseconds without blocking good customers.

Results

Milliseconds
Scoring latency
+34%
Fraud caught
-41%
False positives

Technology Stack

  • Feature pipeline
  • ML scoring
  • Rules overlay
  • Streaming events
  • Feedback loop

The Challenge

The operator relied on static fraud rules. Tightening them blocked legitimate customers and hurt revenue; loosening them let fraud through. Rules alone couldn't capture the subtle, shifting patterns of real fraud, and scoring happened in batch — by the time fraud was flagged, the money was often gone.

The Solution

We built a hybrid fraud engine on the Baalvion Operating System. Deterministic rules handle clear-cut cases instantly, while a machine-learning model scores the ambiguous majority on signals like velocity, device, and behavioural history. Scoring happens in real time, in the payment path, and analyst decisions feed back to retrain the model — the production-ML discipline described in building production AI systems.

  • Rules overlay for unambiguous fraud and policy.
  • ML scoring for nuanced, shifting patterns.
  • Real-time scoring inside the payment path.
  • Feedback loop turning analyst decisions into training data.

Architecture

A feature pipeline computes signals from streaming transaction events. A low-latency scoring service evaluates each payment with the ML model, then a rules overlay applies hard policy. Confirmed-fraud and confirmed-good labels from analysts flow back into the feature store to retrain the model on a schedule — the same feature-and-evaluation rigour we apply across AI solutions.

Technology Stack

A streaming feature pipeline, a real-time ML scoring service, a deterministic rules overlay, and a labelled feedback loop — built through our AI solutions and automation practices for the finance sector.

Results

Scoring runs in milliseconds inside the payment path. Fraud caught rose by roughly 34% while false positives fell by 41% — the operator stopped more fraud *and* stopped blocking good customers, because the model captured nuance that static rules never could.

Lessons Learned

Pairing rules with ML gave certainty where it existed and nuance where it didn't. Real-time scoring was essential — batch scoring just documents fraud after the fact. And closing the loop, so analyst decisions retrain the model, kept the engine sharp as fraud patterns evolved.

Frequently Asked Questions

Why combine rules with machine learning?+

Rules give instant certainty for clear cases and policy; ML captures the subtle, shifting patterns rules miss. Together they catch more fraud with fewer false positives.

How fast is scoring?+

Milliseconds, inside the payment path — fraud is evaluated before the transaction completes, not after the fact.

How does the model stay current?+

Analyst decisions on flagged transactions feed back as labels that retrain the model on a schedule, so it adapts as fraud evolves.

How are good customers protected?+

By scoring nuance rather than blunt thresholds, the engine cut false positives by 41%, reducing wrongly blocked legitimate payments.

More case studies

Unifying Global Trade Operations on a Single PlatformReal-Time Cross-Border SettlementA Canonical Multi-Tenant Identity PlatformA Real-Time Command Center for Mining Operations

Achieve outcomes like these

Talk to our strategy team about how the Baalvion Operating System can power your next platform.

Contact UsExplore Services