Fraud Prevention

Identity fraud costs businesses billions annually. Verifa collects 150+ fraud signals during every verification — behavioral analysis, device fingerprinting, document forensics, and network intelligence — and aggregates them into a risk score that lets you auto-approve legitimate users while catching fraudsters.

How Verifa detects fraud

Fraud detection runs automatically on every session through checks that Verifa inserts into your workflow behind the scenes:

• Risk assessment — Aggregates 150+ signals into a composite risk score (0–100). Runs on every session automatically.
• Watchlist screening — Screens against OFAC, EU, UN, and UK sanctions lists. Runs on every session automatically.
• Identity cross-reference — Compares user-submitted data against OCR-extracted data. Runs automatically if your workflow collects user info.

You don’t need to add these to your workflow — they’re always there.

For additional fraud protection, you can add these checks to your workflow:

• duplicate_detection — Catches repeat applicants across sessions
• check_against_list — Matches against your custom blocklists

Signal categories

Verifa collects signals across six categories:

See Fraud Signals for the complete list with risk weights.

Risk scoring

All triggered signals feed into a composite risk score:

View risk signals for a session

$
curl https://api.withverifa.com/api/v1/sessions/session_abc123/risk \
>
  -H "X-API-Key: vk_live_your_key_here"

1
{
2
  "risk_score": 65,
3
  "risk_level": "high",
4
  "triggered_signals": [
5
    { "signal": "virtual_camera", "weight": 50, "action": "block" },
6
    { "signal": "front_exif_edited", "weight": 25, "action": "flag" },
7
    { "signal": "vpn_detected", "weight": 25, "action": "flag" }
8
  ],
9
  "triggered_count": 3,
10
  "hard_blocked": true
11
}

Duplicate detection

The duplicate_detection check finds repeat offenders by comparing hashed identity attributes across all previous sessions:

• Device fingerprint
• Email address
• Phone number
• Document number
• Face embedding (biometric similarity)
• Name + DOB combination

Add it to your workflow in the dashboard to catch users attempting multiple verifications. When a duplicate is detected, the session routes to manual review.

Custom blocklists

Create lists of known bad actors and match incoming sessions against them. Add the check_against_list check to your workflow to enable matching.

$
# Create a blocklist
$
curl -X POST https://api.withverifa.com/api/v1/lists \
>
  -H "X-API-Key: vk_live_your_key_here" \
>
  -H "Content-Type: application/json" \
>
  -d '{
>
    "name": "Known Fraudsters",
>
    "type": "block",
>
    "match_fields": ["email", "phone", "document_number", "device_fingerprint"]
>
  }'
$
$
# Add an entry
$
curl -X POST https://api.withverifa.com/api/v1/lists/list_abc123/entries \
>
  -H "X-API-Key: vk_live_your_key_here" \
>
  -H "Content-Type: application/json" \
>
  -d '{
>
    "email": "fraudster@example.com",
>
    "phone": "+15551234567",
>
    "reason": "Chargebacks on 3 accounts"
>
  }'

Workflow example: fraud-aware onboarding

This workflow adds duplicate detection and list checks on top of standard identity verification:

Capture → Document Scan → Face Match → Duplicate Detection
  → List Check → Auto-Approve

Watchlist screening, risk assessment, and identity cross-reference run automatically on top of whatever you configure. You can use conditional nodes in the workflow builder to route sessions based on the risk score:

• Low risk — Auto-approve
• Medium/high risk — Route to manual review
• Critical risk — Auto-reject

See the Creating a Workflow tutorial for how to build this in the dashboard.

Tuning signal sensitivity

Each signal can be configured with one of three actions per organization:

For example, if your users commonly use VPNs, set vpn_detected to ignore. If you want zero tolerance for virtual cameras, set virtual_camera to block.

Hard blocks

Certain signals can trigger an immediate block regardless of the overall risk score:

• bot_detected — Headless browser or WebDriver
• virtual_camera — OBS, ManyCam, or similar
• camera_injection_detected — Fake video injection on mobile
• integrity_checksum_mismatch — Tampered signal payload

Configure which signals trigger hard blocks in your organization settings.

Related

• Fraud Signals — Complete signal reference with risk weights
• Verifications & Checks — risk_assessment, duplicate_detection, and check_against_list
• Lists — Create and manage custom blocklists
• Cases — Review flagged sessions
• Workflows — Build risk-aware verification pipelines
• Tutorial: Creating a Workflow — Step-by-step workflow guide