Use Cases

Fraud Prevention

Identity fraud costs businesses billions annually. Verifa collects 150+ fraud signals during every verification — behavioral analysis, device fingerprinting, document forensics, and network intelligence — and aggregates them into a risk score that lets you auto-approve legitimate users while catching fraudsters.

How Verifa detects fraud

Fraud detection runs automatically on every session through checks that Verifa inserts into your workflow behind the scenes:

  • Risk assessment — Aggregates 150+ signals into a composite risk score (0–100). Runs on every session automatically.
  • Watchlist screening — Screens against OFAC, EU, UN, and UK sanctions lists. Runs on every session automatically.
  • Identity cross-reference — Compares user-submitted data against OCR-extracted data. Runs automatically if your workflow collects user info.

You don’t need to add these to your workflow — they’re always there.

For additional fraud protection, you can add these checks to your workflow:

  • duplicate_detection — Catches repeat applicants across sessions
  • check_against_list — Matches against your custom blocklists

Signal categories

Verifa collects signals across six categories:

CategoryExamplesSignals
BehavioralCompletion speed, hesitation, copy-paste, bot-like mouse movement9
DeviceBot detection, virtual cameras, VM detection, devtools8
NetworkVPN/proxy/Tor, IP velocity, impossible travel, datacenter IPs13
Document forensicsEXIF editing, screen photos, MRZ tampering, barcode mismatch17
Identity graphDuplicate device, email, phone, document, face7
IntegrityPayload tampering, checksum mismatches, contradictions5

See Fraud Signals for the complete list with risk weights.

Risk scoring

All triggered signals feed into a composite risk score:

Risk levelScoreRecommended action
Low0–20Auto-approve
Medium21–50Proceed with caution
High51–80Manual review or step-up verification
Critical81–100Auto-reject

View risk signals for a session

$curl https://api.withverifa.com/api/v1/sessions/session_abc123/risk \
>  -H "X-API-Key: vk_live_your_key_here"
1{
2  "risk_score": 65,
3  "risk_level": "high",
4  "triggered_signals": [
5    { "signal": "virtual_camera", "weight": 50, "action": "block" },
6    { "signal": "front_exif_edited", "weight": 25, "action": "flag" },
7    { "signal": "vpn_detected", "weight": 25, "action": "flag" }
8  ],
9  "triggered_count": 3,
10  "hard_blocked": true
11}

Duplicate detection

The duplicate_detection check finds repeat offenders by comparing hashed identity attributes across all previous sessions:

  • Device fingerprint
  • Email address
  • Phone number
  • Document number
  • Face embedding (biometric similarity)
  • Name + DOB combination

Add it to your workflow in the dashboard to catch users attempting multiple verifications. When a duplicate is detected, the session routes to manual review.

Custom blocklists

Create lists of known bad actors and match incoming sessions against them. Add the check_against_list check to your workflow to enable matching.

$# Create a blocklist
$curl -X POST https://api.withverifa.com/api/v1/lists \
>  -H "X-API-Key: vk_live_your_key_here" \
>  -H "Content-Type: application/json" \
>  -d '{
>    "name": "Known Fraudsters",
>    "type": "block",
>    "match_fields": ["email", "phone", "document_number", "device_fingerprint"]
>  }'
$
$# Add an entry
$curl -X POST https://api.withverifa.com/api/v1/lists/list_abc123/entries \
>  -H "X-API-Key: vk_live_your_key_here" \
>  -H "Content-Type: application/json" \
>  -d '{
>    "email": "fraudster@example.com",
>    "phone": "+15551234567",
>    "reason": "Chargebacks on 3 accounts"
>  }'

Workflow example: fraud-aware onboarding

This workflow adds duplicate detection and list checks on top of standard identity verification:

Capture → Document Scan → Face Match → Duplicate Detection
  → List Check → Auto-Approve

Watchlist screening, risk assessment, and identity cross-reference run automatically on top of whatever you configure. You can use conditional nodes in the workflow builder to route sessions based on the risk score:

  • Low risk — Auto-approve
  • Medium/high risk — Route to manual review
  • Critical risk — Auto-reject

See the Creating a Workflow tutorial for how to build this in the dashboard.

Tuning signal sensitivity

Each signal can be configured with one of three actions per organization:

ActionBehavior
blockCounts in risk score + eligible for hard block
flag (default)Counts in risk score
ignoreExcluded from risk score entirely

For example, if your users commonly use VPNs, set vpn_detected to ignore. If you want zero tolerance for virtual cameras, set virtual_camera to block.

Hard blocks

Certain signals can trigger an immediate block regardless of the overall risk score:

  • bot_detected — Headless browser or WebDriver
  • virtual_camera — OBS, ManyCam, or similar
  • camera_injection_detected — Fake video injection on mobile
  • integrity_checksum_mismatch — Tampered signal payload

Configure which signals trigger hard blocks in your organization settings.