VERTEXY
Docs

Start Here

  • Platform overview
  • Engineer quickstart
  • Analyst introduction
  • Administrator setup
  • Architecture

Integrate

  • Authentication
  • Assess transactions
  • Event ingestion
  • Signing and reliability
  • Submit feedback
  • Retries and idempotency
  • Go-live checklist

Use the Dashboard

  • Overview dashboard
  • Event Explorer
  • Graph Explorer
  • Reviews
  • Policy
  • Threat Intel

Administer

  • Onboarding
  • Developer Settings
  • Team and access
  • Permissions and features
  • Audit Logs
  • Billing and plans

Reference

  • API reference
  • API introduction
  • Objects
  • Event types
  • Risk scores and reasons
  • Errors
  • Glossary
  • Node.js examples
  • Python examples

Updates and Help

  • Changelog
  • v1.0.0 release
  • Troubleshooting
  • Support
Open Developer Settings →
VERTEXY
Docs
Docs/Start Here
all

Overview

How VertexY fits into a modern fraud stack for payments, accounts, and order workflows.

Reviewed 2026-06-21Product 1.1

VertexY helps product and risk teams decide whether to allow, review, or block sensitive activity in real time. Most teams integrate it at checkout first, then expand into account, refund, dispute, and analyst workflows.

Score in real time→

Call the risk engine before approving a payment, order, or account action.

Stream signed events→

Send lifecycle signals so VertexY can build velocity and graph context.

Close the loop→

Submit final outcomes so future decisions learn from confirmed results.

Where VertexY sits#

Place VertexY between your application workflow and the final business action:

  1. Your backend receives a checkout, login, refund, or other risk-bearing request.
  2. Your backend calls POST /risk-engine/assess with identity, payment, device, geo, and order context.
  3. VertexY returns allow, review, or block with a score and reason codes.
  4. Your system applies the decision, then sends outcome feedback when the result is known.

Core APIs#

POST/risk-engine/assess

Real-time risk assessment

Use this before completing a sensitive action. The response includes riskScore, action, riskLevel, and reasonCodes.

POST/events/ingest

Signed event ingestion

Send payment, order, account, refund, dispute, and chargeback events with HMAC headers.

POST/risk-engine/feedback

Outcome feedback

Report approved, rejected, chargeback, confirmed fraud, or false positive outcomes.

Regional integration examples#

US marketplaces#

A US marketplace calls VertexY before card authorization, using USD amounts, BIN data, device fingerprinting, and IP geo from New York or California checkout traffic.

Common signals: card-not-present velocity, email reputation, coupon abuse, chargebacks, and repeat shipping address overlap.

European fintech and commerce#

A European fintech scores EUR or GBP transactions while keeping PII minimized and hashed where possible. Teams usually pair VertexY decisions with their GDPR retention policy.

Common signals: PSD2 challenge outcomes, cross-border account access, device timezone mismatch, and refund abuse.

Southeast Asian platforms#

A Southeast Asian commerce platform scores SGD, IDR, THB, PHP, or VND orders across wallet, card, and cash-on-delivery flows.

Common signals: mobile-wallet fingerprints, device reuse, voucher abuse, failed payment bursts, and account farming.

Authentication model#

VertexY uses two authentication modes:

  • Bearer JWTs for dashboard and backend APIs such as POST /risk-engine/assess.
  • HMAC signatures for POST /events/ingest, where VertexY verifies the raw request body.

Read Authentication before building, then use the interactive API reference when you are ready to test endpoints.

Production checklist#

  • Keep access and refresh tokens server-side where possible.
  • Sign every event ingestion request.
  • Use stable transactionId, externalEventId, and idempotencyKey values.
  • Store assessmentId on your order or risk record.
  • Send feedback as soon as final outcomes are known.
  • Combine plan feature gates with assigned user permissions inside the dashboard.

What VertexY does not replace#

Your system still owns payment authorization, customer communication, regulatory retention rules, gateway dispute operations, and final workflow execution. VertexY gives your team the risk decision and investigation context needed to act consistently.

Was this page helpful?

NextEngineer quickstart →

On this page

Where VertexY sitsCore APIsRegional integration examplesAuthentication modelProduction checklistWhat VertexY does not replace