Interactive Fraud Detector

Effective protection
for your institution

Interactive Fraud Detector is our proprietary and constantly developed tool for detecting and actively preventing fraud in the IT infrastructure.

The implementation of IFD guarantees the reduction of successful attack attempts by up to 100%. Our system can detect over 800 fraud attempts in one month. The simultaneous use of workflows introduces a formal incident handling path to the organization that does not require changes in the organization's management structure.

The carefully designed architecture of our product enables cooperation with other external systems functioning in the organization. In addition, our IFD system can act as an information hub for all operating anti-fraud systems. Thanks to this solution, CSiRt teams have direct access to information and reports in one place.

We offer support and a 24/7/365 stability guarantee.

Implementation in just 3 months.

Efficiency proven in practice*

On average 800 attack attempts detected per month
10 times fewer attempted thefts
Reduction of financial losses by 90%
99% of hacking attacks stopped
On average 700 transfers per day IFD qualifies for additional verification
The number of successful thefts has been minimized to individual cases
*The statistics presented refer to a bank with 2 million active users who make approximately 3 million transfers per month. The highest IFD activity is observed about 6 months after implementation.

How IFD works

User Interface of Operator Console

Reduction of financial losses
and reputation increase

The abuse of information infrastructure is defined as all activities aimed at obtaining benefits through illegal attempts to disrupt activities between the user and the organization.

Undesirable actions by third parties may take various forms. From the typical theft of access data to more complex forms of fraud, e.g. installing malicious software on the client's system. The most common task of such software is to replace the target bank account number entered by the user with the thief's account number. However, the most common abuses in electronic banking are attempts to withdraw money from the customer's account and the use of payment card data used for online payments.

Due to the dynamically growing role and popularity of the Internet and electronic banking, these channels are exposed to more frequent, more dangerous and more complicated attempts of fraud.

Softax IFD system successfully operates in the largest organizations in Poland.

Illegal activities and attempted fraud expose banks and their clients to serious financial losses, result in loss of reputation, operational difficulties and a decrease in public confidence. The implementation of our product significantly reduces financial and reputational losses in the organization. Our system has an engine and rules language. Thanks to this, rules and behavior definitions can be additionally developed by the institution. Softax professional team for security issues provides 24/7 support services and consultations for its clients.


IFD system supervises the activity of clients in electronic access channels, while ensuring detection and active prevention of all types of harmful activities that violate security standards.

It plays the role of a central event register, which is used in the area of user contact with the organization through electronic access channels. In addition, IFD prevents attempts to disrupt the continuity of banking systems (e.g. involving the massive, intentional sending of excessive messages and operations to the organization). Our system meets all applicable law (including GDPR, PSD2).

Typical types of abuse:

  • Scams,
  • Money laundering,
  • Theft of funds from other people's accounts,
  • Use of stolen payment instruments,
  • Use of stolen data or authorization instruments,
  • Theft of confidential data about a customer or his transaction.

Examples of increased risk situations:

  • A large number of transactions with one card or from one account in a short time,
  • A large number of transfers to one destination account,
  • Instructions to withdraw funds shortly after they are credited to the accounts,
  • Logging into the website in a short time from geographically dispersed locations,
  • Logging in to multiple accounts from one device.

ATM withdrawals

Card payments

Card transactions

Mobile payments


Operation tracking
Defining the rule
Reaction to detected
Operational verification

IFD system can be implemented in the institution's software architecture in such a way as to monitor all operations and processes.

The analysis is carried out during operation handling (inline mode) or immediately after it is performed (online mode). Based on the configurable criteria, selected aspects of the operation can be forwarded for later analysis (offline mode).

IFD is characterized by high performance and stability, thanks to which it performs tasks in a transparent manner for users. This is important because of their convenience, but also because of the organization's obligations in terms of business continuity. Any delay in the analyzes carried out by the system is subject to rigid restrictions, depending on the technical capabilities of the infrastructure and the requirements of the institution.

Flexible implementantion
that does not violate the organization's structure

IFD system has been designed in a way that facilitates its implementation and integration with existing systems in the organization's IT infrastructure. Many years of experience and Softax implementation team guarantee effective and secure implementation of IFD into the organization.

Place in IT architecture

  • Monitoring in all electronic channels
  • Cooperation with existing fraud detection systems
  • Supplying events from organization's systems (offline / online)

Rule management and knowledge base creation

  • Self-management by the organization
  • Management by Softax specialists
  • Management in cooperation with the organization and Softax

Typical cooperation with organization systems

  • Retrieving information from external systems that are the source of processed operations
  • Transfer of risk assessment of operations to external systems (in the form of calculated scoring)
  • Transferring and collecting information on operational services (e.g. list of calls to be called for Contact Centre operators)
  • Information transfer via email/SMS

Typical integration methods

  • Direct connection to an existing database engine
  • Exchange of web-service messages
  • File exchange
  • HTTP / gRPC gateways
  • Cloud


C++, Python, XML, Linux x86_64
Documented processing of millions messages and tens of thousands files per day
Distributed computing
Easy system scaling and rebuilding modules
In a distributed configuration, the system is resistant to failures of individual components
Uninterrupted reconfiguration
Changing parameters and changing the version takes place without interruptions in the availability of the service
The use of comprehensive security mechanisms using leading security technologies
Are you interested in reducing financial losses and increasing your organization's reputation?