BlackVault

Stop Fraud Before It Spreads.

Comment

🛡️ BlackVault

Real-Time, Graph-Powered Fraud Detection for Modern Banking

## Inspiration

Financial fraud is no longer isolated — it is networked.

Modern fraud rings operate through mule accounts, layered transfers, circular transactions, and distributed low-value activity designed to evade traditional rule-based systems. Most legacy monitoring platforms analyze accounts independently and rely heavily on static thresholds or batch processing.

We were inspired by a fundamental shift in perspective:

Instead of analyzing accounts individually, what if we modeled the financial ecosystem as a network?

Fraud spreads through connections. Risk should be modeled the same way.

That insight became the foundation of BlackVault — a real-time, graph-based risk intelligence platform designed to detect malicious accounts before fraud propagates across the system.

## What it does

BlackVault is a real-time fraud detection engine built for banks.

It:

  • Ingests live transaction streams
  • Models accounts as nodes in a directed transaction graph
  • Assigns dynamic risk scores
  • Propagates risk across connected accounts
  • Flags suspicious entities instantly
  • Visualizes risk through a live dashboard

We represent the transaction ecosystem as:

[ G = (V, E) ]

Where:

  • ( V ) = accounts
  • ( E ) = transactions

Each account maintains a risk score:

[ R_i(t) = \alpha B_i + \beta V_i + \gamma P_i ]

Where:

  • ( B_i ) = behavioral anomaly component
  • ( V_i ) = transaction velocity deviation
  • ( P_i ) = propagated network risk
  • ( \alpha, \beta, \gamma ) = tunable weights

Risk propagates through connected nodes with time decay:

[ P_j = \sum_{i \in N(j)} R_i \cdot e^{-\lambda \Delta t} ]

This enables detection of coordinated fraud rings, not just isolated anomalies.

## How we built it

Backend

We built the backend using FastAPI (Python) for:

  • Asynchronous transaction ingestion
  • Real-time risk computation
  • Deterministic state updates
  • REST APIs powering the dashboard

FastAPI allowed us to handle concurrent transaction streams efficiently.

In-Memory Store

We used Valkey as our real-time datastore for:

  • Account state
  • Risk scores
  • Graph adjacency mappings
  • Transaction metadata

Valkey provided:

  • Sub-millisecond read/write latency
  • Atomic updates for consistency
  • Concurrency-safe state mutation

This was critical for maintaining deterministic risk scoring under load.

Graph-Based Core Engine

Accounts are modeled as nodes; transactions as directed edges.

We maintain:

  • Adjacency mappings
  • Edge weights (amount, recency, frequency)
  • Node-level behavioral metrics

When a node’s risk increases, connected nodes receive proportional risk adjustments with decay, preventing hidden mule networks from escaping detection.

Transaction Simulator

To test the system, we built a simulator that generates:

  • High-velocity transfers
  • Circular transaction loops
  • Sudden balance spikes
  • Structuring patterns

This allowed us to validate risk propagation and stress-test concurrency behavior.

Dashboard

We built a live dashboard displaying:

  • Flagged accounts
  • Risk score trends
  • Live transaction feeds
  • Behavioral breakdowns per account

This transforms raw analytics into actionable compliance intelligence.

## Challenges we ran into

1️⃣ Concurrency & State Consistency

Simultaneous transactions caused race conditions during risk updates.
We resolved this by:

  • Using atomic operations in Valkey
  • Designing deterministic update flows
  • Avoiding partial state writes

2️⃣ Risk Over-Propagation

Early propagation models caused risk to spread too aggressively across loosely connected nodes.

We refined this using:

  • Time decay functions
  • Edge-weight scaling
  • Threshold-based propagation limits

This significantly reduced false positives.

3️⃣ Balancing Precision vs Sensitivity

Overly sensitive scoring increased alerts; overly strict scoring missed fraud.

We tuned weight parameters and propagation decay constants to maintain equilibrium between detection accuracy and noise reduction.

## Accomplishments that we're proud of

  • Built a fully functional graph-based fraud detection engine
  • Achieved real-time risk updates with sub-millisecond state storage
  • Implemented risk propagation with decay modeling
  • Designed a live monitoring dashboard
  • Created a realistic transaction simulator for stress testing
  • Demonstrated network-aware fraud detection rather than rule-only evaluation

Most importantly, we built a system that thinks in relationships, not just transactions.

## What we learned

  • Fraud detection is fundamentally a network problem
  • Real-time systems demand deterministic state management
  • Graph modeling significantly improves detection depth
  • Explainability is critical in financial risk systems
  • In-memory datastores like Valkey are powerful for streaming workloads

We learned that infrastructure design directly impacts detection capability.

## What's next for BlackVault

  • Machine learning–based anomaly detection
  • Graph clustering for mule network identification
  • Multi-institution risk intelligence sharing
  • Blockchain transaction ingestion
  • Automated AML reporting generation
  • Advanced visualization of fraud clusters

Our long-term vision is to evolve BlackVault into a scalable, production-grade fraud intelligence infrastructure for modern financial institutions.

Built With

Share this project:

Updates