• 

  Capture of the app in a real website (in situation)

• 

  Logo application

FRAID was inspired by a real banking problem: phishing often succeeds at the exact moment a user confirms payment. Our goal was to protect users at that critical click, before money is sent.

How we built it

We built FRAID as a real-time workflow between a Chrome extension and a FastAPI backend:

The extension intercepts payment-related clicks. If the domain is trusted, payment continues immediately. If the domain is unknown, the backend runs 7 fraud signals in parallel. The system combines those signals into one risk score and a risk level. The API returns a short French explanation. The extension adapts the user flow: low risk: green confirmation banner medium risk: warning banner high risk: blocking modal with cancel or continue choice Challenges we faced The hardest part was balancing speed, detection quality, and user experience at the same time. In payment scenarios, analysis must be fast enough to feel instant, accurate enough to catch suspicious behavior, and stable even when external services are slow or unavailable.

What we learned

We learned that fraud prevention is not only a detection problem. It is also a product and trust problem: users need clear explanations, consistent behavior, and transparent decisions. Combining multiple complementary signals proved much more reliable than relying on a single rule.

Built With

• a-chrome-extension-(manifest-v3
• asyncio-+-httpx-+-trafilatura-for-async-web/content-analysis
• cerebras
• docker-compose-for-local-infrastructure
• ollama-(mistral)-with-optional-mistral-api-fallback-for-ai-explanations
• py-tlsh-for-fuzzy-url-fingerprinting
• pytest/pytest-asyncio/respx
• python-3.11-and-fastapi-for-the-backend-api
• python-whois-and-tldextract-for-domain-intelligence
• qdrant-as-the-vector-database
• sentence-transformers-(all-minilm-l6-v2)-for-embeddings
• vanilla-javascript)-for-in-browser-payment-interception