Blind Spot

Mobile App Login (Demo Purposes Only)
Mobile App Dashboard (Demo Purposes Only)
Main Dashboard - Login
Main Dashboard
Main Dashboard - Alerts
Main Dashboard - Specific AI Agent (1 of 5) - (ChatBot)
Main Dashboard - Analysis & Main ChatBot
Main Dashboard - Section Output Sample & Cognitive State
Main Dashboard - Fraud Type Classifier

Inspiration

Traditional fraud detection systems rely on transaction data like amount, velocity, and location. But they completely miss the human side: is the user stressed? Are they being coached? Are they typing differently than usual? This blind spot is especially dangerous with social engineering scams like Authorized Push Payment (APP) fraud, where victims are manipulated into sending money willingly. We wanted to build something that catches what current systems can't.

What it does

BlindSpot runs 5 specialized AI agents in parallel every time a transaction is submitted:

Behavioral Agent compares typing speed, error rate, and touch patterns against the user's baseline
Cognitive Agent looks for signs of coercion, stress, or coached behavior (the key differentiator)
Transaction Agent checks amount anomalies, velocity, and timing
Device Agent flags new devices, VPNs, active phone calls, and remote access tools
Graph Agent analyzes recipient networks for fan-in/fan-out and mule patterns

And there is so much more data that is being processed by these agents.

A 6th Meta-Scorer agent synthesizes all five outputs into a final risk score with plain-language reasoning. The analyst dashboard shows everything in real time, and an AI chatbot lets fraud analysts ask follow-up questions about any flagged case.

How we built it

Python/FastAPI backend with Railtracks for multi-agent orchestration. Each agent runs as an async node in a Railtracks Flow, powered by Claude Sonnet. All five specialist agents execute in parallel, then the meta-scorer combines their outputs. The frontend is Next.js with a real-time WebSocket connection for live updates. We built a React Native demo app to simulate the mobile banking experience and behavioral telemetry collection (just for demo purposes).

Challenges we ran into

Getting the agents to return consistent, structured JSON instead of rambling text took a lot of engineering. Balancing the weighted scoring formula so that the cognitive agent carries enough weight to catch APP fraud without creating false positives on normal stressed users was tricky. We also had to figure out how to make the system feel real-time when you have 6 LLM calls in the pipeline.

What we learned

The biggest insight was that behavioral biometrics alone aren't enough. It's the combination of behavioral deviation + cognitive state + transaction context that makes fraud detection actually work for social engineering attacks. A user typing faster than normal could mean they're in a rush, or it could mean someone is dictating account numbers to them over the phone. You need the full picture.

What's next

Production-grade behavioral baseline training with real telemetry data, integration with banking APIs for live transaction monitoring, and expanding the agent pipeline with a social engineering conversation detector that could analyze call audio patterns alongside typing behavior.