How One Bank Uses In-Event Fraud Decisioning to Stop Card Fraud

    What You’ll Learn

  • Why catching fraud within the payment authorization window, not after settlement, is what actually stops losses instead of just measuring them.
  • How a single card swipe triggers close to 4,000 queries across four transactions, and what it takes to resolve all of them in under 50 milliseconds.
  • How fraud rules get rewritten and redeployed intraday without interrupting transaction processing or degrading accuracy.
  • What measurable outcomes look like when fraud prevention becomes a real-time system property: 83% fewer fraudulent transactions and 10x processing capacity on the same infrastructure.

Card fraud has to be caught in the moment a transaction happens, not after it settles. Banks get roughly 200 milliseconds to authorize, decline, or step up every swipe, tap, or insert, and once a compromised card slips through once, it often gets used again before anyone flags the account. Systems that detect fraud after the fact can quantify the loss. They cannot prevent it.

This case study looks at how one of APAC’s largest card issuers, working with a global ICT provider’s fraud prevention platform, rebuilt that decision window around real-time state instead of after-the-fact review. You’ll see how the platform runs hundreds of fraud rules per transaction, evaluates roughly 4,000 queries across four transactions per swipe, and returns an allow, reject, or step-up decision in under 50 milliseconds, all against a 200 millisecond budget.

At the center of the architecture sits a real-time decisioning layer that holds the authoritative operational state, recent history, balances, velocity, blacklists, and applies fraud logic against it the instant a transaction arrives. A separate big data tier trains and refines the machine learning models offline, then pushes updated rules back into the decisioning layer intraday, sometimes every few minutes, without taking the system offline or slowing throughput.

For banks, payment processors, and the ICT vendors building fraud platforms on their behalf, this shows what changes when detection becomes decisioning: fraud caught on the first misused card instead of the tenth, an 83% drop in fraudulent transactions, and 10x more processing capacity on the same footprint. See the full architecture and results below.