Savyint Fraud Prevention and Risk Management
A Comprehensive Digital Fraud Prevention and Risk Management Solution
Deep application of AI/ML, Device Intelligence, and PQC in online fraud detection and prevention.
As financial fraud has grown exponentially in recent years – with the rise of deepfake attacks, account takeover, cross-border transaction fraud, and increasingly sophisticated techniques – banks and financial institutions must build an end-to-end fraud prevention ecosystem capable of real-time transaction protection and compliance with government regulations on financial data security.
Built on a Zero Trust architecture, Savyint Fraud Prevention & Risk Management (FPRM) is a comprehensive risk management and fraud prevention solution suite, consisting of four core components:
- Sam Auth Server
- Savyint SCA/CIAM
- API Management
- Savyint Digital Signature Server
Leveraging AI, machine learning, strong SCA authentication, transaction security, tokenization, and post-quantum cryptography (PQC), Savyint Fraud Prevention & Risk Management enables real-time fraud reporting, monitoring, and response, allowing organizations to detect, prevent, and react to fraud incidents before damage occurs. The solution suite complies with global security standards as well as stringent legal requirements across multiple countries.
Key Advantages
Real-time fraud detection and scoring
AI-enhanced user authentication and identity verification
Comprehensive transaction monitoring
Compliance with global security standards including AML/KYC/KYB/PSD2/PSD3 and regional regulations such as Circular 64 and 50 (Vietnam), BSP 1213 (Philippines), and Malaysia’s requirements
Compliance with International Standards and Regional Regulations
- Security certifications: FIPS 140-2 level 2 & level 3, CC eIDAS ELA4+
- Compliance with ISO 9001:2015, ISO 30107, ISO 14001:2015, ISO 27701:2022
- Compliance with CSC 1.0, CSC 2.0, Open API Service Interface
- Compliance with SCA PSD2/eIDAS, CC EAL4+ AVA_VAN.5, and ALC_FLR.2 for EN 419 221-5 security standard
- Real-time validation via CRL and OCSP
- Compliance with Payment Services Directives (PSD2, PSD3) on customer authentication
- Compliance with GDPR, SOC 2 Type II, HIPAA & PCI DSS, FIDO2, NIST, OIDC/OAuth2, PQC
- MAS TRM, NIST 800-63-4
- The only solution suite with full CIBA Backchannel, meeting Open Finance standards, Circular 64 and 50/2024/TT-NHNN (Vietnam), and BSP 1213 (Philippines)
Core Modules
1. Sam Auth Server - All-in-a-Box Strong Authentication Solution
Sam Auth Server is an all-in-a-Box strong authentication solution integrating advanced technologies to meet modern requirements for identification, authentication, and payments with the highest security level.
It enables system authentication, data encryption, transaction encryption, multi-layer authentication, and multi-tier security via hardware security modules, software modules, smart biometric cards, and dedicated authentication hardware – ensuring maximum safety for electronic transactions while maintaining convenience and flexibility for users.
Developed on an advanced authentication foundation, its core is the Cryptographic Security Platform (CSP), including SCA/MFA, passwordless authentication via PKI, data encryption, Smart Token, tokenization, and end-to-end-to-end (E2E2E) transaction signing with mobile cryptography security.
Key Features
Maximum-level security
Data encryption, token encryption, data signing, transaction signing, and high-level protection of sensitive information such as OTP/PIN/Passcode; Tokenization for secure payment transactions on banking apps, wallets, and cards
Strong user authentication and AI-based identity verification
Supports Passkey/FIDO2, biometric authentication combined with SmartOTP, and flexible multi-factor mechanisms
Integrates CIBA (Client-Initiated Backchannel Authentication)—a critical standard in Open Banking – allowing authentication detached from the transaction channel, minimizing risks of app spoofing attacks
Enhanced device recognition with Device Intelligence
Advanced device identification and micro-behavior analysis: keystroke dynamics, interaction speed, abnormal IP movement detection, etc. Detects anonymous fraud, increases device trust, mitigates synthetic fraud, app/user spoofing, OTP fraud, and account takeover (ATO)
AI & machine learning fraud detection
Behavioral analytics and AI/ML risk scoring. Real-time transaction monitoring and anomaly detection for rapid response to emerging threats
Transaction security
Dynamic Linking combined with transaction signing enables E2E2E encryption, preventing tampering, modification, or transaction spoofing
Post-Quantum Cryptography (PQC)
Enhanced protection against quantum computing threats, mitigating “harvest-now-decrypt-later” risks. Ready for dual-algorithm transition (ECC + PQC ML-KEM/DSA)
2. Savyint SCA/CIAM - User Identity and Access Management
Savyint SCA/CIAM is a strong authentication platform fully compliant with PSD2/PSD3 SCA requirements and regional regulations. It provides multi-factor authentication and Passkey/FIDO2 support to completely eliminate common attack vectors.
Based on dynamic risk scoring, the system automatically increases authentication levels for high-risk activities. It supports all steps of the user journey, from login and access approval to payments and high-value transactions.
3. API Management
API Management ensures all connections between banks, institutions, and customers remain secure, transparent, and monitored in real time, complying with modern API security standards such as FAPI, OAuth 2.1, and OIDC.
Beyond access control, it analyzes API usage behavior, assigns risk scores to each request, and protects the system against cybersecurity threats.
4. Savyint Digital Signature Server – Secure Digital Signature Platform for Digital Trust
Savyint Digital Signature Server is a centralized digital signature platform enabling secure document signing, data signing, and transaction signing in compliance with international standards. It ensures integrity, authenticity, and non-repudiation for all transactions and documents within a financial institution’s workflow.
The solution supports mobile-based user identity binding with personal phone numbers, integrating eSign digital signatures and PKI technologies to enable:
- Secure and precise digital identity verification using PKI cryptography, biometric authentication, Mobile Identity, ID Verification, eKYC - compliant with PSD2/PSD3, FIDO2, OIDC/OAuth2, and PQC algorithms
- Remote signing, document signing, and transaction signing (XML, Doc/PDF, JSON, etc.)
- Long-term integrity and authenticity of documents with accurate timestamping based on national standards, preventing tampering or back-dated signatures
- Advanced digital signing for high-value transactions
This solution serves as the core component for rapid integration with national digital infrastructure systems such as eInvoice, eTax, eCustoms, eSocial Insurance, eWallets, digital banking, digital healthcare, etc., thanks to its compatibility with smartphones, tablets, and laptops.
It strictly complies with digital signature and remote signing technical standards under eIDAS, CSC 2.0, and the EU’s GDPR data protection regulations.
The solution supports mobile-based user identity binding with personal phone numbers, integrating eSign digital signatures and PKI technologies to enable: