# Identity Fraud, KYC & AML
The best way to stopping malicious actors before they can commit fraudulent activity is to prevent them from creating
an account in the first place. Therefore, having a robust risk monitoring tool that is integrated into
the account creation flow is paramount for any fraud program.
## Identity Fraud
The most common way to open a fraudulent account on a platform is through Identity Fraud, which broadly refers to behavior in which a malicious actor hides their true identity by utilizing someone else’s identity. This is done to obtain a financial gain or circumvent anti-money laundering precautions.
In the online world of crypto and fintech, regulations often dictate that organizations verify the true identity of their customers. This process is commonly known as “Know Your Customer (KYC)”.
In order to pass the KYC process, fraudsters may use different methods to commit identity fraud:
### Types of Identity Fraud
#### Stolen Identity Fraud
Also known as Identity Theft, this type of fraud occurs when a malicious actor uses some combination of pieces of personal information that belongs to someone else which were obtained through illegal means.
This information can include:
* name
* date of birth
* social security number or tax identification number
* picture of a government issued ID
* phone number
* address
#### Synthetic Identity Fraud
Synthetic Identity Fraud is similar to the use of stolen identities, but involves the malicious actor manipulating and stitching together pieces of information that might not belong to a real identity or that belongs to several identities to create an identity profile that simulates someone real.
#### Social Engineering
During the course of a social engineering attack, a malicious actor manipulates a victim to voluntarily divulge their identity information to an online platform - for example, to open an account - and then take control of the account. The manipulation occurs when the fraudster convinces the victim by pretending to be someone the victim can trust; for example: a customer support agent, law enforcement or government official, an online romantic partner, or an investment advisor.
## Compliance Screening - AML
Money laundering and financial crimes pose great risks for businesses. For the well-being of any business, it is crucial to take steps to actively prevent assocation and transactions with individuals who have been sanctioned. From a regulatory standpoint, failure to comply with these regulations can carry damaging penalties. Association with Politically Exposes Persons (PEPs), or individuals associated with Adverse Media (negative news), can also lead to financial impact and reputational loss for a business.
## How can Sardine help?
Sardine collects and analyzes a variety of data points and signals in order to proactively detect and prevent identity fraud. These include:
### Identity Fraud
Through the use of external data sources, Sardine validates that the provided phone and email match a given identity and they are of good reputation. This is helpful in determining the risk of stolen or synthetic identities being used.
### KYC
#### SSN Verification
Sardine can verify whether a provided Social Security Number is valid, and if it matches other pieces of information collected about an identity, like: name, date of birth, or address.
#### Document Verification
Through integrating with 3rd party services, Sardine can help verify whether an uploaded or scanned government issued ID is fake and the information on the ID matches the information provided by the online user.
### AML
#### Sanction, Politically Exposed Persons (PEPs) & Adverse Media Screening
Sardine can detect users who are on Politically Exposed Persons (PEP), Suspected Designated National (SDN) and OFAC lists internationally. We also screening for adverse media associated with individuals. We allow you to tweak the thresholds for fuzzy matches such that you can balance the trade-off between true positives and false positive alerts. Given that these lists are ever-changing, you can also enroll users for ongoing monitoring, which means that we'll alert you if any of your customers end up on one of these lists.
### Behavioral Biometrics and Device Signals
Through its proprietary SDK, Sardine collects hundreds of signals on the device that's being used in a session to pick up on predictive indicators of social engineering. These include whether a session is being controlled through a remote desktop tool (e.g. TeamViewer) or whether certain fields during the sign-up flow are copied and pasted.
## Next Steps
[Contact us](https://www.sardine.ai/contact) to schedule a demo and get access to our Integration Guides and API docs.
# Account Takeover
## What is Account Takeover?
Account Takeovers happen when a malicious actor breaks into a victim’s online account. In the crypto and fintech world, this is generally with the purpose of:
* draining the funds in the account,
* obtaining a credit line in the name of the victim,
* moving funds through the account to obfuscate the flow of funds in order to circumvent money laundering controls,
* place market manipulative trades, such as spoofing or wash trading, in the case of crypto exchanges.
Malicious actors use a variety of methods to gain access to the online credentials of the victim, including: phishing, credential stuffing, malwares, keyloggers, SIM-card swapping attacks to obtain SMS-based two factor authentication codes, and social engineering customer support agents.
Fraudsters then take steps to conceal their activity in the account. They do so by changing details on the account such as the address and the phone number to prevent the proper account owner from getting notifications of money movement, or spoof their device operating system and IP address to avoid being detected.
The best way to stop account takeovers in its tracks is to closely monitor account logins or risk account updates such as changes to email, password or phone number, and check for anomalies in the device, IP or network traffic characteristics of the activity. Changes in the type of device or IP address used or behavioral characteristics of the session, such as swiping and typing speed all might indicate a suspicious login.
Since fraudsters will want to drain funds in an account as quickly as possible after gaining access to the account to maximize their profit, checking for sudden changes in the transaction pattern - i.e. money movement - is also a great tool to ascertain risk of unauthorized activity. For example, withdrawal requests that come in quicker succession or in greater amounts compared to the standard baseline activity on the account can indicate presence of malicious actors.
## How can Sardine help?
Sardine’s Risk Solution combines three powerful tools to detect account takeovers in a single platform:
### 1. Device Intelligence
Our proprietary device intelligence product is an embedded SDK that collects and analyzes hundreds of signals, and compares them to known risky behavior to detect suspicious activity. Some of these include:
* presence of operating system emulators,
* rooted devices,
* proxy and VPN detection, and
* remote desktop control software.
### 2. Behavioral Biometrics
We collect and analyze behavioral signals such as anomalous copy-paste behavior, toggling between windows (distraction events), and mouse movement.
### 3. Anomaly detection
Our no-code rule engine can be used to alert when anomalous transaction behavior, such as uncharacteristic movement of funds, occurs. Since the definition of anomalous behavior is different for each platform, our rule engine offers a flexible way to adjust monitoring and catch complex typologies with great granularity.
## Next Steps
[Contact us](https://www.sardine.ai/contact) to schedule a demo and get access to our Integration Guides and API docs.
# Business Verification (KYB)
## Overview
Welcome to the Sardine Business Verification (KYB) integration guide and developer documentation. If you're interested in learning more about our Business Verification (KYB) offering, how it works, and how to integrate, you've come to the right place.
If you are a new or existing merchant interested in getting started or have questions, please reach out to your Sardine Account Manager.
### What is Business Verification (KYB)?
Sardine's Business Verification (KYB) allows merchants to verify and screen business entities for fraud and compliance risk.
### Why is Business Verification important?
Sardine customers have requested Business Verification support for the following purposes:
* Compliance: KYB practices help businesses comply with legal and regulatory requirements related to anti-money laundering (AML), counter-terrorist financing (CTF), and other financial crimes.
* Risk management: helps businesses identify, assess, and manage risks associated with their customers.
* Fraud prevention: helps businesses prevent fraud by verifying the identity and legitimacy of their customers.
### What signals does Sardine leverage for Business Verification?
Sardine offers a comprehensive verification product that leverages government data, web presence, address information, and government sanctions lists to provide a complete perspective on an application.
Our business verification data includes:
* Secretary of State Searches
* EIN/TIN verifications
* Sanction Watchlists
* Address Analysis
### How can merchants leverage the business verification capability?
#### Business Verification via our Dashboard
Business verification can be performed via our dashboard through the business intelligence section.
To create a new verification, click New Verification and fill out the necessary fields for the specific report types.
In the future, we will support multiple report types to be created, including UBOs. We will also support the ability to run different report types on existing business entities (pre-fill).
#### Business Verification via our APIs
Business verification can be done through the Middesk or Sardine dashboard as well as via the async /businesses API.
Business verification updates require listening to async webhook events.
#### Configuring Rules to streamline Business Verification
Rules can be created around business entities through the rule engine.
### Why did Sardine decide to partner with Middesk for US Business Verification?
Middesk is the leading provider for US business verification services, given their unique partnership with the Secretary of State (SOS) in all US states, allowing them to reliably perform EIN/TIN (business TaxID number) verification. Middesk offers business entity verification services, including basic sanctions screening.
### Middesk offers basic sanction screening of US entities for the following lists:
**Office of Foreign Assets Control (OFAC)**
* Specially Designated Nationals
* Foreign Sanctions Evaders
* Palestinian Legislative Council
* Sectoral Sanctions Identifications
* Capta List
* Non-SDN Menu-Based Sanctions
* Non-SDN Iranian Sanctions
* Non-SDN Chinese Military-Industrial Complex Companies List
**Bureau of Industry and Security**
* Denied Persons List
* Entity List
* Unverified List
* Military End User
**Directorate of Defence Trade Controls**
* AECA/ITAR Debarred
**Bureau of International Security and Non-Proliferation**
* Nonproliferation Sanctions
### Key benefits of Sardine & Middesk integration
Businesses turn to Middesk to help them verify businesses for Know-Your-Business (KYB) requirements. Middesk offers a dashboard and API for businesses to manage the business verification and screening requests lifecycle.
* **Bidirectional Dashboard & API Sync** - Middesk makes business verification easy for small and large businesses through simple web dashboards and developer-oriented API experience. Through our partnership, Sardine and Middesk have worked together on a seamless integration and user experience.
* **SOS/TIN Verification** - Leading vendor with access to the secretary of state databases for reliable business verification.
* **Sanctions Screening** - Integrated sanctions screening and rule (“policy”) engine for OFAC and other relevant lists.
### What type of business verification and screening reports does Sardine support?
* **TIN Verification `live`:** Leverage a more lightweight verification report focused only on TIN verification. This type of screening is ideal for customers looking to perform KYB in bulk or not needing the full Identity Report which includes Secretary of State verification.
* **UBO Screening `live`:** Leverage a unique capability of Sardine, combining business verification (KYB) with customer verification (KYC/AML). Initially, Sardine will support accepting relevant information to verify a business as well as the information necessary to assess the compliance risk of related entities (eg. Sanctions). This capability is unique to Sardine and combined with our rules engine and network, allows for very unique alerting, investigation and reporting workflows.
* **Lien-search `future`:** Lien Search is for lenders who need fast, accurate, quality liens data for smart decision-making on customers. Lien Search provides direct connections to government portals. The lien search product returns details from the UCC1 data for liens on an associate registered entity, including: the debtor, secured party, filing date, lapse date, file number, and status.
* **Corporate Documents `future`:** Leverage state-level repositories to source and provide formation documents for businesses. We can return Articles of Incorporation (for corporations), Articles of Organization (for LLCs), and Certificates of Good Standing \$5.00 per business where documents are ordered (additional to Identity Report)
***
# Issued Card Fraud
Credit and debit card fraud, in which a malicious actor utilizes compromised card credentials to make unauthorized purchases is one of the most common forms of online fraud and causes billions of dollars in damage every year.
The losses associated with this type of fraud, however, are not usually passed down to the consumer, as major card networks facilitate the reversal of unauthorized transactions if the consumer disputes it with their issuer - these are usually called “chargebacks”.
Since credit card issuers absorb much of the liability associated with cards, they have a vested interest in implementing the tools and technologies to monitor the vast quantities of card transactions processed each day, and filter the ones that seem suspicious and pose an eventual reversal risk.
Preventing card transaction fraud as an issuer is usually done through a combination of machine learning models that are trained on hundreds of signals related to the transaction (e.g. whether the card is being used physically or online, location and amount of the charge, the historical fraud frequency associated with the merchant in question etc.) and static rulesets that are tweaked to catch baseline fraud patterns (e.g. the card is used to purchase high value goods that are being shipped to a location that is far away from the usually shipping address used for that consumer).
## How can Sardine help?
Sardine has developed an ‘issuing risk’-specific machine learning model that is trained on historical card transaction & fraud data to assess the riskiness of a given card purchase, either online or offline.
This model can be combined with Sardine’s proprietary, no-code rules engine to pick up on granular and complex patterns and tuned overtime to increase its detection accuracy to provide an optimal trade-off between stopping bad transactions while allowing good transactions to go through.
## Next Steps
[Contact us](https://www.sardine.ai/contact) to schedule a demo and get access to our Integration Guides and API docs.
# ACH Indemnification
Sardine can guarantee you against **fraud liabilities** on ACH debits. We can indemnify for only unauthorized returns (R05, R07, R10, R11 & R29).
## Overview
Existing bank verification products (Plaid, MX, Yodlee, Finicity, etc.) only verify authenticity of the bank credentials but do not detect if the person connecting the bank credentials is the true owner of the bank account. Sardine figures this out by building a full 360 profile of a customer by connecting their bank account to all other forms of identity (email, social media, phone number) and further by utilizing our cutting edge Device Intelligence to detect if someone is using a suspicious device (mobile device farm, emulator, virtual machine, proxy).
#### Indemnification Prerequisite
ACH fraud idemnification is an add-on to ACH funding risk and we usually require about 3 months worth of ACH transaction data before it can be considered and offered. Please speak to your Account Manager to discuss enabling this product.
## Next Steps
[Contact us](https://www.sardine.ai/contact) to schedule a demo and get access to our Integration Guides and API docs.
# Card Chargeback Guarantee
## Overview
Sardine can guarantee merchants against fraud liabilities on card transactions.
The losses associated with card fraud, are not usually passed down to the consumer, as major card networks facilitate the reversal of unauthorized transactions if the consumer disputes it with their issuer - these are usually called “chargebacks”.
Since merchants absorb much of the liability associated with cards, they have a vested interest in implementing the tools and technologies to monitor the vast quantities of card transactions processed each day, and filter the ones that seem suspicious and pose an eventual reversal risk.
Sardine has developed proprietary card transaction fraud-specific machine learning models that assess he riskiness of a given card purchase, either online or offline.
This model can be combined with Sardine’s no-code rules engine to pick up on granular and complex patterns and tuned overtime to increase its detection accuracy to provide an optimal trade-off between stopping bad transactions while allowing good transactions to go through.
Sardine can offer liability protection against fraudulent card charges to merchants and help merchants smooth out the variability in cost associated with card chargebacks.
## Next Steps
[Contact us](https://www.sardine.ai/contact) to schedule a demo and get access to our Integration Guides and API docs.
# Payment Fraud
Payment Fraud refers to the risk of reversal of a payment that is used to fund an online account. If provisional funds in the account are used to purchase digital assets or withdrawn by the time the reversal happens, the merchant often has to cover the resulting loss.
In the fintech and crypto context, funding risk usually entails use of stolen credit card or bank account credentials - or bank accounts with insufficient funds - to deposit funds into an online account and subsqequent withdrawal of those funds to another account or wallet under the fraudster's control.
Funding transactions of this nature eventually may be either disputed by the victim or reversed automatically by the originating finanical institution, which results in a reversal of funds from the merchant back to the originating account.
These are called "chargebacks" in the world of credit and debit cards, "returns" in the ACH network (Automated Clearing House, the primary network that facilitates bank to bank transfers in the United States) or simply "disputes" in other contexts. The end result is the same to the merchant: financial loss of the original principal amount of the funding, plus, in most cases, extra penalties assessed.
Left unchecked, losses associated with funding risk can quickly balloon out of control and hurt the profitability of the business. Furthermore, most payment networks (Visa, Mastercard, ACH etc.) have upper limits on reversal rates a business is allowed to have in a certain period, and the business may lose its right to process payments through that network, effectively shutting it from being able to collect revenue.
While managing Funding Risk, it is paramount for online businesses to strike a balance between blocking as many potentially bad transactions as possible and allowing the good transactions to go through. Therefore, any risk solution tackling this problem should allow for granular adjustment of the filtering parameters to match the particular business needs and the risk appetite of the merchant.
## Types of Payment Fraud
### Card Fraud
Card funding refers to use of a credit or debit card to make an online purchase or load money into an online wallet.
The risk associated with online card payments is the risk of a chargeback, which refers to the eventual reversal of the funding payment. At a high level, chargebacks can be categorized into main to groups:
* Friendly fraud chargebacks occur when a customer authorizes the funding of an account or an online, and then disputes the payment and files for a chargeback, essentially forcing an unwarranted refund. This is also known as first-party card fraud.
* True fraud chargebacks occur when card information has been stolen and the fraudster funds an account or makes a purchase using the stolen card information. The account holder then files for a fraud chargeback indicating that they did not authorize the funding or purchase event. This is also known as third-party fraud.
### Bank Fraud
Bank Funding refers to the use of an interbank transfer to make an online purchase or load money into an online wallet.
Bank accounts can be subject to unauthorized use. For example, if a fraudster gains access to stolen online banking credentials, they may attempt to move funds out of the account onto a platform account to be redistributed.
### ACH Fraud
Automated Clearing House ("ACH") is the most commonly used interbank funds transfer network in the United States. ACH Funding risks can generally be defined in two categories:
##### Non-Sufficient Funds (NSF):
When a bank account does not have a sufficient balance to cover an incoming funding request, this results in an Non-Sufficient Funds ("NSF") retrun, with a return code "R01".
The reason this occurs is that ACH transfers do not settle immediately. It takes around 2 business days for the initial funding request from the merchant to be recevied by the bank of the account holder. If the bank account does not have enough funds at that time, this will result in an NSF return.
Since the ACH network does not provide a real-time answer to whether there are enough funds in the account to cover the requested transfer amount at the time of initiation by the consumer, some 3rd party "open banking" solutions have stepped up to fill this void that provide a balance check.
However, since funds could be moved from the account in the 2 day period until the request is received, there is a risk that the account may still lack sufficient balance. This means that merchants who perform a balance check at the time of transaction can still run the risk of experiencing NSFs at the time of settlement.
##### Unauthorized Returns:
When an ACH transfer is initiated without the explicit authorization of the account holder, who then reports it to their bank, this results in an unauthorized ACH return. There are a few ACH return codes (R05, R07, R10, R11 and R29) that signify this activity, with the most common one being "R10". The most common way this happens is when the account details have been stolen by a fraudster.
## How can Sardine help?
Sardine has developed sophisticated machine learning models that digest data from end user’s devices and behavioral patterns on the merchant’s platform and combine it with the consortium data related to the bank accounts or card used in a particular transaction. These assessments are further passed through our proprietary no-code rule editor which can be configured to catch highly complex patterns in a granular manner.
To asses the reversal risk of a card, bank or ACH funding event, we leverage dozens of third-party data providers and partners to verify, for example, if the bank account is valid; if the ownership data matches the name provided by the user attempting to make the transfer or if the bank account will likely to have sufficient balance at the time of future settlement. These signals are used in conjuction with device and biometric signals to provide a highly accurate assesment of reversal risk.
Sardine also provides a highly hands-on support team to our clients with the full backing of our highly experienced data science team, who help with tuning the detection models to the particular fraud risk profile of the client.
## Next Steps
[Contact us](https://www.sardine.ai/contact) to schedule a demo and get access to our Integration Guides and API docs.
# Transaction Monitoring
In most jurisdictions around the world, fintech and crypto businesses are subject to strict anti-money laundering (“AML”) and sanctions monitoring and reporting regulations to battle battle shared threats such as terrorism financing, arms trading, human trafficking and corruption. The goal is to prevent online platforms from being used during the commission of a financial crime - particularly to make it look like that proceeds from a crime upstream are legitimate or from being used by sanctioned entities.
Sardine enables you to perform both an initial screening and an ongoing daily OFAC Sanctions, PEP, and Adverse Media screening, ensuring screening on both existing and new customers.
In order to catch such movements of funds and report to the authorities, businesses are often required to implement an automated and scalable transaction monitoring system.
Transaction monitoring includes creating behavioral profiles of customers based on their historical transaction (i.e. deposits, inter-account or peer-to-peer transfers, withdrawals) history and interactions with an online platform, and comparing that profile to known money laundering typologies (e.g. placement, layering, integration). This usually also includes an assessment of whether a certain transaction was anomalous with respect to the historical behavioral baseline of the customer, customer cohort or an online business. For example, if a customer, whose historical average transaction amount is $100 per week, suddenly starts depositing $10,000 per week, this can be flagged as a potentially suspicious case.
Any business at risk of helping money laundering must ensure it meets the legal requirements imposed by authorities. When it comes to the thresholds at which transactions must be monitored, they are set by various national regulators.
**How can Sardine help?**
Sardine can digest transaction data from our clients’ platforms through its flexible APIs, extract statistical insights and run them through our proprietary no-code rule editor to pick up anomalous behavior of almost arbitrary complexity. Through our partnership with 3rd party consortiums, we also offer a Sanctions screening built directly into our platform.
## Next Steps
[Contact us](https://www.sardine.ai/contact) to schedule a demo and get access to our Integration Guides and API docs.
# How Sardine Bills
This guide explains Sardine's billing process and how Sardine bills for different products and services
## Invoicing timing and procedures
In most cases, Sardine generates invoices and billing receipts on the first business day after the close of a calendar month.
We email invoices to the billing contact provided in the original contact. If you do not receive an invoice, please contact us at [billing@sardine.ai](mailto:billing@sardine.ai) to confirm we have the correct email address.
## Product specific billing
Monthly recurring charges are those that are billed to your account at regular monthly intervals and predetermined amounts. Sardine bills monthly recurring charges for the following products, some of which may not apply to your plan with Sardine:
* Platform fees (dashboard, rule editor, case management, and AI-fraud scoring)
* Premium support
* Monthly prepaid credit plans
* 3rd party dashboard fees, such as Coinbase Tracer
Usage charges are those that are billed based not only on the number of API calls made, but also takes into account the data posted in your API calls. The following table indicates the default methods for how Sardine determines whether to consider a call for billing.
**Keep in mind, this may not reflect custom structures that are set up in agreements.**
| Use Case | API Calls | How we charge |
| ---------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- |
| **Fraud** | | |
| Device Intelligence & Behavior Biometrics | [/customers](/guides/api-reference/customer/evaluate-customer-sessiontransaction-risk) API (recommended) and [/devices](/guides/api-reference/device/get-device-information) API | Per API or per Monthly Active User. |
| Identity fraud (US & non-US):
1. Email enrichment and AI score.
2. Phone enrichment and AI score
3.Address verification | [/customers](/guides/api-reference/customer/evaluate-customer-sessiontransaction-risk) API, when emailAddress, phone, or address is provided | Per unique email, phone, or address for a customer id. |
| Bank funding fraud | [/customers](/guides/api-reference/customer/evaluate-customer-sessiontransaction-risk) API, when transaction object has bank\_accountNumber and bank\_routingNumber | Per transaction and/or per bank account. |
| Card fraud | [/customers](/guides/api-reference/customer/evaluate-customer-sessiontransaction-risk) API when transaction object has payment method type = card | Per transaction and/or per card hash |
| Stolen/Unauthorized card use detection (for card issuers) | [/issuing/risks](/guides/api-reference/issuing-risk/realtime-risk-check-for-creditdebit-card-authorization-requests-for-card-issuers) API | Per card authorization attempt. |
| **Compliance** | | |
| Sanctions (SDN, OFAC), PEP & Adverse Media , Screening & Monitoring | [/customers](/guides/api-reference/customer/evaluate-customer-sessiontransaction-risk) API when the checkpoint includes ‘AML’ and relevant customer data points (first name, last name, country, and dob *optional*) are provided. The Sanctions feature must also be enabled by Sardine. | Per unique dataset of first name, last name, country, and dob. |
| SSN Verification with Synthetic ID Detection | [/customers](/guides/api-reference/customer/evaluate-customer-sessiontransaction-risk) API when taxid is provided | Per unique tax id for a given customer id |
| Documentary KYC with Selfie-Liveness Detection | [ /identity-documents](/guides/api-reference/document-verification/document-verification-using-web-link) API
SDK: [/identity-documents/tokens](/guides/api-reference/document-verification/document-verification-token-to-be-used-in-native-sdks) | Per verification attempt (Billing is based on API success, not whether approve or decline is returned). |
| AML Transaction Monitoring for fiat | [/customers](/guides/api-reference/customer/evaluate-customer-sessiontransaction-risk) API when checkpoint includes ‘AML’ and a transaction object is present with a payment method type other than crypto. | Per transaction |
| AML Transaction Monitoring for crypto, incl. Coinbase Analytics | [/customers](/guides/api-reference/customer/evaluate-customer-sessiontransaction-risk) API when checkpoint includes ‘AML’ and a transaction object is present with payment method type is crypto or recipient payment method type is crypto. | Per transaction |
# Get Full Documentation Access
We provide a combination of both public and protected documentation. You are currently viewing our public page.
Our protected documentation includes:
* step-by-step integration guides
* API references
* SDKs
* sample apps
To access protected documentation, click "login" on right top of the page.
If you don't have login to Sardine Dashboard already, please reach out to your Sardine Sales Representative, Account Manager or contact us at [risksupport@sardine.ai](mailto:risksupport@sardine.ai) to receive an invitation.
# Common Risk Problems
Risk includes both fraud and compliance, and if each area is not monitored, it can be a major risk to your bottom line. Here are some common areas of risk that you should be protected against
**Identity Fraud, KYC & AML**
Identity fraud broadly refers to behavior in which a malicious actor hides their true identity by utilizing someone else’s identity, usually to obtain a financial gain or circumvent money laundering monitoring precautions. Our solution provides low-friction onboarding and anomaly detection during subsequent account access.
We also provide KYC, KYB and AML screening, both once-off and ongoing screening to alert you when your business is exposed to sanctioned, politically exposed, or persons with adverse media.
**Learn more about:**
[Identity Fraud, KYC & AML](../Risk/accountRisk/accountRisk)
**Payments**
Stolen cards and compromised bank accounts are commonly used to fund platform accounts. This product is designed to mitigate chargebacks, unauthorized returns, NSF, card disputes for issued cards, and detect monitor transactions for AML alerts.
**Learn more about:**
[Payment Fraud](../Risk/fundingRisk/fundingRisk)
[Issued Card Risk](../Risk/cardSpendingRisk/cardSpending)
[AML Transaction Monitoring](../Risk/transactionMonitoring/transactionMonitoring)
[ACH Indemnification](../Risk/fundingRisk/ACHIndemnification)
[Card Chargeback Guarantee](../Risk/fundingRisk/CardIndemnification)
**Login**
Data breaches, phishing sites and social engineering are all leading causes of Account Takeover. This product is specifically designed to effectively detect unauthorized account access, keeping your customers' data and assets safe.
**Learn more about:**
[Account Takeover](../Risk/accountRisk/accountTakeover)
# Getting Started With Risk
## Learn about Common Risk Problems
To familiarize yourself with the different types of risk your business can be exposed to and how Sardine solves in each of these areas, review the [Common Risk Problems](../gettingStarted/commonRiskProblems.md).
## Review The Integration Process
We've made the integration process efficient and light-weight. Review the [Integration Overview](/guides/public/gettingStarted/integrationOverview) to see each step of the process, and who is involved.
## Get a Sandbox Account
To get started with Sardine, request access to your sandbox dashboard account.
**Note**: Reach out to your Sardine representative to facilitate your access or [contact us](https://www.sardine.ai/contact) to schedule a demo and get access to our sandbox, Integration Guides and API docs.
## Add Dashboard Users
Once you have been issued a sandbox account, you will be able to manage user access from the dashboard. We provide different roles with varying levels of dashboard access and functionality. These roles are outlined on the Admin page mentioned in the steps below.
Perform the following steps to manage user access:
1. Log into your [Sardine sandbox dashboard](https://dashboard.sandbox.sardine.ai/).
2. Go to **Admin** and select **View Invitations**.
3. Select **Generate Email Invite** and follow the instructions.
## Next Steps
[Contact us](https://www.sardine.ai/contact) to schedule a demo, and get access to our sandbox, Integration Guides and API docs.
# Integration Overview
***
### Next Steps
* [Getting Started With Risk](/guides/public/gettingStarted/gettingStarted)
* [Learn about Common Risk Problems](/guides/public/gettingStarted/commonRiskProblems)
# What Powers Sardine
Learn more about the technology and data we use to provide state-of-the-art fraud and compliance risk prevention.
## Device Intelligence & Behavior Biometrics Risk SDK
Our proprietary Risk SDK identifies risky devices and intrinsic behavior. Based on the data gathered, we can effectively flag suspicious devices and sessions used to create synthetic accounts, take over accounts, and fund accounts with stolen payment instruments. Our Risk SDK is available for both web and native apps.
## Machine Learning
Sardine uses a consortium approach to building supervised ML models around payments and onboarding fraud. By training models on rich datasets across our network, the models 'see' a diverse group of fraud patterns, and this benefits merchants because if there is a *modus operandi* that targeted one company, the model will help prevent it the next time it comes around to your company.
On the unsupervised front, Sardine also employs a few methods for anomaly detection that helps our customers identify new fraud trends with high precision.
## Real-time, No-Code Rule Development
Sardine provides hundreds of out-of-the-box rules to protect your business from fraud and compliance risks from day 1. You will have access to hundreds of data points and features, including custom data points in our no-code Rule Editor. Rule are developed in real-time, therefore providing you the ability to stop fraudsters and fraud rings in their tracks. New rules and can be launched in shadow-mode, which allows you to assess their efficacy and performance before making the rule live.
## All-in-one Dashboard
Sardine provides you the capability to Visualize, investigate potential threats, and monitor known bad actors from one unified, fraud and compliance dashboard. Our customer-centric dashboard provides access to device and session data, ID verification results, checkpoints and rules, the Rule Editor, reporting, anamoly detection, block and allow list, queues for alert review and remediation, and full user management and access control. It is a one-stop-shop for your entire risk and compliance operation.
## Best-in-Class Data Providers
Sardine continues to A/B test data partners globally to ensure the highest quality of data and signals are used in our rules and machine-learning models. These processes have curated the best set of data partners who specialize in fraud and compliance and, when layered with our proprietary device intelligence and behavior biometrics, results in the best-in-class risk prevention for our customers.
### Next Steps
* [Getting Started With Risk](/guides/public/gettingStarted/gettingStarted)
* [Learn about Common Risk Problems](/guides/public/gettingStarted/commonRiskProblems)