Login
VAAS · Pix & Transactional

Decision before the money leaves.

Every Pix, every purchase, every login runs through a sub-second risk engine. Allow, step-up, or block with native Brazilian signals, before the transaction settles.

The problem

In real time, static rules lose.

Three Pix and transactional tensions that fixed rules and nightly batch do not solve.

Latency

The decision must fit inside the Pix window.

Settlement in seconds does not wait for manual review or a queue. Either the engine decides sub-second within the flow, or the money is gone by the time the alert fires.

<400ms
p50 per event, the time budget the decision has to avoid blocking the experience
Local signal

Pix fraud uses signals a generic engine cannot read.

New account, beneficiary in a money mule network, local velocity, and DICT mismatch are Brazilian signals. An imported engine without this data decides blind on the fastest-growing fraud here.

DICT
ownership, key, and link that must feed the decision, not just the amount
Friction

Blind blocking costs good customers and false positives.

Blocking every suspicious Pix locks out legitimate customers and floods the team with false alarms. Without step-up calibrated by risk and ticket, the defense becomes friction and conversion drops alongside fraud.

1 rule
for everything is the mistake: step-up must vary by risk, channel, and amount
What we cross-check

Everything in a single call.

Public and private sources queried in parallel, normalized and weighted by the use-case matrix.

DICTNew accountBeneficiary in networkLocal velocityPix behaviorTransactional score
Regulations covered
Res. BCB 1 (Pix)Res. CMN 4.557Circ. BCB 3.978PCI-DSS (card)LGPD
Anatomy of a decision

380 milliseconds. One block.

The engine reads the beneficiary, the network, the velocity, and the DICT in parallel, scores the risk, and returns the decision before the Pix order settles.

DECISION · TX-2026-12780 · Jun 09 14:22
Outbound Pix · R$ 4.900 · personal account
block · 380ms
Event
TypeOutbound Pix
AmountR$ 4.900
Beneficiary · account3 days
Decision time380 ms
Cross signals
!Beneficiary · new account
!Velocity · 4x in 1h
!Beneficiary in money mule network
!DICT · ownership mismatch
!Device · repeat offender
Customer Pix behavior
Geolocation
History with beneficiary
Score · transactional risk
Pix fraud score0.91 · high
Mule risk (beneficiary)9 nodes in network
Behavior deviationHigh
Global score0.91/1.00 · red
AI-generated summary

Recommendation: Block. Beneficiary with a 3-day-old account, linked to a 9-node money mule network, velocity 4x above normal, and ownership mismatch in DICT. Fraud score 0.91. Decision returned in 380 ms, before settlement.

1
Native Brazilian signals

DICT, new account, beneficiary in network, and local velocity feed the decision. The engine reads the signals that define Pix fraud, not just the transaction amount.

2
Sub-second within the flow

The decision returns in hundreds of milliseconds, within the settlement window. The legitimate customer feels no latency and the fraudster never settles.

3
Calibrated step-up, not blind blocking

2FA, biometrics, manual review, or block are chosen by risk and ticket. Defense varies with the case, so friction and false positives drop together.

Regulatory

The real-time standard regulators already require.

Transactional risk management and Pix security are ongoing regulatory requirements. Four instruments underpin real-time decisioning.

Res. 1
BCB Res. · 2020 · Pix

Pix arrangement regulation

Defines security rules and risk management for the arrangement, including fraud prevention mechanisms and handling of suspicious operations in the flow.

4.557
CMN Res. · 2017

Risk management framework

Requires ongoing operational and fraud risk management proportional to complexity. Transactional decisioning is part of the required control.

3.978
BCB Circ. · 2020

AML/CFT and transaction monitoring

Atypical operations must be monitored and addressed. The transactional score feeds detection and suspicious activity reporting.

PCI-DSS
Standard · card

Cardholder data security

For card transactional, sensitive data handling follows the standard, with risk decisioning running without exposing PAN.

Rollout

From kickoff to go-live in 4 weeks.

The architecture is multi-tenant. What changes are the connected signals, score thresholds, and each client's step-up policy per channel.

01
Week 1

Discovery & scope

Mapping channels (Pix, card, login), available signals, and latency budget per event.

02
Week 2

Calibration

Tuning score thresholds, step-up policy by channel and ticket, and blocking rules. Validation on historical data.

03
Week 3

Shadow mode

Engine decision running in parallel to live traffic, without blocking. Comparison with the current stack and fine-tuning.

04
Week 4

Go-live

Real-time decisioning in the flow. Calibrated step-up active. Rules sandbox open to the fraud prevention team.

Ready?

Decide in seconds.
Start with a meeting.

In 15 minutes we show how VAAS works in your scenario, with your rules, your data, your volume.

Explore the platform