Real-time payment decisioning

Decide every payment
before it lands.

VeritasIQ sits inline between your platform and the rail — scoring every transaction against deterministic rules and a live transaction graph, then returning a verdict within a sub-150 ms decision budget.

Book a demoExplore the platform
Sub-150ms p99Rules + graph + ML11 rails, one schemaMulti-tenant by design

Supported rails & standards

UPIIMPSNEFTRTGSCardsISO 8583SWIFT MTSWIFT MXSEPAFedNowACHISO 20022UPIIMPSNEFTRTGSCardsISO 8583SWIFT MTSWIFT MXSEPAFedNowACHISO 20022
The platform

Everything in the decision path.

Six engines run on every transaction — each built for the hot path and capped to a slice of the latency budget. One round trip, one signed verdict.

E1

Real-time decisioning

A verdict on every transaction before it settles — allow, challenge, block, or alert — returned within a hard p99 budget.

<150mslive on the rail
p99 decision budget · p50 under 30ms
Latency budget124 / 150 ms
Enrichment 30msRules 22msML score 31msGraph 34msDecision 9ms
E2

Adaptive ML scoring

Per-tenant models that learn online, alongside the rules — not instead of them.

0.94
Adaptive risk modelper-tenant online learningblended with rule scores
E3

Graph & mule detection

A live transaction graph surfaces mule rings as clusters, not isolated flags.

Transaction graph
mule ring · 5 accountscluster 0.912 hops out
E4

Rules you can author

Velocity, amount, KYC, geo, blocklist — shipped per tenant from Rule Studio, no deploy.

Active rules
velocity60s window
amount> ₹5,00,000
geo-anomalynew country
E5

Sanctions & KYC screening

Every party screened against sanctions, PEP, and KYC status — inline, before the verdict.

Screening
sanctions · OFACclear
pep · screenclear
kyc · tierreview
E6

Explainable & audited

Every verdict carries its full reason path — hashed into an append-only, Merkle-anchored log that makes tampering mathematically detectable.

typology · high-risk
score 0.91
rule · mule-network
matched
sha256 anchor
7ce4cc6…0416

One round trip, one verdict. All six engines resolve into a single signed decision — returned to the rail in well under 150 milliseconds.

ALLOW·0.97
The path

Six stages. One round trip.

A transaction enters the gateway and leaves with a verdict. Everything in between happens before the money moves.

01

Gateway

~18ms

mTLS · auth · tenant resolution · idempotency · rate limit

02

Preflight

<1ms

Bloom / Count-Min short-circuit · kills 60–80% of decisions

03

Enrichment

~30ms

Device · geo · KYC level · sanctions / PEP · FRI lookup

04

Rule pool

~34ms

Velocity · amount · geo · graph · ML — fanned out in parallel

05

Decision

~9ms

Weighted verdict · EFRuP overrides · threshold evaluation

06

Audit

async

Append-only · Merkle-anchored · regulator report auto-filed

<150ms
p99 decision budget
10K+ TPS
sustained per region
11 rails
UPI to SWIFT, one schema
99.95%
data-plane uptime target
Compliance

Regulator workflows, built in.

Reporting is a first-class feature, not paperwork. India-first, with the architecture ready for five regions from day one.

IN · LIVE

India

RBI Master Directions on Fraud Risk Management · DPDP 2023

RBI EWSCPFIRFIU-INDRed Flagging of Accounts7-day RFA reporting180-day classificationDPDP residencyDoT FRI lookup
GLOBAL

Five regions, one stack

Same images, same charts — only the regulator kit varies

US

FinCEN SAROFACNYDFS 504

EU

AMLD6goAMLGDPR

UK · SG · UAE

FCA SYSCMAS 626CBUAESTRO

Cross-cutting

SOC 2 IIISO 27001PCI DSS
Tenant isolation

A cross-tenant leak
is never an option.

Every record, cache key, message subject and log line carries a tenant_id the platform enforces at the infrastructure level — never left to application code.

Atenant · a1f2sealed
PostgreSQL · RLSscoped
Valkey cacheprefixed
NATS subjectpartitioned
Audit logtagged
DEK tenant:a1f2:dek · KMS-wrapped
Btenant · c9d3sealed
PostgreSQL · RLSscoped
Valkey cacheprefixed
NATS subjectpartitioned
Audit logtagged
DEK tenant:c9d3:dek · KMS-wrapped
Ctenant · e4b7BYOK
PostgreSQL · RLSscoped
Valkey cacheprefixed
NATS subjectpartitioned
Audit logtagged
DEK customer-managed · own KMS
tenant B requests read tenant:a1f2DENIED at row-level security

Envelope-encrypted PII

Each tenant's DEK is wrapped by a KEK in KMS. A full DB dump without KMS access is just ciphertext.

Enforced at the engine

PostgreSQL row-level security blocks cross-tenant reads below the application — not inside it.

Isolation fuzz tests in CI

Probes try every API, cache key and subject for a leak. Any success fails the build.

Questions

Answers, up front.

The things every risk, platform, and compliance team asks in the first call.

A verdict returns in well under 150ms at p99, with a p50 under 30ms. Hard per-processor budgets are enforced in CI — if any engine blows its slice, the decisioner falls back to its last partial result with a confidence penalty rather than holding the response.
UPI, IMPS, NEFT, RTGS, cards, ISO 8583, SWIFT MT & MX, SEPA, FedNow and ACH — each normalized by a per-rail adapter into one canonical internal event schema, so your rules and models never care about the wire format.
Every verdict ships with its full reason path — which typologies fired, which rules matched, and the contributing scores. It's hashed into an append-only log with periodic Merkle roots anchored to object storage, so tampering is mathematically detectable.
Every record, cache key, message subject and log line carries a tenant_id enforced at the infrastructure level. PostgreSQL row-level security blocks cross-tenant reads at the engine, and per-tenant DEKs mean a database compromise yields only ciphertext. Isolation fuzz tests gate every build.
Yes. Rule Studio lets your analysts author rules in a sandboxed CEL DSL, test them against historical transactions in a playground, A/B them, and ship per tenant with no deploy. Each rule tracks its own hit rate, false-positive rate and latency.
Every service ships as a signed Docker image and runs on Kubernetes — EKS, GKE, AKS, or your own cluster. Infrastructure components are all OSS and portable, so there's no managed-service lock-in. Data stays in the region the tenant selects at onboarding.

Watch it decide a payment,
live.

Open the console and push a transaction through the full pipeline — verdict, score, and reason path, end to end.

Book a demoRead the docs