Getting Started with Embermind

Introduction

This document provides a clear, business-oriented explanation of all major entities that make up the antifraud backend system. Each entity description focuses on its purpose in the overall payment risk-management flow and how it supports transaction processing, routing, monitoring, and customer profiling.

Core Entities

Transaction

A Transaction represents a payment or withdrawal initiated by an end user. It is the central object of the system and contains all information required for fraud assessment: amount, currency, customer attributes, device details, card information, and IP data. The antifraud engine evaluates each transaction, computes risk scores, and determines how it should be processed or routed.

Gate

A Gate is a payment channel or processor integration (for example, a bank connection or PSP integration). Each gate has configuration parameters, supported currencies, and operational rules. Gates are the core components used for routing payments through different financial institutions.

Bank

A Bank represents a financial institution or payment provider behind one or more gates. It models the actual entity that processes funds and acts as the counterparty in payment operations.

Cascade

A Cascade defines the routing strategy for processing a transaction across multiple gates. It sets the order and conditions for fallback attempts, enabling high availability, performance optimization, and load balancing across payment channels.

Merchant

A Merchant is a business entity (client) using the system to process payments. Merchants may operate multiple projects, have their own accounts, and configure fraud-detection preferences. Each transaction belongs to a merchant and follows the merchant’s rules and scoring context.

Merchant Account

A Merchant Account is a specific payment account belonging to a merchant. Transactions are linked to these accounts for reconciliation, reporting, and settlement. Merchant accounts allow merchants to separate financial flows inside their business.

Customer

A Customer is the end user performing the payment. The system uses multiple attributes—such as email, phone number, card data, device fingerprint, and IP—to identify and group customers. This profiling allows the antifraud engine to detect behavioral patterns, recurring fraud attempts, and cross-merchant activity.

Fraud

A Fraud entry represents a manually confirmed fraudulent transaction. It is used to enhance internal risk rules, power machine-learning models, and track fraud trends over time. Operators may update or analyze fraud entries when performing investigations.

Chargeback

A Chargeback is a forced reversal initiated by a bank or cardholder. Chargebacks typically indicate fraud, disputes, or merchant issues. They are a crucial metric for risk scoring and merchant performance evaluation.

Refund

A Refund is a voluntary return of funds initiated by the merchant. Unlike chargebacks, refunds represent a controlled and legitimate return process and are treated differently in risk calculations.

Score Generator

A Score Generator is a risk-scoring rule. It assigns points to a transaction based on specific risk factors (e.g., IP country mismatch, repeated failures, suspicious email patterns). The final score determines whether a transaction is approved, blocked, or flagged for manual review.

Alert

An Alert is a configurable rule that triggers notifications or actions when certain conditions occur — such as sudden spikes in transaction volume or repeated failures. Alerts are used for real-time monitoring and early detection of anomalies.

Permission Group

A Permission Group is a role that aggregates permissions. It defines what actions a User is allowed to perform — such as "Admin", "Analyst", "Support", or "Read-Only". This provides flexible role-based access control within each Company.