FraudnodeFraudnode

Anti-Fraud Layer

Product-level architecture, use case mapping, and future-ready integration placeholders.

Checker Actions

My anomaly

Available after successful Run checker.

Runs anomaly analysis for the collected fingerprint.

Session is not initialized. Start from Checker with Run checker.

Architecture

Separate collection, orchestration and classification without contract drift

Fraudnode keeps Spider, Orca and Penguin independently scalable while preserving one canonical signal model across the public checker, shared evaluation access and dedicated production deployments.

Runtime Pipeline

From browser evidence to a client-owned decision

01

Client

Browser or application starts a protected session and sends the request through the selected contour.

02

Spider

Collects TCP, TLS, HTTP, JavaScript and enabled extended artifacts without exposing service secrets.

03

Orca

Orchestrates collection, parsing, enrichment, persistence, tenant controls, quotas and canonical payloads.

04

Penguin

Classifies bot, VPN, proxy and unusual traffic, returning confidence, reasons and structured evidence.

05

Client policy

Combines the risk result with account, behavioral and transaction context to make the final decision.

T0 · Fast Path

Make the first decision with the core fingerprint

TCPTLSHTTPJSGEO

T0 is the default request. It is designed for inline account, login and transaction paths where latency matters.

T1 · Extended Path

Escalate only when policy weight justifies it

T0 rebuiltDNSblacklistUDP / QUIChistory

T1 is optional and client-triggered. It adds extended evidence to the T0 context for gray-zone or high-value traffic.

Deployment Contours

One contract, different isolation and persistence models

Public product contour

Site Checker

RUN Checker collects and persists the session. Penguin runs only after the explicit My Anomaly action.

SpiderOrca DBoptional Penguinfull persist

Shared free contour

Demo / Trial

Many tenant-isolated API keys share Spider, Penguin and DB. Orca enforces quotas, expiry and key ownership.

API keystenant isolationT0 + optional T1full persist

Dedicated customer contour

Production B2B

One isolated Spider + Penguin contour per client with persistence chosen for confidentiality and throughput.

dedicatedshort DBclient DBno persist

Production Persistence

with_db_short

Compact Orca record

Keep a minimal runtime and audit record while parsing the live request in memory.

with_db_client

Customer-managed storage

Write through to a customer DB or API path for stronger confidentiality control.

without_db

Maximum throughput

Run parsing and orchestration fully in memory without Orca parser persistence.

Integration

Choose the contour around your traffic and data policy

Start in the shared trial contour, then move to dedicated production isolation and the persistence profile that fits your requirements.

View trialDiscuss architecture