What is Fraud Config?
Fraud Config is a self-service section in the Veryfi web portal where you can tune individual fraud signals for your account. Instead of waiting for Veryfi to adjust settings on your behalf, you can now enable or disable specific signals, set sensitivity thresholds, and control which document fields are monitored, all from one place.
You can find it at: Settings > Fraud Config
Fraud Config is visible to all users on your company account, including non-admins, regardless of whether fraud detection is enabled or disabled for your plan. Editing is restricted to Admin users only. |
Who can see and edit Fraud Config?
β CAN VIEW
| β CAN EDIT
|
If fraud detection is not yet enabled for your account, you will see a banner prompting you to contact [email protected]. You can still browse the config, you just cannot activate signals until fraud is enabled. |
How Fraud Scoring works
Each fraud signal produces its own probability score between 0 and 1. These individual scores feed into an overall fraud score, which is what drives the color indicator and type you see in the API response (meta.fraud.color, meta.fraud.score, meta.fraud.types).
Simple example: if the AI Generated signal scores 0.95, the overall fraud score becomes 0.95, the fraud color turns red, and the fraud type is set to Generated Document. If the LCD detection signal scores 0.62, the color turns yellow with type LCD Detected.
Color | Score Range | What it means |
π’ | < 0.50 | Green β low risk, no flags triggered |
π‘ | 0.50 β 0.75 | Yellow β moderate risk, review recommended |
π΄ | > 0.75 | Red β high risk, likely fraudulent |
The thresholds you configure in Fraud Config control how sensitive each signal is before it contributes to that overall score.
Higher thresholds mean a signal needs stronger evidence before it fires.
Lower thresholds make a signal more aggressive.
For more detail on the full JSON response structure, see the Veryfi Fraud Suite article.
Document types covered
Fraud Config shows a separate configuration panel for each of the four document types Veryfi processes:
Receipts & Invoices
Checks
Bank Statements
ADocs (read-only, see below)
ADocs are currently read-only. The fraud approach for any-document types is being reworked to operate per blueprint, so the current configuration structure does not apply. You can view the settings but cannot edit them. |
What Fraud Config actually controls
Fraud Config settings only affect the fraud score and color (meta.fraud.color, meta.fraud.score). They do not gate what gets returned in the JSON.
If a signal is available and enabled for your account, it will always be returned in meta.fraud.types and its related fields, regardless of the thresholds you set in Fraud Config. The thresholds control how much a signal contributes to the overall score and when it triggers a color change, not whether the signal data shows up in the response.
So, for example, if meta.handwritten field is enabled and detected, but your fraud config has Detected Handwritten characters off; you will still see handwritten_fields it populated in the JSON response even if the fraud color stays green.
Think of the Fraud Config as a validation layer that sits on top of your data. Each signal runs independently and returns its findings in the JSON no matter what. Fraud Config then acts as the aggregation logic on top of those signals - it defines how individual signal outputs get weighted and combined into a single fraud score and color.
So the signals are always doing their job and reporting back. Fraud Config just controls how you interpret and aggregate those results into one actionable verdict.
The three signal categories
Fraud Config organizes signals into three groups that mirror how the Fraud Suite evaluates documents.
Signal | π Vision Models | Permission |
AI Generated | Detects images or PDFs created by AI tools. Toggle on/off and adjust the threshold slider. Higher threshold = needs stronger confidence before flagging. Default=0.5, Strict=0.8-0.9 | Edit |
Handwriting | Identifies handwritten origin and alteration in key fields like total, subtotal, date, and line item amounts etc. Choose which fields are monitored using the enabled fields list. | Edit |
Digital Tampering | Detects software-based edits to document images (e.g. Photoshop alterations). Field-level control is available, same as handwriting. | Edit |
LCD | Flags documents that are photographs of a screen rather than an original physical document. | Edit |
Screenshots | Identifies digitally-created submissions, including mobile screenshots and screen captures. | Edit |
Not A Document | Catches submissions that are not a valid receipt or financial document at all e.g picture of a cat. | Edit |
Signal | π Data Models | Permission |
Similar Documents | Detects near-duplicate submissions based on text similarity. You can configure yellow threshold, red threshold, and how many days back to look. The By Device, Size, and Tag fields are visible but not editable. | Partial |
Duplicate Documents | Flags exact duplicate submissions based on Duplicate Detection (is_duplicate field output). Toggle on or off. | Edit |
Fraudulent PDF | Analyzes PDF creation software, text overlay patterns, and font inconsistencies. Configurable thresholds for text overlay and font mismatch detection. Allows to configure custom list of keywords for the file creator. | Edit |
Signal | π± Device Signals | Permission |
High Velocity | Flags abnormally high submission rates from a specific device over daily, biweekly, and monthly windows. | View only |
Critical Velocity | More aggressive version of high velocity, with elevated thresholds that trigger a red flag directly. | View only |
Profile History Check | Increases fraud score for devices with a history of fraudulent submissions. | View only |
Profile Fraud | Identifies multiple user profiles operating from a single device. | View only |
Add to Blocklist | Shows whether blocklist enforcement is active for your account. | View only |
Device Signals require Veryfi Lens SDK to function. They are intentionally not self-editable because they are complex to configure safely. If you are using these signals and need to adjust them, reach out to your account manager or [email protected]. |
Need to change read-only settings? Those require assistance from the Veryfi team. Contact [email protected] or your account manager. |
Important: Saving your changes
Each signal has its own Save button Changes you make to one signal will not be saved if you navigate away before clicking Save on that specific section. Make sure to save each signal after adjusting it before moving on to the next one. |
Some signals also have a Defaults button that resets the fields back to Veryfi's recommended configuration. This is useful if you want to undo custom changes and start fresh.
Good addition, it sets the right expectations. Here's the note to add alongside the previous one, or as a follow-up paragraph to it:
Fraud Config limited set of signals
Fraud Config only exposes the core fraud signals while Veryfi API returns a much broader set of data points you can use to assess document quality and legitimacy that never appear or will controll Fraud Config at all.
Things like:
meta.pages.blurry- image quality issuesNull or missing values on expected fields (date, vendor, total)
Out-of-policy purchases based on amount, category, or vendor or line items type
Line item level anomalies and calculation warnings
These are not fraud signals in the strict sense, but they are often just as useful for deciding whether to approve or flag a submission.
For all of this, you have two options:
Build it in Veryfi Business Rules - the rules engine lets you combine any JSON field with conditional logic and trigger actions or tags directly inside the platform. Here's a short video walkthrough to see how it works.
Handle it on your side - consume the raw JSON and apply your own business logic downstream. This gives you full control and works well if you already have a validation layer in your workflow.
The two approaches can also be combined. A common pattern is using Veryfi Business Rules for simple tagging and routing, then handling edge cases or complex policy checks in your own code. dedicated section?
Getting more help
If you have questions about a specific signal, need to adjust Device Signal thresholds, or want guidance on the best configuration for your use case, reach out to [email protected] or your account manager.
Related Articles