Clients on the Alloy SDK can use the new IDnow SDK Plugin for document verification and liveness check. IDnow’s Identity Proofing Service (IPS) verifies a customer’s identity based on the live capture of an Identity Document and the customer’s face. IPS is a global service that returns a verdict (success, failure), an analysis of the verdict, data about the individual being verified & submitted documents, as well as a PDF report containing the result of the identity verification.

This system is composed of two elements:

• A REST API for the creation, deletion, and retrieval of the Identity Proofing context and results.
• A WEB SDK that will capture the document and the face of the customer.

Use cases:

• Document verification to validate more than 3,000 identity documents from 195 countries.
• Biometric verification to confirm the existence of an identity and that the person is physically present during the verification process.

Clients now have the ability to link separate transactions using a unique identifier. Common examples of disparate but related transactions that clients may want to link include chargebacks, refunds, and disputes.

This can be used by any client utilizing Alloy for transaction monitoring via the Events API.

With this dedicated field in the Alloy platform, we will be able to build more functionality on top of this unique identifier related to alerts and decisioning capabilities.

To set up transaction linking, please reference our API documentation.

US clients using the AI-powered Fraud Attack Radar (FAR) can now benefit from more improvements to the FAR dashboard and will better allow them to autonomously and quickly triage following a suspected fraud attack. Clients will now be able to:

• View a summary of all attacks for the filtered time period
• View the top 4 indicators for an attack in the collapsible drown down
• Mark the status of an attack using the following options: Under Review, Confirmed Attack, Not Fraud Attack

To set up Fraud Attack Radar, navigate to the Workflows page and click the ellipses menu for your chosen workflow. Select ‘Fraud Attack Radar’ to open up the set up configuration. Please note: the model requires a minimum of 2 months of historical data to accurately work and will take roughly 2 weeks to train. The model can only be configured for person-type workflows and may not yield the best results for low volume use cases.

When a webhook fails to deliver 100 times (inclusive of retry attempts), with no successful deliveries within those attempts, Alloy will automatically disable that webhook endpoint for your account. 

This will typically happen when (1) a temporary delivery service like http://webhook.site is being used for testing, (2) platform or server configuration updates are not carried over to Alloy webhook settings, or (3) Alloy is not kept up to date with API key rotations.

Agent users in the default Admin role are notified via email of a webhook auto-disablement. (The default Admin role includes a new permission to receive updates when webhooks fail.)

With this feature: 

- Clients will receive an email to inform them that webhooks have been disabled.

- Clients will see which webhooks were automatically disabled in Webhook Settings. From there, clients can review settings and re-enable webhooks.

PATCH Application Enhancement

AFEF clients can now update completed or in-flight Applications with the parent slug, giving users the ability to update parent associations at any stage in the applications process via the Applications Endpoint.  Parent auditor accounts are only able to view records assigned to them. To set this up, please reach out to your Alloy representative with any questions.

AFEF Entity Endpoint Enhancement

AFEF clients can confirm their parent mappings via the entity endpoint.  This enhancement gives clients the ability to ensure their mappings are correct in a quick and scalable way. Users can call the entity endpoint and retrieve the parent mapping in the header. To set this up, please reach out to your Alloy representative with any questions.

We have made a few changes recently to our Workflow Editor user interface to help with readability and navigation.

Collapsed (and Expandable) Input Attribute Nodes

All input attributes will now appear collapsed under a single “inputs” node in your Workflow. You can add a child action off of this collapsed node, or you can choose to expand the node by pressing the downward caret on the node, and add individual child actions off of any individual input.

This can help to simply the view of a large complex Workflow with many inputs to make it more readable and digestible.

New Paradigm of Node Ordering

While the order in which nodes were saved to a Workflow version did not previously follow a set pattern, the nodes will now always be ordered in the following way (and this pattern will “stick” even after the Workflow version is saved):

Per column in the Workflow, nodes will be ordered by node type and then in alphabetical order. The order of node types in any given column is the following:

• Service
• Tag
• Output Attribute
• Matrix Model
• Everything else

Example: This Workflow has five columns. In each column, Inputs are at top, followed by Services, then Tags, and so on. Within each node type, the nodes are sorted in alphabetical order. For example, in the third column, the green service nodes are in alphabetical order from top to bottom: Acuant, Acuant, Data Zoo, and TransUnion TLO .

The legacy Workflow Editor has been deprecated. All Alloy clients are now on the new Workflow Editor and are no longer able to toggle back to the legacy Editor.

Resources on the new Workflow Editor:

• Support documentation
• Overview video
• Matrix models video (for underwriting clients)

Clients on Journeys have access to the following updates to Alloy’s codeless SDK.

• Incode Identity Verification + SDK Plugin (Jan 31): Incode provides a mobile-first identity verification service that includes device fingerprinting, ID document capture and validation, facial biometric matching, and government record verification. This integration supports the following verification modules: ID Capture, ID Validation, Face Capture, Face Match, Device information, Geolocation, Device Compatibility, User Consent, and Government Validation.
• SDK Plugin Version Update: SubSum WebSDK 2.0 (Feb 4): Alloy's SumSub SDK Plugin has been updated to support the WebSDK 2.0 plugin. The new version has an improved user experience, increased configurability, and better handling for mobile devices.
  • Clients currently using v1 will need to update their SumSub integration settings to upgrade to v2. This does not require changing any values in Alloy as long as they use the same level name.
  • Please see here for more information on the differences between WebSDK 1.0 & WebSDK 2.0.
• SDK Plugin: Socure Digital Intelligence (Feb 12): Deployed for clients previously on the Socure Device Risk SDK plugin to correspond with Socure’s deprecation of Device Risk.

SDK Plugin: Plaid (March 5): Clients can deploy Plaid via the Alloy SDK to perform identity verification checks and complete additional checks such as Document, Selfie, and Risk Checks.