When a webhook fails to deliver 100 times (inclusive of retry attempts), with no successful deliveries within those attempts, Alloy will automatically disable that webhook endpoint for your account. 

This will typically happen when (1) a temporary delivery service like http://webhook.site is being used for testing, (2) platform or server configuration updates are not carried over to Alloy webhook settings, or (3) Alloy is not kept up to date with API key rotations.

Agent users in the default Admin role are notified via email of a webhook auto-disablement. (The default Admin role includes a new permission to receive updates when webhooks fail.)

With this feature: 

- Clients will receive an email to inform them that webhooks have been disabled.

- Clients will see which webhooks were automatically disabled in Webhook Settings. From there, clients can review settings and re-enable webhooks.

PATCH Application Enhancement

AFEF clients can now update completed or in-flight Applications with the parent slug, giving users the ability to update parent associations at any stage in the applications process via the Applications Endpoint.  Parent auditor accounts are only able to view records assigned to them. To set this up, please reach out to your Alloy representative with any questions.

AFEF Entity Endpoint Enhancement

AFEF clients can confirm their parent mappings via the entity endpoint.  This enhancement gives clients the ability to ensure their mappings are correct in a quick and scalable way. Users can call the entity endpoint and retrieve the parent mapping in the header. To set this up, please reach out to your Alloy representative with any questions.

We have made a few changes recently to our Workflow Editor user interface to help with readability and navigation.

Collapsed (and Expandable) Input Attribute Nodes

All input attributes will now appear collapsed under a single “inputs” node in your Workflow. You can add a child action off of this collapsed node, or you can choose to expand the node by pressing the downward caret on the node, and add individual child actions off of any individual input.

This can help to simply the view of a large complex Workflow with many inputs to make it more readable and digestible.

New Paradigm of Node Ordering

While the order in which nodes were saved to a Workflow version did not previously follow a set pattern, the nodes will now always be ordered in the following way (and this pattern will “stick” even after the Workflow version is saved):

Per column in the Workflow, nodes will be ordered by node type and then in alphabetical order. The order of node types in any given column is the following:

• Service
• Tag
• Output Attribute
• Matrix Model
• Everything else

Example: This Workflow has five columns. In each column, Inputs are at top, followed by Services, then Tags, and so on. Within each node type, the nodes are sorted in alphabetical order. For example, in the third column, the green service nodes are in alphabetical order from top to bottom: Acuant, Acuant, Data Zoo, and TransUnion TLO .

The legacy Workflow Editor has been deprecated. All Alloy clients are now on the new Workflow Editor and are no longer able to toggle back to the legacy Editor.

Resources on the new Workflow Editor:

• Support documentation
• Overview video
• Matrix models video (for underwriting clients)

Clients on Journeys have access to the following updates to Alloy’s codeless SDK.

• Incode Identity Verification + SDK Plugin (Jan 31): Incode provides a mobile-first identity verification service that includes device fingerprinting, ID document capture and validation, facial biometric matching, and government record verification. This integration supports the following verification modules: ID Capture, ID Validation, Face Capture, Face Match, Device information, Geolocation, Device Compatibility, User Consent, and Government Validation.
• SDK Plugin Version Update: SubSum WebSDK 2.0 (Feb 4): Alloy's SumSub SDK Plugin has been updated to support the WebSDK 2.0 plugin. The new version has an improved user experience, increased configurability, and better handling for mobile devices.
  • Clients currently using v1 will need to update their SumSub integration settings to upgrade to v2. This does not require changing any values in Alloy as long as they use the same level name.
  • Please see here for more information on the differences between WebSDK 1.0 & WebSDK 2.0.
• SDK Plugin: Socure Digital Intelligence (Feb 12): Deployed for clients previously on the Socure Device Risk SDK plugin to correspond with Socure’s deprecation of Device Risk.

SDK Plugin: Plaid (March 5): Clients can deploy Plaid via the Alloy SDK to perform identity verification checks and complete additional checks such as Document, Selfie, and Risk Checks.

New features have been released for Alloy for Embedded Finance (AFEF) clients to enhance collaboration between fintechs and their sponsor banks.

• Parent Controller Investigations and Alerts (Nov 5): Parent accounts will be able to view and action on investigations and alerts across all of their child accounts via aggregate queues. In those queues, parent agents will be able to do the following within each investigation:
  • Upload documents
  • Add notes
  • Review an investigation
  • Promote an investigation to a case
  • Close an investigation
  • Assign a parent or child agent to an investigation or alert
• Parent Filter (Dec 23): Transactions can be filtered by the parent slug, so that alerts are triggered for the appropriate parent account and not for other banks that their child account may have partnerships with.  We’ve added this parent slug to the following MLA filters:
  • Transaction History
    • Monetary MLA
    • Counterparty MLA
  • Account History
    • Account Balance MLA
• Cross-Account Permissions (Feb 13): Limit agent access to specific child accounts, depending on their function (e.g. Customer Success vs. BSA teams). To configure access, create groups of child accounts in Settings and map those child groups to existing roles within the parent account.

Multi-Step Parent Approver (Feb 21): Configure a Journey to require approvals from both the child account and their parent account before an application is approved.

Clients using custom outcomes can now explore the tags correlated with those outcomes and their volume. Previously, this was available only for the default outcomes Approved, Denied, and Manual Review.

Visit Workflow Analytics within your Home tab and scroll below “Total Evaluations Over Time” to view tag counts for each outcome.

Proactively detect fraud attacks with Alloy’s new AI-powered model, Fraud Attack Radar, that analyzes portfolio-level activity to identify suspicious patterns at the point of onboarding. 

Once set up, you’ll receive timely notifications that allow you to detect fraud earlier and contain fraud before it escalates. It will alert you when we see strong indicators of fraudulent activity across your portfolio so you can take immediate action to contain the threat and triage impacted applications.

To get started, navigate to the Workflows page and click the three vertical ellipses and select ‘Fraud Attack Radar’ for your chosen workflow. Toggle the model on and enter the roles who should receive notifications.