Starting on April 19, 2024, users with admin permissions can set up SAML authentication and SCIM configuration within the Alloy dashboard.

Within “Settings” on the left side menu, click “Auth Settings” to begin your SAML and SCIM configuration process.

SCIM will be supported for your identity provider if you use Okta or Microsoft Entra.

Within Auth Settings, click “Enable SAML Authentication” to begin configuring SAML and SCIM.

Select your identity provider.

Provide an SSO URL and Audience URI from your identity provider.

Upload the XML file received from the previous step.

Configure SCIM for your organization (strongly recommended).

Clients on Journeys can now use our Alloy hosted SDK and retrieve links and QR codes via the API to send to their customers in the case of a step-up verification. This is in addition to being able to retrieve links and QR codes manually from the Alloy dashboard in the application queue.

Learn more about the original release of the Alloy SDK hosted link in our January 2024 change log.

Today we released an update to the way bearer tokens are generated to support a more scalable infrastructure.  As a part of this change, we updated the format of the bearer token itself and changed the character length.

Clients who do not validate based upon the length or type of the bearer token will not notice this change. However, clients who do validate based on length or type will not be able to access the Alloy API as of March 22nd, 2024.

Clients on Journeys using the Run Application Form, designed to support in-branch and manual applications, can now more easily utilize it for multi-entity use cases such as business onboarding.

The multi-entity side panel which appears in the Journey Re-run Form is now also displayed in the Run Application Form to allow users to more easily switch back and forth between entities in a multi-entity application as well as adding/deleting entities. 

To start using the Run Application Form, reach out to your Alloy representative.

Clients on Journeys have access to the latest version of Reconciliation Workflows, built for multi-entity applications like joint applications, KYB use case, or business credit underwriting.

To set up a Reconciliation Workflow:

• Click into a Journey
• Click the ellipses in the top right
• Ensure the toggle “Enable Multi-Entity Applications” is turned on. (If you had selected “Application Type = Multi-Entity” for the Journey, this toggle will be turned on by default.)
• Click on the “+” icon to the right of the start of the Journey to add an entity, then click the “+” icon again to add a Reconciliation Workflow.

You can now add a Reconciliation Workflow at the end of a Journey to determine the final Journey outcome across multiple entities. (This is in addition to the Mid-Journey Reconciliation Workflow to determine whether to proceed with the application for reviews of the enrolled entities, or to exit the application early.)

Learn more about Reconciliation Workflows in our demo video. To get access to Reconciliation Workflows, please reach out to your Alloy representative.

Clients using the credit panel will now be able to view payment history for the tradelines returned from Equifax and Experian, whenever they are made available in the raw response, so agents can get a better understanding of the creditworthiness of their borrowers and make more informed credit decisions. 

To get set up on the credit panel, please reach out to your Alloy representative.

Learn more about the original release of tradelines in the credit panel in our February 2024 change log.

The display of Reason Codes in the Evaluation page has been redesigned to allow for easier identification and understanding of reason codes.

Reason codes are now categorized accordingly:

• Tagged Reason Codes - returned reason codes that belong to a reason code group and triggered a threshold that has a tag in the workflow. Tagged reason codes will be displayed next to the group name instead of the service name. Furthermore, the associated tag will also be displayed next to its respective reason code group on the right.
• Untagged Reason Codes - returned reason codes that belong to a reason code group that did not have a tag set in the workflow. 
• Unclassified Reason Codes - returned reason codes that are not a part of any reason code group. Previously, these reason codes were not visible in the dashboard.

As part of our ongoing efforts to improve your experience with our dashboard, we are excited to share that starting January 4th you will see changes in how Reason Codes are displayed in the Evaluations page. These changes are designed to provide you with a more intuitive review experience and empower better decision making.

We have added new capabilities to better serve sponsor banks, BaaS providers, and fintechs in managing compliance, fraud and credit risk at scale with real-time oversight across all partnership programs. Alloy enables embedded finance providers to have full transparency and oversight across their partner portfolio, while providing the flexibility for fintechs to own part of their risk management. These new capabilities include:

• Provisioning dashboard with parent/child account structures: configure different levels of permissions to provide appropriate control. Sponsor banks or BaaS providers (the ‘parent accounts’) are able to designate the level of autonomy or guardrails to put into place for each of their fintechs (the ‘child accounts’) directly in the platform: 
  • Controlled child accounts have restrictions on editing the decisioning logic pushed down by their parent, but still have visibility into their policies, manual reviews, and performance.
  • Autonomous child accounts can create their own custom rules on top of the baseline policies enforced by their parent.
• Build and enforce risk policies at scale: create and push out your policies to one or multiple partners using Journeys. Any edits to the Journey decisioning logic will automatically be passed on to the child entities, ensuring consistency.
• Customize policies: allow more mature Fintech partners to own and define their policies while maintaining oversight.
• Merged lists: detect and decision on bad actors across your entire portfolio with a federated denylist that can be used across all partner accounts.

Learn more about these capabilities here: [embed or link the LAB video]

If you’d like to use Alloy for Embedded Finance, please reach out to your Alloy representative.