Back to blog

MaiGuard Blog

Shadow mode testing: validating fraud rules in production without touching live decisions

Why shadow mode matters for fintech teams shipping new velocity rules, and how to measure false-positive impact before promotion.

MaiGuard Engineering5 min read
shadow moderulestesting

Shipping a new velocity rule directly to production is risky. A threshold tuned on historical samples may block legitimate mobile-money transfers or miss mule-network patterns that only appear at scale. Shadow mode lets you run experimental rules on live traffic without changing the decision your platform receives.

What shadow mode does

When a rule is marked shadow-only in the MaiGuard dashboard, it evaluates on every matching transaction in parallel with your active production rules. The live decision and riskScore in the API response are unchanged. Shadow outcomes appear under shadowEvaluation in the same response payload.

Typical shadow response fields include:

  • hasShadowRules — whether any shadow rules were evaluated
  • shadowDecision — what shadow rules would have decided
  • shadowRiskScore — the risk score from shadow evaluation

When teams use shadow mode

  • Pre-promotion validation — Measure how often a new rule would have blocked or flagged transactions before enabling it for live decisions.
  • False-positive estimation — Compare shadow BLOCK/REVIEW rates against known-good customer cohorts.
  • Model vs rules comparison — Run an ML-backed shadow rule alongside existing rule-based logic to see divergence patterns.
  • Seasonal tuning — Test adjusted thresholds during peak periods (salary week, holiday remittance spikes) without customer impact.

A practical rollout workflow

  1. Draft the rule in the dashboard and mark it shadow-only.
  2. Log shadowEvaluation in your application for 7–14 days of representative traffic.
  3. Segment outcomes by amount band, corridor, and customer tenure to find unexpected clusters.
  4. Promote to production only when false-positive rate and analyst load are acceptable.

Shadow mode does not replace offline backtesting — use file import or batch scoring for historical replays. Shadow mode answers: “What would this rule do on today's traffic?”

Related reading

See the Shadow Mode docs for configuration details and the glossary entry for definitional anchors. For rule types that pair well with shadow testing, review AML Rules.