Core Concepts

Architecture

How the Browser SDK, ingestion layer, scoring engine, and case manager connect in the MaiGuard platform.

System overview

MaiGuard sits between your transaction events and business decisions. The platform has four primary components connected in a real-time pipeline:

Browser SDK → Ingestion API → Scoring Engine → Case Manager │ │ │ │ deviceSessionId REST/Webhooks/ Rules + ML + Analyst review behavioral SQS/DB/File Entity graph Audit trails signals import Velocity + lists

Browser SDK

The JavaScript SDK (Sentinel) runs in the user's browser, collecting behavioral biometrics and device fingerprints. It generates a deviceSessionId passed to your backend and included in score requests. See SDK docs.

Ingestion layer

Transactions enter MaiGuard through multiple channels: synchronous REST API, inbound webhooks, database sync, AWS SQS, or bulk file import. All channels normalize to the same scoring pipeline. See integration channels.

Scoring engine

The scoring engine evaluates rules, ML models, velocity counters, entity graph signals, and list matches in priority order. It returns riskScore, decision, and matched rules in under 200 ms. Shadow rules run in parallel without affecting live decisions. See how scoring works.

Case manager

REVIEW decisions enter analyst queues with full transaction context, rule triggers, and entity graph links. Analysts resolve cases and export audit trails for compliance.

AML Rules

Overview

Was this page helpful?