Reference
Glossary
Definitions of key MaiGuard terms used across the API, SDK, and documentation.
These definitions are canonical across MaiGuard documentation. For implementation details, follow the linked guides.
- A production-safe testing mode where new rules or models are evaluated in parallel with live rules without changing the actual ALLOW/REVIEW/BLOCK decision returned to your platform. Shadow results appear in the API response under shadowEvaluation. Shadow mode guide →
- A network model linking customers, devices, IP addresses, counterparties, and accounts. MaiGuard uses graph traversal to detect mule networks, shared identity signals, and synthetic identity rings. Entity graph guide →
- A rule that triggers when transaction or login activity exceeds a threshold within a time window — for example, more than 5 transfers in 10 minutes from the same device. AML rules guide →
- Passive signals collected from user interaction patterns — keystroke dynamics, mouse movement, scroll behavior, and session timing — used to distinguish humans from bots and detect account takeover. Behavioral biometrics guide →
- Politically Exposed Person screening checks counterparties and beneficiaries against PEP lists as part of AML compliance workflows. MaiGuard supports tenant-managed lists and screening at scoring time. AML rules guide →
- Regulatory and operational controls to detect, monitor, and report suspicious financial activity. MaiGuard provides velocity rules, list screening, case management, and audit trails for AML workflows. AML rules guide →
- Identification of a browser or device using stable attributes — OS, browser version, canvas hash, fonts, and hardware signals. Used to detect returning devices and pre-transaction anomalies. JavaScript SDK →
- A numeric score from 0 to 100 returned with every scoring response. Higher values indicate greater fraud or AML risk. Rules and ML models contribute to the final score. How scoring works →
- A session identifier generated by the MaiGuard JavaScript SDK when behavioral collection starts. Pass it in score requests to link browser signals with server-side scoring. Must start with ds_. SDK reference →
- The three decision states returned by MaiGuard scoring. ALLOW means proceed; REVIEW means elevated risk requiring manual review; BLOCK means decline the transaction. How scoring works →
Shadow mode
Entity graph
Velocity rule
Behavioral biometrics
PEP screening
AML (Anti-Money Laundering)
Device fingerprinting
riskScore
deviceSessionId
ALLOW / REVIEW / BLOCK
Was this page helpful?