RiskOS™ Dashboard Setup

Set up Consumer Onboarding in the RiskOS™ Dashboard

Before you start

Make sure you have the following:

How it works

Consumer Onboarding is a single-pass, adaptive workflow that evaluates identity, fraud, and compliance signals together to minimize friction for low-risk users while applying step-ups only when needed.

At a high level, the workflow:

• Collects identity and digital inputs
• Evaluates device, identity, and fraud signals
• Applies targeted step-ups for uncertain or high-risk cases
• Produces a single, auditable decision outcome

The final outcome is one of:

• Accept
• Step-Up
• Manual Review
• Reject

How Consumer Onboarding fits into a workflow

In RiskOS™, workflows are built by connecting reusable components. Consumer Onboarding is delivered as a preconfigured workflow composed of multiple enrichments, conditions, score cards, and decisions.

Once executed, all module outputs are evaluated together to determine routing and final outcomes.

For more detail on individual components, see Workflow Steps.

Execution flow in RiskOS™

Consumer Onboarding runs synchronously, with conditional asynchronous steps (for example, OTP or Predictive DocV) only when required.

1. Data collection

   Collect the following minimum input to begin the flow:

   
   

   • Digital Intelligence session token
   • First name
   • Last name
   • Date of birth
   • Last 4 of SSN
   • Address
   • Phone number
   • Email
2. Call the Evaluation endpoint

   The RiskOS™ Evaluation endpoint receives the input data and triggers the Consumer Onboarding workflow. The workflow orchestrates all enrichment and decision steps—across identity verification, fraud detection, and compliance screening—to produce a single decision output with traceable reasoning.

3. Digital Intelligence

   Digital Intelligence collects device, network, and behavioral telemetry from the session to compute helper variables for downstream risk scoring.

   
   

   • Reject if there is an extremely high digital intelligence risk signal (e.g., risky device or bot-like session behavior).
   • Step-Up if a high digital intelligence risk signal is detected that warrants further review.
   • Proceed if the session presents a trusted or low-risk digital profile.

   
   

   Why it’s here: Executed first to correlate device behavior with the applicant’s identity and seed telemetry for subsequent fraud and compliance evaluations. Early detection of bots, emulators, or risky sessions prevents downstream fraud exposure.

4. Allow / Deny List

   Checks identifiers such as email, device ID, phone, or IP address against trusted and fraudulent repositories.

   
   

   • Reject if any identifier matches a known fraudulent entry on the Deny List.
   • Proceed if the identifier is trusted or not found on any restricted list.

   
   

   Why it’s here: Placed immediately after Digital Intelligence to filter out known bad actors before calling more computationally expensive services.

5. Phone Risk

   Phone Risk analyzes the phone number’s legitimacy, tenure, and exposure to risks such as SIM swaps, spoofing, or carrier anomalies.

   
   

   • Reject if the phone shows extremely high risk (e.g., confirmed SIM swap or compromised carrier signal).
   • Proceed if the phone is trusted and demonstrates normal ownership behavior.

   
   

   Why it’s here: Used as an early ownership signal to verify the phone’s authenticity before deeper KYC and risk checks occur.

6. Possession verification

   Silent Network Authentication or One-Time Passcode verifies the user’s possession of the claimed phone.

   
   

   • Proceed if device possession is confirmed through silent or active verification.
   • Step-Up to OTP if possession cannot be silently confirmed.
   • Reject if the user fails or abandons the possession verification step.

   
   

   Why it’s here: Confirms control of the phone number to prevent account creation using spoofed or stolen credentials.

7. Verify Plus + Sigma Synthetic (KYC / CIP)

   Performs identity verification and synthetic fraud detection in tandem.

   
   

   • Verify Plus validates name, date of birth, SSN, and address against authoritative data sources.
   • Sigma Synthetic identifies patterns suggesting fabricated or stitched identities that might bypass traditional KYC.

   
   

   Why it’s here: Executed early to confirm baseline identity legitimacy before invoking high-assurance checks like eCBSV or Document Verification.

8. eCBSV (Authoritative Step-Up)

   eCBSV validates SSN, name, and date of birth directly with the Social Security Administration (SSA).

   
   

   • Step-Up when synthetic or identity mismatches indicate a need for authoritative verification.
   • Proceed when identity information aligns across all authoritative sources.

   
   

   Why it’s here: Provides the highest identity assurance available, particularly for thin-file or new-to-country populations. Requires applicant consent.

9. Socure Fraud Suite

   Aggregates insights from multiple models—Phone Risk, Email Risk, Address Risk, Sigma Identity Fraud, Sigma Synthetic, and Graph Intelligence—to detect third-party, synthetic, and networked fraud.

   
   

   • Reject if any source indicates extremely high fraud or synthetic identity risk.
   • Step-Up to Predictive DocV if high but not definitive fraud risk is detected.
   • Proceed if all signals indicate a low or trusted risk level.

   
   

   Why it’s here: Identifies bad actors mid-sequence and determines whether higher-friction verification (such as Predictive DocV) is necessary.

10. Predictive DocV Step-Up

    Predictive DocV validates government-issued IDs and biometric selfies.

    
    

    • Reject if document forgery, mismatch, or liveness failure is confirmed.
    • Resubmit if document quality is insufficient or incomplete.
    • Manual Review if authenticity cannot be automatically verified.
    • Accept if the document and selfie match with high confidence.

    
    

    Why it’s here: Introduces targeted friction only for uncertain or high-risk cases, confirming identity ownership through adaptive verification.

11. First-Party Fraud

    First-Party Fraud assesses verified identities for behavioral indicators of intentional fraud such as dispute abuse, account manipulation, or bust-out risk.

    
    

    • Reject if the applicant exhibits extremely high first-party fraud indicators.
    • Step-Up for manual review if elevated but inconclusive risk signals are present.

    
    

    Why it’s here: Conducted after verification to prevent downstream losses from genuine users acting in bad faith.

12. Watchlist Screening

    Watchlist screens the applicant against global sanctions, PEP, and adverse media databases.

    
    

    • Step-Up for compliance review when potential watchlist matches are detected.
    • Proceed if no relevant matches are found.

    
    

    Why it’s here: Final compliance checkpoint before decisioning to ensure AML and regulatory requirements are fully satisfied.

13. Final decision

    Consolidates all module results into a unified outcome: Accept, Step-Up, Manual Review, or Reject, with reason codes and audit logs.

    
    

    Why it’s here: Provides a transparent, data-driven decision ensuring balance between conversion, compliance, and fraud prevention.

Workflow components used by Consumer Onboarding

Consumer Onboarding uses a broad set of standard RiskOS™ workflow components.

Configure Consumer Onboarding

Enable required enrichments

Your Socure account team will provision a standard Consumer Onboarding workflow that includes:

• Digital Intelligence
• Phone Risk
• Email Risk
• Address Risk
• Verify Plus
• Sigma Synthetic Fraud
• Sigma Identity Fraud + Graph Intelligence
• First-Party Fraud
• Watchlist Plus
• eCBSV (optional, consent-gated)
• Predictive DocV (optional step-up)

Design your risk and friction strategy

Consumer Onboarding is designed to:

• Allow low-risk users to pass with minimal friction
• Apply step-ups only when signals are incomplete or conflicting
• Escalate to high-assurance verification for high-risk cases

Typical strategies include:

• Rejecting on extreme digital or fraud risk
• Stepping up to eCBSV or DocV for uncertain identity resolution
• Routing ambiguous cases to manual review

Configure routing and reason code lists

Reason codes drive all routing behavior. Each product must have its own configured reason code lists.

Examples:

• Verify Plus: Reject, Step-Up, Resubmit
• Sigma Synthetic / Identity Fraud: Reject and Step-Up
• Predictive DocV: Reject, Review, Resubmit
• First-Party Fraud: Review and Reject
• Watchlist: Review

Proper configuration ensures:

• Consistent routing
• Accurate case labeling
• Clean downstream reporting

Configure Allow / Deny lists

Optionally configure known trusted or fraudulent:

• Emails
• Phone numbers
• Devices
• IP addresses

These lists are evaluated early in the workflow.

Save and publish

Once configuration is complete, publish the workflow to go live.

---

Quick start checklist

Use this checklist to validate readiness before production launch.