Greip

Greip processes incoming transaction requests through a multi-signal scoring engine that combines IP geolocation, device fingerprinting, and behavioral heuristics to assign a fraud risk score in under 100ms. The system evaluates transaction metadata (IP, device ID, user behavior patterns) against historical fraud patterns and returns a numerical risk score that integrates directly into payment authorization flows without blocking legitimate transactions.

Greip maintains a continuously-updated IP address database that maps IP ranges to geographic locations, ISP information, and flags suspicious IP characteristics (datacenter IPs, known proxy services, VPN exit nodes). When a transaction IP is queried, the system performs a lookup against this database and returns geolocation coordinates, country/city, ISP name, and risk flags indicating whether the IP belongs to a proxy, VPN, or datacenter network commonly used for fraud.

Greip provides a client-side JavaScript SDK that collects device characteristics (user agent, screen resolution, installed fonts, canvas fingerprint, WebGL renderer, timezone, language settings) and generates a stable device fingerprint hash. This fingerprint is sent with transactions to enable device-level fraud detection, allowing the system to identify when multiple accounts are being accessed from the same device or when a device's behavior pattern suddenly changes.

Greip analyzes transaction patterns for each user account (transaction frequency, amount distribution, time-of-day patterns, geographic velocity) and flags deviations from the user's historical baseline as behavioral anomalies. The system learns normal behavior from the first 10-20 transactions and then scores subsequent transactions based on how much they deviate from established patterns (e.g., a user who normally spends $50/transaction suddenly spending $5000 triggers a high anomaly score).

Greip exposes a REST API endpoint that accepts transaction details (IP, device fingerprint, user ID, amount, merchant category) and returns a fraud risk assessment synchronously or asynchronously via webhook. The API supports both real-time blocking (synchronous response) and async scoring (webhook callback) to accommodate different integration patterns. Developers can call the API at transaction time, post-transaction for batch scoring, or set up webhooks to receive risk updates as new signals become available.

Greip offers a free tier that provides limited API access (typically 100-1000 requests/month) with full feature parity to paid tiers, enabling developers to test fraud detection against real transaction patterns before committing budget. The free tier includes all core capabilities (IP geolocation, device fingerprinting, behavioral analysis) but with strict rate limits enforced at the API key level. Developers can upgrade to paid tiers (typically $99-999/month) for higher rate limits and priority support.

Greip provides a web-based dashboard that displays real-time fraud alerts, historical transaction risk scores, and aggregated fraud metrics (fraud rate, high-risk transaction volume, geographic distribution of fraud). The dashboard allows developers to review flagged transactions, adjust risk thresholds, and export transaction history for analysis. Alerts are surfaced with risk scores, signal breakdowns, and recommended actions (block, challenge, allow).

Greip sends webhook notifications to a developer-specified HTTPS endpoint whenever a transaction exceeds a configurable fraud risk threshold. Webhooks are sent in real-time (within seconds of transaction scoring) and include full transaction details, risk score, signal breakdown, and recommended action. Developers can configure separate thresholds for different actions (alert, block, challenge) and customize webhook payload format.