Fraud Detection

Design a real-time ML fraud/risk scoring system that scores payment transactions in under 100 ms.

00

Practice checkpoints

The requirements are open as a taste. From the numbers onward, the full guide opens in the app.

  1. 01
    Clarify scope
  2. 02
    Requirements + scale
  3. 03
    API + data modelUnlocks in the app
  4. 04
    Draw architectureUnlocks in the app
  5. 05
    Deep diveUnlocks in the app
  6. 06
    Trade-off decisionUnlocks in the app
01

Requirements that shape the design

Do not only state requirements. Ask for them. Each card pairs the design constraint with a clarification question you can say out loud before drawing the architecture.

Functional requirements

01Where in the payment flow does this sit — inline, or after the fact?

Inline: the gateway calls risk scoring synchronously during authorization and waits for the verdict — a decision made after the money moved is an alert, not a defense.

02Is the decision binary — approve or block?

Three tiers: approve, step-up challenge (3DS or OTP) for the uncertain middle, and block only at high confidence — the challenge tier lets a real customer prove themselves instead of being declined.

03Pure ML, pure rules, or both?

Both in one call: the model scores every transaction, and a rules engine can hard-block, force-review, or allow-list on top — rules are the fast lever the model cannot be.

04What does the model actually see at decision time?

Precomputed velocity, device, and graph features fetched from a feature store, plus a few cheap request-time features (amount, merchant category, geo mismatch) computed on the spot.

05How does the system ever learn it was wrong?

A label pipeline: chargebacks and disputes arrive 30–90 days later, analyst verdicts arrive in hours, and both flow back — each decision also stores its exact feature snapshot so training sees what the model saw.

06Who looks at the borderline cases?

A case review queue: mid-risk and rule-flagged transactions go to human analysts with score, reason codes, and account history — their verdicts are the fastest labels the system gets.

Out of scopeThe ledger, capture, settlement, and reconciliation — that is the Payment System question; this is the decision inside it · Account-takeover and login fraud (different signals: sessions and credentials, not transactions) · Chargeback representment and dispute-evidence workflows

Non-functional requirements

01How many milliseconds do we own inside the authorization?

Under 100 ms of the ~2-second authorization belongs to risk; the scoring service budgets 50 ms p99 so one slow dependency cannot blow the slice.

02The feature store times out mid-transaction — what happens?

The payment is never held hostage: on a feature-store timeout the service degrades to rules plus a default score and flags the decision — fail-degraded, not fail-closed.

03How fresh do velocity features have to be?

Velocity features are seconds fresh: a stolen-card burst must show up in the counters by the third swipe, so aggregates come from a stream processor, not a nightly batch.

04What metric is this system actually judged on?

The system is judged in dollars, not accuracy: at a 10-basis-point fraud rate a model that approves everything is 99.9% accurate — the real trade is false-decline revenue against chargeback loss.

05Can we explain any single decline afterwards?

Every decision persists its score, top feature reasons, rule hits, and model version — analysts, disputes, and regulators all ask why, and the answer cannot be a bare score.

Keep asking — the interview is a conversation

Real interviews probe far more than a tidy list. These are the scope questions that separate candidates who interrogate the problem from those who recite it.

  • What does a false decline cost this business versus a missed fraud — do we know the dollar ratio, or am I guessing at the threshold?
  • How many milliseconds of the authorization do we own, and what happens to the payment if we exceed them?
  • How do labels arrive — chargebacks only, or do we also get analyst verdicts and customer fraud reports as faster signals?
  • Is a step-up challenge (3DS, OTP) available as a middle decision, or does every transaction end in approve or block?
  • Are there regulatory or card-scheme requirements to explain individual declines with reason codes?
01

Unlock the full playbook for Fraud Detection

Numbers, architecture diagram, API and data model, deep dives, expected topics, self-check, whiteboard starter, and common mistakes unlock inside the app.

02

Numbers that force architecture decisions

Locked in the app

03

Architecture path

Locked in the app

04

API and data model

Locked in the app

05

Deep dive directions

Locked in the app

+Series

Practice the related series