---
url: https://deepvue.ai/use-cases/detect-signup-fraud/
title: "Detect Fraud at Signup | MNRL + Face Liveness + Device Intel | Deepvue"
description: "Catch mule accounts, deepfakes, and synthetic IDs before signup completes. MNRL, face liveness, device intel, bank ownership, and PEP/sanctions in one decisioning call."
last_modified: 2026-06-19T14:32:36.906Z
---
1.  [Home](/)
2.  Use Cases
3.  Detect Fraud at Signup

Workflows  ·  Detect fraud at signup

# Catch the mule, the deepfake, and the synthetic identity *before* signup completes.

MNRL, face liveness, device intelligence, bank ownership match, PEP / sanctions / adverse-media — chained into one fraud decisioning call. Each signal scored, then combined.

One workflow, every fraud vector — recycled numbers, deepfakes, mule accounts, synthetic IDs, sanctions hits

[Talk to a Specialist](/contact/) [Request a Demo](/demo/)

## One Workflow, *Every Fraud Vector*

Mule accounts, deepfake selfies, recycled phone numbers, synthetic identities, sanctions hits — each leaves a different signature. Deepvue runs the full signal stack in one parallel call and returns a combined score.

![DollarPe](/logos/kyc/dollarpe.png)

![iMocha](/logos/kyc/imocha.png)

![Lark Finserv](/logos/kyc/lark-finserv.png)

![NAMCO Bank](/logos/kyc/namco-bank.png)

![Nest](/logos/kyc/nest.png)

![SafeTree](/logos/kyc/safetree.png)

![SwitchMyLoan](/logos/kyc/switchmyloan.png)

![Times Internet](/logos/kyc/timesinternet.png)

![Yenmo](/logos/kyc/yenmo.png)

![DollarPe](/logos/kyc/dollarpe.png)

![iMocha](/logos/kyc/imocha.png)

![Lark Finserv](/logos/kyc/lark-finserv.png)

![NAMCO Bank](/logos/kyc/namco-bank.png)

![Nest](/logos/kyc/nest.png)

![SafeTree](/logos/kyc/safetree.png)

![SwitchMyLoan](/logos/kyc/switchmyloan.png)

![Times Internet](/logos/kyc/timesinternet.png)

![Yenmo](/logos/kyc/yenmo.png)

![DollarPe](/logos/kyc/dollarpe.png)

![iMocha](/logos/kyc/imocha.png)

![Lark Finserv](/logos/kyc/lark-finserv.png)

![NAMCO Bank](/logos/kyc/namco-bank.png)

![Nest](/logos/kyc/nest.png)

![SafeTree](/logos/kyc/safetree.png)

![SwitchMyLoan](/logos/kyc/switchmyloan.png)

![Times Internet](/logos/kyc/timesinternet.png)

![Yenmo](/logos/kyc/yenmo.png)

sub-2-second fraud decisioning Mobile Number Revocation List (MNRL) deepfake-resistant face liveness device intelligence + emulator detection bank ownership + name match score PEP / sanctions / adverse media combined fraud score + signal trace sub-2-second fraud decisioning Mobile Number Revocation List (MNRL) deepfake-resistant face liveness device intelligence + emulator detection bank ownership + name match score PEP / sanctions / adverse media combined fraud score + signal trace sub-2-second fraud decisioning Mobile Number Revocation List (MNRL) deepfake-resistant face liveness device intelligence + emulator detection bank ownership + name match score PEP / sanctions / adverse media combined fraud score + signal trace

## Three reasons fraud detection stops being an afterthought.

Fraud at signup breaks across three axes — recall (catch the bad actor), latency (don't slow the funnel), and explainability (defend the decision). Deepvue's **fraud chain** is built around all three.

Catch every fraud signature 01 · Recall

Single-vector fraud checks miss. Mules pass face match; deepfakes pass MNRL; synthetic IDs pass each vendor in isolation. Combined signal scoring catches what individual checks don't.

5+ parallel signals per signup

Combined fraud score, not pass/fail per check

India-specific lists (MNRL, mule registry)

Don't slow the funnel 02 · Latency

Sequential fraud checks add minutes; parallel chains run in under 2 seconds. Real-time scoring at signup beats batch screening hours later when the mule has already cashed out.

Sub-2-second median fraud score

Async webhook for slow signals (court records)

Per-source fallbacks, no SRE wakeup

Defend every reject 03 · Explainability

When a customer disputes a rejection or your fraud team A/B tests thresholds, the response carries per-signal scores — not a black-box verdict. Every decision is reproducible and audit-ready.

Per-signal contribution to the score

Threshold + ruleset versioning

Replayable trace per decision

Most teams treat fraud detection as a separate vendor — face vendor, device vendor, sanctions vendor, MNRL vendor. The signals never combine. Deepvue collapses them into one chain with combined scoring, so a deepfake selfie + matching mule bank account is caught even if neither would fail in isolation.

## Why single-vector fraud checks miss the mule.

If your funnel is leaking 25%+ between "Apply" and "Approved" — or your audit team is rebuilding decision history from logs — here's where the breakage usually starts.

Stitched-vendor onboarding

Sequential KYC → face → bank calls, latency stacks

PAN parsed as a string, not source-validated

No bank ownership check — mule accounts slip through

Audit trail across four systems, never reconstructable

Deepvue onboarding chain

Parallel KYC + face + bank + screening, single response

PAN, GST, CIN validated against source registries

Penny-drop bank ownership match before payout

DPDP + RBI-aligned audit trail, single API export

Mules, deepfakes, and synthetic IDs slipping past your stack?

15-min walkthrough — bring a sample fraud cohort, leave with a side-by-side score comparison vs. your current stack.

[Talk to a Specialist](/contact/) [Request a Demo](/demo/)

## The fraud signal stack — six primitives, one combined score.

Every fraud signal that catches signup-time bad actors, wired to call in parallel — combined into a single score with per-signal contribution shown.

MNRL + mobile intel

Mobile Number Revocation List + carrier intelligence. Catch recycled-number mule accounts that pass face match.

[Explore](/mnrl-api/)

Face liveness + deepfake

In-house ML for anti-spoof. Photo, video, mask, deepfake, and morph attacks scored — not pass/fail.

[Explore](/liveness-detection-api/)

Device intelligence

Device fingerprint, emulator detection, IP risk, repeated-signup signal. Catches synthetic-ID farms.

[Explore](/mobile-number-intelligence-api/)

Bank ownership match

Penny-drop name-on-account match. Mules typically fail name match even when phone + face pass.

[Explore](/bank-account-verification-api/)

PEP + sanctions + adverse

UN, OFAC, EU sanctions + PEP + adverse media. Structured risk indicators feed the combined score.

PAN + Aadhaar consistency

PAN-Aadhaar linkage validated against source registries. Synthetic identities typically break here.

[Explore](/pan-verification-api/)

## How the fraud chain runs.

From a signup hitting submit to a fraud verdict back to your stack — sub-2-second median, parallel signal scoring.

01

Signup hits submit

Your form posts inputs (phone, PAN, bank, device fingerprint) to the Deepvue fraud chain. Single API call.

02

5+ signals fire in parallel

MNRL, face liveness, device intel, bank ownership, sanctions, PAN-Aadhaar consistency — all concurrent.

03

Per-signal scores combined

Combined fraud score (0-1) computed from per-signal contributions. Threshold + ruleset versioned per vertical.

04

Verdict returned + signal trace

CLEAR / REVIEW / REJECT with per-signal scores. Decision is reproducible — your fraud team can replay any case.

End-to-end median: **under 2 seconds**. Run a sample fraud cohort through both stacks in a 15-min walkthrough.

Sub-2-second fraud scoring at signup, today.

Test the full chain in our sandbox — MNRL, face liveness, device intel, bank, screening, score — before you wire anything in.

[Talk to a Specialist](/contact/) [Request a Demo](/demo/)

## A fraud scoring call, end-to-end.

What a single fraud chain call looks like — parallel signals, combined score, replayable trace.

The check chain

CHAIN

// All parallel — sub-2-second median
1. POST /v1/fraud/mnrl-mobile-intel
2. POST /v1/fraud/face-liveness-deepfake
3. POST /v1/fraud/device-intel
4. POST /v1/fraud/bank-ownership
5. POST /v1/fraud/pan-aadhaar-link
6. POST /v1/screening/pep-sanctions
7. POST /v1/fraud/score

What you wire in

Auth header

single API key, all endpoints

Signup inputs

phone, PAN, bank, device fingerprint

Webhooks

decision events post back to your stack

Decision rules

scoring thresholds + ruleset versioned

Decision response

200 OK · JSON

{
  "signup\_id": "sg\_8a4f2b9e",
  "verdict": "CLEAR",
  "fraud\_score": 0.08,
  "latency\_ms": 1412,
  "signals": {
    "mnrl": "0.02",
    "face\_liveness": "0.04",
    "device\_intel": "0.11",
    "bank\_ownership": "0.05",
    "sanctions": "0.00"
  },
  "trace\_id": "trc\_2026\_04\_29\_17\_42",
  "ruleset\_version": "v3.4",
  "data\_residency": "IN"
}

## Compliance map for fraud-chain decisioning.

The frameworks fraud-decision pipelines get challenged on — DPDP, sanctions, IT Act, sectoral fraud-prevention rules.

DPDP

DPDP Act, 2023

Digital Personal Data Protection. Consent, purpose limitation, data-fiduciary duties for all onboarded customers.

RBI

RBI Master Direction on KYC

Defines acceptable KYC flows for Indian users. Aadhaar e-KYC, OVDs, video-KYC, periodic refresh.

AML

PMLA, 2002

Prevention of Money Laundering Act. Mandates customer due diligence, record-keeping, suspicious-transaction reporting for regulated entities.

FATF

FATF Recommendations

R10 (CDD), R12 (PEPs), R16 (Travel Rule). Applies to financial institutions via home regulator.

CONSUMER

Consumer Protection Rules

Marketplace + e-commerce: seller-due-diligence + grievance officer + return/refund disclosure obligations.

IT ACT

IT Act, 2000 (Sec 43A + 79)

Reasonable security practices + intermediary safe harbour. Documented onboarding strengthens both.

SCREENING

UN, OFAC, EU sanctions

Sanctions list screening at onboarding and monitored throughout the customer lifecycle.

SCREENING

PEP & Adverse Media

Politically Exposed Persons screening per FATF R12. Adverse media flags reputational risk.

This map is informational, not legal advice. Your specific licensing posture (NBFC, Bank, marketplace, gig aggregator) layers on top — Deepvue's audit trail is built to support all of them.

## Where fraud signals get missed — and where Deepvue catches them.

From signup submission to first chargeback — the missed signal usually fits one of these five patterns.

Common miss patterns

1 — Recycled phone passes face match (mule)

2 — Deepfake selfie passes single-vector liveness

3 — Synthetic ID passes individual checks but fails combo

4 — Sanctions hit batched + delayed, not real-time

5 — Reject defended only with vendor verdict, not signals

Deepvue runs all signals in parallel and combines them into a **single fraud score**. Each signal's contribution is shown — so a deepfake selfie + matching mule bank account scores high even if neither would fail individually. Real-time, replayable, defendable.

Show me a side-by-side fraud score on real cases.

15-min walkthrough — bring a sample fraud cohort, leave with per-signal scores vs. your current stack.

[Talk to a Specialist](/contact/) [Request a Demo](/demo/)

## Wire it in over a coffee.

Most teams drop the Deepvue fraud chain into their signup flow in **under a week**. One sandbox key, one chained endpoint, webhooks back to your existing fraud / risk stack.

Day-by-day rollout

1

Day 1 — sandbox keys + sample request templates

2

Days 2-3 — wire into your signup endpoint + risk webhook

3

Days 4-5 — webhooks back to your decisioning + audit stack

4

Day 6 — production keys, go live with a small traffic split

## What you get out of the box.

Capabilities every fraud-decision pipeline needs — without stitching together five fraud vendors.

Integration features

Single REST endpoint

One chained call wraps the full onboarding flow.

Sandbox first

Run sample fraud cohorts before any production traffic.

Webhook decisioning

Decisions, retries, and step-level events post back to your stack.

Exportable audit trail

Per-signal trace + ruleset version, replayable.

Out of the box

MNRL + mobile intel

Mobile Number Revocation List lookup + carrier intelligence. India-specific, refreshed daily.

Face liveness + deepfake

In-house ML, anti-spoof scored (not pass/fail) against photo, video, mask, deepfake, morph attacks.

Device intelligence

Device fingerprint, emulator detection, IP risk, repeated-signup signal — catches synthetic-ID farms.

Bank + PAN consistency

Penny-drop name match + PAN-Aadhaar linkage validation. Synthetic identities typically break here.

Combined fraud score

Per-signal scores combined into a single 0-1 fraud score. Per-signal contribution shown — replayable, defendable.

Per-call trace ID

Every decision tagged with a retrievable trace ID. Plug into your audit pipeline without custom logging.

Ship real-time fraud scoring in a week, not a quarter.

Sandbox keys today. Production traffic by Friday next.

[Talk to a Specialist](/contact/) [Request a Demo](/demo/)

## Five fraud vectors, one combined score.

The signal mix per fraud vector — what catches each, and why a combined score outperforms single-vendor verdicts.

Mule account

MNRL + bank + name match

Recycled phone passes face match; mule typically fails name-on-account match. Combo signal catches both.

Deepfake selfie

Liveness + device + face score

Single-vendor liveness misses; combined liveness + device emulator + face-attack score catches the morph.

Synthetic identity

PAN-Aadhaar + bank + device

Each individual check passes; PAN-Aadhaar consistency + bank-name divergence + device farm signal catches the synth.

Sanctions hit

Real-time PEP + sanctions

Batch screening hours later misses cash-out window; real-time signal in the chain returns hit at signup.

Bot / device farm

Device + repeated-signup signal

Same device fingerprint + emulator markers + clustered IP = device farm. Per-signal score escalates the cohort.

## Built for fraud-decision defensibility.

DPDP, IT Act, RBI fraud-prevention norms, dispute redressal — fraud rejects need to be defendable. Deepvue's per-signal trace satisfies all of them out of the box.

Fraud-chain commitments

DPDP-aligned consent capture per signup

Per-signal trace + ruleset version, replayable

Signal sources via authorized partner integrations

Paperwork & controls

SOC 2 Type II controls (in audit)

ISO 27001 aligned

GDPR-compatible DPA available

Sub-processor list under MSA

Deepvue is not a regulator and does not represent itself as RBI, SEBI, UIDAI, or any government authority. Customers retain full responsibility for their fraud thresholds, dispute resolution, and rejection decisions. Deepvue provides the signal infrastructure and replayable trace; the fraud decisioning is yours.

Applicable regulations

All API interactions are protected using encryption, role-based access controls, and audit logging.

## Volume pricing per fraud decision.

Fraud-chain bundles tier with monthly signup volume. Pay per scored decision, not per individual signal. INR-first invoicing.

Pricing scales with

monthly fraud decisionsprimitives per decision (3, 5, 7+)signals per chain (3, 5, 7+)dedicated SLA & support tierINR-first, USD on request

Most fraud teams running 50k-5M signups per month land in a **per-decision** range materially under the cost of stitching individual fraud vendors — no per-signal surcharges.

[Talk to a Specialist](/contact/) [Request a Demo](/demo/)

## Common questions from compliance and product leads.

Real questions, asked in evaluation calls. If yours isn't here, book a 15-min walkthrough — we'll answer it live.

We already have a face-vendor and a device-vendor. Why consolidate?

Single-vendor verdicts miss combined-signal fraud (e.g. deepfake selfie + matching mule bank account). Combined scoring catches what isolated checks don't. Most teams shadow-mode Deepvue against a fraud cohort first to compare recall side-by-side.

Can we tune thresholds and signals per vertical?

Yes. Run a tighter ruleset for high-risk segments (lending, crypto) and a lighter one for low-risk (e-commerce buyer signup). Thresholds, signal weights, and ruleset versions are configurable and replayable.

Is the fraud score explainable for dispute defence?

Yes — every decision returns per-signal scores, ruleset version, and a replayable trace ID. When a customer disputes a rejection, you can show the exact signal mix that drove the verdict.

Where is signup data stored?

Indian servers by default. Storage arrangements are negotiated per MSA, with defaults aligned to DPDP and applicable sector regulations.

How fresh is the MNRL list?

Refreshed daily. Critical-list deltas applied within hours of TRAI publication. Signals downgrade gracefully if a source feed is delayed.

How long does integration take?

Sandbox in a day. Shadow mode in production within 1 week for most teams. Cut-over to enforcement after 2-4 weeks of side-by-side comparison.

## How does Deepvue's "Detect fraud at signup" workflow compare to single-vendor fraud checks?

**Deepvue**'s fraud chain runs MNRL + face liveness + device intelligence + bank ownership match + PAN-Aadhaar consistency + PEP/sanctions in parallel and combines them into a single 0-1 fraud score with per-signal contribution shown. Single-vendor face or MNRL checks miss combined-signal fraud (deepfake selfie + matching mule bank account). Sub-2-second median, replayable trace per decision, threshold + ruleset versioned per vertical. Catches mule, deepfake, synthetic ID, sanctions, and bot-farm vectors in one call.

## Score signup fraud in  
under 2 seconds.

Real-time. Combined signal scoring. Replayable trace per decision.

[Talk to a Specialist](/contact/) [Request a Demo](/demo/)