AI FRAUD DETECTION • SUB-MICROSECOND

Three AI Agents. Zero Plaintext Exposure.

Traditional fraud detection sees your data in plaintext. That's not a feature — it's a vulnerability. H33 runs three native Rust AI agents inside the FHE pipeline, analyzing ciphertext patterns at sub-microsecond speed. Deepfakes, synthetic identities, harvest-now-decrypt-later — detected before the auth response ships.

Get Free API Key → View Docs See Benchmarks
2.35µs
Total ML Pipeline
2.1M/sec
Auth Throughput
3
Native Rust Agents
Zero
Plaintext Exposure
THE THREAT LANDSCAPE

The Attacks Your Fraud System Doesn't See

Every fraud detection vendor promises AI. None of them operate on encrypted data. Which means every one of them is a breach waiting to happen. These are the threats that matter.

97%
Deepfakes Fool Liveness Detection
AI-generated faces and voices bypass traditional liveness checks at industrialized scale. Generative adversarial networks produce photorealistic biometrics for less than $5 per fake identity. Your camera-based verification is a checkbox, not a defense.
$6B+
Synthetic Identity Losses (Annual)
Fabricated identities combining real SSNs with fake names pass every KYC check your vendor sells. Each data point looks legitimate in isolation. By the time you detect the pattern, the credit line is maxed and the person never existed.
15B+
Leaked Credentials in Circulation
Credential stuffing attacks test billions of stolen passwords against live systems every day. Rate limiting and CAPTCHA are speed bumps, not barriers. If your users have passwords, your users are already compromised somewhere.
HNDL
Harvest-Now, Decrypt-Later
Nation-state actors are collecting your encrypted traffic today for decryption with tomorrow's quantum computers. Every RSA and ECDSA-protected session intercepted now has permanent value. The clock started years ago.
DETECTION PIPELINE

Three Agents. Native Rust. Sub-Microsecond.

Not Python. Not an external API. Not a sidecar. Three Rust-native AI agents compiled into the auth binary, running in parallel with FHE verification. They analyze ciphertext patterns — the server never decrypts anything.

0.69µs
Median Latency
Harvest Detection Agent
ai_harvest.rs
Flags harvest-now-decrypt-later patterns in real-time. Identifies anomalous data collection behavior, bulk exfiltration signatures, and reconnaissance patterns that indicate adversaries stockpiling encrypted data for future quantum decryption. Operates entirely on FHE ciphertext.
1.14µs
Median Latency
Side-Channel Detection Agent
ai_sidechannel.rs
Catches timing attacks, cache attacks, and power analysis during authentication. Monitors statistical deviations in request timing, memory access patterns, and computational signatures. Detects credential stuffing, replay attacks, and automated bot traffic before they complete.
0.52µs
Median Latency
Crypto Health Monitor
ai_crypto_health.rs
Validates cryptographic parameter integrity in real-time. Monitors FHE noise budgets, key freshness, RNG quality, lattice parameter health, and signature chain validity. Alerts before any cryptographic weakness can be exploited by synthetic identity or deepfake attacks.
PRODUCTION NUMBERS

v10 Benchmark Performance

Production benchmarks from Graviton4 (c8g.metal-48xl, 192 vCPUs). Every number is from sustained production runs — not cherry-picked burst windows. Verify on /benchmarks →

939µs
FHE Biometric Match
32 users / batch
Benchmark proof →
2.35µs
Total ML Pipeline
3 agents in parallel
Benchmark proof →
0.059µs
ZK Proof Verification
In-process DashMap
Benchmark proof →
291µs
Dilithium Attestation
ML-DSA sign + verify
Benchmark proof →
2.17M
Auth/sec Sustained
38.5µs per auth
Benchmark proof →
Zero
False Positives
Cryptographic, not probabilistic
ENCRYPTED AI

Fraud Detection Without Plaintext

Traditional fraud detection requires plaintext access to biometric data. That creates a paradox: the system protecting your data needs unrestricted access to it. H33 eliminates the paradox entirely.

The Server Never Decrypts. Period.

Every fraud detection vendor on the market operates on plaintext. They decrypt your users' biometrics, analyze them, and promise to delete the data afterward. You're trusting their word against a breach that hasn't happened yet.

H33's three AI agents operate on data encrypted under BFV fully homomorphic encryption. The biometric template, the verification computation, and the fraud analysis all happen in ciphertext space. A complete breach of H33's infrastructure exposes only encrypted ciphertexts — computationally infeasible to decrypt even with quantum computers, thanks to lattice-based post-quantum security.

Deepfakes fool 97% of liveness detection systems. H33's approach is mathematically immune — because the biometric data is never decrypted. You can't deepfake what you can't see.

01
Biometric Encrypted Client-Side
BFV FHE encryption before the template leaves the device. Server receives only ciphertext.
02
FHE Matching + AI Agents (Parallel)
Encrypted inner product + 3 fraud agents run concurrently on ciphertext.
~939µs (32 users) + ~2.35µs (ML)
03
ZK-STARK Proof Generation
Zero-knowledge proof that verification was correct. Post-quantum via SHA3-256.
0.059µs verification
04
Dilithium Attestation + Fraud Flags
ML-DSA signed attestation includes fraud detection results + risk score.
~291µs batch attestation
05
Response Ships
Client receives verified/rejected status, fraud flags, risk scores, and signed attestation. One API call.
38.5µs per auth total
INTEGRATION

One API Call. Full Fraud Pipeline.

Fraud detection is not a separate service. It is embedded in every authentication response. No extra SDK, no webhook, no second API call. The agents run inside the pipeline and their results ship with the attestation.

Authentication Response with Fraud Detection JavaScript 
// 1. Initialize the H33 client
const h33 = new H33Client({ apiKey: "h33_pk_..." });

// 2. Capture biometric & encrypt client-side (BFV FHE)
const embedding = await h33.biometric.capture("face");
const encrypted = await h33.fhe.encrypt(embedding);

// 3. Authenticate — fraud detection included automatically
const result = await h33.auth.verify({
  userId:    "user_abc123",
  biometric: encrypted,  // FHE ciphertext, never plaintext
});

// Authentication result
result.verified          // true
result.attestation      // Dilithium-signed proof (post-quantum)
result.zkProof          // ZK-STARK verification hash

// Fraud detection flags (included in every response)
result.fraud.harvest_detected    // false — no HNDL pattern
result.fraud.sidechannel_flag    // false — no timing anomaly
result.fraud.crypto_health       // "optimal" — all params valid
result.fraud.deepfake_score      // 0.003 — genuine biometric
result.fraud.risk_level          // "low"
result.fraud.agent_latencies     // { harvest: "0.69µs", sidechannel: "1.14µs", crypto: "0.52µs" }

// All fraud analysis performed on encrypted data via FHE
// Plaintext NEVER touches the server. Verify →
COMPARISON

H33 vs. Traditional Fraud Detection

Every fraud vendor in the market decrypts your data to analyze it. That is the vulnerability. H33 is the only fraud detection system that operates entirely on encrypted data.

Capability H33 AI Fraud Detection Traditional Fraud Systems
Data access model Encrypted only — FHE ciphertext analysis Requires plaintext access
Detection latency 0.52 – 1.14µs per agent 50 – 500ms typical
Deepfake resistance Cryptographic — ciphertext pattern analysis Probabilistic — pixel/audio heuristics
Post-quantum secure Yes — lattice FHE + Dilithium + Kyber No — RSA/ECDSA broken by QC
False positive approach Zero in production — cryptographic validation Statistical — tunable thresholds
Breach exposure Zero — only FHE ciphertexts stored Full plaintext biometric data
HNDL protection Active detection + PQ crypto Not addressed
Integration Embedded in auth response — 1 API call Separate service — additional latency
FAQ

Frequently Asked Questions

How does H33 detect deepfakes during authentication?

H33's Harvest Detection Agent analyzes biometric authentication patterns at 0.69 microseconds median latency. It identifies AI-generated faces, synthetic biometric templates, and replay attacks by detecting statistical anomalies in the encrypted biometric data — without ever decrypting it. The agent is compiled natively in Rust and runs inside the FHE pipeline, operating entirely on ciphertext. Traditional liveness detection analyzes pixels. H33 analyzes encrypted mathematical structure, which is why deepfakes that fool cameras cannot fool the pipeline.

What is synthetic identity fraud and how does H33 prevent it?

Synthetic identity fraud combines real and fabricated information to create personas that pass traditional KYC checks. Each individual data point appears legitimate, which is why rules-based systems miss it entirely. H33 prevents this by requiring biometric verification under fully homomorphic encryption — a fabricated biometric template produces statistically distinct noise patterns in ciphertext space that the AI agents detect at sub-microsecond speed, regardless of how convincing the identity documents are.

Does H33 fraud detection work with encrypted data?

Yes. This is the entire point. All three AI agents — Harvest Detection, Side-Channel Detection, and Crypto Health Monitor — operate exclusively on FHE-encrypted data. They never see plaintext biometrics or credentials. The agents analyze patterns in ciphertext space: timing characteristics, noise distributions, and cryptographic parameter health. This is not a compromise; encrypted analysis is fundamentally more secure because there is no plaintext to steal, even from a compromised server.

What is H33's false positive rate for fraud detection?

Zero false-positive incidents in production. The detection methodology is cryptographic, not probabilistic. H33 validates mathematical properties of the authentication data — FHE noise budgets, ZK proof validity, signature chain integrity — rather than making behavioral predictions with tunable confidence thresholds. When a fraud flag is raised, it indicates a concrete cryptographic anomaly. Not a statistical guess. Not a "high confidence" prediction. A mathematical proof.

How does H33 protect against credential stuffing?

H33 eliminates credential stuffing by eliminating credentials. Authentication uses FHE-encrypted biometric templates, not passwords. There are no passwords to stuff. The Side-Channel Detection Agent adds a second layer by monitoring request patterns at 1.14 microseconds per check, identifying bulk automated requests, timing anomalies, and replay attempts. Even if an attacker obtains encrypted templates from a breach, they are computationally infeasible to decrypt or reuse without the client-side secret key.

What is harvest-now-decrypt-later and how does H33 prevent it?

Harvest-now-decrypt-later (HNDL) is the threat that makes every non-PQ encryption scheme a ticking clock. Adversaries collect encrypted data today with the intent to decrypt it using future quantum computers. H33 prevents HNDL with two layers: first, all cryptography uses NIST-standardized post-quantum algorithms (ML-KEM/Kyber for key exchange, ML-DSA/Dilithium for signatures) that resist quantum attacks. Second, the Harvest Detection Agent actively identifies HNDL collection patterns at 0.69 microseconds per check — flagging anomalous data collection behavior in real-time before the data leaves the network.
GET STARTED

Stop Trusting the Server. Start Proving the Math.

Three AI agents. Sub-microsecond latency. Zero plaintext exposure. This is what fraud prevention looks like when you stop trusting the server. Free tier includes 10,000 authentications per month.

Get Free API Key → Read the Docs