H33-Share: Cross-Bank Encrypted Fraud Intelligence

The Problem: Siloed Fraud Data, Shared Fraud Losses

A fraudster opens an account at Bank A with a synthetic identity. The application triggers a velocity flag — three new accounts in 72 hours. Bank A declines the application. The fraudster moves to Bank B, then Bank C. Neither bank knows about Bank A's velocity flag. The synthetic identity opens an account at Bank C, takes out a $50,000 line of credit, and vanishes. Bank C absorbs the loss.

This is not a hypothetical. Synthetic identity fraud costs U.S. financial institutions an estimated $6 billion per year. The Federal Reserve has called it the fastest-growing type of financial crime. The core problem is not detection — individual banks have increasingly sophisticated fraud models. The problem is isolation. Each bank operates on its own data, blind to signals from every other institution the fraudster has touched.

The obvious solution is a shared fraud database. But every attempt to build one hits the same wall: no bank will expose customer transaction data, behavioral patterns, or risk scores to competitors. The legal exposure under GLBA, CCPA, and GDPR is catastrophic. The reputational risk is existential. So banks continue to fight fraud alone, and fraudsters continue to exploit the gaps between them.

Core Thesis

If fraud signals cannot be shared without exposing customer data, then the banking system will always be weaker than the fraudsters who move between institutions. H33-Share breaks this deadlock: every signal is FHE-encrypted before it leaves the bank, and homomorphic computation builds cross-institution fraud scores without any party seeing raw data.

How It Works: The H33-Share Pipeline

H33-Share is a seven-stage pipeline. The first five stages apply to all tiers. Stages 6 and 7 activate at Share-2 and above, adding Kyber secure aggregation and federated model training.

Stage 1 — Signal Encrypt + Ingest

FHE-Encrypted Signal Submission

The originating bank encrypts each fraud signal using BFV Fully Homomorphic Encryption before it leaves the bank's infrastructure. The plaintext signal — velocity count, amount deviation, geographic distance, device hash — is never transmitted. H33 receives only ciphertext. Signal ingest costs 0 units to incentivize maximum participation.

BFV FHE

Client-side encrypt

0 units (FREE)

↓

Stage 2 — Homomorphic Accumulation

Cross-Bank Score Building

Encrypted signals from multiple banks are accumulated homomorphically — BFV addition and multiplication on ciphertexts, with no decryption at any point. The accumulated score reflects fraud signals across all participating institutions, but the individual bank contributions remain encrypted and unlinkable. 1 unit per category.

Homomorphic add/mul

Cross-institution

1 unit/category

↓

Stage 3 — Score Decrypt + Differential Privacy

Privacy-Preserving Score Release

The accumulated fraud score is decrypted and calibrated differential privacy noise is added before release. At Share-1 and above, the privacy budget is epsilon=2.0, ensuring that no individual bank's contribution can be reverse-engineered from the final score. The requesting bank receives a noisy aggregate — useful for fraud decisions, useless for de-anonymization. 2 units.

Decrypt

DP noise (ε=2.0)

2 units

↓

Stage 4 — Dilithium Attestation

Post-Quantum Score Signing

Every fraud score is signed with CRYSTALS-Dilithium (ML-DSA-65, FIPS 204). The signature proves that the score was computed by H33-Share, was not tampered with in transit, and will remain verifiable even against quantum computers. Included in all tiers.

Dilithium ML-DSA-65

FIPS 204

Included

↓

Stage 5 — SHA3-256 Commitment

Audit Trail Commitment Chain

A SHA3-256 commitment is generated for every score query, binding the requesting bank, the fraud categories queried, the DP parameters, and the timestamp into a non-repudiable audit record. Regulators can verify the commitment chain without accessing raw scores. Included in all tiers.

SHA3-256

Commitment chain

Included

↓

Stage 6 — Kyber Secure Aggregation

Post-Quantum Key Exchange for Multi-Party Rounds

For Share-2 and above, multi-party aggregation rounds use CRYSTALS-Kyber (ML-KEM-768) for key exchange between participating banks. Each round establishes ephemeral shared secrets without relying on RSA or ECDH, which are vulnerable to quantum attack. Aggregation results are encrypted under the shared key before distribution. 5 units per round.

Kyber ML-KEM-768

Ephemeral keys

5 units (Share-2+)

↓

Stage 7 — Federated Model Update

Collaborative Training Without Data Centralization

Share-2+ participants contribute encrypted gradient updates to a federated fraud detection model. Each bank trains locally on its own data and shares only encrypted model updates — never raw training data. The global model improves across all participants while each bank's transaction history remains strictly local. 3 units per update.

Federated learning

Encrypted gradients

3 units (Share-2+)

Service Tiers: From Basic Signals to Dedicated Consortiums

H33-Share offers four tiers, each adding capabilities on top of the previous. Every tier includes Dilithium attestation and SHA3-256 commitment chains at no additional unit cost.

Tier	Units/Query	Categories	Differential Privacy	Advanced Features
Share-0	5	2 categories	Basic DP	Dilithium-signed scores
Share-1	10	All 8 categories	Calibrated (ε=2.0)	FHE velocity signals
Share-2	20	All 8 categories	Calibrated (ε=2.0)	+ Kyber secure aggregation + federated training
Share-3	35	All 8 + custom	Custom ε	+ Dedicated consortium, custom weights, 99.99% SLA, priority scoring

Share-0 is designed for community banks and credit unions that want basic cross-institution velocity and amount checks at the lowest possible cost. Share-3 is for top-50 banks that want a private consortium with custom fraud category weights, tunable privacy budgets, and a contractual SLA backed by cryptographic attestation.

The Eight Fraud Signal Categories

H33-Share classifies every fraud signal into one of eight categories. Each category is accumulated independently, allowing banks to query specific risk dimensions rather than a single opaque score.

⚡

Velocity

Account openings, login attempts, transaction frequency within time windows. The primary indicator for synthetic identity and account takeover attacks. FHE-encrypted counters accumulate across institutions without revealing individual bank volumes.

High signal for synthetic ID

💰

Amount

Transaction size deviations, unusual transfer patterns, sudden balance changes. Encrypted amount signals are accumulated as homomorphic sums, revealing aggregate anomalies without exposing individual transaction values.

Cross-bank amount patterns

🌎

Geography

Impossible travel, jurisdiction hopping, IP geolocation mismatches. Geographic signals are particularly powerful when shared across banks — a login from Lagos at Bank A followed by an in-branch visit in Dallas at Bank B within the same hour is invisible to either bank alone.

Impossible travel detection

📱

Device

Device fingerprint collisions, emulator detection, rooted device flags, SIM swap indicators. When the same device fingerprint appears across multiple banks in rapid succession, the cross-institution signal is orders of magnitude stronger than any single bank's view.

Cross-bank device linkage

👥

Behavioral

Session patterns, navigation anomalies, typing cadence deviations, mouse movement signatures. Behavioral biometric signals are encrypted as feature vectors and accumulated across institutions to detect bot-driven or scripted account manipulation.

Behavioral biometric signals

📅

Account Age

New account risk scoring, dormant account reactivation, time-to-first-transaction patterns. Synthetic identities often show correlated account age patterns across multiple banks — all opened within the same narrow window.

Synthetic identity age correlation

🔗

Network

Beneficiary overlap, shared contact details, linked phone numbers, email domain clustering. Network graph signals reveal fraud rings that span multiple institutions — a pattern completely invisible to any single bank.

Fraud ring detection

⏰

Time-Pattern

Transaction timing clusters, off-hours activity, weekend/holiday spikes, time-zone inconsistencies. Automated fraud operations produce timing signatures that become statistically significant only when observed across multiple banks.

Automated fraud timing

At Share-0, banks select any 2 categories per query. Share-1 and above unlock all 8 categories in a single query. Share-3 adds the ability to define custom category weights — a bank that sees disproportionate geographic fraud can weight that category higher in their consortium's scoring model.

The Cryptographic Stack: Six Layers Deep

H33-Share is not a single algorithm bolted onto a database. It is six cryptographic primitives, each solving a specific problem, composed into a pipeline that is post-quantum secure end-to-end.

CRYPTOGRAPHIC STACK h33_share_pipeline

// 1. FHE (BFV) — Signal Privacy
BFV.encrypt(fraud_signal, bank_pk)         // client-side, before transmission
BFV.add(ct_bank_a, ct_bank_b)             // server-side homomorphic accumulation
BFV.decrypt(accumulated_ct, consortium_sk) // score decrypt (authorized parties only)

// 2. Differential Privacy — Individual Signal Protection
DP.add_noise(score, epsilon=2.0, sensitivity=1)  // calibrated Laplace noise

// 3. Dilithium (ML-DSA-65) — Score Attestation
Dilithium.sign(score_payload, h33_sk)     // post-quantum signature on every score
Dilithium.verify(score_payload, sig, h33_pk) // verifiable by any party

// 4. SHA3-256 — Audit Commitment Chain
SHA3(bank_id || categories || dp_params || timestamp)  // non-repudiable audit record

// 5. Kyber (ML-KEM-768) — Secure Aggregation (Share-2+)
Kyber.encaps(peer_pk) → (shared_secret, ct)  // ephemeral PQ key exchange

// 6. Federated Learning — Collaborative Model Training (Share-2+)
FL.encrypt_gradient(local_update, shared_key)  // encrypted model update
FL.aggregate(encrypted_updates[])                // global model improvement

Every primitive in this stack is post-quantum secure. BFV is lattice-based. Dilithium and Kyber are NIST FIPS standardized. SHA3 is quantum-resistant at 128-bit security. Differential privacy is information-theoretic — no computational assumption to break. The entire pipeline survives a cryptographically relevant quantum computer.

Why FHE Instead of MPC or Secure Enclaves?

Multi-party computation (MPC) requires all participating banks to be online simultaneously for interactive rounds — operationally impractical for a consortium of 50+ institutions across time zones. Secure enclaves (SGX, SEV) depend on hardware trust assumptions and have suffered repeated side-channel attacks (Foreshadow, RIDL, Plundervolt). FHE has neither weakness: signals can be submitted asynchronously, and the security guarantee is mathematical, not hardware-dependent. The tradeoff is compute cost, which H33's BFV implementation handles at ~967 microseconds per 32-signal batch.

Signal Ingest Is Free: The Network Effect

The most important design decision in H33-Share is that signal ingest costs 0 units. Banks pay nothing to contribute fraud signals. They only pay when querying accumulated scores.

This is not a loss leader. It is a network effect engine. The value of H33-Share scales with the number of participating banks. A consortium of 5 banks has limited cross-institution coverage. A consortium of 500 banks sees virtually every fraud pattern across the financial system. Free ingest removes the friction that would slow adoption and ensures that the fraud signal pool grows as fast as possible.

For contributing banks, the economics are asymmetric in their favor: they contribute signals they were already computing internally (velocity checks, amount deviations, device fingerprints) at zero marginal cost, and in return they get access to the accumulated intelligence of every other bank in the consortium. The more they contribute, the more valuable the network becomes for everyone — including themselves.

Differential Privacy: What Banks Actually Need to Know

FHE protects individual signals during computation. Differential privacy protects them in the output. Even after a score is decrypted, the DP noise ensures that no individual bank's contribution can be reverse-engineered from the aggregate.

H33-Share uses the Laplace mechanism with calibrated noise:

DIFFERENTIAL PRIVACY dp_parameters

// Share-0: Basic differential privacy
epsilon = 5.0          // higher epsilon = less noise = less privacy
sensitivity = 1       // max contribution of one bank to the score
noise ~ Laplace(0, 1/5.0)  // scale = sensitivity / epsilon

// Share-1+: Calibrated differential privacy
epsilon = 2.0          // stronger privacy guarantee
sensitivity = 1       // bounded contribution per bank
noise ~ Laplace(0, 1/2.0)  // more noise, more privacy

// Share-3: Custom epsilon (consortium-negotiated)
epsilon = custom       // between 0.5 and 5.0, per consortium policy

At epsilon=2.0 (Share-1+), the probability that any specific bank contributed to a score changes by at most a factor of e² (~7.4x) whether or not that bank participated. In practice, this means a querying bank learns that a subject has cross-institution fraud signals, but cannot determine which specific banks flagged them or what the individual signal values were.

This matters for compliance. GLBA prohibits sharing non-public personal information with non-affiliated third parties without consent. H33-Share's combination of FHE (signals never leave encrypted form) and DP (aggregate scores cannot identify contributing banks) means participating banks are sharing encrypted intelligence, not customer data.

Volume Pricing: Fraud Intelligence at Scale

H33-Share uses the same credit-based pricing as all H33 products. Volume discounts make large-scale fraud screening economically viable even for high-volume transaction processors.

Monthly Volume	$/Unit	Share-1 (10u)	Share-2 (20u)
<25K queries	$0.060	$0.60	$1.20
25K – 250K	$0.040	$0.40	$0.80
250K – 2.5M	$0.025	$0.25	$0.50
2.5M – 25M	$0.012	$0.12	$0.24
25M+	$0.006	$0.06	$0.12

At the highest volume tier, Share-2 costs $0.12 per query — full FHE encryption, Kyber secure aggregation, Dilithium attestation, calibrated differential privacy, and federated model training. For context, a single chargeback costs a bank $20–$100 in direct and indirect expenses. Catching one fraudulent transaction per 200 queries pays for the entire Share-2 deployment.

Cost Comparison

Traditional fraud consortium services (EWS, Zelle Network, GIACT) charge $0.50–$3.00 per inquiry and provide no cryptographic privacy guarantee. H33-Share at 25M+ volume delivers stronger fraud signals (8 encrypted categories, cross-institution accumulation, calibrated DP) at $0.06–$0.12 per query — a 4x to 50x reduction — with post-quantum cryptographic attestation on every result.

Kyber Secure Aggregation: Post-Quantum Multi-Party Rounds

Share-2 and Share-3 unlock multi-party aggregation rounds where groups of banks compute joint fraud models. These rounds require key exchange between participants — and H33-Share uses CRYSTALS-Kyber (ML-KEM-768) instead of ECDH or RSA.

The difference matters. RSA-2048 and ECDH-P256 are broken by Shor's algorithm on a sufficiently large quantum computer. Kyber is a lattice-based key encapsulation mechanism standardized by NIST as FIPS 203. Its security does not depend on the difficulty of integer factorization or discrete logarithms. A quantum computer that breaks every RSA and ECDSA key in the banking system leaves Kyber untouched.

Each aggregation round establishes ephemeral Kyber shared secrets between participants. The round results — accumulated fraud signals and model gradients — are encrypted under these shared secrets before distribution. Even if a future attacker records the ciphertext today and builds a quantum computer tomorrow, the encrypted round data remains secure.

Federated Learning: Better Models Without Data Centralization

Share-2+ participants contribute to a federated fraud detection model. The training process works as follows:

Local training — Each bank trains a local model on its own transaction data. The raw data never leaves the bank's infrastructure.
Gradient encryption — The local model update (gradient) is encrypted using the Kyber shared secret established during the aggregation round.
Encrypted aggregation — H33-Share collects encrypted gradients from all participating banks and aggregates them homomorphically. No gradient is ever decrypted individually.
Global model distribution — The aggregated global model update is distributed to all participants, encrypted under each bank's individual key.

The result is a fraud model that improves across all participating institutions without any bank's transaction data, customer behavior, or risk scores being centralized, shared, or visible to any other party. Each bank benefits from the collective intelligence of the consortium while maintaining complete data sovereignty.

What This Replaces

The cross-bank fraud intelligence market is not new. But every existing solution requires trust assumptions that H33-Share eliminates.

Capability	H33-Share	Traditional Consortiums
Signal privacy	FHE-encrypted (never decrypted server-side)	Plaintext or tokenized
Score computation	Homomorphic accumulation (zero trust)	Central database queries
Output privacy	Calibrated DP (ε=2.0)	None or coarse thresholds
Score attestation	Dilithium ML-DSA-65 (PQ-safe)	None or RSA/ECDSA
Key exchange	Kyber ML-KEM-768 (PQ-safe)	ECDH or TLS-only
Audit trail	SHA3-256 commitment chain	Database logs
Model training	Federated (data stays local)	Centralized or none
Quantum resistance	End-to-end post-quantum	None

The Regulatory Case: GLBA, CCPA, and Beyond

Bank fraud teams want cross-institution intelligence. Bank legal teams say no. The gap between what fraud operations need and what compliance will approve is the core adoption barrier for every consortium product.

H33-Share is designed to collapse this gap. Three properties make the regulatory conversation fundamentally different:

No raw data transmission — Under GLBA, sharing non-public personal information (NPI) with non-affiliated parties requires customer notice and opt-out. H33-Share transmits only FHE ciphertexts. The encrypted signal is not NPI — it is computationally indistinguishable from random noise to any party without the decryption key.
Differential privacy on output — Even after score decryption, calibrated DP noise ensures that individual bank contributions cannot be isolated. Under CCPA's "deidentified data" safe harbor, data that cannot reasonably be used to identify any individual or entity is exempt from most obligations.
Cryptographic audit trail — Every query, every score computation, every DP parameter choice is committed to a SHA3-256 chain with Dilithium attestation. Regulators can audit the system's behavior without accessing raw scores or signals, and every audit record is independently verifiable.

The legal argument is not "trust us, we protect the data." The legal argument is "the data is mathematically inaccessible, the output is provably noisy, and every operation is cryptographically committed." That is a different conversation with a different outcome.

Deployment: API Integration

H33-Share exposes a clean REST API. A bank's fraud engine calls the API at the point of decision — account opening, transaction authorization, credit application — and receives a Dilithium-signed fraud score with category breakdowns.

REST API h33_share_endpoints

// Signal submission (0 units — FREE)
POST   /api/v1/share/signals                    Submit FHE-encrypted fraud signal
POST   /api/v1/share/signals/batch              Batch submit (up to 1000 signals)

// Score queries (metered)
POST   /api/v1/share/score                      Query fraud score (select categories)
POST   /api/v1/share/score/bulk                 Batch score query (up to 100 subjects)

// Aggregation rounds (Share-2+)
POST   /api/v1/share/rounds/join                Join aggregation round (Kyber handshake)
POST   /api/v1/share/rounds/{id}/contribute    Submit encrypted gradient
GET    /api/v1/share/rounds/{id}/result        Retrieve aggregated model update

// Audit & verification
GET    /api/v1/share/audit/{query_id}           Retrieve SHA3 commitment + Dilithium sig
POST   /api/v1/share/verify                     Verify score attestation (public key)

Integration is a single API call in the existing fraud decision pipeline. The bank's fraud engine submits a subject identifier (hashed), selects fraud categories, and receives a scored response with Dilithium attestation — typically in under 50ms including network round-trip. No infrastructure changes. No on-premise deployment. No data migration.

Built for the Post-Quantum Banking System

The banking industry faces a convergence of three pressures: fraud losses are accelerating (synthetic identity fraud grew 85% from 2023 to 2025), quantum computing is advancing (IBM's 1,121-qubit Condor processor, Google's Willow), and regulators are mandating post-quantum cryptography migration (NIST FIPS 203/204, OMB M-23-02). Banks need cross-institution fraud intelligence today, and they need it to remain secure for decades.

H33-Share is the only cross-bank fraud intelligence product where:

Signal contributions are free — 0 units to submit, removing the adoption barrier that kills consortium network effects.
No raw data ever leaves the bank — only FHE-encrypted ciphertexts are transmitted, computed on, and accumulated.
Every result is post-quantum signed — Dilithium ML-DSA-65 attestation on every score, verifiable by any party, secure against quantum attack.
Differential privacy prevents re-identification — calibrated Laplace noise (epsilon=2.0) makes individual bank contributions unrecoverable from aggregate scores.
Federated training keeps data local — models improve across the consortium without centralizing training data.
Every operation is committed — SHA3-256 commitment chain provides a non-repudiable audit trail that regulators can independently verify.

That is the product. Fraud intelligence that banks can actually share. Privacy that regulators can actually verify. Cryptography that quantum computers cannot break.