Share the article
Subscribe for updates
Sardine needs the contact information you provide to us to contact you about our products and services.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Product updates - Q1 2024

Hey Fraud & Compliance Squad 🐟

Sardines move pretty quickly, and so does our product team. Last quarter, we released over 25 features into production. Here are some highlights below 👇

Device Intelligence & Behavior Biometrics

Bot detection improvements. Our bot solution can now detect over 15 tools commonly used for bot attacks, such as Selenium, BlueStacks, cURL. We can also detect residential proxies with a high degree of accuracy, which is considered to be one of the essential tools to launch these distributed attacks. 

In addition to our bad bot detection, we’ve built an extensive database of over 70 web crawlers to distinguish between bad bots and good bots. Our solution can even tell when a bad bot is using these crawlers as a mask to bypass checks.

Deep fake detection: We've enhanced our mobile emulator detection capabilities to identify fraudsters spoofing their webcam streams during document verification or selfie liveness checks.

Fraud prevention 

Card to name matching: Validate whether a credit or debit card belongs to the user it's registered under. Currently available in the US, Canada, and the UK, this feature is crucial for merchants handling guest checkouts, combating carding attacks, and preventing account takeovers and family fraud. If you’re interested in using this solution, please reach out to your account manager or contact

  • Guest checkout:  If you support payment only by phone number (i.e. non-logged in experience), the card that’s used to process the payment can be validated against the phone number.
  • Carding attacks: For any card additions to newly created accounts, card match signals can be used to protect against use of unauthorized card numbers
  • Account takeovers: For existing accounts using new cards, mismatches between added cards and existing account details could be indicators of account takeovers. 
  • Family fraud: These signals could be used to prevent accidental or unauthorized use of cards by family members, such as children or a spouse.

Merchant risk scoring. Assess the risk level of merchants and advertisers using our business lookup API, which provides comprehensive data including the company’s legal name, corporate structure, contact information, merchant category, homepage tags, business domain risk score, social media links, customer sentiment, average monthly card swipes, card revenue, payment terminal software, and location. If you’re interested in using this solution, please reach out to your account manager or contact

Risk Engine 

New rules and logical operations: Users can now change the execution order of the rules directly from the Rules page. This is useful if you have a rule whose input logic is dependent on the output of another rule, or the overall risk level of the session, so that the user can move the dependent rule lower in the execution order ranking for accurate results. 

Cool off/Snooze alerts: We are beta testing the ability to snooze alerts for a specified duration when a rule is triggered by a customer who has been previously reviewed and cleared. This feature includes the following functionality:

  • Automatic triggers: The system automatically identifies when a customer triggers a rule that they have been previously reviewed and cleared for. Upon detection, the cool-off period is initiated, temporarily halting further alerts for the specified duration.

  • Enhanced decisioning: During the cool-off period, the system continues to monitor the customer's transactions and activities. If any new suspicious behavior is detected during this time, alerts are generated for immediate review, allowing for swift intervention when necessary.

  • Configurable parameters: Configure the duration and the queue where the cool off/snooze period will be applied. This ensures that the feature can be tailored to suit the specific requirements and risk appetite of each institution.

If you’re interested in becoming a design partner for this solution, please reach out to your account manager or contact

Additional risk engine improvements:

  • Developed fingerprinting technique to detect Linux users impersonating OS/Windows.
  • You can now access a chart showing feature importance after a model run.

Investigative Tools

Upgraded dashboard UI: Based on user feedback, we've updated our dashboard UI for improved navigation and are testing out a timeline view to help investigators track events in a customer's account chronologically. 

Users can also explore their data without having to specify a datapoint.

And we’ve added a timeline view to allow investigators to see all of the events that happened on the customer account in chronological order and take action on them. 

Dispute management automation: Sardine can now manage chargebacks and submit evidence (in line with Compelling Evidence 3.0) on your behalf to make the process more efficient and less labor-intensive. You can easily view all of your chargebacks, set up templates for disputes, and generate a comprehensive evidence package with one click.


Business Verification

We have surfaced all of the business details that the client has onboarded into a business details page. Now, clients can spend more time within Sardine and don’t need to go to any other platform, streamlining efficiency.

Transaction Monitoring

Card issuing transaction batches (routines). Added the ability to build batch transaction monitoring on issuing transactions. Routines are an advanced look back and aggregation capability designed to augment Sardine’s novel real-time aggregations and rule execution with the ability to run asynchronous checks. These batch jobs leverage a SQL-like query interface and can be scheduled one-time or recurring to address common AML use cases such as structuring. When a Routine fires or ‘hits’ on a transaction the result is that you can send that transaction to a queue, which you designate in the UI when building a Routine. 

Connected Components Routines. The connected components routine is an ideal solution for Fraud and Compliance analysts looking to identify large groups of interconnected users. This feature allows you to review connected users, visualize their connections, the larger network graph, and make decisions based on the findings of an investigation. 

Crypto Screening Reason Code Mapping. Added additional granularity to the TRM wallet screening reason codes. Previously, some of our reason codes were grouped together (e.g. scam, ICO scam, ponzi scheme, etc.). Now, they are all separate - legacy codes were kept so clients wouldn’t need to change rules on their side - but clients can now change rules and monitoring based on this granularity.

Case Management

Case Permissions: Imagine permissions like in Google Sheets or Docs. A system where owners of a case can invite others to access the case by specifying their user name through a shareable link. The current functionality gives read and edit access to users.  

File Upload. Within a case, we have introduced a File Upload widget to Case Management that allows customers to upload relevant files/documents/images to a case. This is also available on activity reports

Alert management: We’ve upgraded our alert management (queues), which includes a whole host of new features and improvements including:

  • Group alerts: We have built out the ability to group alerts by entities, starting with customers, to make it simpler and more efficient in analyzing an alert. 
  • Session risk level alerting: You can now also alert based on a sessions’ risk level 

Activity Reporting - SAR filing

SAR Generation Download. This feature extends our Activity Reporting capability to pre-fill SARs/UARs with data from Sardine so you can cut down the time spent on filling out activity reports. It also enables you to upload images in the narratives and download the SAR as a PDF or DOC.

CTR Templating and Reporting. We have also built out the ability to create the CTR using Sardine’s templating engine.

Share the article
About the author
Eduardo Lopez
Head of Marketing