Digital lenders

Loan stacking detection & application fraud prevention

Catch fraudsters submitting hundreds of loan applications — different identities, same device.

Hawona Rodgers WisdomRobert OdhiamboRidan HawiTalk to Founders

Trusted by forward-thinking teams

3Payd logo
StartinEV logo
IBM logo
Duniafrika logo
Nailinq logo
Vabu logo
Grupchat logo
Lumeka logo
3Payd logo
StartinEV logo
IBM logo
Duniafrika logo
Nailinq logo
Vabu logo
Grupchat logo
Lumeka logo
3Payd logo
StartinEV logo
IBM logo
Duniafrika logo
Nailinq logo
Vabu logo
Grupchat logo
Lumeka logo

Overview

Digital lenders lose money when fraud rings flood a single platform with loan applications — hundreds of submissions to the same provider, often with different identities on one device, or the same identity applied again and again after each rejection.

KYC treats every application in isolation. Keverd fingerprints the device at the point of application and shows whether that device has already driven volume on your platform — before you approve or disburse.

The problem

What high-volume application fraud looks like

Application flooding

Hundreds of applications hit your lender in a short period — the same device cycling through different identities, or the same identity resubmitted after every decline. Review queues drown while losses compound.

Device-linked identities

Each submission looks like a new customer on paper. Keverd links them to one device cluster — plus automation, spoofed user-agents, and proxies that Keverd flags at session time.

The gap Keverd fills

KYC and bureau checks ask: is this ID valid, and has this person defaulted elsewhere? Keverd asks: how many applications has this device already submitted to us, and should this one proceed?

How Keverd solves it

Device intelligence at the point of application

When a borrower lands on your form, a lightweight script runs silently. It captures:

  • Device fingerprint and hardware metadata
  • Browser environment, headers, and user-agent integrity
  • True IP, timezone, and location context
  • Behavioural patterns — touch, typing cadence, session timing
  • Automation, bot, and emulator indicators
  • Velocity — how many applications this device has already submitted on your platform
1

Application page load

A lightweight script runs when the borrower opens the form. Device signals collect silently — the applicant sees nothing different.

2

Form submission

Your backend calls Keverd with the session token. In under 200ms you receive suspect_score, risk_tier, flags, and an ALLOW / REVIEW / BLOCK recommendation — before the record hits your database.

3

Disbursement guard

Optional check at payout: does the device still match the one that applied? Catches takeover and resubmission between approval and disbursement on your books.

Integration

Live in days — no LMS rebuild

Two components: a frontend script and a backend webhook. No schema overhaul — append Keverd fields as metadata on the application record.

Frontend script

  • One line on the application page — like analytics
  • Async load — negligible impact on page speed
  • Zero visible change for the applicant

Backend webhook

  • Called on form submit with session token
  • Typically under 200ms response
  • Returns device_id, suspect_score, risk_tier, flags[], true_ip, true_location, action_taken

Your loan system

  • LOW → proceed as today
  • HIGH → senior review queue
  • CRITICAL / BLOCK → hold and investigate
  • You set thresholds — Keverd supplies the score

Workflow

End to end — borrower and ops

  1. 1

    Borrower

    Opens the loan application page on phone or browser.

  2. 2

    Keverd

    Script fingerprints the device in the background. Session token is ready when they submit.

  3. 3

    Your API

    On submit, Keverd returns device_id, score, flags, and action — alongside the application payload.

  4. 4

    Your LMS

    LOW proceeds normally. HIGH goes to review. CRITICAL or BLOCK is held for investigation.

  5. 5

    Risk team

    Officers see Keverd context next to the application — not a black-box decline.

Field guide

Reading Keverd flags on applications

FlagWhat it meansHow to use it
BOTSession behaviour matches non-human patterns.Strong signal. Pair with AUTOMATION before auto-block.
AUTOMATIONForm likely submitted by a script.Treat as high risk on application flows.
USER_AGENT_SPOOFEDDevice misrepresents browser or OS.Common on scripted stacks. Review or block.
TIMEZONE_IP_MISMATCHTimezone does not match IP location.Context only — VPNs and travel can trigger legitimately. Do not block on this flag alone.
AD_BLOCKERAd blocker detected on device.Informational for lenders. Do not weight in suspect score for loan fraud.

First 30 days

What success looks like

  • 100%of applications receive a device score
  • 3–8%typical share flagged HIGH or CRITICAL (varies by portfolio)
  • Week 4device cluster report — e.g. 200 applications → 12 devices
  • <200msmedian API response on form submit
  • Day 30threshold review with Keverd based on your false positive rate

The most compelling week-four output: a device cluster map showing hundreds of applications on your platform tied to a handful of devices — different identities, same operator.

Default configuration

Tuned for digital lenders

Auto-blockCRITICAL tier or suspect score ≥ 85Application held — your team defines exact threshold
Review queueHIGH tier or score 60–84Routed to senior loan officer
Proceed normallyLOW tier, clean flagsNo added friction for the borrower
AD_BLOCKER flagIgnored in scoreNo meaningful correlation with loan fraud

Onboarding

5–7 working days to go live

  1. 01Share your loan application page URL for script placement review
  2. 02Add the Keverd JavaScript snippet to the application page template
  3. 03Configure the webhook on form submission with your API credentials
  4. 04Define auto-block and review thresholds with the Keverd team
  5. 05Run 20–50 test submissions to verify data flow
  6. 06Brief loan officers using the flag guide below
  7. 07Go live — Keverd monitors the first 48 hours
  8. 08Daily summaries for the first two weeks, then weekly

Known limitations

Interpret signals correctly

  • Keverd works at the device level — not proof of identity. It flags suspicious devices, not whether a person is who they claim to be.
  • A lone TIMEZONE_IP_MISMATCH is not fraud proof. Corporate VPNs and travel trigger it legitimately.
  • Keverd complements KYC and bureau checks — it does not replace them.
  • First-time devices have thin history. Value compounds as device records build.
  • Keverd reviews thresholds at day 30 based on your false positive and false negative rates.