Build Smarter, Detect Faster, Integrate Anywhere: July’s Platform Enhancements

Our July release is packed with powerful new capabilities that give fraud and security teams more flexibility and control. From fully customizable user data structures and streamlined Orchestration deployments to advanced fraud insights and a bold step forward in API protection, this edition brings sharper visibility, stronger detection and easier integration across every layer of the Mosaic platform.

Highlights

Customize and Control Your User Data Structure With Custom Schema

We’re excited to introduce Custom Schema, a powerful new capability that lets you tailor the structure of user records to fit your business needs.

Now available in the Admin Portal under B2C Identity → Users → Edit Schema, this feature allows you to:

• Define custom attributes

• Set default values

• Enforce required fields

• Adapt the schema to support your unique identity model

Custom Schema gives you full control over how user data is structured, stored and displayed without compromising on performance, security or traceability.

For existing customers currently storing custom fields in the custom_data object, we recommend exploring a migration to the new Custom User Schema for improved structure, validation and visibility.

The Custom User Schema will also be available in our Orchestration service in Q4/2025, supporting use cases such as account opening (“Create User” step) and progressive profiling (“Update User” step), and enabling self-service user management via the Hosted UI.

* Early availability

Platform SDK Now Available via NPM

The Mosaic Platform SDK is now officially available through NPM as @transmitsecurity/platform-web-sdk, marking a major step forward in how customers can integrate with the Mosaic platform.

This new distribution method brings several key benefits:

• Stronger security and isolation by bundling the SDK directly in your app

• Reduced likelihood of browser privacy interventions

• Easier and more flexible integration workflows

• Built-in version control, enabling better awareness and promotion of updates

• Gradual rollout capability for safer deployments

• Optimized bundle size through tree-shaking support

* General availability

API Security Gets a New Home With Dashboard & Analytics

We’ve launched a dedicated Dashboard & Analytics experience for API Security bringing fraud and security teams a unified lens into API traffic patterns and emerging risk signals. With rich visualizations and flexible filters, analysts can zero in on suspicious activity, collaborate more effectively with security counterparts and get ahead of threats hiding in plain sight.

This update marks a foundational step toward full API protection lifecycle support: from visibility and detection to upcoming capabilities like real-time prevention and adaptive mitigation. Currently available for customers on Cloudflare and AWS. Want a closer look? Contact us to learn more.

* Early availability

Fraud Prevention

Collaborative Threat Intelligence for Stronger Fraud Prevention

A new Collaborative Threat Intelligence toggle lets your organization opt in to share and receive anonymized fraud and threat signals with other customers using the platform. When enabled, this setting connects you to a collective intelligence network, enhancing your ability to detect emerging threats using real-time signals observed across the broader ecosystem.

Participation is optional, data sharing follows strict privacy standards and the setting can be turned off at any time within your configuration.

* General availability

Add Custom Attributes to Trigger Action Events

You can now enrich events sent via the Trigger Action Event API with up to 10 custom attributes of your choice. These attributes can be strings, numbers or booleans, and must be configured in the Mosaic Admin Console.

This enhancement enables teams to:

• Tailor event payloads to business or investigative needs

• Segment users more precisely

• Improve traceability across downstream workflows and analytics

Common use cases include tagging user actions with internal IDs, marketing segments or experiment flags, streamlining fraud investigations and reporting.

* General availability

Enhanced Mobile Location Signals for Fraud Detection

Our Detection & Response services now support mobile-based geolocation signals to improve detection accuracy and reduce user friction. By collecting location data from GPS, Wi-Fi, and cellular networks, the system builds high-confidence geolocation profiles and flags deviations that may indicate risk.

The collection endpoint can be configured by scenario, desired accuracy and data freshness. Built-in detections include:

• New location

• Impossible travel

• Trusted location

• Location mismatches

• Location spoofing

Integrated into Detection & Response, this feature helps teams assess user context in real time with minimal effort.

* General availability (Android) – iOS support coming soon

Orchestration

Version Management APIs for Cross-Tenant Configuration

New APIs are available to import, export and validate Orchestration entity configurations across tenants, making it easier to manage journeys and components between environments.

This release also introduces an Environment Variables section that lets you define and manage reusable configuration values. These variables can be referenced in expressions, helping you streamline deployments and maintain consistency across dev, staging and production.

* Early availability

See What Connects to What With Orchestration Dependency Lists

Users can now view dependencies across all Orchestration entities—including Journeys, Sub-Journeys, External Connections and Keys & Credentials—through a dedicated Dependencies indicator. This makes it easier to understand relationships between components and assess the impact of changes before deploying.

* General availability

New Integration Guide: Shopify + Transmit Security

A new guide is available to help you quickly integrate Transmit Security’s risk and identity capabilities with Shopify. This quick-start walkthrough covers key setup steps for connecting your Shopify storefront to Mosaic.

* General availability

Customer Identity Management

Unlock User Authenticators via API for Faster Support Resolution

You can now unlock user authenticators programmatically through the API, making it easier to resolve account lockouts and reduce support overhead. This capability supports a range of authentication methods, including password, passkey, OTP, TOTP and PIN-code.

* General availability