Sharper Risk Analysis and Simpler Operations Across Mosaic

In this release, we introduce new capabilities across Mosaic that help teams analyze risk more clearly and simplify how they operate and integrate the platform. From AI-assisted explanations in risk workflows to stronger session integrity and easier event streaming, these updates are designed to make Mosaic simpler and increase confidence in decisions based on the signals that matter.

Highlights

Analyze Risk Recommendations with Spark

Risk analysis becomes faster and more transparent with Spark now available directly within the Investigate tab on the Recommendations page. Analysts can use Spark to instantly analyze and explain flagged activity, turning complex signals and events into clear, contextual narratives.

With this update, Spark helps teams understand why an activity was flagged, assess confidence in detections and quickly decide on next steps, reducing time spent interpreting raw data, making it easier to challenge or validate outcomes and supporting more consistent responses across fraud operations. For regulated environments, these AI-generated explanations can also streamline reporting and investigation by producing structured, easy-to-follow narratives grounded in historical and statistical context.

* General availability

Cross-Platform Enhancements

Manage Event Streaming Directly from the Mosaic Portal

Event streaming is easier to configure and manage with a new portal-based experience that centralizes control of streams across Mosaic. Instead of relying on manual API setup, teams can create, start and manage event streams directly from the Mosaic UI, simplifying how authentication, admin activity, fraud prevention and identity verification events are sent to downstream systems such as SIEMs and data platforms.

* General availability

Filter Event Streams to Send Only What Matters

The event streaming UI also supports event-level filtering, giving administrators finer control over which events are forwarded to SIEMs and other external systems. By filtering streams by event type, teams can reduce noise, lower storage and processing costs, and focus investigations on the most relevant signals.

* General availability

Fraud Prevention

Secure Session Tokens Strengthen Fraud Prevention in Backend Flows

Our Fraud Prevention SDK was enhanced with Secure Session Tokens, adding a stronger layer of protection for backend-triggered actions such as logins and transactions. By introducing cryptographically signed, device-bound session tokens, this capability helps prevent session token injection and other forms of session spoofing.

Secure Session Tokens can also be bound to specific action types and support flexible expiration policies, allowing teams to tailor protection based on risk sensitivity. This enhancement maintains backward compatibility, so existing implementations using regular session tokens continue to work while organizations adopt stronger session integrity controls at their own pace.

* General availability

Identity Verification

🪪 Text Tampering Detection Strengthens Identity Verification Against Fraudulent IDs

Identity Verification now includes enhanced detection for text tampering, addressing a common fraud technique where document manipulation extends beyond face photos. This capability helps identify alterations in critical textual fields such as names, dates and identification numbers by detecting techniques like font edits, overlays, character replacement and reprints, improving protection against fraudulent IDs.

* General availability

Orchestration

Search Bar Added to the “Add Step” Menu

Building journeys is faster and more intuitive with the addition of a search bar in the Add Step menu. Instead of scrolling through the full list of available steps, teams can quickly search and find the exact step they need, reducing friction and speeding up journey design.

* Available in sandbox