Vilkax
VILKAX
Personal Business Developers
Live endpoints Request an API key
Vilkax Protect API

The risk-decision API for builders who can't ship a guess.

One HTTPS call in. A scored, explained verdict out: action, reasons, evidence and confidence. EU-built, PII-free, fail-closed auth, pay per call.

allow review block
Scroll
One call in, one decision out

POST a signal bundle.
Get an explained verdict.

No raw PII, ever. Send opaque signal ids and context. Get back an action, a score and the reason behind it, in one round trip.

  • Fail-closed auth. Missing or under-scoped keys are refused, never downgraded.
  • Never a false clear. If a source is not live, the response says "degraded": true.
decide.sh200 OK · 42ms
# POST a signal bundle, get one explained decision back
curl -X POST https://vilkax.com/api/partner/v1/decide \
  -H "Authorization: Bearer $VILKAX_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "signals": [
      { "id": "process.remote_access_tool", "value": 0.9 },
      { "id": "text.urgency_pressure",       "value": 0.8 },
      { "id": "transfer.outbound_initiated", "value": 1.0 }
    ],
    "context": { "action_kind": "transfer" }
  }'
 {
    "action": "review",
    "score": 84,
    "why": "Remote-access tool + urgency during a transfer."
  }
Quickstart

Live in an afternoon.

Get a key, make one call, act on the verdict. Every example targets a real, live endpoint.

01
Get a key
We issue a partner key vlx_live_… and a tier. The plaintext is shown once; we store only its SHA-256 hash.
02
Authenticate
Send Authorization: Bearer on every request. Each endpoint needs a scope the key carries.
03
Decide
POST a signal bundle, get back the verdict, score, reasons and confidence. Approve, queue, or block.
04
Pay for use
Transparent metering. Light lookups bill 1 unit, deep fused calls bill 3, usage is free.
API reference

The live endpoints. No vapourware.

Real, deployed routes on https://vilkax.com. Fields add, never break.

MethodEndpointScopeUnits
POST/api/partner/v1/decideSignal bundle to scored, explained verdict.decide3
POST/api/business/v1/risk/decideB2B fraud decision from a PII-free vector.risk:decide3
GET/api/partner/v1/signals/lookupemail · url · entity reputation lookup.signals:read1-3
GET/api/intel/v1/risk/lookupScammer Reputation Index.risk:lookup1
POST/api/nexus/v1/kyt/screenKnow-Your-Transaction: wallet or tx to allow · review · block.kyt:screen3
POST/api/business/v1/guard/evaluateChargeback risk scoring (advisory).guard:evaluate3
POST/api/business/v1/guard/disputeChargeback received to representment evidence packet.guard:dispute1
GET/api/partner/v1/usageCurrent-month units, quota, breakdown. Not metered.usage:read0
Chargeback risk scoring

A fraud API that
scores every order.

One call returns a 0 to 100 hazard score and an advisory verdict. If an order disputes, the representment evidence packet is ready to file with your acquirer.

Score at request time
Guard returns a 0 to 100 hazard score and an advisory verdict, all in one call. Thresholds are per tenant.
Cross-domain moat
Draws from the anti-scam intelligence layer. An inbound counterparty can be flagged as a social-engineering target before the transaction posts.
Representment evidence packet
POST a chargeback to /guard/dispute. Get back a packet: reason-code, evidence mapping, dispute strategy, ready for your acquirer.
Pricing

Pay per call. Start free.

Lookups bill 1 unit, deep calls 3, usage is free. No seat fees.

Free trial
€0/15 days
The full API against real, live endpoints. No card needed.
Every live endpoint
Partner key + tier
Transparent metering
Start free
Pay per call
from €149/mo
Usage-based pricing that scales with your volume. No seat fees, ever.
All decision + lookup endpoints
Guard chargeback risk scoring
1 / 3 / 0 unit metering
Request a key
Enterprise
Uncapped
Volume commitments and EU-dedicated data residency for regulated teams.
Uncapped throughput
EU-dedicated residency
Priority support + SLAs
Talk to us

See full pricing

FAQ

Common questions.

How do I get an API key?

Request one from the contact form. We issue your vlx_live_ key and tier; the plaintext is shown exactly once. A self-serve portal is on the way.

Can I send raw PII?

No. Decisioning endpoints take opaque signal ids only; raw PII is rejected with pii_in_features. Lookup values (email, phone, domain, IP, wallet) are hashed server-side.

Does the API score chargeback risk?

Yes, via the guard:* scope family. POST to /api/business/v1/guard/evaluate with a hashed order (no raw PII) and get back a 0 to 100 hazard score and an advisory verdict. If that order later disputes, POST the chargeback to /guard/dispute and receive a representment evidence packet, reason-code classification, evidence mapping and dispute strategy, ready to file with your acquirer.

How does Guard differ from Signifyd or Riskified?

They score isolated purchase signals within their merchant network. Guard additionally draws from the Vilkax anti-scam intelligence layer, the consumer-side behaviour patterns and entity-graph signals that protect people. An inbound counterparty can be scored against known social-engineering victim and mule patterns before the transaction posts. The advisory score is native to the API call, not a separate integration.

Request an API key

Built for builders who
can't ship a guess.

Start free, wire one call, and decide with evidence from day one. We issue your vlx_live_ key and tier.

Not building yet? Get on the developer early-access list and we'll email you the moment the Protect API opens.

Plain HTTPS + JSON · fail-closed auth · EU-built

Tweaks

Feel of the page