One API · every risk decision

The Protect API for businesses that can't get it wrong.

The same behavioural risk engine that protects people, as an API. Score any link, wallet, email, entity, transaction or behaviour pattern in milliseconds — one HTTPS call in, a scored and explained decision out. EU-built, fail-closed, auditable, and sharper every day.

Read the quickstart Request an API key

Explainable verdictsEU data residency Fail-closed authNo per-seat tax Pay per call

Scroll

The moat

Data you can't get anywhere else.

Most risk APIs resell the same lists everyone has. Vilkax exposes its own moat: a calibrated intel core, combination-aware fraud and scam taxonomies, an on-chain graph with multi-hop fund-tracing, and the cross-domain angle no single-lane vendor can see — that an inbound counterparty is receiving the proceeds of a romance or pig-butchering scam.

Accurate

Live threat intelligence fused from on-chain data, sanctions lists, phishing corpora and a network of real users. Calibrated and regression-tested, tuned for high precision.

Auditable

No black box. Each verdict returns the reasons, the matched evidence and a confidence, with a stable explain id for disputes and reviews.

Private & fail-closed

Inputs aren't training fodder. Auth fails closed: a missing or inactive key denies, never opens. Run on our EU edge, or self-host on Enterprise.

Quickstart

Live in an afternoon.

Three steps: get a key, make one authenticated call, act on the explained verdict. Every example below targets a real, live endpoint on https://vilkax.com.

Get a key

Request a partner key (vlx_live_…) and a tier. We issue it; the plaintext is shown once.

Authenticate

Send Authorization: Bearer vlx_live_… on every request. Each endpoint needs a scope.

Decide

POST a signal bundle, get back a verdict + reasons + confidence + a stable explain id. Approve, review or block.

Pay for use

Transparent per-call metering. A unit = one call; deep fused signals bill at 3. Check /api/partner/v1/usage any time.

# POST a signal bundle, get one explained decision back. curl -X POST https://vilkax.com/api/partner/v1/decide \ -H "Authorization: Bearer $VILKAX_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "signals": [{ "id": "process.remote_access_tool", "value": 0.9 }, { "id": "text.urgency_pressure", "value": 0.8 }, { "id": "transfer.outbound_initiated", "value": 1.0 }], "context": { "action_kind": "transfer" } }' → { "ok": true, "billed_units": 3, "decision": { "type": "remote_access_fraud", "action": "review", "confidence": 0.9, "score": 84, "why": "Remote-access tool + urgency while a transfer is initiated.", "humanReviewRequired": true } }

// Node 18+/browsers: native fetch. A tiny wrapper is all you need. const res = await fetch("https://vilkax.com/api/partner/v1/decide", { method: "POST", headers: { "Authorization": `Bearer ${process.env.VILKAX_API_KEY}`, "Content-Type": "application/json", }, body: JSON.stringify({ signals: [{ id: "process.remote_access_tool", value: 0.9 }, { id: "text.urgency_pressure", value: 0.8 }], context: { action_kind: "transfer" }, }), }); const { decision } = await res.json(); if (decision.action === "block") hold(); else if (decision.action === "review") queueForReview(decision.why);

# Python 3 + requests import os, requests res = requests.post( "https://vilkax.com/api/partner/v1/decide", headers={"Authorization": f"Bearer {os.environ['VILKAX_API_KEY']}"}, json={ "signals": [{"id": "process.remote_access_tool", "value": 0.9}, {"id": "text.urgency_pressure", "value": 0.8}], "context": {"action_kind": "transfer"}, }, ) decision = res.json()["decision"] print(decision["action"], decision["why"])

API reference

The live endpoints. No vapourware.

Every endpoint below is a real, deployed route. Auth is Authorization: Bearer vlx_live_<key>, the API is versioned v1, and the verdict contract (allow / review / block) is stable across model updates. The machine-readable OpenAPI 3.1 spec describes them all.

MethodEndpointScopeUnits

POST/api/partner/v1/decideFused, explainable decision from a signal bundle (+ optional text / OSINT hint).decide3

POST/api/business/v1/risk/decideB2B fraud decisioning from a PII-free feature vector. Tier-gated channels.risk:decide3

GET/api/partner/v1/signals/lookup?type=email|url|entity&q=… — URL / email / entity signal lookup.signals:read1–3

GET/api/intel/v1/risk/lookup?type=email|phone|domain|ip|wallet&value=… — Scammer Reputation Index (Pro+).risk:lookup1

POST/api/nexus/v1/kyt/screenKnow-Your-Transaction: wallet / tx / counterparty → allow|review|block (Pro+).kyt:screen3

GET/api/partner/v1/usageCurrent-month units, quota, rate limit, per-endpoint breakdown. Not metered.usage:read0

Auth & scopes

Bearer key on every call. A key carries scopes (e.g. decide, kyt:screen); a wildcard signals:* grants the family. Missing / inactive / under-scoped fails closed — it never silently downgrades to a free read.

Sandbox & graceful degrade

When a provider source isn't configured for your key yet, the response is still well-formed and scored, with "degraded": true and an honest note — never a false all-clear. Build against the real response shape before sources are fully provisioned.

The contract

Predictable errors. Honest headers.

Every error is { "ok": false, "error": "<code>", "detail"?: "…" } with a documented status. Metering and limits ride in response headers so you can budget and back off precisely.

Error codes

401 invalid_authMissing or malformed Authorization: Bearer header.

401 invalid_api_keyKey not recognised (no active row matches the SHA-256 hash).

403 insufficient_scopeKey authenticated but lacks the scope this endpoint needs.

403 tier_gatedEndpoint needs a higher tier (e.g. SRI and KYT require Pro+). The response names your tier so the upgrade is transparent.

400 bad_body / no_signalsBody wasn't valid JSON, or carried no known signal id / feature.

400 pii_in_featuresA feature id smuggled raw PII. Send opaque signal ids only — never a card / SSN / email.

413 body_too_largeRequest body exceeded the per-endpoint limit (16–32 KB).

429 rate_limitedPer-minute burst limit hit. Honour Retry-After and back off.

429 quota_exceededMonthly metered-unit quota for the tier exhausted. Upgrade or wait for the period to roll.

503 db_not_boundBacking store briefly unavailable — retry. Never returned as a false success.

Response headers

x-billed-unitsUnits this call consumed (also in the body as billed_units).

x-response-timeServer compute time for the call.

x-ratelimit-limit / -remainingPer-minute burst budget for your tier.

retry-afterSeconds to wait after a 429 rate_limited.

x-quota-limit / x-quota-usedMonthly metered-unit quota and consumption.

Idempotency & retries

Decisioning is pure and deterministic — the same bundle always yields the same verdict — so a retried /decide is safe by construction. (A dedicated idempotency-key header is on the roadmap for write-style endpoints.)

Pagination

The usage endpoint returns the full current period in one response (no cursor needed). List endpoints that page will document a cursor param when they ship.

Versioning

Everything is under /v1. The allow / review / block verdict contract is stable; we add fields, we don't break them.

# Screen a payout wallet before you release funds (KYT, Pro+). curl -X POST https://vilkax.com/api/nexus/v1/kyt/screen \ -H "Authorization: Bearer $VILKAX_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "chain": "eth", "address": "0xabc…" }' → { "ok": true, "billed_units": 3, "screening": { "verdict": "review", "risk_score": 61, "categories": ["mixer_proximity"], "coverage": "partial", "human_review_required": true } }

The AI

Explainable AI, not a black box.

A lone signal is usually innocent — a remote-access tool runs during real IT support, "urgent" appears in a real bank alert. The danger is the co-occurrence. The engine fuses signals so the combinations that are the fraud and coercion playbooks escalate beyond the sum of their parts, while a single tell stays quiet — and every verdict comes back explained.

AI decisioning + explanations

One fused call returns the threat type, severity, confidence and the action — plus the reasons, the evidence and a stable explain id. The decision core is deterministic; the AI sharpens the explanation, never the safeguards.

AI Ops · best-engine-wins

Vilkax routes across AI providers (Azure OpenAI, Anthropic, OpenAI-compatible, Workers AI, an in-house model, with a deterministic fallback), monitors drift and quality, and accounts every call — so the answer is always the best available, never a single point of failure.

RAG-corroborated intel

The intel core folds live web and source corroboration into the calibrated decision, so an explanation is backed by current evidence — not a stale blocklist. Safeguards are enforced in the engine: behaviour, not people; assessment, never accusation; the highest-stakes categories are human-review-only.

Where it fits

Drop a decision anywhere a yes / no / review happens.

Fintech and crypto for fraud and sanctions; marketplaces and social for trust & safety; insurance, eldercare and telco for the vulnerable-customer and account-takeover moments. One API, the same safeguards everywhere.

Onboarding & KYB

Stop synthetic and sanctioned signups before they cost you, without friction for good users.

Checkout & payouts

Screen the destination before you release funds. Catch drainer addresses and mixer exposure pre-sign with KYT.

Support & trust ops

Hand agents an instant verdict on a suspicious link or message instead of a guess.

Marketplaces

Score listings, sellers and payout wallets continuously, not just at signup.

Crypto & fintech

Wallet and counterparty risk with the evidence regulators expect.

Risk & compliance

Sanctions, the SRI and OSINT depth for the teams that need it, on the same API.

Pricing

Priced like a pro risk API. You scale on usage, not seats.

Developer

Free

1,000 units / mo

All signal types. Community support. Evaluate with zero commitment.

Starter

€99

/ mo · 25,000 units

Then ~€0.006 each. Email support. For early products going live.

Growth

€499

/ mo · 200,000 units

Then ~€0.004 each. Pro-tier endpoints (KYT, SRI), priority support.

Scale

€1,999

/ mo · 1,000,000 units

Then ~€0.002 each. Higher burst limits, dedicated channel.

Enterprise

Custom

self-host / EU-dedicated

Volume pricing, solutions engineer, DPA, OIDC SSO.

How metering works

One unit = one check. Light signals (URL, email, SRI) bill 1 unit; deep fused signals (a /decide call, a KYT screen, an entity fan-out) bill 3. The monthly quota counts units, not raw requests, so the meter matches the price. You only pay for the calls you make.

Why it's priced this way

A single prevented fraud loss pays for years of calls, so checks stay cheap and you scale on usage, not seats. Free tier to prove value, transparent metering with volume discounts, enterprise contracts for residency and compliance. No lock-in. Prices are launch guidance, finalised per workload.

Trust

Built for the audit, not just the demo.

EU-built, EU-resident

Edge-served from Europe; data stays in the region you choose.

PII-safe by design

The decisioning endpoints consume opaque signal ids, never raw PII — and reject a feature vector that smuggles any. Inputs aren't training fodder.

Explainable & auditable

Every verdict ships with reasons, evidence and a stable explain id.

Self-host option

Run the engine inside your perimeter for full residency and control (Enterprise).

Compliance-ready

SOC 2 path, DPA on request, sanctions sourcing documented for examiners. SSO via OIDCSAML/SCIM roadmap

Stable contract

allow / review / block verdicts that never break on a model update.

FAQ

The honest answers.

How do I get an API key?

Request one from the contact form — we issue your vlx_live_ key and tier and the plaintext is shown once. A fully self-serve key portal is on the way; until then a request takes minutes.

Is the free tier really free?

Yes. 1,000 units a month, all signal types, no card.

What counts as a "unit"?

One check. Light signals bill 1 unit; deep fused checks (a decision, a KYT screen) bill 3. Track it any time at /api/partner/v1/usage.

What happens when a source isn't configured for my key?

The response is still well-formed and scored, with "degraded": true and an honest note — never a false clear. You can build against the real shape immediately.

Where does my data go?

EU edge, no training on your inputs, self-host available on Enterprise. The decisioning endpoints never store raw PII.

Is there an SDK?

The API is plain HTTPS + JSON, so the fetch wrappers above are all you need today. First-party SDKs are to follow.

Built for the businesses that can't get it wrong.

Start free, wire one call, and decide with evidence from day one.

Request an API key Read the quickstart