The honeybot intercepts before the transfer confirms.

A step-by-step walk through how AVIEL's AI agent enters the fraud conversation, stalls the scammer, and hands your fraud ops a complete profile.

Abstract visualization of a payment conversation being intercepted mid-flow, dark network graph with a highlighted interception node

From scammer contact to fraud ops alert

Every interception follows the same sequence — invisible to the customer, invisible to the scammer, fully logged for your fraud ops team.

01

Customer receives contact from a scammer

The scammer impersonates a bank, utility, or investment platform. They establish trust via SMS, in-app message, or email thread. The customer begins to respond — and starts to believe.

02

AVIEL trigger fires on unusual payment intent

Your PSP stack sees a payment intent forming outside normal behavioral patterns. AVIEL's webhook listener flags the session. The trigger is silent — no visible change for the customer or scammer.

03

Honeybot injects into the communication channel

AVIEL's AI agent enters the conversation thread, presenting as a legitimate verification or hold step. The customer sees only a standard confirmation delay. The scammer continues engaging — with AVIEL.

04

Scammer engages — gets fingerprinted

The honeybot adapts its conversation style to match the scam type — investment fraud, impersonation, romance. It stalls with plausible friction while capturing device fingerprint, phone number metadata, message cadence, and language patterns.

05

Fraud ops receives real-time alert with full profile

Your fraud ops queue receives a structured alert: scam type classification, intercept timestamp, stall duration, scammer device hash, phone number, conversation graph. Transfer flag issued. The customer never confirms. The scammer never collects.

The honeybot is a trained AI agent, not a rule.

A rule-based response system can be learned and detected. A fixed template gets fingerprinted. The AVIEL honeybot is a fine-tuned conversation model — it adapts response cadence, friction level, and vocabulary to match the specific scam type (investment impersonation, authorised bank transfer, HMRC, romance). The scammer can't distinguish it from the PSP's legitimate hold process, which is precisely what keeps them engaged long enough to expose their device and communication fingerprint.

Technical Specification

Model Conversation model fine-tuned on APP fraud corpus
Latency Real-time channel injection < 800ms
Fingerprint schema Device + number + language pattern + behavior cadence
Stall duration Median 4h 12m across all intercept types
Scam type coverage Investment, impersonation, romance, HMRC
Abstract concept of an AI agent operating within a conversation thread — stylized dark visualization

What lands in your fraud ops queue.

INTERCEPT ACTIVE AVIEL Honeybot Alert — Investment Impersonation
Scam type Investment impersonation
Intercept time 14:32 GMT
Stall duration 4h 12m (ongoing)
Scammer number +44 7xxx xxxx (flagged)
Device hash a8f3d2e1... (new fingerprint)
Transfer status FLAGGED — awaiting ops review

Common questions

Ready to see it live?