Apache beam is the underlying engine we use for fraud detection. Based on proprietary heuristics we can provide the application with a confidence score the user is legit. Its up to the sec/product teams to determine when specific actions need additional verification like one time token via email or captcha. Just two examples.