Working with Custom Metadata

You can supply the Keyri risk engine with custom metadata about the events your users generate and build rules that utilize this data. This enables you to create custom rules that are specific to your business and the events that are important to you.

Sending Custom Metadata

Custom metadata should be sent to Keyri from your server at the same time as you send the encrypted fingerprint object. See server setup for more details.

const url = '';
// Create Payload
const sendBody = {
  // this comes from the client application
  encryptedB64Payload: 'eyJjbGllbnRFbmNyeX...U4UmVJK09wOHc9PSJ9',
  // the string "undefined" is special. It tells our API to give the user
  // the same "userId" as their "deviceId"
  userId: 'abc123',
  // This can be anything - but "visits","login","signup","access" are common.
  eventType: 'withdrawal',
  // This can be anything you want to use for later analytics or rules
  metadata: { key: 'value', amount: '500' },
  // We need you to give us the IP address of the client
  // We need you to give us the headers the client gave you
  headers: event.headers,
  // This is your public encryption key. ( > setup & credentials > Service Encryption Key)
  // If not provided, you'll have to decrypt the payload yourself
// Send and receive response
let processedData = await fetch(url, {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify(sendBody),
let processedDataJson = await processedData.json();

Using Custom Metadata in Rules

When creating custom rules in the low-code or no-code rule builder, the metadata for the current event can be accessed through eventMetadata.<key>, and historical metadata for the user or device can be accessed through userModel.metadata.<key> or deviceModel.metadata.<key>, respectively, where <key> is the key of the metadata you want to access.

Example Rules Using Custom Metadata

See example custom rules for a more complete list of custom rules. A few examples of rules using custom metadata are:

  1. Override Keyri's Risk Determination with your Own Risk Model
  2. Limit Transactions to a Certain Amount
  3. Limit Transaction Totals over a Period of Time
  4. Block High-Value Transactions from a New Country
  5. Transaction Anomaly Detection