π‘οΈ SentinelPay - Real-Time Fraud Detection & Prevention Engine
Postgraduate Software Engineering
Author: Teboho Mokoni
Domain: FinTech - Digital Payments & Financial Crime Prevention
Peer engagement: β 28 stars Β· π΄ 37 forks Β· 5 merged external PRs
What is SentinelPay?
SentinelPay is an intelligent, real-time fraud detection and prevention engine designed for modern financial institutions and FinTech platforms. It combines streaming transaction processing, machine learning inference, behavioural analytics, and automated response orchestration to identify and neutralise fraudulent activity before it causes financial damage - at sub-100ms latency, at scale.
In 2026, card-not-present fraud, identity spoofing, and AI-generated synthetic identity attacks are the dominant threat vectors in digital payments. SentinelPay is architected specifically to combat these threats using an event-driven microservices backbone, ensemble ML models (gradient boosting + transformer-based anomaly detection), and a feedback loop that continuously retrains on confirmed fraud signals.
What SentinelPay Will Do Once Completed
- Ingest live transaction streams from payment processors, mobile wallets, and banking APIs via Kafka event pipelines
- Score every transaction in real time using a multi-model ML ensemble (XGBoost + Isolation Forest + fine-tuned DistilBERT for merchant text signals)
- Enforce automated rule-based and ML-driven decisions: approve, flag for review, or block - with configurable thresholds per customer risk tier
- Alert customers and fraud analysts instantly via push notification, SMS, and a case management dashboard
- Learn continuously through an MLOps feedback loop - confirmed fraud cases retrain and redeploy models with zero downtime
- Explain every decision via SHAP-based explainability reports, satisfying regulatory requirements (POPIA, PSD2, GDPR)
- Audit all decisions with tamper-evident logs for compliance and forensic investigation
π Quick Start
Prerequisites
| Tool | Version |
|---|---|
| Python | 3.12+ |
| Git | 2.40+ |
| Docker (optional) | 24.0+ |
Local Setup
# Clone
git clone https://github.com/Teboho66/SentinelPay.git
cd SentinelPay
# Create virtual environment
python -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt
# Start the API
cd "Assignment 12"
python run.pySwagger UI: http://localhost:8000/docs Health check: http://localhost:8000/health
Docker
docker compose upπ§ͺ Running Tests
# Assignment 10 - Domain models + creational patterns (105 tests)
cd "Assignment 10"
PYTHONPATH="FraudRule:src:." pytest tests/ -v
# Assignment 11 - Repository layer (67 tests)
cd "Assignment 11"
PYTHONPATH="../Assignment 10:." pytest tests/ -v
# Assignment 12 - Service layer + REST API (116 tests)
cd "Assignment 12"
PYTHONPATH=".:../Assignment 10:../Assignment 11" pytest tests/ -vTotal: 288 tests - 0 failures
π‘ API Reference
The full API is documented at /docs (Swagger UI) and /redoc.
Transactions /api/transactions
| Method | Endpoint | Description |
|---|---|---|
POST |
/api/transactions |
Submit transaction for fraud evaluation |
GET |
/api/transactions |
Get all transactions |
GET |
/api/transactions/flagged |
Get all HARD_BLOCK transactions |
GET |
/api/transactions/{id} |
Get transaction by ID |
POST |
/api/transactions/{id}/decision |
Apply ML ensemble fraud decision |
DELETE |
/api/transactions/{id} |
Delete transaction |
Fraud Cases /api/fraud-cases
| Method | Endpoint | Description |
|---|---|---|
POST |
/api/fraud-cases |
Create investigation case (HIGH/CRITICAL only) |
GET |
/api/fraud-cases |
Get all cases |
GET |
/api/fraud-cases/queue |
Analyst queue sorted P1βP2βP3 |
GET |
/api/fraud-cases/{id} |
Get case by ID |
PATCH |
/api/fraud-cases/{id}/assign |
Assign to analyst |
PATCH |
/api/fraud-cases/{id}/resolve |
Resolve CONFIRMED / DISMISSED |
DELETE |
/api/fraud-cases/{id} |
Delete dismissed case |
ML Models /api/ml-models
| Method | Endpoint | Description |
|---|---|---|
POST |
/api/ml-models |
Register new model version |
GET |
/api/ml-models |
Get all models |
GET |
/api/ml-models/production |
Get PRODUCTION models |
GET |
/api/ml-models/{id} |
Get model by ID |
POST |
/api/ml-models/{id}/evaluate |
Record evaluation metrics |
PATCH |
/api/ml-models/{id}/promote |
Promote through lifecycle |
PATCH |
/api/ml-models/{id}/hot-swap |
Reload artifact without restart |
DELETE |
/api/ml-models/{id} |
Delete non-PRODUCTION model |
π€ Contributing
See CONTRIBUTING.md for setup, coding standards, and PR process.
- Fork this repo
- Pick a
good-first-issue - Create a branch, make your change, write tests
- Open a PR linking to the issue
See ROADMAP.md for planned features across 7 phases.
π Repository Structure
SentinelPay/
β
βββ ββ Assignments 3β9 (Specification, Architecture, Planning, Modeling) ββ
β
βββ Assignment 3/ β System specification + C4 architecture
βββ Assignment 4/ β Stakeholder analysis + SRD (15 FR + 18 NFR)
βββ Assignment 5/ β Use case modeling + test cases
βββ Assignment 6/ β Agile planning (14 stories, Sprint 1)
βββ Assignment 7/ β GitHub Kanban board
βββ Assignment 8/ β State + activity diagrams (8 each)
βββ Assignment 9/ β Domain model + Mermaid class diagram
β
βββ ββ Assignment 10 β Domain Code + Creational Patterns ββ
β
βββ Assignment 10/
β βββ src/models/ β Transaction, Account, FraudAlert, RiskScore,
β β AuditLog, FraudRule, PaymentMethod, Notification
β βββ FraudRule/
β β βββ creational_patterns/β Simple Factory, Factory Method, Abstract Factory,
β β Builder, Prototype, Singleton
β βββ tests/ β 105 tests
β
βββ ββ Assignment 11 β Repository Layer ββ
β
βββ Assignment 11/
β βββ repositories/ β Generic Repository[T,ID] + 7 entity interfaces
β βββ repositories/inmemory/ β HashMap implementations
β βββ factories/ β RepositoryFactory (MEMORY/FILESYSTEM/DATABASE)
β βββ stubs/ β FileSystem + Database future backends
β βββ tests/ β 67 tests
β
βββ ββ Assignment 12 β Service Layer + REST API ββ
β
βββ Assignment 12/
β βββ mapping/ β TransactionService, FraudCaseService,
β β MLModelService (business logic)
β βββ handlers/routes/ β FastAPI route handlers
β βββ config/ β Pydantic schemas + dependency injection
β βββ api/ β FastAPI app entry point
β βββ repositories/ β Local repo copies for A12
β βββ services/exceptions.py β Domain exceptions β HTTP status codes
β βββ docs/openapi.json β OpenAPI 3.1 spec
β βββ run.py β Server startup script
β βββ tests/ β 116 tests (service unit + API integration)
β
βββ ββ Assignment 13 β CI/CD Pipeline ββ
β
βββ .github/workflows/ci.yml β GitHub Actions: lint + 3 test jobs + wheel + Docker
βββ Dockerfile β Multi-stage Docker build
βββ docker-compose.yml β Local stack with API
βββ requirements.txt β Python dependencies
βββ pyproject.toml β Package config + wheel build
βββ Assignment 13/
β βββ Protection.md β Branch protection rules + justification
β βββ docs/screenshots/ β Branch protection, CI passing, PR blocked,
β Swagger UI screenshots
β
βββ ββ Assignment 14 β Open-Source Readiness ββ
β
βββ CONTRIBUTING.md β Contributor guide (setup, standards, PR process)
βββ ROADMAP.md β 7 phases of planned features
βββ LICENSE β MIT License
βββ VOTING_RESULTS.md β 28 β stars, 37 π΄ forks
βββ Assignment 14/
β βββ REFLECTION.md β 650-word reflection on open-source collaboration
β βββ docs/screenshots/ β voting_results.png
β
βββ ββ Assignment 15 β Cross-Project Contributions ββ
β
βββ Assignment 15/
β βββ CONTRIBUTIONS.md β Main submission file
β βββ CONTRIBUTION_PLAN.md β Strategy + selected issues
β βββ MERGED_PRS.md β 3 merged PRs across 4 repos
β βββ REFLECTION.md β Collaboration lessons learned
β βββ docs/screenshots/
β βββ first-peer-contribution/ β TailorFit β PR merged β
β βββ second-peer-contribution/ β ClinicEase β PR opened
β βββ third-peer-contribution/ β Manga project β PR merged β
β βββ forth-peer-contribution/ β CarWash β PR merged β
β
βββ README.md β This fileπ Key Documents
Assignment 3 - System Specification & Architecture
| Document | Description |
|---|---|
| SPECIFICATION.md | Full system specification - domain, problem statement, functional & non-functional requirements, use cases, and data models |
| ARCHITECTURE.md | C4 architectural diagrams - all 4 levels (Context, Container, Component, Code) with Mermaid diagrams and Architecture Decision Records |
Assignment 4 - Stakeholder Analysis & Requirements Documentation
| Document | Description |
|---|---|
| STAKEHOLDER_ANALYSIS.md | 8 stakeholders with detailed roles, key concerns, pain points, success metrics, influence levels, and conflict analysis |
| SRD.md | System Requirements Document - 15 functional requirements with acceptance criteria + 18 non-functional requirements across 6 quality attribute categories |
| REFLECTION.md | Reflection on challenges faced in balancing stakeholder needs during requirements elicitation |
Assignment 5 - Use Case Modeling and Test Case Development
| Document | Description |
|---|---|
| USE_CASE_DIAGRAM.md | UML use case diagram (Mermaid) with 7 actors, 14 use cases, and full written explanation of actors, relationships, and stakeholder alignment |
| USE_CASE_SPECIFICATIONS.md | 8 detailed use case specifications with description, preconditions, postconditions, basic flow, and alternative flows |
| TEST_CASES.md | 10 functional test cases + 2 NFR test scenarios (performance load test + security penetration test) in table format |
| REFLECTION_A5.md | Reflection on challenges translating requirements to use cases and test cases |
Assignment 6 - Agile Planning
| Document | Description |
|---|---|
| AGILE_PLANNING.md | 14 user stories, MoSCoW product backlog with Fibonacci story points, Sprint 1 plan with 27 tasks, and full traceability matrix |
| REFLECTION_A6.md | Reflection on challenges in Agile prioritisation, estimation, and planning as a solo developer |
Assignment 7 - GitHub Kanban Board
| Document | Description |
|---|---|
| template_analysis.md | Comparison of 4 GitHub project templates, justification for selecting Automated Kanban, and 7-column customisation plan |
| kanban_explanation.md | Kanban board definition, workflow visualisation, WIP limits, and Agile principles alignment |
| reflection.md | Lessons learned - GitHub Projects vs Trello vs Jira, WIP limit enforcement gaps, template customisation challenges |
Assignment 8 - State and Activity Modeling
| Document | Description |
|---|---|
| state_diagrams.md | 8 UML state transition diagrams (Transaction, Fraud Case, ML Model Version, Customer Dispute, Audit Record, Step-Up Auth, Account Profile, Kafka Offset) with guard conditions and FR mapping |
| activity_diagrams.md | 8 UML activity diagrams with swimlanes, decision nodes, and parallel actions (ingestion, scoring, decision, step-up auth, case review, model retraining, dispute, audit report) |
| a8_reflection.md | Reflection on granularity decisions, aligning diagrams with Agile stories, and state vs activity diagram comparison |
Assignment 9 - Domain Model and Class Diagram
| Document | Description |
|---|---|
| Domain_model.md | Domain model covering 7 core entities (Transaction, FraudCase, MLModel, AuditRecord, AccountProfile, CustomerDispute, StepUpChallenge) with attributes, methods, business rules, and entity relationships |
| Class_diagram.md | Full Mermaid.js UML class diagram with associations, aggregations, compositions, inheritance, and multiplicity across all domain entities |
| A9_reflection.md | Reflection on abstraction challenges, class diagram alignment with prior assignments, trade-offs, and OO design lessons |
ποΈ GitHub Project Board
The SentinelPay Sprint Board is managed using GitHub Projects with a customised Automated Kanban template.
Board: SentinelPay Sprint Board
Board Customisation
The default Automated Kanban template was extended with 4 additional columns to match the SentinelPay development workflow:
| Column | Purpose | WIP Limit |
|---|---|---|
| Sprint 2 Backlog | Should-have and Could-have stories deferred from Sprint 1 | None |
| Sprint 1 - To Do | Must-have stories committed for Sprint 1 delivery | None |
| In Progress | Actively being developed | Max 2 |
| Testing | Implementation complete, test cases being executed | Max 2 |
| Blocked | Cannot proceed - dependency or blocker identified | None |
| In Review | Complete, under final self-review | Max 1 |
| Done | Meets Definition of Done from AGILE_PLANNING.md | None |
Why Automated Kanban: GitHub's automation rules (auto-move on issue open, close, reopen, PR merge) keep the board accurate without manual updates - critical for a solo developer managing 27 sprint tasks across 14 user stories.
βοΈ CI/CD Pipeline
Every push to any branch triggers CI. Merging to main triggers CD.
Push to any branch
β
βΌ
βββββββββββββββββββββββββββββββ
β CI (runs on every branch) β
β lint β ruff checks β
β test-a10 β 105 tests β
β test-a11 β 67 tests β
β test-a12 β 116 tests β
βββββββββββββββββββββββββββββββ
β merge to main only
βΌ
βββββββββββββββββββββββββββββββ
β CD (main branch only) β
β build β Python wheel β
β docker β GHCR image β
β release β GitHub Release β
βββββββββββββββββββββββββββββββBranch protection on main:
- 1 approving review required
- All 4 CI status checks must be green
- Direct pushes blocked
- Linear history enforced
π Open-Source Contributions (Assignment 15)
Contributions made to 4 classmate repositories:
| Project | Issue | PR | Status |
|---|---|---|---|
| TailorFit | good-first-issue #40 | Submitted | β Merged |
| ClinicEase | Issue #13 | Submitted | π In Review |
| Manga Project | Issue #12 | Submitted | β Merged |
| CarWash | Issue #76 | Submitted | β Merged |
3 out of 4 PRs merged. Screenshots of each contribution are in Assignment 15/docs/screenshots/.
𧱠Technology Stack
| Layer | Technology |
|---|---|
| API Framework | Python 3.12 Β· FastAPI 0.115 |
| Data Validation | Pydantic 2.x |
| Testing | pytest Β· pytest-cov Β· httpx |
| Containerisation | Docker Β· Docker Compose |
| CI/CD | GitHub Actions |
| Container Registry | GitHub Container Registry (GHCR) |
| ML (planned) | XGBoost Β· Isolation Forest Β· DistilBERT |
| Streaming (planned) | Apache Kafka 3.x |
| Database (planned) | PostgreSQL 16 Β· Redis 7 Β· Cassandra |
| MLOps (planned) | MLflow Β· Apache Airflow |
| Observability (planned) | Prometheus Β· Grafana Β· OpenTelemetry |
π³ Local Full-Stack Development with Docker
Run the SentinelPay FastAPI service together with PostgreSQL and Redis using Docker Compose from the repository root. The API currently uses in-memory repositories, but the local infrastructure is available for contributors working on database- and cache-backed features.
Prerequisites
- Docker
- Docker Compose
Start the full stack
docker compose up --buildDocker Compose starts these local services:
| Service | Host URL / Port | Purpose |
|---|---|---|
| API | http://localhost:8000 | SentinelPay FastAPI application |
| PostgreSQL | localhost:5432 |
Local relational database |
| Redis | localhost:6379 |
Local cache / message broker dependency |
Default local connection settings are configured in docker-compose.yml:
| Variable | Value |
|---|---|
DATABASE_URL |
postgresql://sentinelpay:sentinelpay@postgres:5432/sentinelpay |
POSTGRES_DB |
sentinelpay |
POSTGRES_USER |
sentinelpay |
POSTGRES_PASSWORD |
sentinelpay |
POSTGRES_HOST |
postgres |
POSTGRES_PORT |
5432 |
REDIS_URL |
redis://redis:6379/0 |
REDIS_HOST |
redis |
REDIS_PORT |
6379 |
The API waits for PostgreSQL and Redis health checks before starting. Once the stack is running, open:
- API health check: http://localhost:8000/health
- Swagger UI: http://localhost:8000/docs
To stop the stack and keep local data volumes:
docker compose downTo stop the stack and remove local PostgreSQL/Redis volumes:
docker compose down -vProject Stats
| Category | Count |
|---|---|
| Assignments completed | A3βA15 |
| Functional Requirements | 15 |
| Non-Functional Requirements | 18 |
| Domain entities | 7 |
| Creational patterns | 6 |
| REST API endpoints | 21 |
| Tests passing | 288 |
| CI/CD pipeline jobs | 8 |
| GitHub β Stars | 28 |
| GitHub π΄ Forks | 37 |
| External PRs merged | 3 |
Domain
FinTech - Digital Payments & Financial Crime Prevention
π Assignment Index
| # | Focus | Key Deliverable |
|---|---|---|
| A3 | System specification + C4 architecture | ARCHITECTURE.md |
| A4 | Stakeholder analysis + requirements | SRD.md β 15 FR + 18 NFR |
| A5 | Use case modeling + test cases | USE_CASE_SPECIFICATIONS.md |
| A6 | Agile planning | AGILE_PLANNING.md β 14 stories |
| A7 | GitHub Kanban board | Sprint Board β 7 columns |
| A8 | State + activity diagrams | 8 state + 8 activity diagrams |
| A9 | Domain model + class diagram | Class_diagram.md |
| A10 | Domain code + 6 creational patterns | 105 tests |
| A11 | Repository layer | 67 tests |
| A12 | Service layer + REST API | 21 endpoints Β· 116 tests |
| A13 | CI/CD pipeline + branch protection | ci.yml Β· Dockerfile |
| A14 | Open-source readiness | CONTRIBUTING.md Β· 28β Β· 37π΄ |
| A15 | Cross-project contributions | 3 merged PRs |
SentinelPay - Because every millisecond between a transaction and a fraud signal costs money.