Blockrails Technology

Blockrails™ eliminates the vulnerability of email as a source of information; establishes identity best practices, harnesses the power of artificial intelligence to detect and identify fraud, and leverages blockchain technology to protect all parties in a secure transaction.

At Blockrails™, we understand that having a fail-proof security platform to conduct business is a significant area of focus for everyone. This is why, as an emerging technology company, we pride ourselves on the core principle of eliminating fraud in B2B transactions.

intelligent platform

Our Stack

Blockrails™ is, at its core, a security-purpose platform and “safe room” that gives its users peace of mind that all parties, documents, and communications are fully secure to conduct any form of business financial transaction.

Blockrails™ incorporates a variety of customized technologies that yield a highly secure single API that can either be used within our custom application or by a third-party application when onboarding clients or vendors.

Blockrails™ utilizes a secure, permission-based, enterprise-grade blockchain platform to store all sensitive data & transactional logs. The Blockrails™ network is built on top of Hyperledger Fabric™ which is an open-source community business enterprise blockchain with major contributors including the Linux Foundation™, IBM™, Intel™ & SAP™.

Blockrails™ machine learning models are built to act as an always-on auditor whose sole purpose is to predict the likelihood of fraud in three main categories:

  • Organization/client risk assessment
  • Bank account risk assessment
  • Login anomaly detection

Blockrails™ combines all these tools in one API or SaaS-based platform to help combat & reduce fraud in all business transactions.


Eliminate Business Email Compromise


Consistent, Accurate Fraud Detection & Prevention


Verified Clean (No-Fraud) Customer/Vendor Onboarding


Proprietary Security

Most companies consider fraud attempts to be an external threat; however, these same businesses lack visibility of with whom or where their information is shared and when it was last updated.

Take, for instance, an internal employee who is responsible for receiving vendors’ payments and who may be redirecting those from customers to a different third-party account for their benefit.

How could a company identify and mitigate this threat today? Using Blockrails™, any payment re-assignment is recorded on a blockchain where it cannot be altered.

Furthermore, this act is passed through an anomaly detection machine learning model that will score the likelihood of fraud.

Finally, all parties related to the transaction are then alerted to that potential fraud and action can be immediately taken to avert a fraudulent payment.


IP annd Email Scoring


Device Fingerprinting


National & Global Banking Verification

security of data in transit

Top Level Network Security

ddos attacks

AWS network infrastructure leverages proprietary DDoS mitigation techniques developed through running the world’s largest online retailer. Additionally, AWS networks are multi-homed across several providers to achieve Internet access diversity.


AWS EC2 Virtual Machines (VMs) automatically generate new SSH host certificates on first boot and log them into the instance’s console. Blockrails leverages secure APIs to access the host certificates before logging into an instance for the first time.


AWS EC2 VMs that run the Blockrails™ service cannot send spoofed network traffic. The AWS-controlled, host-based firewall infrastructure does not permit an instance to send traffic with a sourced IP or MAC address other than its own.

port scanning

Unauthorized port scans of EC2 customers are a violation of the Amazon EC2 Acceptable Use Policy (AUP). Violations of the AUP are taken seriously, and every reported violation is investigated. When unauthorized port scanning is detected, it is stopped and blocked. Port scans of Amazon EC2 instances are ineffective because, by default, all inbound ports on Amazon EC2 instances are closed.

other tenant packet sniffing

It is not possible for a virtual instance running in promiscuous mode to receive or “sniff” traffic that is intended for a different virtual instance. Even two virtual instances that are located on the same physical host cannot listen to each other’s traffic. Attacks such as address resolution protocol (ARP) cache poisoning do not work within Amazon EC2.

Availability & Performance

We monitor each server for machine health metrics twice per minute to track availability. These metrics include network connectivity, CPU utilization, memory utilization, storage utilization, service status and key file integrity with any failures addressed through prioritized channels. Blockrails™ also collects trending data on per-server and per-service performance metrics, such as network latency, database query latency and storage responsiveness. We track this performance for end-to-end scenarios across the application.