# SEON MCP

> SEON gives your AI agent full control over fraud prevention and risk management. Your client can perform real-time checks on transactions or user identities—analyzing device fingerprints, email histories, phone numbers, and global sanctions lists. It turns complex security dashboards into a simple conversation.

## Overview
- **Category:** industry-titans
- **Price:** Free
- **Tags:** fraud-prevention, risk-scoring, aml-compliance, device-fingerprinting, identity-verification, data-security

## Description

SEON gives your AI agent total control over fraud prevention and risk management. Your client performs real-time checks on everything—from transactions to user identities—turning messy security dashboards into simple conversation commands.

* **Assessing Transaction Risk** 
Your agent runs a detailed, live fraud assessment using `check_fraud` when you're onboarding accounts or processing payments, giving you an immediate risk score for the transaction or registration. You can pull full details and metadata on any specific payment ID with `get_transaction`. For auditing purposes, your client fetches core account status and details via `get_account_info`, and it displays a list of active fraud rules using `list_rules`.

* **Analyzing Digital Identities** 
When you need to know who's behind an IP address, your agent gathers risk data and intelligence about the geographical location and type of that IP with `check_ip`. You can analyze a phone number—determining its carrier, validity, and associated risk profile—using `check_phone`. If you have an email address, your client retrieves its full digital footprint and metadata via `check_email`, linking it to historical risks.

* **Managing Compliance Screening** 
SEON handles compliance checks by executing Anti-Money Laundering (AML) screening on any person or entity against global watchlists using `aml_screening`. You can see which custom AML monitoring rules you've set up by calling `list_aml_monitors`.

* **Updating Custom Watchlists** 
Your agent manages your internal risk lists directly. It lets you display all existing blacklists and whitelists with `list_lists`, and you can add a specific item or record to those custom lists using `add_to_list`. The system also displays the rules governing these checks via `list_rules`.

* **Training and Monitoring** 
To keep your fraud models sharp, your client assigns feedback labels using `add_label`, which helps train the models on specific data points. For a full audit view of compliance settings, it shows you all custom AML monitoring rules with `list_aml_monitors`.

## Tools

### add_label
Assign a feedback label to help train your fraud models using specific data points.

### add_to_list
Adds a specified item or record to an existing custom blacklist or whitelist managed by SEON.

### aml_screening
Executes Anti-Money Laundering (AML) screening on a person or entity against global watchlists.

### check_email
Retrieves the digital footprint and associated metadata for a given email address.

### check_fraud
Performs a detailed, real-time fraud risk assessment on a transaction or account registration.

### check_ip
Gathers risk data and intelligence about the geographical location and type of an IP address.

### check_phone
Analyzes a phone number to determine its carrier, validity, and associated risk profile.

### get_account_info
Fetches the core details and status of a specific user or organizational account.

### get_transaction
Retrieves full details, amount, and metadata for a completed or pending transaction ID.

### list_aml_monitors
Displays a list of the custom AML monitoring rules currently configured in your system.

### list_lists
Shows all existing custom blacklists and whitelists that you manage within SEON.

### list_rules
Displays a list of the active fraud rules currently governing transaction scoring.

## Prompt Examples

**Prompt:** 
```
Check this email for fraud risk: suspicious.user@example.com.
```

**Response:** 
```
I've retrieved the digital footprint. The email has no linked social media accounts and the domain was registered 2 days ago, resulting in a high risk score of 85. Would you like to check the associated IP address?
```

**Prompt:** 
```
Run a fraud risk assessment on a new user registration with email and IP analysis.
```

**Response:** 
```
Fraud assessment completed. Overall risk score: 23/100 (Low Risk). Email analysis: user@gmail.com - Registered 4 years ago, active social profiles (LinkedIn, GitHub), data breach count: 1 (minor). Email score: 15/100 (safe). IP analysis: 203.0.113.45 - ISP: Comcast, Location: San Francisco, CA. VPN: No. Tor: No. Proxy: No. IP score: 18/100 (safe). Device fingerprint: Chrome 125, macOS, unique device. Phone: +1-555-0198 - Carrier: AT&T, type: mobile, valid format. Recommendation: APPROVE.
```

**Prompt:** 
```
Show me all flagged transactions from the last 24 hours with their risk scores and reasons.
```

**Response:** 
```
12 flagged transactions in 24 hours. High risk (3): TX-8923 ($2,400, score 89, disposable email + VPN), TX-8934 ($1,800, score 82, velocity abuse - 5 orders in 10 min), TX-8941 ($3,200, score 91, card-country mismatch + new account). Medium risk (5): velocity patterns, mismatched billing/shipping (scores 55-72). Low risk (4): minor flags, first-time buyers (scores 35-48). Auto-blocked: 2 transactions. Manual review queue: 6. False positive rate (last 30 days): 3.2%.
```

## Capabilities

### Assess Transaction Risk
Run real-time fraud checks on a given transaction or user registration to get an immediate risk score.

### Analyze Digital Identities
Fetch the digital footprint for emails, phone numbers, and IP addresses, including linked social media data and historical risks.

### Manage Compliance Screening
Screen users against global watchlists (sanctions, PEP) to ensure regulatory compliance via AML checks.

### Update Custom Watchlists
Add specific items or records to your custom blacklists or whitelists directly from the chat interface.

### Monitor Account & Rules
Retrieve detailed account information, transaction history, and list existing fraud rules for auditing purposes.

## Use Cases

### Assessing an unknown user registration.
A new account signs up on your platform. The agent runs `check_fraud` first, then uses `check_email` and `check_ip`. If the risk score is high, it automatically flags the record for manual review, saving hours of preliminary investigation.

### Investigating a suspicious payment.
A large transaction comes in. Instead of checking multiple dashboards, you ask your agent to run `get_transaction` to pull all details, then use `check_phone` on the buyer's number and `list_rules` to see what fraud rules might be triggered. The combined report determines if it’s safe.

### Updating compliance watchlists.
A new global sanctions list is released. Instead of manually updating databases, you use the agent to call `list_aml_monitors` to see current rules and then execute `add_to_list` to include the new watchlist identifier.

### Auditing account history for a client.
You need to check if a client has been flagged previously. You use `get_account_info` to pull basic details, and then run `check_fraud` with the account ID to see its accumulated risk score over time.

## Benefits

- You get instant digital footprint reports for emails, IPs, and phones. Instead of opening three different tools to check a user's history, you use `check_email`, `check_ip`, and `check_phone` in one conversation thread.
- AML compliance is now conversational. Run the `aml_screening` tool instantly against any user ID, eliminating manual lookups into sanctions lists and keeping your workflow moving fast.
- Stop losing data by switching screens. You can get full transaction details with `get_transaction`, immediately follow up by calling `check_fraud` to score it, all in one prompt chain.
- Maintain clean data governance by managing custom risk rules. Use `add_to_list` and `list_rules` to update blacklists or review existing fraud triggers without needing a dedicated admin panel login.
- Improve your models with feedback loops. After reviewing a flagged transaction, use `add_label` to categorize it (e.g., 'False Positive'), helping SEON refine its scoring over time.

## How It Works

The bottom line is that your AI agent acts as a dedicated compliance officer or risk analyst, letting you run complex checks without switching tools.

1. Subscribe to the SEON server on Vinkius.
2. Enter your SEON Admin API Key into your AI client's settings.
3. Start running risk checks by asking your agent a natural language question, like 'Check this user for fraud risk: email@example.com'.

## Frequently Asked Questions

**How does SEON handle multiple types of risk checks?**
It runs them in sequence for you. You can ask your agent to combine `check_fraud` with `check_email` and `check_ip` data into one comprehensive report, scoring the identity holistically.

**Is SEON better than just checking an email format?**
Yes. Basic validation only checks syntax. `check_email` goes deeper; it pulls the full digital footprint, tells you if the domain is new, and flags associated social media activity.

**What's the difference between check_fraud and get_transaction?**
`get_transaction` just retrieves static details about a payment (amount, time). `check_fraud` takes those details and runs them through SEON’s algorithms to give you a real-time risk score.

**How do I manage blacklists with the SEON MCP Server?**
You use `list_rules` and `list_lists` first. Then, you tell your agent to call `add_to_list` to add a new forbidden ID or email address.

**Can I train my fraud model with SEON? **
Yes. After reviewing an instance of fraud (or lack thereof), you use the `add_label` tool to feed that labeled data back into the system, improving future scoring.

**How do I securely authenticate when using the `get_account_info` tool?**
You pass your SEON Admin API Key in the request header or as a dedicated parameter. This key validates your access against the platform, ensuring that every data call is authenticated and traceable.

**What should I expect if I run `check_email` with an invalid email address?**
The tool returns a specific status code indicating failure. It doesn't just fail silently; the response body explains *why* the input was bad, letting your agent handle the malformed data gracefully.

**Are there rate limits when running multiple `check_fraud` requests in quick succession?**
Yes, standard API rate limiting applies to all calls. If you hit the limit (a 429 error), your AI client can catch it and automatically pause before retrying the sequence.

**Can my AI automatically check the fraud risk for a specific transaction by providing its ID?**
Yes! Use the `get_transaction` tool with the Transaction ID. Your agent will respond with the complete risk score, rule triggers, and digital footprint data in seconds.

**How do I check the digital footprint for a new user's email address?**
Simply ask the agent to run the `check_email` action. It will retrieve social media profile associations, domain age, and potential risk flags associated with that email.

**How do I find my SEON Admin API Key?**
Log in to your SEON dashboard, navigate to **Settings** > **API Keys**, and you will find your unique Admin License Key there.