Teboho66
SentinelPay
Python

Real-time fraud detection engine - ML ensemble scoring, FastAPI REST API, 288 tests, CI/CD pipeline | CPUT Software Engineering

Last updated Jun 8, 2026
28
Stars
37
Forks
7
Issues
0
Stars/day
Attention Score
82
Language breakdown
No language data available.
โ–ธ Files click to expand
README

๐Ÿ›ก๏ธ SentinelPay - Real-Time Fraud Detection & Prevention Engine

CI/CD Tests Stars Forks Python FastAPI License

Postgraduate Software Engineering
Author: Teboho Mokoni
Domain: FinTech - Digital Payments & Financial Crime Prevention
Peer engagement: โญ 28 stars ยท ๐Ÿด 37 forks ยท 5 merged external PRs

What is SentinelPay?

SentinelPay is an intelligent, real-time fraud detection and prevention engine designed for modern financial institutions and FinTech platforms. It combines streaming transaction processing, machine learning inference, behavioural analytics, and automated response orchestration to identify and neutralise fraudulent activity before it causes financial damage - at sub-100ms latency, at scale.

In 2026, card-not-present fraud, identity spoofing, and AI-generated synthetic identity attacks are the dominant threat vectors in digital payments. SentinelPay is architected specifically to combat these threats using an event-driven microservices backbone, ensemble ML models (gradient boosting + transformer-based anomaly detection), and a feedback loop that continuously retrains on confirmed fraud signals.

What SentinelPay Will Do Once Completed

  • Ingest live transaction streams from payment processors, mobile wallets, and banking APIs via Kafka event pipelines
  • Score every transaction in real time using a multi-model ML ensemble (XGBoost + Isolation Forest + fine-tuned DistilBERT for merchant text signals)
  • Enforce automated rule-based and ML-driven decisions: approve, flag for review, or block - with configurable thresholds per customer risk tier
  • Alert customers and fraud analysts instantly via push notification, SMS, and a case management dashboard
  • Learn continuously through an MLOps feedback loop - confirmed fraud cases retrain and redeploy models with zero downtime
  • Explain every decision via SHAP-based explainability reports, satisfying regulatory requirements (POPIA, PSD2, GDPR)
  • Audit all decisions with tamper-evident logs for compliance and forensic investigation

๐Ÿš€ Quick Start

Prerequisites

| Tool | Version | |---|---| | Python | 3.12+ | | Git | 2.40+ | | Docker (optional) | 24.0+ |

Local Setup

# Clone
git clone https://github.com/Teboho66/SentinelPay.git
cd SentinelPay

Create virtual environment

python -m venv .venv source .venv/bin/activate # Windows: .venv\Scripts\activate

Install dependencies

pip install -r requirements.txt

Start the API

cd "Assignment 12" python run.py

Swagger UI: http://localhost:8000/docs Health check: http://localhost:8000/health

Docker

docker compose up

๐Ÿงช Running Tests

# Assignment 10 - Domain models + creational patterns (105 tests)
cd "Assignment 10"
PYTH pytest tests/ -v

Assignment 11 - Repository layer (67 tests)

cd "Assignment 11" PYTH pytest tests/ -v

Assignment 12 - Service layer + REST API (116 tests)

cd "Assignment 12" PYTH pytest tests/ -v

Total: 288 tests - 0 failures


๐Ÿ“ก API Reference

The full API is documented at /docs (Swagger UI) and /redoc.

Transactions /api/transactions

| Method | Endpoint | Description | |---|---|---| | POST | /api/transactions | Submit transaction for fraud evaluation | | GET | /api/transactions | Get all transactions | | GET | /api/transactions/flagged | Get all HARD_BLOCK transactions | | GET | /api/transactions/{id} | Get transaction by ID | | POST | /api/transactions/{id}/decision | Apply ML ensemble fraud decision | | DELETE | /api/transactions/{id} | Delete transaction |

Fraud Cases /api/fraud-cases

| Method | Endpoint | Description | |---|---|---| | POST | /api/fraud-cases | Create investigation case (HIGH/CRITICAL only) | | GET | /api/fraud-cases | Get all cases | | GET | /api/fraud-cases/queue | Analyst queue sorted P1โ†’P2โ†’P3 | | GET | /api/fraud-cases/{id} | Get case by ID | | PATCH | /api/fraud-cases/{id}/assign | Assign to analyst | | PATCH | /api/fraud-cases/{id}/resolve | Resolve CONFIRMED / DISMISSED | | DELETE | /api/fraud-cases/{id} | Delete dismissed case |

ML Models /api/ml-models

| Method | Endpoint | Description | |---|---|---| | POST | /api/ml-models | Register new model version | | GET | /api/ml-models | Get all models | | GET | /api/ml-models/production | Get PRODUCTION models | | GET | /api/ml-models/{id} | Get model by ID | | POST | /api/ml-models/{id}/evaluate | Record evaluation metrics | | PATCH | /api/ml-models/{id}/promote | Promote through lifecycle | | PATCH | /api/ml-models/{id}/hot-swap | Reload artifact without restart | | DELETE | /api/ml-models/{id} | Delete non-PRODUCTION model |


๐Ÿค Contributing

See CONTRIBUTING.md for setup, coding standards, and PR process.

  • Fork this repo
  • Pick a good-first-issue
  • Create a branch, make your change, write tests
  • Open a PR linking to the issue
See ROADMAP.md for planned features across 7 phases.

๐Ÿ“ Repository Structure

SentinelPay/
โ”‚
โ”œโ”€โ”€ โ”€โ”€ Assignments 3โ€“9 (Specification, Architecture, Planning, Modeling) โ”€โ”€
โ”‚
โ”œโ”€โ”€ Assignment 3/               โ† System specification + C4 architecture
โ”œโ”€โ”€ Assignment 4/               โ† Stakeholder analysis + SRD (15 FR + 18 NFR)
โ”œโ”€โ”€ Assignment 5/               โ† Use case modeling + test cases
โ”œโ”€โ”€ Assignment 6/               โ† Agile planning (14 stories, Sprint 1)
โ”œโ”€โ”€ Assignment 7/               โ† GitHub Kanban board
โ”œโ”€โ”€ Assignment 8/               โ† State + activity diagrams (8 each)
โ”œโ”€โ”€ Assignment 9/               โ† Domain model + Mermaid class diagram
โ”‚
โ”œโ”€โ”€ โ”€โ”€ Assignment 10 โ€” Domain Code + Creational Patterns โ”€โ”€
โ”‚
โ”œโ”€โ”€ Assignment 10/
โ”‚   โ”œโ”€โ”€ src/models/             โ† Transaction, Account, FraudAlert, RiskScore,
โ”‚   โ”‚                              AuditLog, FraudRule, PaymentMethod, Notification
โ”‚   โ”œโ”€โ”€ FraudRule/
โ”‚   โ”‚   โ””โ”€โ”€ creational_patterns/โ† Simple Factory, Factory Method, Abstract Factory,
โ”‚   โ”‚                              Builder, Prototype, Singleton
โ”‚   โ””โ”€โ”€ tests/                  โ† 105 tests
โ”‚
โ”œโ”€โ”€ โ”€โ”€ Assignment 11 โ€” Repository Layer โ”€โ”€
โ”‚
โ”œโ”€โ”€ Assignment 11/
โ”‚   โ”œโ”€โ”€ repositories/           โ† Generic Repository[T,ID] + 7 entity interfaces
โ”‚   โ”œโ”€โ”€ repositories/inmemory/  โ† HashMap implementations
โ”‚   โ”œโ”€โ”€ factories/              โ† RepositoryFactory (MEMORY/FILESYSTEM/DATABASE)
โ”‚   โ”œโ”€โ”€ stubs/                  โ† FileSystem + Database future backends
โ”‚   โ””โ”€โ”€ tests/                  โ† 67 tests
โ”‚
โ”œโ”€โ”€ โ”€โ”€ Assignment 12 โ€” Service Layer + REST API โ”€โ”€
โ”‚
โ”œโ”€โ”€ Assignment 12/
โ”‚   โ”œโ”€โ”€ mapping/                โ† TransactionService, FraudCaseService,
โ”‚   โ”‚                              MLModelService (business logic)
โ”‚   โ”œโ”€โ”€ handlers/routes/        โ† FastAPI route handlers
โ”‚   โ”œโ”€โ”€ config/                 โ† Pydantic schemas + dependency injection
โ”‚   โ”œโ”€โ”€ api/                    โ† FastAPI app entry point
โ”‚   โ”œโ”€โ”€ repositories/           โ† Local repo copies for A12
โ”‚   โ”œโ”€โ”€ services/exceptions.py  โ† Domain exceptions โ†’ HTTP status codes
โ”‚   โ”œโ”€โ”€ docs/openapi.json       โ† OpenAPI 3.1 spec
โ”‚   โ”œโ”€โ”€ run.py                  โ† Server startup script
โ”‚   โ””โ”€โ”€ tests/                  โ† 116 tests (service unit + API integration)
โ”‚
โ”œโ”€โ”€ โ”€โ”€ Assignment 13 โ€” CI/CD Pipeline โ”€โ”€
โ”‚
โ”œโ”€โ”€ .github/workflows/ci.yml    โ† GitHub Actions: lint + 3 test jobs + wheel + Docker
โ”œโ”€โ”€ Dockerfile                  โ† Multi-stage Docker build
โ”œโ”€โ”€ docker-compose.yml          โ† Local stack with API
โ”œโ”€โ”€ requirements.txt            โ† Python dependencies
โ”œโ”€โ”€ pyproject.toml              โ† Package config + wheel build
โ”œโ”€โ”€ Assignment 13/
โ”‚   โ”œโ”€โ”€ Protection.md           โ† Branch protection rules + justification
โ”‚   โ””โ”€โ”€ docs/screenshots/       โ† Branch protection, CI passing, PR blocked,
โ”‚                                  Swagger UI screenshots
โ”‚
โ”œโ”€โ”€ โ”€โ”€ Assignment 14 โ€” Open-Source Readiness โ”€โ”€
โ”‚
โ”œโ”€โ”€ CONTRIBUTING.md             โ† Contributor guide (setup, standards, PR process)
โ”œโ”€โ”€ ROADMAP.md                  โ† 7 phases of planned features
โ”œโ”€โ”€ LICENSE                     โ† MIT License
โ”œโ”€โ”€ VOTING_RESULTS.md           โ† 28 โญ stars, 37 ๐Ÿด forks
โ”œโ”€โ”€ Assignment 14/
โ”‚   โ”œโ”€โ”€ REFLECTION.md           โ† 650-word reflection on open-source collaboration
โ”‚   โ””โ”€โ”€ docs/screenshots/       โ† voting_results.png
โ”‚
โ”œโ”€โ”€ โ”€โ”€ Assignment 15 โ€” Cross-Project Contributions โ”€โ”€
โ”‚
โ”œโ”€โ”€ Assignment 15/
โ”‚   โ”œโ”€โ”€ CONTRIBUTIONS.md        โ† Main submission file
โ”‚   โ”œโ”€โ”€ CONTRIBUTION_PLAN.md    โ† Strategy + selected issues
โ”‚   โ”œโ”€โ”€ MERGED_PRS.md           โ† 3 merged PRs across 4 repos
โ”‚   โ”œโ”€โ”€ REFLECTION.md           โ† Collaboration lessons learned
โ”‚   โ””โ”€โ”€ docs/screenshots/
โ”‚       โ”œโ”€โ”€ first-peer-contribution/   โ† TailorFit โ€” PR merged โœ…
โ”‚       โ”œโ”€โ”€ second-peer-contribution/  โ† ClinicEase โ€” PR opened
โ”‚       โ”œโ”€โ”€ third-peer-contribution/   โ† Manga project โ€” PR merged โœ…
โ”‚       โ””โ”€โ”€ forth-peer-contribution/   โ† CarWash โ€” PR merged โœ…
โ”‚
โ””โ”€โ”€ README.md                   โ† This file

๐Ÿ“„ Key Documents

Assignment 3 - System Specification & Architecture

| Document | Description | |---|---| | SPECIFICATION.md | Full system specification - domain, problem statement, functional & non-functional requirements, use cases, and data models | | ARCHITECTURE.md | C4 architectural diagrams - all 4 levels (Context, Container, Component, Code) with Mermaid diagrams and Architecture Decision Records |

Assignment 4 - Stakeholder Analysis & Requirements Documentation

| Document | Description | |---|---| | STAKEHOLDER_ANALYSIS.md | 8 stakeholders with detailed roles, key concerns, pain points, success metrics, influence levels, and conflict analysis | | SRD.md | System Requirements Document - 15 functional requirements with acceptance criteria + 18 non-functional requirements across 6 quality attribute categories | | REFLECTION.md | Reflection on challenges faced in balancing stakeholder needs during requirements elicitation |

Assignment 5 - Use Case Modeling and Test Case Development

| Document | Description | |---|---| | USECASE_DIAGRAM.md | UML use case diagram (Mermaid) with 7 actors, 14 use cases, and full written explanation of actors, relationships, and stakeholder alignment | | USECASE_SPECIFICATIONS.md | 8 detailed use case specifications with description, preconditions, postconditions, basic flow, and alternative flows | | TEST_CASES.md | 10 functional test cases + 2 NFR test scenarios (performance load test + security penetration test) in table format | | REFLECTION_A5.md | Reflection on challenges translating requirements to use cases and test cases |

Assignment 6 - Agile Planning

| Document | Description | |---|---| | AGILE_PLANNING.md | 14 user stories, MoSCoW product backlog with Fibonacci story points, Sprint 1 plan with 27 tasks, and full traceability matrix | | REFLECTION_A6.md | Reflection on challenges in Agile prioritisation, estimation, and planning as a solo developer |

Assignment 7 - GitHub Kanban Board

| Document | Description | |---|---| | template_analysis.md | Comparison of 4 GitHub project templates, justification for selecting Automated Kanban, and 7-column customisation plan | | kanban_explanation.md | Kanban board definition, workflow visualisation, WIP limits, and Agile principles alignment | | reflection.md | Lessons learned - GitHub Projects vs Trello vs Jira, WIP limit enforcement gaps, template customisation challenges |

Assignment 8 - State and Activity Modeling

| Document | Description | |---|---| | state_diagrams.md | 8 UML state transition diagrams (Transaction, Fraud Case, ML Model Version, Customer Dispute, Audit Record, Step-Up Auth, Account Profile, Kafka Offset) with guard conditions and FR mapping | | activity_diagrams.md | 8 UML activity diagrams with swimlanes, decision nodes, and parallel actions (ingestion, scoring, decision, step-up auth, case review, model retraining, dispute, audit report) | | a8_reflection.md | Reflection on granularity decisions, aligning diagrams with Agile stories, and state vs activity diagram comparison |

Assignment 9 - Domain Model and Class Diagram

| Document | Description | |---|---| | Domain_model.md | Domain model covering 7 core entities (Transaction, FraudCase, MLModel, AuditRecord, AccountProfile, CustomerDispute, StepUpChallenge) with attributes, methods, business rules, and entity relationships | | Class_diagram.md | Full Mermaid.js UML class diagram with associations, aggregations, compositions, inheritance, and multiplicity across all domain entities | | A9_reflection.md | Reflection on abstraction challenges, class diagram alignment with prior assignments, trade-offs, and OO design lessons |


๐Ÿ—‚๏ธ GitHub Project Board

The SentinelPay Sprint Board is managed using GitHub Projects with a customised Automated Kanban template.

Board: SentinelPay Sprint Board

Board Customisation

The default Automated Kanban template was extended with 4 additional columns to match the SentinelPay development workflow:

| Column | Purpose | WIP Limit | |---|---|---| | Sprint 2 Backlog | Should-have and Could-have stories deferred from Sprint 1 | None | | Sprint 1 - To Do | Must-have stories committed for Sprint 1 delivery | None | | In Progress | Actively being developed | Max 2 | | Testing | Implementation complete, test cases being executed | Max 2 | | Blocked | Cannot proceed - dependency or blocker identified | None | | In Review | Complete, under final self-review | Max 1 | | Done | Meets Definition of Done from AGILE_PLANNING.md | None |

Why Automated Kanban: GitHub's automation rules (auto-move on issue open, close, reopen, PR merge) keep the board accurate without manual updates - critical for a solo developer managing 27 sprint tasks across 14 user stories.

โš™๏ธ CI/CD Pipeline

Every push to any branch triggers CI. Merging to main triggers CD.

Push to any branch
        โ”‚
        โ–ผ
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚  CI  (runs on every branch) โ”‚
โ”‚  lint      โ†’ ruff checks    โ”‚
โ”‚  test-a10  โ†’ 105 tests      โ”‚
โ”‚  test-a11  โ†’ 67 tests       โ”‚
โ”‚  test-a12  โ†’ 116 tests      โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
        โ”‚ merge to main only
        โ–ผ
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚  CD  (main branch only)     โ”‚
โ”‚  build  โ†’ Python wheel      โ”‚
โ”‚  docker โ†’ GHCR image        โ”‚
โ”‚  release โ†’ GitHub Release   โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜

Branch protection on main:

  • 1 approving review required
  • All 4 CI status checks must be green
  • Direct pushes blocked
  • Linear history enforced

๐ŸŒ Open-Source Contributions (Assignment 15)

Contributions made to 4 classmate repositories:

| Project | Issue | PR | Status | |---|---|---|---| | TailorFit | good-first-issue #40 | Submitted | โœ… Merged | | ClinicEase | Issue #13 | Submitted | ๐Ÿ” In Review | | Manga Project | Issue #12 | Submitted | โœ… Merged | | CarWash | Issue #76 | Submitted | โœ… Merged |

3 out of 4 PRs merged. Screenshots of each contribution are in Assignment 15/docs/screenshots/.

๐Ÿงฑ Technology Stack

| Layer | Technology | |---|---| | API Framework | Python 3.12 ยท FastAPI 0.115 | | Data Validation | Pydantic 2.x | | Testing | pytest ยท pytest-cov ยท httpx | | Containerisation | Docker ยท Docker Compose | | CI/CD | GitHub Actions | | Container Registry | GitHub Container Registry (GHCR) | | ML (planned) | XGBoost ยท Isolation Forest ยท DistilBERT | | Streaming (planned) | Apache Kafka 3.x | | Database (planned) | PostgreSQL 16 ยท Redis 7 ยท Cassandra | | MLOps (planned) | MLflow ยท Apache Airflow | | Observability (planned) | Prometheus ยท Grafana ยท OpenTelemetry |

๐Ÿณ Local Full-Stack Development with Docker

Run the SentinelPay FastAPI service together with PostgreSQL and Redis using Docker Compose from the repository root. The API currently uses in-memory repositories, but the local infrastructure is available for contributors working on database- and cache-backed features.

Prerequisites

  • Docker
  • Docker Compose

Start the full stack

docker compose up --build

Docker Compose starts these local services:

| Service | Host URL / Port | Purpose | |---|---|---| | API | | SentinelPay FastAPI application | | PostgreSQL | localhost:5432 | Local relational database | | Redis | localhost:6379 | Local cache / message broker dependency |

Default local connection settings are configured in docker-compose.yml:

| Variable | Value | |---|---| | DATABASE_URL | postgresql://sentinelpay:sentinelpay@postgres:5432/sentinelpay | | POSTGRES_DB | sentinelpay | | POSTGRES_USER | sentinelpay | | POSTGRES_PASSWORD | sentinelpay | | POSTGRES_HOST | postgres | | POSTGRES_PORT | 5432 | | REDIS_URL | redis://redis:6379/0 | | REDIS_HOST | redis | | REDIS_PORT | 6379 |

The API waits for PostgreSQL and Redis health checks before starting. Once the stack is running, open:

  • API health check:
  • Swagger UI:
To stop the stack and keep local data volumes:
docker compose down

To stop the stack and remove local PostgreSQL/Redis volumes:

docker compose down -v

Project Stats

| Category | Count | |---|---| | Assignments completed | A3โ€“A15 | | Functional Requirements | 15 | | Non-Functional Requirements | 18 | | Domain entities | 7 | | Creational patterns | 6 | | REST API endpoints | 21 | | Tests passing | 288 | | CI/CD pipeline jobs | 8 | | GitHub โญ Stars | 28 | | GitHub ๐Ÿด Forks | 37 | | External PRs merged | 3 |

Domain

FinTech - Digital Payments & Financial Crime Prevention


๐Ÿ“„ Assignment Index

| # | Focus | Key Deliverable | |---|---|---| | A3 | System specification + C4 architecture | ARCHITECTURE.md | | A4 | Stakeholder analysis + requirements | SRD.md โ€” 15 FR + 18 NFR | | A5 | Use case modeling + test cases | USECASESPECIFICATIONS.md | | A6 | Agile planning | AGILE_PLANNING.md โ€” 14 stories | | A7 | GitHub Kanban board | Sprint Board โ€” 7 columns | | A8 | State + activity diagrams | 8 state + 8 activity diagrams | | A9 | Domain model + class diagram | Class_diagram.md | | A10 | Domain code + 6 creational patterns | 105 tests | | A11 | Repository layer | 67 tests | | A12 | Service layer + REST API | 21 endpoints ยท 116 tests | | A13 | CI/CD pipeline + branch protection | ci.yml ยท Dockerfile | | A14 | Open-source readiness | CONTRIBUTING.md ยท 28โ˜… ยท 37๐Ÿด | | A15 | Cross-project contributions | 3 merged PRs |


SentinelPay - Because every millisecond between a transaction and a fraud signal costs money.

๐Ÿ”— More in this category

ยฉ 2026 GitRepoTrend ยท Teboho66/SentinelPay ยท Updated daily from GitHub