CapchaCloud × VeraBank
Proof, not paperwork.
A white-label evidence platform for VeraBank — checkout, sign-in, payments, KYC and disputes, all under VeraBank's brand.
CapchaCloud (a ServiceAutomations.ai product) · Prepared for VeraBank, N.A. · July 2026 · Confidential
The problem
Fraud is a paperwork war. The bank and its merchants are both losing hours to it.
79%
of corporate practitioners reported attempted or actual payments fraud in 2024
AFP 2025 survey
$3.5B
reported lost to imposter scams in 2025
FTC, 2026
15+ min
Every dispute = manual screenshot archaeology: find the transaction, find the login, find the consent, build the file — 15+ minutes per case, every case.
Today, when a customer says "that wasn't me," proving what really happened is slow, manual and often impossible.
The idea in one picture
One evidence layer, under VeraBank's brand, across every trust moment.
Merchant checkout
Digital-banking sign-in
Bank-to-bank payments
KYC / onboarding
E-signatures
↓
VeraBank Evidence Layer
tamper-evident, verifiable by anyone
VeraBank keeps every system and every decision it has today. This is an additive layer — one API call or two lines of embed code per touchpoint. It cannot block a customer journey (fail-open by design) and it is never in the funds path.
Layer 1 — Bot protection
Two locks on every door. Bots fail before they can transact.
- Lock 1: Cloudflare Turnstile — the modern, invisible "prove you're human" check.
- Lock 2: An invisible math puzzle (proof-of-work) the customer's browser solves automatically — humans never see it; scripted bots pay a real computational price to fake it.
- Both verdicts are recorded IN the evidence — every record says "a screened human did this," not just "a form was submitted."
Pilot target: 50–80% fewer accepted automated/abusive submissions in a covered intake channel. That is a per-channel pilot target, not a bank-wide fraud promise — we measure it against VeraBank's own baseline.
Layer 2 — Consent & purchase capture
What did they see, what did they click, and from where — sealed at the moment it happened.
- The exact words on the screen when they clicked (the disclosure/terms — verbatim)
- Who: identity fields and how strongly they were verified
- Where: real IP address + geolocation, observed at the network edge — the customer's browser can't fake it
- How: human-check verdicts, device signals, timing behavior (never keystroke contents)
"I never agreed to that" meets a sealed record of exactly what they agreed to, from what device, from where, at what second.
Layer 3 — Tamper-evident evidence
Records that can't be backdated, edited or deleted — and anyone can check.
- Every record is cryptographically chained to the ones before it — remove or alter one and the whole chain visibly breaks.
- Chains are anchored to independent clocks: a trusted timestamp authority AND the Bitcoin blockchain. Even we can't rewrite history.
- Anyone — an auditor, an examiner, opposing counsel — can verify a record for free, with no login, even offline. The evidence stays verifiable even if CapchaCloud disappears.
This is what makes the evidence hold up: it isn't "trust the vendor's database." It's checkable by the other side.
The operating model
VeraBank's brand. VeraBank's merchants. Two lines of code.
- White-label: the whole platform runs under VeraBank's brand — VeraBank Merchant Shield (or any name VeraBank chooses), VeraBank colors, VeraBank domain.
- Subaccounts: VeraBank mints a subaccount for each merchant in its merchant-services book — one umbrella org, per-merchant keys, per-merchant dashboards, per-merchant billing if desired.
- Self-serve embed: each merchant adds a two-line snippet to their checkout. That's the whole integration. Anyone can build a checkout or intake form on our form system — locked to their approved domain, live in an afternoon.
- Card data note (answer before they ask): our layer never touches card numbers — card entry stays in the payment processor's own fields exactly as today. No new PCI burden for the merchant.
Dispute Armor
Every covered purchase carries its own defense file.
Purchase sealed at checkout→
dispute arrives→
record matched→
reason-code packet assembled→
routed into existing processor/case workflow→
deadline & outcome tracked
VeraBank's own cardholders
Reg E debit disputes: the investigation file assembles itself. Adjudication stays 100% VeraBank's.VeraBank's merchants
Chargebacks: representment evidence generated automatically — IP, geolocation, human-check verdict and the exact terms from the moment of purchase.Honest footnote: full auto-submission depends on an authorized processor integration; where a processor exposes only a portal, packets are assembled automatically and submitted by a controlled human step.
Bank-to-bank payments
Wires and transfers get the same treatment.
- Every ISO 20022 payment message (the format behind modern wires and FedNow) can be sealed into tamper-evident evidence — before or alongside the rail, never inside it.
- When the response message comes back, it's linked to the original by the payment's own unique ID (UETR) — a corroborated, end-to-end evidence trail per payment.
- Result: payment investigations, recalls and disputes start from a sealed file, not an inbox search. ≈$0.05 per message.
KYC
Same vendors. Better evidence. One case file.
- VeraBank keeps its own contracted KYC vendors (Sumsub, Jumio, etc.) — we orchestrate the checks through VeraBank's own credentials and seal every outcome as tamper-evident evidence.
- Native pre-screens (sanctions lists, device signals) run first at ≈$0.05 — cheap filtering before expensive certified checks. Honest label: our native screens are NOT certified KYC and never pretend to be.
- Every check, decision and note lands in one sealed case file per subject — examiner-ready, chronological, tamper-evident.
The math (illustrative)
The upside is measured in millions — here is the arithmetic, not a promise.
$656,250/yr
dispute-handling labor, at a 75,000-dispute midpoint, saving 15 minutes per case at $35/hr loaded cost
+$1.5M/yr
recovery lift at just $20 more recovered per dispute
≈ $2.16M/yr
illustrative combined value — before platform, integration and vendor-management costs
Value not in that number: fewer fraud losses from bot-screened channels, merchant retention/attraction for the merchant-services book, examiner/audit time saved.
Every input is an assumption for discovery. VeraBank does not publicly disclose dispute volumes; the pilot exists to replace these assumptions with VeraBank's real numbers before any business case is credited.
What the merchants get
Merchants save time and money from day one.
- Chargeback paperwork shrinks from hours to minutes — the packet builds itself.
- Stronger evidence = more representments won: edge-observed IP, geolocation and a human-verified purchase moment attached to every covered transaction.
- Cost: about $0.03 per covered transaction. A 1,500-transaction/month merchant pays roughly $45/month — less than one recovered chargeback.
- Zero heavy lift: two lines of code, no PCI change, live in an afternoon — under VeraBank's brand, which makes VeraBank's merchant services stickier.
Straight answers
What we are — and what we are not.
We are
- An additive evidence layer
- Fail-open, never in the funds path
- Verifiable by anyone, offline, forever
- Priced per record with no lock-in (evidence outlives the contract)
We are not (yet)
- SOC 2 certified (engagement is the top roadmap item)
- Independently pen-tested (scheduled with the same push)
- A BSA/KYC program (your vendors + your program — we orchestrate and seal)
- A guarantee of fraud or legal outcomes
Our full gaps register with compensating controls is Section 10 of the due-diligence package — we'd rather you read it from us than find it in diligence.
The ask
One meeting. Then a 60-day, no-production-data pilot.
1
Week 0 — discovery & vendor-risk session (compliance, infosec, ops). No production banking data required.
2
60-day shadow-mode pilot — $4,900 flat, up to 100,000 sealed events, success scorecard agreed before start.
3
Production — from $999/month, white-label + merchant subaccounts, volume discounts. No lock-in; sealed evidence stays verifiable forever either way.
Adam Woodward, Founder · CapchaCloud (ServiceAutomations.ai)
Confidential — prepared for VeraBank, N.A. · CapchaCloud (a ServiceAutomations.ai product) · July 2026