KaritKarma Limited — Executive Brief

KaritKarma

Enterprise Banking Platform

Identity. Intelligence. Security. — A complete banking technology suite for South Asia.

AEGIS

Real-Time Fraud Detection & AML Compliance

<50ms Latency | 99.55% Accuracy

Wenme

Passwordless Identity & Access Management

OAuth 2.1 | FAPI 2.0

2

Products

8

Security Standards

PQ

Post-Quantum Ready

On-Prem

Available

Confidential For authorized review only. Do not distribute.

March 2026 KaritKarma Limited | karitkarma.com | contact@karitkarma.com | +880 1312 664 433

Wenme — Enterprise Identity. Zero Passwords.

100% passwordless-first. Not passwords + MFA — zero passwords, period.

8 Standards, One Platform

Standard	What It Does
OAuth 2.1 + PKCE	Secure authorization for apps
OpenID Connect	Identity verification
SAML 2.0 IdP	Enterprise SSO federation
FAPI 2.0	Banking-grade API security (DPoP, mTLS, PAR)
SCIM 2.0	Automated user provisioning
LDAP/AD Sync	Directory integration
WebAuthn/FIDO2	Biometric passkey authentication
TOTP	Time-based one-time passwords

Why Wenme Over Auth0/Okta

FAPI 2.0 included — competitors: not available
SCIM 2.0 at Professional tier — competitors: Enterprise only
On-premises at all tiers — competitors: expensive add-on
4-8x more affordable — 3M MAU: $96K-$288K vs $300K-$1.5M
White-label ready — custom branding, custom domains

Security

Ed25519 JWT Signing DPoP Token Binding (RFC 9449) bcrypt cost 12 3-Tier Network Segmentation

SOC 2 GDPR HIPAA PCI DSS ISO 27001 NIST Zero Trust

3-Layer Intelligent Scoring

Layer 1

Rules Gate

< 2ms

80+ deterministic rules across 14 categories. Instant allow/block decisions for known patterns.

Layer 2

Fast ML

2 – 5ms

LightGBM ensemble model for rapid probabilistic risk scoring on every transaction.

Layer 3

Deep Ensemble

15 – 25ms

XGBoost + Graph Analysis + Behavioral AI with full SHAP explainability for every decision.

Bangladesh-Specific Intelligence

SIM Swap Detection

5-tier risk scoring for SIM change events. Correlates telecom signals with banking activity to prevent account takeover.

MFS Agent Fraud Profiling

Monitors mobile financial service agents against the 50,000 BDT regulatory transaction cap with anomaly detection.

Hundi Corridor Monitoring

Tracks 6 domestic remittance corridors for informal value transfer patterns linked to money laundering.

Seasonal Pattern Awareness

Adapts scoring thresholds for Eid, Ramadan, salary cycles, and harvest seasons to reduce false positives.

AML & Regulatory Compliance

CTR Generation

Automated for transactions ≥ 10 lakh BDT, filed to Bangladesh Bank

STR / SAR Filing

AI-assisted suspicious transaction & activity reports with audit trails

Monitoring Mode

Real-time (<50ms) — not batch. Every transaction scored before settlement

Narratives

Bilingual report generation in English and Bengali

Audit Trail

Immutable log with regulatory examiner access and SHAP reason codes

Examiner Access

Read-only regulatory portal with full transaction drill-down

AI / ML Architecture

768-D Behavioral Embeddings
Vector Brain captures customer behavioral signatures for anomaly detection

Graph Intelligence
Apache AGE-powered fraud ring detection across account networks

50+ Real-Time Features
Per-transaction feature engineering from velocity, time, geo, and behavioral signals

Explainable AI
SHAP reason codes on every decision — regulators and analysts can understand why

Federated Learning
Cross-bank intelligence consortium with zero raw data sharing between institutions

Continuous Training
Model retraining on your data with shadow mode validation before promotion

Post-Quantum Security

CRYSTALS-Kyber | Key Encapsulation CRYSTALS-Dilithium | Digital Signatures AES-256-GCM | Symmetric Encryption SHA-3 | Hashing

Per-bank data isolation — tenant-scoped access at every layer, from API gateway to database
100% on-premises deployment option — zero data leaves your data center if required
Future-proof cryptography — quantum-resistant algorithms ready for the post-RSA era

Regional Threat Intelligence

Lessons from 8 Major Financial Crimes

₹74,842 Crore in fraud patterns analyzed and mapped to detection capabilities

AEGIS incorporates attack pattern analysis from PNB-Nirav Modi (₹14,356 Cr SWIFT fraud), ABG Shipyard (₹22,842 Cr loan fraud), PMC Bank (₹6,117 Cr hidden NPAs), Saradha Group (₹2,500 Cr Ponzi), and the ongoing UPI fraud wave. Every identified attack vector has been mapped to specific detection rules and ML features within AEGIS.

SWIFT message manipulation detection
Circular loan / shell company patterns
Connected party transaction analysis

Ponzi / pyramid fund flow detection
UPI / instant payment velocity abuse
Hidden NPA masking via evergreening

Better Together

Step 1

Wenme

Authenticates users via passkeys

Step 2

FAPI 2.0

Secures the API layer

Step 3

AEGIS

Scores every transaction

Step 4

Unified Audit

Identity + transaction trail

Wenme authenticates users — AEGIS scores their transactions in real-time
FAPI 2.0 secures the API layer — AEGIS detects fraud behind banking-grade authorization
Single sign-on for bank staff — one login across all AEGIS dashboards and admin portals
Unified audit trail — identity events and transaction events in a single compliance view
One vendor, one contract — single support agreement, single deployment, single SLA

Competitive Comparison

Capability	Traditional Vendors	KaritKarma
Identity + Fraud	2 separate vendors	Integrated platform
Passwordless Auth	Add-on ($$$)	Built-in, all tiers
FAPI 2.0	Not available	Included
Real-time scoring	Batch (24hrs)	<50ms
On-premises	Expensive	All tiers
Bangladesh-specific	Generic rules	Purpose-built
Post-quantum crypto	Not available	Standard

Proven in Production

4

Wenme Live Products

9.85

Security Score /10

POC

Prime Bank In Progress

Wenme — Live at Boooks.net, NewsForge.news, Pay.lonesock.pro, Rating.bd
AEGIS — Live at aegis.karitkarma.com, Prime Bank POC in progress

Deployment Model

Connector AgentYour data center

Encrypted TransitTLS 1.3 + PQ

Scoring EngineCloud or on-prem

DashboardWeb portal

Lightweight connector agent deploys inside your data center for transaction ingestion. Scoring runs in our cloud or entirely on your infrastructure. Full on-premises option available for complete data sovereignty.

Implementation Timeline

AEGIS: 10 – 14 Weeks

Wk 1–2
Setup

Wk 3–6
Integration

Wk 7–9
Shadow

Wk 10–14
Production

Wenme: 2 – 3 Weeks (standalone)

Wk 1
Setup

Wk 2–3
Go Live

Combined Platform: 12 – 16 Weeks

Platform Features

Real-time dashboard with live transaction feed
Alert management and dispute resolution
Customer watchlists (VIP, PEP, high-risk)
Model training with your historical data
Per-bank rule customization
Shadow mode for safe rule deployment

Why KaritKarma

Purpose-Built for Bangladesh

Designed for this market from day one — not adapted from Western systems. BDT, MFS, hundi, and Bangladesh Bank regulations are native.

Real-Time, Not Batch

12ms median scoring vs. 24-hour batch cycles. Fraud is stopped before settlement, not discovered after the fact.

Integrated Identity + Fraud

One platform for authentication, authorization, and fraud detection. No vendor sprawl, no integration headaches.

Post-Quantum Security

Future-proof cryptography. While others scramble to upgrade when quantum computing arrives, KaritKarma is already protected.