H33-Share — Cross-Bank Encrypted Fraud Intelligence

Five privacy layers between raw signals and fraud scores.

Layer 1 — FHE Encryption

Signals Encrypted Before They Leave the Bank

Each bank encrypts its fraud signals — velocity anomalies, amount spikes, device fingerprints, geo mismatches — using H33’s BFV public key. The plaintext signal values never leave the bank’s environment. H33 receives only ciphertexts that are computationally indistinguishable from random noise.

Layer 2 — Secure Aggregation

Pairwise Kyber Masking Before FHE

Before FHE encryption, banks apply pairwise masks using Kyber key encapsulation. Each pair of banks generates cancelling masks — so even if H33’s FHE keys were compromised, individual bank contributions remain hidden. The masks cancel in the aggregate. Defense-in-depth.

Layer 3 — Homomorphic Scoring

Joint Fraud Scores Computed on Encrypted Data

H33 multiplies encrypted signal strengths by encrypted confidences (ct×ct), applies bank weight factors (ct×pt), and accumulates across all contributing banks (ct+ct) — all without decryption. The result is an encrypted aggregate fraud score that incorporates intelligence from every bank in the consortium.

Layer 4 — Differential Privacy

Laplace Noise on Aggregate Output

After decryption, calibrated Laplace noise is added to the aggregate score. This provides mathematical differential privacy guarantees — no individual bank’s contribution can be reverse-engineered from the final output, even by an adversary with unlimited compute.

Layer 5 — Post-Quantum Attestation

SHA3-256 Commitment + Dilithium Signature

Every fraud score carries a SHA3-256 computation commitment binding the inputs, the operation, and the output. The entire result is then signed with CRYSTALS-Dilithium ML-DSA-65 — a post-quantum signature that no future computer can forge. Banks can independently verify every score H33 produces.

Real-time fraud scoring across encrypted inputs from multiple banks.

H33-Share processes 32 entities per FHE ciphertext using SIMD batching on BFV lattice encryption. A full scoring round — 8 fraud categories, 3 contributing banks, homomorphic multiply + accumulate + decrypt + attest — completes in under 1.3 milliseconds per batch.

For a consortium of 10 banks tracking 1 million entities, that’s a complete cross-bank fraud intelligence refresh in under 41 seconds. Every entity scored against signals from every bank, without any bank seeing another’s data.

<1.3ms

per 32-entity batch — 8 categories, 3+ banks, fully encrypted

Faster than a database round-trip. Five cryptographic privacy layers deep.

PIPELINE

Consortium Fraud Query Pipeline

Five-stage computation from encrypted bank signals to Dilithium-attested fraud score. Every byte of data stays encrypted. Total latency: ~1.3 ms.

ENCRYPT

Bank A encrypts fraud signals + Kyber pairwise masking

~150 µs

ENCRYPT

Bank B encrypts fraud signals + Kyber pairwise masking

~150 µs

COMPUTE

H33 homomorphic fraud score computation (FHE inner product)

~600 µs

DECRYPT

Decrypt aggregate result + Laplace noise injection (differential privacy)

~200 µs

ATTEST

Dilithium sign aggregate fraud result

~191 µs

Total per consortium query ~1.3 ms

Eight encrypted signal categories. One unified score.

Velocity Anomalies

Rapid transaction bursts

Catches card-testing attacks that span multiple issuers simultaneously.

FHE-encrypted counters

Amount Anomalies

Unusual transaction sizing

Detects structuring patterns invisible to any single institution.

Homomorphic comparison

Geo Anomalies

Impossible travel patterns

Cross-bank geo correlation catches account takeover across institutions.

Encrypted coordinates

Device Anomalies

Fingerprint clustering

Same device hitting multiple banks — visible only in aggregate.

Hashed device IDs

Account Takeover

Credential compromise signals

Stolen credentials tested across institutions detected collectively.

Cross-bank correlation

Synthetic Identity

Fabricated identity detection

Synthetic IDs that pass any single bank’s KYC fail the consortium check.

Multi-bank KYC fusion

Known Patterns

Historical fraud signatures

Federated model training across banks — Byzantine-resilient aggregation.

TrimmedMean + DP

Money Mule

Layering and placement

Fund movement across accounts at different banks traced in encrypted form.

Encrypted graph analysis

Contributing signals is free. Score queries cost units.

Same H33 unit system as Auth and Vault. Volume drives discounts at every level. Signal contributions are always free.

Share-0

5 units per query

2 signal categories (Velocity + Amount). Dilithium-signed results. SHA3-256 commitment. Basic differential privacy.

<25K units$0.30/q

250K-2.5M$0.125/q

25M+$0.03/q

Share-1

10 units per query

All 8 categories. Per-category breakdown. FHE velocity tracking. Calibrated differential privacy (ε=2.0).

<25K units$0.60/q

250K-2.5M$0.25/q

25M+$0.06/q

Share-2

20 units per query

Share-1 + pairwise Kyber masking (defense-in-depth). Federated model training. Byzantine-resilient aggregation.

<25K units$1.20/q

250K-2.5M$0.50/q

25M+$0.12/q

Share-3

35 units per query

Share-2 + custom model weights. Dedicated FHE compute. 99.99% SLA. Private consortium deployment. Priority scoring.

<25K units$2.10/q

250K-2.5M$0.875/q

25M+$0.21/q

Volume Unit Pricing

Monthly Volume	$/Unit	Share-0 (5u)	Share-1 (10u)	Share-2 (20u)	Share-3 (35u)
Under 25K units	$0.060	$0.30	$0.60	$1.20	$2.10
25K – 250K	$0.040	$0.20	$0.40	$0.80	$1.40
250K – 2.5M	$0.025	$0.125	$0.25	$0.50	$0.875
2.5M – 25M	$0.012	$0.06	$0.12	$0.24	$0.42
25M+ units	$0.006	$0.03	$0.06	$0.12	$0.21

Share-2 at 25M+ = $0.12/query — full FHE + Kyber + Dilithium + differential privacy

Per-Operation Costs

Operation	Units	Notes
Signal encrypt + ingest	0 (free)	Incentivizes sharing
Homomorphic accumulate	1	Per category per entity
Score decrypt + DP noise	2	Final aggregate only
Dilithium attestation	0	Included with every query
SHA3-256 commitment	0	Included with every query
Kyber secure agg round	5	Share-2+ only
Federated model update	3	Share-2+ only

Tier

Monthly Query Volume

10K queries/mo

Units Used

100K

Monthly Spend

$2,500

Per Query

$0.25

	H33-Share	Consortium DB	Data Broker
Share-2 per query (volume)	$0.12	$0.50–2.00	$1.00–5.00
Data visibility to operator	Zero — FHE encrypted	Full plaintext	Full plaintext
Post-quantum signatures	Dilithium (FIPS 204)	—	—
Homomorphic computation	BFV lattice (N=4096)	—	—
Differential privacy	Laplace (ε=2.0)	—	—
Regulatory risk	None — no data sharing	High — data pooling	High — CCPA/GDPR

Frequently Asked Questions

How does H33-Share differ from traditional fraud databases?

Traditional fraud databases share raw data between banks, creating privacy liability. H33-Share uses FHE (fully homomorphic encryption) so banks contribute encrypted signals. The computation runs on ciphertext — no bank ever sees another bank's raw fraud data.

Can banks see each other's raw data?

No. Every bank's fraud signals are encrypted with BFV FHE before leaving their premises. The H33 server computes aggregate fraud scores on encrypted data. Banks receive only the final encrypted result, which they decrypt locally. No raw data is ever shared.

What are the 8 fraud signal categories?

Transaction velocity, geographic anomaly, device fingerprint, behavioral biometrics, account age risk, cross-institution flags, amount deviation, and merchant category risk. Each category is encrypted independently and combined via FHE inner product.

How does differential privacy work in H33-Share?

After the FHE computation produces an aggregate fraud score, calibrated Laplace noise is injected before the result is returned. This provides formal differential privacy guarantees (ε-DP). The noise level is tuned so individual bank contributions cannot be reverse-engineered from the aggregate.

What is the latency per consortium query?

A full consortium fraud query (encrypt signals, FHE compute, decrypt, Laplace noise, Dilithium attest) completes in approximately 1.3 milliseconds. This is fast enough for real-time transaction scoring at payment authorization time.

How many banks can participate in a consortium?

H33-Share supports consortia of 2 to 100+ member institutions. The FHE computation scales linearly with participant count. Pairwise Kyber key agreement ensures each bank-to-bank channel is independently encrypted.

What happens if a bank goes offline during a query?

The consortium query proceeds with available banks. Missing signals are treated as zero vectors in the FHE computation. The result is still valid but may have reduced signal coverage. Each result includes a metadata field listing which banks contributed.

Is H33-Share compliant with data localization laws?

Yes. Since all data remains encrypted end-to-end, no plaintext crosses jurisdictional boundaries. Banks in different countries can participate in the same consortium without violating GDPR, CCPA, or other data localization requirements. The computation runs on ciphertext only.

How does Kyber pairwise masking protect signals?

Each pair of banks establishes a shared secret via ML-KEM (Kyber-768) key agreement. This shared secret generates pairwise masks that are added to encrypted signals before consortium aggregation. Even if the FHE layer were broken, the Kyber masks provide an independent layer of protection.

Can we add new signal categories over time?

Yes. The FHE computation operates on fixed-size encrypted vectors. New signal categories are added by extending the vector dimension. Existing consortium members update their encryption client to include the new category. No changes to the server-side FHE computation are needed.

Every bank fights fraud alone. The fraudsters don’t.