{
  "object": "event",
  "created": 1751590453,
  "request_id": "req-1751590452487",
  "event_type": "withdraw_account.duplicated_detected",
  "event_version": "1.0",
  "idempotency_key": "85420805-0b5e-4b11-b7f4-c6f05db7120b",
  "account": {
    "user_id": "us-testWebhook1",
    "account_status_v2": "active"
  }
}
Security events are triggered when potentially suspicious activities are detected or when security-related account actions occur. These events help you monitor and respond to security threats in real-time.

Overview

Rise supports the following security-related webhook events:

withdraw_account.duplicated_detected

Duplicate withdrawal account detected for security review

withdraw_account.duplicated_detected

When the system detects that a user is attempting to use a withdrawal account that’s already associated with another user or has been flagged for suspicious activity, this event is triggered. This is part of Rise’s fraud prevention and compliance monitoring.

Field reference

object
string
required
The type of object this webhook represents (always “event”)
created
number
required
The Unix timestamp when the event was created
event_type
string
required
The type of event that occurred
event_version
string
required
The version of the event schema
request_id
string
A unique identifier for the API request that triggered this event (optional)
idempotency_key
string
required
A unique key to ensure the webhook is processed only once
account
object
required
Account information for the affected user
{
  "object": "event",
  "created": 1751590453,
  "request_id": "req-1751590452487",
  "event_type": "withdraw_account.duplicated_detected",
  "event_version": "1.0",
  "idempotency_key": "85420805-0b5e-4b11-b7f4-c6f05db7120b",
  "account": {
    "user_id": "us-testWebhook1",
    "account_status_v2": "active"
  }
}

Implementation Notes

Immediate action required: When this event is triggered, the affected account is immediately suspended to prevent potential fraud. Manual review is required to restore access.
Compliance reporting: These events should be logged for compliance purposes and may need to be reported to regulatory authorities depending on your jurisdiction.
User communication: Consider implementing automated notifications to inform affected users about the account suspension and next steps for resolution.

Account Status Values

Security Response Workflow

When this event is triggered, consider implementing the following response workflow:
  1. Immediate Response
    • Log the security event for audit purposes
    • Notify your security team or compliance officer
    • Suspend any pending transactions for the affected user
  2. Investigation
    • Review the duplicate account details
    • Check for patterns of suspicious activity
    • Verify user identity through additional KYC procedures
  3. Resolution
    • If legitimate: Restore account access and update internal records
    • If fraudulent: Maintain suspension and report to authorities if required
    • Document the investigation outcome for future reference

Common Triggers

This event is typically triggered by:
  • Bank account reuse - Same bank account linked to multiple user profiles
  • Identity overlap - Similar personal information across different accounts
  • Device fingerprinting - Same device used for multiple account setups
  • Behavioral patterns - Similar transaction patterns suggesting coordinated activity
False positives: Legitimate cases include family members sharing bank accounts or users creating new accounts after account issues. Always provide an appeal process for affected users.