What is the Blacklist?
The blacklist lets you permanently block specific entities from transacting through your platform. When a blacklisted entity appears in a transaction, Sigma automatically rejects it, no rule or manual review required.
Use the blacklist for entities you have already investigated and decided should never transact again: confirmed fraudsters, compromised devices, known mule accounts, or sanctioned merchants.
Blacklist Entity Types
Sigma supports four types of blacklist entries:
Users
Block a specific individual by their unique user ID. Any transaction where this user is the sender will be rejected. Use this for customers confirmed to have committed fraud or whose accounts have been compromised beyond recovery.
Devices
Block a specific device by its device ID. Any transaction initiated from this device will be rejected, regardless of which user account is used. Useful when a device has been flagged as used for account takeover or is associated with a pattern of fraudulent activity across multiple accounts.
Accounts
Block a specific bank or payment account number. Any transaction where this account appears as the sender or receiver will be rejected. Use this for known mule accounts, accounts linked to fraud networks, or accounts that have received fraudulent proceeds.
VAS Receivers (Value-Added Service Receivers)
Block a specific merchant, biller, or third-party service recipient. Prevents any payments directed to that VAS receiver. Use this when a merchant or service provider is confirmed to be fraudulent or complicit in a scheme.
How to Blacklist an Entity
There are two ways to add an entity to the blacklist:
Over API
Send a request to the blacklist endpoint with the entity type and identifier.
Sigma Dashboard
- Open the Transaction Monitoring section in Sigma
- Find the transaction involving the entity you want to blacklist
- Click on the transaction to open the detail view
- Click Actions
- Select the blacklist option for the relevant entity type (user, device, account, or VAS receiver)
- Confirm the blacklist action
The entity is immediately added to the blacklist. Any future transactions involving it will be rejected automatically.
Removing an Entity from the Blacklist
To remove an entity from the blacklist:
- Go to Transaction Monitoring → Blacklist in the Sigma Dashboard
- Find the entry you want to remove
- Click Remove and confirm
You can also remove entries via the API.
Blacklisting is immediate and applies to all future transactions. Before blacklisting, make sure the entity has been properly investigated and the decision is documented, especially for users and accounts where a wrongful blacklist can affect a legitimate customer.
Blacklist vs Rules
The blacklist and rules serve different purposes:
| Blacklist | Rules |
|---|
| Scope | Specific known entities | Pattern-based conditions |
| Action | Always reject | Approve, review, or reject based on conditions |
| Use case | Confirmed bad actors | Proactive risk detection |
| Setup | Per entity | Per rule condition |
