Control Plane

The SDK is half the product. The control plane is the other half.

Every Yuthent deployment operates from a live control plane. Device forensics, trust policy, fraud triage, action ledger, audit export, pilot monitoring. The operator, the responder, and the auditor each have the surface they need. Built. Operating. Pilot-grade.

Start an enterprise pilotRead the architecture →
In Short

What is the Yuthent control plane?

The control plane is the operational surface over Yuthent Execution Authority Infrastructure. It shows every action the SDK emitted: device forensics, trust policies, the hash-chained action ledger, fraud triage, and audit export. Operators revoke a device in one step and export a proof bundle verifiable against a published public key.

Who Operates It

One surface. Three audiences.

A Yuthent pilot does not end at integration. It is a production system with a day-two story. Each role sees the view that matches its responsibility. Data stays scoped to the tenant.

Configure. Operate. Prove value.

Tenant Administrator

The day-to-day operator of a Yuthent deployment. Manages enrolled devices, configures trust policy, reads the action ledger, pulls audit exports for board review.

  • ·Device fleet view, with status, platform, and last-seen
  • ·Per-device forensics: action history, session timeline, fraud flags
  • ·Trust policy editor for biometric thresholds and enforcement mode
  • ·Send a test action to any enrolled device, live

Triage. Respond. Revoke.

Security Operations

The responder who sees a fraud signal and needs to act within seconds. Operates the fraud center, revocation controls, and webhook integrations into the existing SIEM and fraud stack.

  • ·Fraud alert triage with severity and event-type breakdown
  • ·Immediate device revocation with push propagation
  • ·Webhook feed into SIEM, fraud platform, or internal systems
  • ·External-decision callback to inject upstream fraud verdict

Export. Attest. Defend.

Compliance & Audit

The auditor who needs to reconstruct what happened and prove it to a regulator, a court, or an internal committee. Works from the immutable action ledger and BigQuery export.

  • ·Hash-chained action ledger with daily anchors
  • ·BigQuery audit export to a bring-your-own-storage bucket
  • ·Per-action forensic record: device state, trust state, counter
  • ·Exportable proof bundle verifiable against a published public key
Operational Surfaces

Eight live surfaces, one product.

Every surface is shipped, hardened, and in use. Sample data below is for illustration. Tenant data stays in the tenant scope, isolated at the datastore layer.

Device Forensics

Five-tab deep dive per device. Action ledger timeline, session history, link-session audit, fraud events. Counter progression visible per risk level. Anything the SDK emitted, the operator sees here.

Trust Policy Editor

Per-tenant thresholds for biometric match, liveness, embedding similarity, geometry. Enforcement mode switches between sandbox and production. Policy changes are versioned and auditable.

Action Ledger & Analytics

Approvals, declines, expirations, pending actions. Fourteen-day trend lines. Tier breakdown. Decision-source attribution. Grace-window health across the fleet.

Fraud Center

Severity distribution, status breakdown, event typing. Triage table with direct jump to the device forensic view. Composes with the tenant fraud stack, it does not replace it.

Credentials & Environments

API keys per environment. Sandbox and production separation. Rotation without downtime. Self-service credential visibility inside the tenant scope only.

Access Management

Per-seat access into the tenant portal. Tenant-scoped reads enforced at the datastore. Role-based UI coming next. Invitations, revocation, and audit log of who saw what.

Usage & Billing

Volume by tier, over time, as internal cost analytics. The customer bill is a fixed annual price per deployment tier. Usage shapes Yuthent's cost; it never meters your invoice.

Rollout Monitoring

Live readiness view for a design-partner engagement in progress. Device count, enrollment progress, time-to-first-proof, incident flags. Used by the Yuthent team and the tenant jointly during rollout.

A Glimpse

What an operator sees on day one.

portal.yuthent.com · tenant · acme-bank · production

enrolled devices

12,847

approvals (24h)

94,210

declined (24h)

412

revoked (24h)

7

recent activity

14:02:18APPROVEDAWire $48,200 · human proof · counter 1,284
14:02:14APPROVEDECard-not-present · counter 9,412
14:02:09DECLINEDATrust state not satisfied · REDUCED
14:02:01APPROVEDSSession-cached · in-app confirmation
14:01:56REVOKED·Device cryptographically invalidated · key destroyed

Illustrative. Tenant portal UI is scoped to the tenant and under NDA for design-partner engagements.

Integration Surface

Plugs into the stack you already run.

Outbound events to your SIEM. Inbound decision hooks from your fraud stack. Audit export to your storage. Revocation by API. No vendor lock at the operational layer.

Webhooks

Outbound event stream for approvals, declines, revocations, fraud verdicts. Drop directly into the integrator SIEM, fraud platform, or internal event bus.

BigQuery audit export

Daily export to a customer-owned Google Cloud Storage bucket. Bring-your-own-storage. The integrator owns the retention policy, the encryption, and the access control.

External decision callback

Inbound hook. The integrator fraud system can inject a verdict into Yuthent at verification time. Supports step-up, downgrade, and soft-block without SDK changes.

Revocation API

Immediate device revocation by identity or device hash. Push propagation to the endpoint. The revoked device cannot produce any valid proof at any tier, at any later time.

Data Posture

Tenant data stays in the tenant scope.

Isolation is enforced at the datastore, not at the UI. Every read and every write carries the authenticated tenant identity. A tenant cannot see another tenant, and the Yuthent team cannot see tenant data without explicit support consent, logged.

The control plane is architected for DORA operational resilience and designed for PSD2 SCA Dynamic Linking. EU AI Act Article 14 (meaningful human oversight) is satisfied by construction through per-action biometric-bound signatures. Article 14 carries exposure of up to €15M or 3% of global turnover (Art 99(4)). Full compliance posture is published on the Security page.

The Security Architecture Whitepaper covers the datastore model, authentication tiers, and data retention policy in full. Available on request to senior security contacts.

Want to see it operate on your data?

Enterprise pilots begin with a scoping call and ship a working integration on one critical flow. The control plane is live from day one. The first proofs you see will be your own.