Kill Switch
The kill switch is an emergency control for administrators to immediately disable or override the fraud detection system during security incidents or maintenance.
Accessing the Kill Switch
Navigate to Admin > Kill Switch. This feature requires Administrator access with 2FA enabled.
PlatformAdmin operators can also trigger emergency controls — including kill-switch activation and forced account lock-down — directly from the Ops Portal.
- All Ops Portal actions require the
RequirePlatformAdminpolicy (role + 2FA check). - Ops Portal events are recorded in the platform-level audit log, separately from business-level audit entries.
See Security Overview for details on the PlatformAdmin role and self-operation guards.
Status Display
The kill switch dashboard shows:
- Current state — Active or Inactive
- Circuit breaker status — System health indicator
- Consecutive failures — Count of sequential fraud detection failures
- False positive count — Incorrect fraud detections
- Total activations — Historical activation count
Activating the Kill Switch
When the fraud detection system needs to be disabled:
- Click Activate Kill Switch
- Select a reason:
- Manual activation
- High false positive rate
- System failure
- Security threat
- Maintenance
- Confirm the activation
Activating the kill switch disables fraud detection. Only use in genuine emergencies.
Deactivating the Kill Switch
- Click Deactivate Kill Switch
- Enter a reason for deactivation
- Fraud detection resumes immediately
Emergency Override
Super administrators can perform an emergency override:
- Enter override reason
- Set duration (1-60 minutes)
- System reverts after the duration expires
Activation History
A timeline of all kill switch events is displayed, showing:
- Activation and deactivation timestamps
- Reasons provided
- Who performed each action