https://{instance}.eu1.on-hellgate.cloud. There is no multi-tenancy within an instance.
Specter operates exclusively on dedicated infrastructure. There are no shared environments — every
instance, including Test tier deployments, is dedicated and isolated solely for your organization.
Editions
Specter comes in two editions, set when your instance is provisioned. They differ in whether the engine can call external risk backends through a Link integration.Specter Core
The in-process decision engine: local rules, velocity counters, and the blacklist. Every check runs inside
Specter with no external calls — the lowest-latency configuration.
Specter Connect
Everything in Core, plus external risk engines reached through Link.
backend and backend group rules
become available, so a decision can call providers such as VISA Decision Manager, Ravelin, or FraudSight.| Edition | Local rules + blacklist | External risk backends |
|---|---|---|
| Specter Core | ✓ | — |
| Specter Connect | ✓ | ✓ |
On Specter Core,
backend and backend group rules cannot be added to a ruleset. Specter Connect enables them
and requires a Link instance — see Backends.Tiers
Specter provides two environment tiers, each a separate dedicated instance:- Production: Your live environment for real-time decisioning on production traffic.
- Test: A dedicated environment for development, integration testing, and quality assurance.
PCI level
Independent of edition, your instance runs at a PCI certification level — fixed when it is provisioned — that determines whether it can accept a raw PAN in the decision context:| Level | Raw PAN in decisions | Use |
|---|---|---|
SAQ_A (default) | Not accepted | Send tokenized or masked credentials only |
SAQ_D | Accepted | Instances certified to handle full card data |
ROC | Accepted | Report on Compliance — full card data |
SAQ_A instance, a decision request with credential.type: "pan" is rejected; use masked_pan or another
non-PAN credential — see Decisions. Regardless of level, a PAN supplied in
a decision is used only for evaluation and fingerprinting; it is never persisted.
Getting access
To get access to Specter and for available options, contact your account representative or reach out to our sales team via hellgate.io/demo. Once your Specter instance is provisioned, Hellgate Support will provide you with:- Your dedicated instance URL —
https://{instance-name}.{env}.on-hellgate.cloud, where{env}is currentlyeu1and{instance-name}is your unique slug - Client credentials (client ID and secret) to request access tokens
Next steps
Authentication
Authenticate to your instance, and the scopes that gate each endpoint.