receiving, by a computing device, data comprising at least one user account element and an indication of a login attempt at a computing platform, wherein the login attempt is associated with a user device;

determining, based on the indication of the login attempt, that a risk assessment associated with the login attempt is unavailable from an in-memory storage, wherein the in-memory storage comprises key-value pairs, each key being a user account element, and each value being a corresponding risk assessment based on that key;

receiving, via a prediction model, the risk assessment for the login attempt, wherein the prediction model generates the risk assessment, comprising a risk score and a risk category, based on the data comprising the at least one user account element, wherein the at least one user account element and the risk assessment are stored in the in-memory storage as a new key-value pair;

determining, based on the risk assessment, that the risk score and the risk category are indicative of the login attempt being high-risk activity; and

causing, based on the login attempt being high-risk activity, the user device to be denied access to the computing platform.