Case Study | Ruishu Information helps a large online payment company upgrade its marketing value

The operation team of a large online payment company found that every time a promotional activity attracted a large number of users, "wool parties" also flocked in. As a result, not only did users fail to conduct normal transactions, but a large number of market promotions were "grabbed" by wool parties, causing huge economic losses and greatly reducing market promotion activities. After applying the protection of Ruishu's dynamic security technology, the number of users online at the same time reached 2.3 million, 13 times the peak in 2015, and the concurrency of multiple platforms broke the historical peak, reaching 3 times that of last year, and the proportion of malicious requests dropped to 85.4%, which significantly increased performance.

“Warm-up party” rampantly picks up the fruits of promotional discounts

Shopping is no longer done in malls, but has turned to online shopping; transferring money to parents no longer requires queuing up at the bank, but can be done directly online; even financial management and purchasing various new financial products can be achieved through online payment. I believe this is the real life of many people now, and it is the third-party payment that realizes these functions that is everywhere in our lives.

In order to improve the loyalty of existing users and continuously develop new users, the payment company's official website will launch preferential promotions on the monthly promotion day; and on the annual super promotion day, the company will also carry out the largest promotion and provide users with super discounts.

[[188849]]

However, the operation team of the payment company found that when launching some activities with strong promotional strength, the following abnormal phenomena often occur:

Users are unable to conduct normal transactions. The freeloaders use automated tools to initiate a large number of automated transactions to "freeload free items", resulting in a huge amount of sudden application requests, which seriously drags down the performance of the business system and prevents users from conducting normal transactions. Some users report that the promotional activity page is often unable to open. For this reason, some users even question whether a large online payment company is conducting false promotions, which seriously affects the business image of a large online payment company.

Market promotion discounts were "fleeced". A large number of market promotions that were originally intended to increase user activity could not actually reach users, but were snatched away by "fleecing parties" through illegal means, resulting in a significant reduction in the effectiveness of market promotions and causing huge economic losses.

How to "expel" the wool party?

The reason why the "cash-back gangs" are so rampant is that the automated attacks they launch simulate user cooperative operations and have no obvious characteristics, making it difficult for traditional security defense mechanisms to effectively defend against them.

Under such a severe situation, the payment company was attracted by Ruishu Information's innovative dynamic security technology. The two parties decided to carry out in-depth cooperation in the company's payment platform dynamic application protection project to build a safe and efficient business system:

1. Provide “cleaner” data for security systems or risk control systems by deploying dynamic verification system filtering automation tool operations.

2. Through the big data analysis system of the dynamic verification system, the source of the attack can be tracked and evidence collected, moving from the single-point defense of traditional security to end-to-end overall defense.

3. Through dynamic protection of the payment portal, malicious automated operations such as automated batch registration, login, database collision, order placement, etc. are prevented; and the wool party is prevented from obtaining improper benefits from the promotion activities of a large online payment company through automated tools.

The payment company has a very unique vision. Founded in 2012, Ruishu Information is dedicated to providing the industry's most cutting-edge Internet dynamic application security protection solutions. Ruishu Information has developed the world's original leading active defense security technology, which completely subverts the traditional security technology foundation that has lasted for more than 20 years. It can defend against various unknown modern attack methods, with more efficient and timely blocking capabilities, while significantly reducing deployment and use costs.

In the project, the payment portal website adopts Ruishu Information's dynamic protection technology. Through dynamic verification of the client environment and operating behavior, it closely checks the operating environment, browser fingerprints, suspected attack behaviors and other factors to prevent malicious terminal access, realize dynamic identification of automated tools, and effectively verify whether the client accessing the web page is a "human" or an "automated tool", thereby filtering out a large amount of automated attack noise.

Dynamic protection fundamentally blocks the operation of automated tools, directly hitting the bottom of the black industry chain, making automated tools unable to run, successfully curbing the rampant arrogance of the black industry chain, and completely depriving the wool party of their attack capabilities. It also allows the security team of a large online payment company to respond more quickly and effectively to malicious attacks such as database collisions and wool-pulling.

Ruishu Information provides targeted solutions, which are dynamic, safe and fast.

On the day when Ruishu Information's dynamic application security protection solution was deployed on the payment website, the proportion of malicious requests dropped to 85.4%; in the regular monitoring for nearly two months that followed, Ruishu Information found that due to the failure of automated tools, malicious traffic dropped sharply and accounted for less than 1% of the total site visits.

The “dynamic security protection” technology used by the payment company’s portal website successfully reversed the attack and defense situation:

• Dynamic algorithm generation – The code logic and form are different each time, and the effective time is dynamically adjusted with the overall access volume. Attackers must complete the reverse engineering in a very short time each time, which greatly increases the difficulty of the attack and forces attackers to give up the attack.
• Real environment check – Utilizes the differences in special properties and syntax of script engines in different browsers to verify the real browser form, greatly increasing the difficulty for attackers to forge the terminal operating environment.
• Attack behavior pattern analysis – Based on human-computer interaction theory, analyze terminal operation behavior patterns, effectively identify non-human operation behaviors, and effectively prevent low-frequency simulated operation attacks.

The good news is that after the company's payment portal dynamic application protection project was implemented, all automated attacks against the portal were blocked. Not only did each marketing campaign go smoothly, but the market promotion offers could be truly delivered to end users, thus achieving the goal of "attracting new customers and promoting activation."

Since the project was completed, the payment company's portal system has been running smoothly without any downtime, and it can ensure that users can access the system normally during every promotion. The "wool party" can no longer get free stuff through the portal, and the payment company's reputation and corporate image have been greatly improved.

Dynamic security improves market satisfaction for payment companies

This payment portal business security protection project extends the protection boundary from the server to the client. Through dynamic technologies such as client fingerprint tracking, authenticity recognition and behavior analysis, it quickly filters out malicious source terminals with attack or fraud intentions, greatly improving the ability to identify and track the source of fraud, fully controlling the entire attack process, and establishing an all-round three-dimensional combat capability to combat cyberspace threats.

The reason why the payment portal dynamic application protection project has achieved such an efficient protection effect is that in addition to the support of the payment company's own operation team, there is also a very critical factor, that is, Ruishu Information's dynamic security technology. The "dynamic protection" technology adopted by the project can block all automated attacks against the portal, resist various new threats that traditional security cannot cope with, and bring revolutionary changes to security defense! Ruishu Information's dynamic security technology can not only help a large online payment company improve its overall security level and defend against attacks, but also help the payment company lead its industry competitors in security construction, ensure that each marketing activity is truly enjoyed by the end user, let users get more benefits, and improve the overall market satisfaction and industry competitiveness.

At present, Ruishu Information's dynamic security technology has been successfully applied to a large domestic payment company and other large online payment companies, and has been highly recognized by customers!

(A large online payment company. Its business has covered 350 major cities across the country, with more than 400,000 cooperative merchants and more than 230 million users.)