Coupon Abuse Detection identifies fraudulent behavior in real time across marketing activities — including flash sales, coupon acquisition, and lucky draws — so you can protect market development funds (MDF) and keep promotions profitable.
Editions
Coupon Abuse Detection is available in Basic and Advanced editions.
| Feature | Basic | Advanced |
|---|---|---|
| Real-time analysis | Supported | Supported |
| Return value | Score | Score and risk tags |
| Device risk monitoring | Not supported | Supported. Detects emulators, multi-boxing instances, device farm devices, multi-tasking software, cloud phones, and hook devices. |
| Device ID | Not supported | Supported |
| Gang analysis | Not supported | Supported |
| Log delivery to Simple Log Service | Not supported | Supported. Authorize Alibaba Cloud Fraud Detection to deliver logs to Simple Log Service, which stores them free of charge for one year. |
Service event parameters
Pass service event parameters in JSON format via the common request parameter ServiceParameters.
Alibaba Cloud Fraud Detection does not validate the format of string input parameters. Validate your data before sending — for example, confirm that email values follow the format prefix@suffix before submitting them.
| Parameter | Edition | Type | Required | Description | Example |
|---|---|---|---|---|---|
operateTime | Basic and Advanced | Long | Yes | Operation timestamp in seconds, in GMT. | 1522555200 (2018-04-01 12:00:00 GMT) |
ip | Basic and Advanced | String | Yes | Real IP address of the user. | 42.120.XX.XX |
email | Basic and Advanced | String | Yes | Email address. | admin****@aliyun.com |
accountId | Basic and Advanced | String | No (Recommended) | Unique account ID. | 10123**** |
mobile | Basic and Advanced | String | No (Recommended) | Phone number in <country code>-<number> format. | 001-718123**** |
userAgent | Basic and Advanced | String | No (Recommended) | User-Agent request header. | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 |
refer | Basic and Advanced | String | No (Recommended) | Referer request header. | https://www.alibabacloud.com/ |
mac | Basic and Advanced | String | No (Recommended) | Device MAC address. | C0:77:36:2E:XX:XX |
operateSource | Basic and Advanced | String | No (Recommended) | Channel where the operation originated. Valid values: PC, H5, App. | PC |
appVersion | Basic and Advanced | String | No (Recommended) | App version number. | 1.0 |
deviceType | Basic and Advanced | String | No (Recommended) | Device type. Valid values: PC, MOBILE. | PC |
nickName | Basic and Advanced | String | No | Account alias. | admin**** |
deviceToken | Advanced only | String | No (Highly Recommended) | Device token from the Device Fraud Detection SDK. | MzQvo1d7scyZ3tl_RcJZo_... |
Example request body
{
"accountId": "10123****",
"operateTime": 1522555200,
"mobile": "001-718123****",
"ip": "42.120.XX.XX",
"email": "admin****@aliyun.com",
"deviceToken": "MzQvo1d7scyZ3tl_RcJZo_QOytAjy1LWRRLoRKo5oZSoo_JGj1ZoR5JGoRo5jcdn57gV5kxVRcLER5RQoZSvRZZQRcROjcMW5csZR_RGy_55RKJ_oooqZ7dSV5gRnKxOV7eWVQQjRtlRQoAjRcM0",
"nickName": "admin****",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36",
"refer": "https://www.alibabacloud.com/",
"mac": "C0:77:36:2E:XX:XX",
"operateSource": "App",
"appVersion": "1.0",
"deviceType": "MOBILE"
}Response parameters
The response returns a score for all editions, and tags for Advanced only. Both are contained in the Data response parameter.
score
The score parameter is contained in the Data response parameter.
The recommended operations below are based on the experience of the Alibaba Cloud risk control team. Adjust thresholds to match your business requirements.
| Score range | Risk level | Recommended operation |
|---|---|---|
| [0, 35) | Low | Allow the request |
| [35, 65) | Medium | Monitor the account |
| [65, 85) | Medium-high | Trigger security verification or restrict access |
| [85, 100] | High | Restrict access or block the operation |
tags
The tags parameter is returned only in the Advanced edition and provides specific risk signals that explain the score.
| Tag | Description |
|---|---|
rn0301 | High IP risk score |
rn0302 | Medium IP risk score |
re0212 | Random email address detected |
is_emulator | Device suspected to be an emulator |
| …… | …… |
For the complete list of tags, contact Alibaba Cloud.
For common response parameters, see the "Common response parameters" section of Common parameters.
For the business meaning of the tags value in the Data field, contact Alibaba Cloud support.
For more information about common response parameters, see Common Parameters.