Registration Fraud Detection helps businesses address account quality issues, such as fake and batch registrations, that arise during user growth. The service uses multi-dimensional feature analysis, such as behavioral profiling, risk networking, and sample comparison, to quickly assess the risk level of registered users. Businesses can then process registrations based on the returned results.
Versions
Registration Fraud Detection comes in Basic and Enhanced editions to meet the risk control needs of different businesses. The following table compares the two editions.
Features | Basic Edition | Enhanced Edition |
Real-time analysis | Supported. | Supported. |
Service return value | Quantitative score. | Quantitative score, risk feature tags. |
Device risk monitoring | Not supported. | Supported. This edition provides outlier detection for emulators, multi-instance apps, modem pools, device farms, cloud phones, and hooking. |
Device fingerprint | Not supported. | Supported. |
Fraud ring analysis | Not supported. | Supported. |
Simple Log Service (SLS) delivery | Not supported. | Supported. You can authorize log delivery to receive one year of free storage. |
Service event parameters
Service event parameters are the request parameters for the ServiceParameters field and must be in JSON format. The following table lists the request parameters for Registration Fraud Detection events for the Basic and Enhanced editions.
To support a wide range of input parameters, Alibaba Cloud Fraud Detection does not validate the business format of input strings. You are responsible for this validation. For example, for the mobile field, you must verify that the input parameter matches the format for mobile numbers in the Chinese mainland, such as an 11-digit number that starts with 1.
Field name | Supported editions | Description | Data format | Sample data | Required |
accountId | Basic Edition, Enhanced Edition | The account ID. This ID uniquely identifies an account. | String | 10123**** | No (Recommended) |
operateTime | Basic Edition, Enhanced Edition | The timestamp of the operation, accurate to the second. The time is in GMT. Note When scanning historical data for risks, pass the historical operation time in this field. This prevents misidentification from incorrect time calculations. | Long | For example, for the GMT time 2018-04-01 12:00:00, the timestamp is 1522555200. | No |
mobile | Basic Edition, Enhanced Edition | The mobile number. Include the country or region code in the format of | String | 001-718123**** | No (Recommended) |
ip | Basic Edition, Enhanced Edition | The public IPv4 address of the client where the business event occurred. | String | 42.120.XX.XX | No |
Basic Edition, Enhanced Edition | The email address. | String | admin****@aliyun.com | Yes | |
deviceToken | Enhanced Edition | The device token obtained from the Device Risk SDK. | String | MzQvo1d7scyZ3tl_RcJZo_QOytAjy1LWRRLoRKo5oZSoo_JGj1ZoR5JGoRo5jcdn57gV5kxVRcLER5RQoZSvRZZQRcROjcMW5csZR_RGy_55RKJ_oooqZ7dSV5gRnKxOV7eWVQQjRtlRQoAjRcM0 | No (Recommended for better results) |
nickName | Basic Edition, Enhanced Edition | The account nickname. | String | admin**** | No |
userAgent | Basic Edition, Enhanced Edition | The User-Agent field from the HTTP request header. | String | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 | No (Recommended) |
refer | Basic Edition, Enhanced Edition | The referer field from the HTTP request header. | String | https://www.aliyun.com/ | No (Recommended) |
mac | Basic Edition, Enhanced Edition | The MAC address of the device. | String | C0:77:36:2E:XX:XX | No (Recommended) |
operateSource | Basic Edition, Enhanced Edition | The source of the operation. Valid values:
| String | PC | No (Recommended) |
appVersion | Basic Edition, Enhanced Edition | The app version number. | String | 1.0 | No (Recommended) |
deviceType | Basic Edition, Enhanced Edition | The device type. Valid values:
| String | PC | No (Recommended) |
Return parameters
The return parameters for the Registration Fraud Detection service include a score and risk tags. Risk tags are returned only for the Enhanced Edition.
The following table describes the business meaning of the score field in the Data return parameter. The recommended actions are based on the experience of the Alibaba Cloud risk control team.
You can adjust these actions based on your business operations as needed.
Score range | Risk level | Recommended action |
[0, 35) | Low risk | Allow. |
[35, 65) | Medium risk | Tag for observation. |
[65, 85) | Medium-high risk | Perform further security verification or restrict permissions for high-risk operations. |
[85, 100] | High risk | Restrict permissions for high-risk operations. |
To understand the business meaning of the tags field in the Data return parameter, contact Alibaba Cloud support.
For more information about common parameters, see Common parameters.