On September 24, GeeTest 2021 Business Security Salon - Bot Management was successfully held in Beijing, where GeeTest released a new solution for managing bot problems.

A RiskIQ report shows that cybercrime and online fraud would cost $11.4 million per minute globally. According to statistics, 1 in 3 cyber attacks occur in China, and Chinese cybercrime and fraud are growing at a rapid rate of 20%-30% per year.

As the country with the highest percentage of malicious traffic in the world, China's enterprises are constantly facing the threat of the world's largest online fraud industry. At present, there are more than 2 million people working in the online fraud industry in the country, and the speed of these people accessing online resources is nearly 800 times faster than that of ordinary users. Even in this severe circumstance, less than 10% of enterprises are addressing the issue seriously, which leaves a large space for the other 90% to seize the opportunity to outwit their competitors.

1. Limitations of Traditional Solutions for Fighting Online Fraud

The current countermeasures against cybercrime and online fraud are industry-based solutions or designed for certain situations. The advantage of such solutions is that they are ready for use, but the problem is that there is a problem with their sustainability - many solutions are useful at first, but are likely to fail after a while.

The reason is very simple. Online fraud tactics are not set in stone and fraudsters are capable of dynamically confronting security strategies. When they encounter website protections, fraudsters will quickly shift to another way. For enterprises, once fraudsters changed their attack strategy, the original security program may become invalid, which will directly lead to high costs of the risk control system.

2. Analysis of Fraudster Capability: Three Main Skills

Online fraudsters obtain resources by breaking the rules, thus ensuring that they earn much higher than normal users. They can take shortcuts to complete a task through few technical methods, which are listed below.

1. Imitating human behavior through computer programs or simulators;
2. Forging identities by purchasing illegal credential information;
3. Falsifying devices through controlling hundreds and thousands of devices via one PC;

Fraudsters thus have a higher efficiency to attack in different ways.

3. GeeTest New Bot Management Solution: Aiming At Fraudster Three Main Skills

GeeTest's bot management solution is not bound to one scene or industry but aims at the ability of fraudsters. Based on the core competencies of fraudsters, GeeTest provides enterprises with targeted countermeasures. The fraudster ability-based solution can cover a variety of scenarios and industries, and will not be invalidated by changes of attack strategies, while the risk control system will be more concise and flexible for enterprises.

Through the experience from years of confrontation with fraudsters, GeeTest finds that website or app traffic can be analyzed by three elements: user's behavior, identity, and device. By collecting identity information, device information, and behavior information, we can identify trustworthy traffic from bot traffic.

And those three types of information are totally different and each has its own unique features.

Behavioral Verification

GeeTest the fourth generation of CAPTCHA - Adaptive CAPTCHA has a seven-layer module with more than 4374 changes per unit cycle, to deal with different attack strategies. It can significantly increase the cost of fraudsters. Compared to the previous products, the absolute cost of fraud attacks will rise 3.14 times.

Identity Check (Available only in mainland China for the moment)

New one-click authentication solution from GeeTest. It puts the risk control system in the early stage of verification to analyze, record, and defense attacks, making it more prompt than the previous product for 0.5 - 48 hours.

Device Check (Available only in mainland China for the moment)

Unlike common device fingerprinting solutions, GeeTest focuses on building a network of multi-dimensional data and devices, covering all kinds of business scenarios, making traffic markable and devices associable, providing enterprises with a more connected bot management solution, helping enterprises identify and make use of good traffic.

4. Final Words

With the so-called “traffic dividend” is coming to an end, the focus of enterprises will shift from quantity to quality in the next decade, and effectively identifying and fighting against malicious bot traffic becomes the key. Nowadays, all Internet enterprises are at the same starting line, and there is huge space for them to find an effective bot management solution. Enterprises will become 2-5 times competitive than others with a proper bot management solution.

GeeTest was mentioned in Gartner's two posts about bot management recently, which is the first time Gartner noted a China-based bot management vendor. GeeTest was also regarded as a representative bot management vendor in Gartner's 2020 Online Fraud Detection market guide. At the same time, GeeTest will soon release the industry's first "Bot Management White Paper" to help enterprises better develop with good traffic.