Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Preventing Fraud in the Mercari customer journey / メルカリのカスタマージャーニーにおける不正防止の取り組み

mercari
PRO
October 14, 2023
Technology
0
120

Preventing Fraud in the Mercari customer journey / メルカリのカスタマージャーニーにおける不正防止の取り組み

When a person wants to use the Mercari app, they go through multiple phases over the course of their customer journey, from registering their account to liking, buying, and selling items and more. During these phases, we must take the utmost care in handling customer actions because there is a risk of fraud.
In this session, I will discuss a few architecture details and design discussions that we took to prevent fraud in the Mercari/Merpay ecosystem.

メルカリのアプリを利用するとき、アカウント登録、いいね、購入、出品など、カスタマージャーニーにおける複数のフェーズがあります。これらのフェーズには不正のリスクが伴うため、お客さまのアクション処理には細心の注意を払う必要があります。
本セッションでは、メルカリ・メルペイのエコシステムにおけるアーキテクチャの詳細と、不正を防ぐために行った設計上の議論についてお話します。

------
Merpay & Mercoin Tech Fest 2023は3日間のオンライン技術カンファレンスです。
IT企業で働くソフトウェアエンジニアおよびメルペイ・メルコインの技術スタックに興味がある方々を対象に2023年8月22日(火)、23日(水)、24日(木)の3日間、開催します。 Merpay & Mercoin Tech Fest は事業との関わりから技術への興味を深め、プロダクトやサービスを支えるエンジニアリングを知ることができるお祭りです。

今年のテーマは「Unleash Fintech」。 メルペイ・メルコインのこれまでの技術的な取り組みはもちろん、メルカリグループのFintech事業における新たな挑戦をお伝えします。 セッションでは事業を支える組織・技術・課題などへの試行錯誤やアプローチなど多面的にご紹介予定です。

メルペイ・メルコインが今後どのようにUnleash(解放)していくのか、ぜひ見に来てください。

■イベント関連情報
- 公式ウェブサイト:https://events.merpay.com/techfest-2023/
- 申し込みページ:https://mercari.connpass.com/event/286670/
- Twitterハッシュタグ: #MerpayMercoinTechFest
■リンク集
- メルカリ・メルペイイベント一覧:https://mercari.connpass.com/
- メルカリキャリアサイト:https://careers.mercari.com/
- メルカリエンジニアリングブログ:https://engineering.mercari.com/blog/
- メルカリエンジニア向けTwitterアカウント:https://twitter.com/mercaridevjp
- 株式会社メルペイ:https://jp.merpay.com/

mercari
PRO

October 14, 2023
Tweet

More Decks by mercari

See All by mercari
新卒採用ポジション紹介資料/new-graduate-positions-at-mercari-jp
mercari
PRO
0
1.4k
New Graduate Positions at Mercari
mercari
PRO
1
970
メルペイのあと払いとスマートマネーを支える返済基盤マイクロサービスの進化 / The Development of the Repayment Platform Microservices Supporting Merpay deferred payments and Smart Money
mercari
PRO
1
160
LLMを活用した文章校正の取り組み / Text Proofreading Initiatives Using LLM
mercari
PRO
0
420
Merpay iOSのGroundUp Appへの移行 / Migrating Merpay to the GroundUp App on iOS
mercari
PRO
0
160
SwiftUIでビットコインの価格チャートを改善・再実装した話 / Improving and Re-implementing the Bitcoin Price Chart Using SwiftUI
mercari
PRO
3
440
1週間リリースを支えるAndroid自動テスト運用のその後 / Developments Since Launching Operation of Android Automated Testing to Support One-Week Releases
mercari
PRO
0
150
Behind the Scenes: The Technical Magic that Powers our WYSIWYG Webpage Builder / WYSIWYGウェブページビルダーを支える技術的マジックの裏側
mercari
PRO
0
100
フロントエンドチームのスキルテスト評価システム改善の取り組み / Improving the Skill Test Evaluation System of Our Frontend Team
mercari
PRO
0
190

Other Decks in Technology

See All in Technology
R3のコードから見る実践LINQ実装最適化・コンカレントプログラミング実例
neuecc
3
2.8k
地理空間データ可視化・解析・活用ソリューション Pacific Spatial Solutions (PSS)
pacificspatialsolutions
0
340
How to do well in consulting–Balkan Ruby 2024
irinanazarova
0
160
コードファーストの考え方。 Amplify Gen2から学ぶAWS次世代のWeb開発体験
yoshiitaka
2
390
コードや知識を組み込む / Incorporate Code and knowledge
ks91
PRO
0
150
MixIT 2024 - Pulumi : Gérer son infra avec son langage de programmation préféré
ju_hnny5
1
120
中年男性がメインフレームから クラウドへキャリアシフトしてみた
uechishingo
0
300
VSCodeの拡張機能を作っている話
ebarakazuhiro
1
820
EM完全に理解した と思ったけど、 やっぱり何も分からなかった話 / EM Night Fukuoka #1
hirutas
0
290
LLM開発・活用の舞台裏@2024.04.25
yushin_n
3
1.3k
自己改善からチームを動かす! 「セルフエンジニアリングマネージャー」のすゝめ
shoota
6
1k
uvを使ってストレスフリーな Python開発をしよう!
r74tech
0
170

Featured

See All Featured
WebSockets: Embracing the real-time Web
robhawkes
59
7k
Designing the Hi-DPI Web
ddemaree
276
33k
The World Runs on Bad Software
bkeepers
PRO
61
6.7k
Code Reviewing Like a Champion
maltzj
515
39k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
15
1.6k
Bash Introduction
62gerente
605
210k
Large-scale JavaScript Application Architecture
addyosmani
504
110k
Docker and Python
trallard
35
2.7k
Fantastic passwords and where to find them - at NoRuKo
philnash
39
2.5k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
117
18k
GraphQLの誤解/rethinking-graphql
sonatard
56
9.3k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
79
43k

Transcript

  1. Session Title Preventing fraud from Mercari customer journey Gajula Shiva

    Chaitanya Merpay Engineer

  2. @codechaitu 1. Joined mercari in 2018 after my graduation. 2.

    Contributed to the development of Mercari’s internal Customer Relationship Management (CRM) tools. 3. In November 2022, joined merpay to improve knowledge about fraudulent transactions. Merpay TnS Platform Team

  3. Mercari Customer Journey… ?

  4. Scene: Customer moves from start to account registration step

  5. Comparison between suspicious customer and normal customer after account creation.

  6. Scene: customer moves to transaction step

  7. Introduce Trust and Safety team [ TnS ] system overview

    #1 Sources #2 Pre Processing Output Processing Rule Engine #3 Rule Engine #3 #3 #4

  8. 1. How we receive them ? a. streaming events from

    CDC [ change data capture ] b. other microservices. c. 3rd party data. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources #4 #2 Pre Processing Output Processing Stream Engine #3 #1 Sources

  9. 1. We want to filter out data from multiple sources

    and prepare in required format. 2. To filter the data we prepared some services, in them I would like to present two features which I like the most. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources #3 #4

  10. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources

    #3 #4 1. あんしん支払い [ Safe payment settings ] 2. 3D Secure Some significant feature introduction

  11. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources

    #3 #4 Feature: あんしん支払い More about this feature can be read here.

  12. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources

    #3 #4 Feature: 3D Secure - If a transaction is found suspicious, what we do…?

  13. 1. Splunk [ currently using for batch-processing ] a. We

    are using Splunk cloud. 2. Flink [ under development for real-time-processing ] #2 Pre Processing Output Processing Rule Engine #3 #1 Sources #4

  14. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources

    #4 Why Apache Flink ? About Google Dataflow 1. Pro’s a. Easy to deploy as a fully-managed service. b. Autoscaling on high-load. 2. Con’s a. Can’t handle checkpoint on developer side. b. High availability option, which Flink provides compared to SLA for dataflow. c. A bit expensive. About Apache Flink 1. Pro’s a. We can have checkpointing and savepoints. b. OSS, so we can deploy our jobs on kubernetes, so we can debug easily. c. We have a team internally already worked on Flink and provide support, when needed. 2. Con’s a. Need to manage resource ourselves.

  15. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources

    #4

  16. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources

    #4 Example Rule: If an customer spends more than 1 Million Yen within 6 hours, then it is a suspicious transaction. To easily demonstrate our system, let’s use cloud scheduler.

  17. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources

    #4 Example Rule: If an customer spends more than 1 Million Yen within 6 hours, then it is a suspicious transaction.

  18. How we debug locally - Setup #2 Pre Processing Output

    Processing Rule Engine #3 #1 Sources #4 There are steps written in the GitHub, please try it. Docs link

  19. How we debug locally - Example #2 Pre Processing Output

    Processing Rule Engine #3 #1 Sources #4 we use FlinkSQL in local by using SQL gateway. Let’s watch a video together and understand it.

  20. 1. Manually check the data if it is a suspicious

    transaction or not. 2. If it is suspicious, apply some restrictions on customer, like restriction from buying for x number of days, restriction from selling for y number of days, etc. 3. Based on case-by-case it changes. 4. We use GCP memory store as cache to filter out duplicate events. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources #4

  21. The reason to present our work. A small attempt to

    inform engineers and general audience that we are taking our best care to prepare mercari a safe environment from fraud.
  22. None