Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Preventing Fraud in the Mercari customer journe...

mercari
PRO
October 14, 2023
Technology
0
170

Preventing Fraud in the Mercari customer journey / メルカリのカスタマージャーニーにおける不正防止の取り組み

When a person wants to use the Mercari app, they go through multiple phases over the course of their customer journey, from registering their account to liking, buying, and selling items and more. During these phases, we must take the utmost care in handling customer actions because there is a risk of fraud.
In this session, I will discuss a few architecture details and design discussions that we took to prevent fraud in the Mercari/Merpay ecosystem.

メルカリのアプリを利用するとき、アカウント登録、いいね、購入、出品など、カスタマージャーニーにおける複数のフェーズがあります。これらのフェーズには不正のリスクが伴うため、お客さまのアクション処理には細心の注意を払う必要があります。
本セッションでは、メルカリ・メルペイのエコシステムにおけるアーキテクチャの詳細と、不正を防ぐために行った設計上の議論についてお話します。

------
Merpay & Mercoin Tech Fest 2023は3日間のオンライン技術カンファレンスです。
IT企業で働くソフトウェアエンジニアおよびメルペイ・メルコインの技術スタックに興味がある方々を対象に2023年8月22日(火)、23日(水)、24日(木)の3日間、開催します。 Merpay & Mercoin Tech Fest は事業との関わりから技術への興味を深め、プロダクトやサービスを支えるエンジニアリングを知ることができるお祭りです。

今年のテーマは「Unleash Fintech」。 メルペイ・メルコインのこれまでの技術的な取り組みはもちろん、メルカリグループのFintech事業における新たな挑戦をお伝えします。 セッションでは事業を支える組織・技術・課題などへの試行錯誤やアプローチなど多面的にご紹介予定です。

メルペイ・メルコインが今後どのようにUnleash(解放)していくのか、ぜひ見に来てください。

■イベント関連情報
- 公式ウェブサイト:https://events.merpay.com/techfest-2023/
- 申し込みページ:https://mercari.connpass.com/event/286670/
- Twitterハッシュタグ: #MerpayMercoinTechFest
■リンク集
- メルカリ・メルペイイベント一覧:https://mercari.connpass.com/
- メルカリキャリアサイト:https://careers.mercari.com/
- メルカリエンジニアリングブログ:https://engineering.mercari.com/blog/
- メルカリエンジニア向けTwitterアカウント:https://twitter.com/mercaridevjp
- 株式会社メルペイ:https://jp.merpay.com/

mercari
PRO

October 14, 2023
Tweet

More Decks by mercari

See All by mercari
[DevDojo] Problem Solving - 2024
mercari
PRO
1
270
[DevDojo] Ship Code Faster - 2024
mercari
PRO
1
160
[DevDojo] Mercari Design Doc - 2024
mercari
PRO
0
210
[DevDojo] Mercari Quality Assurance - 2024
mercari
PRO
1
170
[DevDojo] Merpay Quality Assurance - 2024 (日本語)
mercari
PRO
1
150
[DevDojo] Merpay Quality Assurance - 2024
mercari
PRO
0
99
[DevDojo] Basic Machine Learning - 2024
mercari
PRO
1
240
[DevDojo] Mercari Mobile Development - 2024
mercari
PRO
0
120
[DevDojo] Mercari Incident Management - 2024
mercari
PRO
0
170

Other Decks in Technology

See All in Technology
Adopting Jetpack Compose in Your Existing Project - GDG DevFest Bangkok 2024
akexorcist
0
100
第1回 国土交通省 データコンペ参加者向け勉強会③ - Snowflake x estie編 -
estie
0
130
Making your applications cross-environment - OSCG 2024 NA
salaboy
0
180
EventHub Startup CTO of the year 2024 ピッチ資料
eventhub
0
110
Incident Response Practices: Waroom's Features and Future Challenges
rrreeeyyy
0
160
フルカイテン株式会社 採用資料
fullkaiten
0
40k
SREによる隣接領域への越境とその先の信頼性
shonansurvivors
2
520
データプロダクトの定義からはじめる、データコントラクト駆動なデータ基盤
chanyou0311
2
290
AWS Lambda のトラブルシュートをしていて思うこと
kazzpapa3
2
170
リンクアンドモチベーション ソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers
lmi
4
300k
テストコード品質を高めるためにMutation Testingライブラリ・Strykerを実戦導入してみた話
ysknsid25
7
2.6k
OCI Network Firewall 概要
oracle4engineer
PRO
0
4.1k

Featured

See All Featured
Documentation Writing (for coders)
carmenintech
65
4.4k
The Pragmatic Product Professional
lauravandoore
31
6.3k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.3k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
169
50k
For a Future-Friendly Web
brad_frost
175
9.4k
How to Think Like a Performance Engineer
csswizardry
20
1.1k
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
8.2k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
25
1.8k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2.1k
The World Runs on Bad Software
bkeepers
PRO
65
11k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
93
16k

Transcript

  1. Session Title Preventing fraud from Mercari customer journey Gajula Shiva

    Chaitanya Merpay Engineer

  2. @codechaitu 1. Joined mercari in 2018 after my graduation. 2.

    Contributed to the development of Mercari’s internal Customer Relationship Management (CRM) tools. 3. In November 2022, joined merpay to improve knowledge about fraudulent transactions. Merpay TnS Platform Team

  3. Mercari Customer Journey… ?

  4. Scene: Customer moves from start to account registration step

  5. Comparison between suspicious customer and normal customer after account creation.

  6. Scene: customer moves to transaction step

  7. Introduce Trust and Safety team [ TnS ] system overview

    #1 Sources #2 Pre Processing Output Processing Rule Engine #3 Rule Engine #3 #3 #4

  8. 1. How we receive them ? a. streaming events from

    CDC [ change data capture ] b. other microservices. c. 3rd party data. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources #4 #2 Pre Processing Output Processing Stream Engine #3 #1 Sources

  9. 1. We want to filter out data from multiple sources

    and prepare in required format. 2. To filter the data we prepared some services, in them I would like to present two features which I like the most. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources #3 #4

  10. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources

    #3 #4 1. あんしん支払い [ Safe payment settings ] 2. 3D Secure Some significant feature introduction

  11. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources

    #3 #4 Feature: あんしん支払い More about this feature can be read here.

  12. #2 Pre Processing Output Processing Stream Engine #3 #1 Sources

    #3 #4 Feature: 3D Secure - If a transaction is found suspicious, what we do…?

  13. 1. Splunk [ currently using for batch-processing ] a. We

    are using Splunk cloud. 2. Flink [ under development for real-time-processing ] #2 Pre Processing Output Processing Rule Engine #3 #1 Sources #4

  14. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources

    #4 Why Apache Flink ? About Google Dataflow 1. Pro’s a. Easy to deploy as a fully-managed service. b. Autoscaling on high-load. 2. Con’s a. Can’t handle checkpoint on developer side. b. High availability option, which Flink provides compared to SLA for dataflow. c. A bit expensive. About Apache Flink 1. Pro’s a. We can have checkpointing and savepoints. b. OSS, so we can deploy our jobs on kubernetes, so we can debug easily. c. We have a team internally already worked on Flink and provide support, when needed. 2. Con’s a. Need to manage resource ourselves.

  15. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources

    #4

  16. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources

    #4 Example Rule: If an customer spends more than 1 Million Yen within 6 hours, then it is a suspicious transaction. To easily demonstrate our system, let’s use cloud scheduler.

  17. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources

    #4 Example Rule: If an customer spends more than 1 Million Yen within 6 hours, then it is a suspicious transaction.

  18. How we debug locally - Setup #2 Pre Processing Output

    Processing Rule Engine #3 #1 Sources #4 There are steps written in the GitHub, please try it. Docs link

  19. How we debug locally - Example #2 Pre Processing Output

    Processing Rule Engine #3 #1 Sources #4 we use FlinkSQL in local by using SQL gateway. Let’s watch a video together and understand it.

  20. 1. Manually check the data if it is a suspicious

    transaction or not. 2. If it is suspicious, apply some restrictions on customer, like restriction from buying for x number of days, restriction from selling for y number of days, etc. 3. Based on case-by-case it changes. 4. We use GCP memory store as cache to filter out duplicate events. #2 Pre Processing Output Processing Rule Engine #3 #1 Sources #4

  21. The reason to present our work. A small attempt to

    inform engineers and general audience that we are taking our best care to prepare mercari a safe environment from fraud.
  22. None