Speed and "Hidden Dangers": The Hidden Crisis Behind the Instant Delivery Industry

Industry Status

Currently, the trend of residents' consumption is online, accompanied by the change of the main force of consumption on theInstant deliveryThe demand for the service is growing further. Data shows that nearly 25% of consumers use instant delivery services more than 10 times a month, and the proportion of consumers using the service at least once a month has exceeded 90%. The instant delivery market has become the fastest-growing part of the e-commerce industry chain.

Instant deliveryOperational securityconcern

With the rapid growth of consumer demand, platforms related to the instant delivery industry chain have sprung up, giving rise to major platforms related to the instant delivery industry chain. As a result, online retail platforms such as Meituan Grocery and Dingtong Grocery, new retail platforms such as BoxMa and Sam's that support home delivery, and even delivery services such as Home Delivery and McDonald's that specialize in providing food delivery services for their own fast-food chains have emerged.
However, this rapid development has also triggered fierce market competition in the industry, such as price competition, service quality competition, service scope competition and so on. In order to stand out in the competitive market, delivery platforms have adopted a series of strategies to attract users. For example, by issuing full-price coupons, free first order and small gifts for new users, etc., in order to enhance user stickiness and attract new users to become regular customers. These tactics are not only an effective way to meet users' needs, but have also become an inevitable choice for most platforms in response to market competition.
Recently, Meituan Grocery Buying went through a branding change and officially changed its name to Little Elephant Supermarket. As an instant delivery platform, it connects consumers, merchants and delivery staff, enabling users to conveniently access the fresh ingredients they need within 30 minutes.
For the sake of marketing and promotion, Little Elephant Supermarket has launched offers such as giving away brand upgrading category carnival coupons worth 15 RMB, price direct drop, spike, buy one get one free, and so on. In addition to price concessions, the randomly given felt organizer, dirty clothes basket, shopping bags and other blind box giveaways became a highlight of the event, so that the event was launched by the users enthusiastically, and even a number of consumers because of these giveaways to choose to shop and place orders on the platform of the small Elephant Supermarket.

output

While it is true that marketing activities will attract a group of new and old users, they will inevitably also attract a group of non-targeted customers woolgathering. In addition to the attrition that may be brought about by ordinary users woolgatheringOnce campaigns become the target of blackmail attention, their use of automated tools to place orders on a large scale will cause unforeseen financial losses to the platform.This situation creates a serious business security threat for those instant delivery platforms with e-commerce attributes.

Traditional solution - SMSCAPTCHA, a type of challenge-response test (computing)

In order to avoid problems such as financial losses, platforms will choose to address malicious registrations, logins and orders placed on the platform by means of SMS verification codes. The SMS verification code is distributed to the user's cell phone through the generated number, and the real name system uses the cell phone number to ensure that the user operates in person. However, with the change of the social status quo and the development of technology, the disadvantages of SMS verification code are gradually revealed ......

Cons of SMS CAPTCHA

Generally, account verification via SMS verification code requires 3-4 complicated steps, such as "manually inputting cell phone number", "waiting for verification SMS", "inputting verification numbers", etc., which often takes up to 15 seconds of the user's time in the process. The process often takes up to 15 seconds of the user's time. In the fast-paced era, consumers' demand for delivery time on instant delivery platforms is usually less than 30 minutes, and viewers even have to watch dramas at double speed. The complexity of the SMS verification code verification steps and the long verification time consume the patience of users, which will cause them to give up the verification, thus affecting the conversion rate of the platform's users.
640

In addition to the complex verification process, users can not receive the verification code SMS, SMS arrival delay after the verification of the time limit also occurs frequently, because of the bad experience caused by the users of the things are not a few. At this point, the platform not only needs to spend manpower to deal with the relevant problems, but also in the long run will have a negative impact on the brand image of the enterprise.

640-(1)

640-(1)

If the experience of using SMS CAPTCHA may just make users become annoyed, it is enough to deliver a heavy blow when security issues occur.
What happens if blackmail has both a user's platform account and cell phone number?
--minor number theft, or asset theft.
In recent years, there has been a kind of black production modus operandi for SMS verification code, "SMS sniffing". Using the tools composed of computer, cell phone and RF antenna of "channel sniffing" machine, the black production can easily get the cell phone number and SMS verification code of the snooped people. SMS snooping to a short period of time users will receive a large number of SMS verification code as a form of expression, in the user seems to be a large number of SMS bombardment is a kind of disturbance, to be found by the user account is stolen, assets are stolen, the relevant platform will be implicated.
640-(2)

GSM sms sniffing

Thus, it seems that the step of receiving the SMS verification code is the most criticized step.The solution then is to optimize this step to bring a convenient experience to the user while ensuring the security of the verification process.It is necessary to obtain the official authorization of the three major carriers, Mobile, Unicom and Telecom, to solve the above problems, combined with the carrier's underlying SIM card recognition capabilities, fused into the "three-network native authentication capabilities," will once 15 seconds to complete the cell phone SMS authentication, theShorten to 1 second of local authentication, help the platform to optimize the authentication process, help the platform every pull new, promote the operation of the activities of livethat also effectively boosts user conversion rates for at least 20%.

This article is from a contribution, does not represent the position of the Chief Security Officer, if reproduced, please specify the source: https://cncso.com/en/the-risks-of-the-on-demand-delivery-industry-html

Like (2)
Previous March 5, 2024 at 6:15 pm
Next March 18th, 2024 at 8:20 am