With the rapid development of the open Internet system, the application and expansion of electronic commerce has greatly changed people's work and lifestyles. As a new form of business method, electronic commerce has brought manufacturing enterprises, logistics enterprises, consumers and governments into a new era of network economy and digital life. Under an environment of electronic commerce, people no longer suffer from territory limitations, and clients can easily complete commercial activities that were complicated in the past. For example, funds can be deposited into and withdrawn from accounts via online banking, and information can be inquired at any time. Meanwhile, the quality of customer service of enterprises has been greatly enhanced.
In electronic commerce, security is a crucial and key issue. Identifying a security risk in an electronic commerce transaction timely and accurately is the basis of guaranteeing a secure transaction of an electronic commerce system. A process of identifying a security risk in a transaction is a process that identifies a security risk that may pose a potential threat to the transaction through collection of information such as various types of threats, bugs and related countermeasures, etc.
When identifying a transaction risk, an existing electronic commerce system sets up a rule according to a property of an event behavior, and identifies whether a risk exists in each transaction based on the rule. For example, a transaction risk may be identified based on a property associated with a transaction amount. Specifically, since a normal transaction amount for users is less than three hundred dollars, a risk is said to exist in a transaction if an amount associated with the transaction is greater than three hundred dollars.
In the above method for identifying a transaction risk, a rule that is set up is easy to be discovered, and malicious users can sidestep the rule easily. At that time, a transaction risk may not be effectively identified.