September 6 top Image technology launched the first wechat small program security solution in China. The scheme can effectively prevent account, interaction, transaction, information and other risks, and ensure the safety of 1.5 million small programs. After the program was released, the customer service department received a large number of consultation calls and messages. We’ve picked the top 10 most asked questions.

Q: What is the effect of thumbprint of applets on preventing hacking?

A: Black production generally adopts equipment multi-open, equipment simulation and other ways to carry out garbage registration, wool pulling and other behaviors, top image small program device fingerprint can judge the uniqueness of equipment, can be very efficient to identify whether these equipment is multi-open, simulation and other behaviors.

Q: Will fingerprint of applets cause personal information leakage?

A: No. Small program device fingerprint only generates device IDS based on device information and determines risks at the device level, without involving user identity and other privacy information.

Q: What are the advantages of applets over traditional captcha?

A: 1. The verification code of small program only needs users to slide gently, without thinking or input, which makes the experience better.

2, small program verification code for man-machine and malicious behavior recognition rate of 98%, can effectively block black production.

3, small program verification code integrated code confusion encryption services, effectively prevent hackers crack tampering.

Q: How does the top image captcha determine man-machine behavior?

A: 1. Operating environment detection: Detect user equipment, network environment and other information, and timely find abnormal operating environment.

2. Track model detection: detect abnormal track, abnormal track time, track replay and other information, and effectively identify machine simulation track, track recording and other means. Even if successful in a short time, it is quickly covered by the abnormal points detected by the model strategy clustering.

3. Association detection: carry out association detection on IP, equipment, validation failure, validation times and other information to effectively identify abnormal association in a short time and control the frequency of black ash production attempts.

Q: Is it as complicated as captcha access?

A: You only need to follow the following steps to easily access:

1, in the applets management background “Settings – third-party services – plug-in management” search for “top image”, and then associate the top image applets verification code.

2. Go to the official website of Top Image technology to register and obtain the application key of verification code.

3, according to the example, access the applets.

Q: What validation modes can be selected for top Image applets captchas?

A: Two modes are available: Intelligent non-inductive mode: The system collects environment information and verifies it automatically. Secure users do not need to perform any operation. Strong verification mode: Forces the user to complete authentication each time.

Q: How is the top image applets obfuscation service used?

A: First, the AST is obtained after semantic analysis of the source code; The AST is then obfuscated by the obfuscation engine to produce a new AST. Furthermore, the new AST results in the final obfuscated code after syntactic restoration and compression.

Q: What’s the difference between top like applets obfuscating encryption services and common Uglify?

A: Uglify is A JS code compression tool. Its main purpose is to reduce file size. Although it has A certain obfuscating function, it is weak. The top like small program code obfuscation encryption service is specifically optimized for obfuscation, with much improved anti-cracking and restore capabilities.

Q: What if you want to improve the security of small programs, but you don’t know what the security problem is?

A: In this case, you can use the top image penetration testing service for small programs. Top Image’s security engineers conduct in-depth security tests to identify the weakest links in an application, simulating a hacker attack.

Q: What risks can be detected through penetration testing of the top image?

A: Can discover security problems at network, system, host and application levels, including but not limited to content vulnerabilities, activity vulnerabilities, order vulnerabilities, interface vulnerabilities, payment vulnerabilities, injection attacks, cross-site scripting attacks, server request forgery, error information disclosure and other problems.