Good afternoon friends.
We will devote today's blog to a technical topic: how we protect our messenger from the ill-wishers.
Gem4me, just like any popular application, is constantly under attack. Basically, these attacks are of two types. The first are DDOS, in which activity is artificially created in the messenger. Users perceive this attack as slowing down the application, and if the attack is very strong, the application freezes. The second type of attack is the creation of additional text messaging traffic. The main problem here is that message traffic is paid, and if you do not stop this attack in time, you can lose a fairly significant amount of money.
In order to protect against both types of attacks, we have implemented three levels of protection.
1. Google ReCaptcha. This is Google's standard system for securing websites and applications.
2. Black / White list. Using a self-written algorithm, we analyze the activity of each user in real time and, based on the rating system, add users to the Black and White lists. Users added to the "black list" temporarily or permanently (depending on the circumstances) lose the ability to use the messenger.
3. Unique one-time identifier for each SMS request. This identifier is generated every time anew for each user, and it is also encrypted. The encryption algorithm and mechanism are known only to our development team. Thus, the likelihood that someone else will be able to decipher it tends to zero.
Thus, we are already protected from a large number of attacks, but this does not mean that we will stop paying attention to the security and safety of our messenger. By the end of the year, we plan to develop functionality to manage user sessions and add encryption of all data.
Stay in touch!