Gate said that, regarding the recent customer theft incident, after analysis by its technical team, the Alipay screen-recording footage can only be made by the customer themselves or by someone who can access the customer’s Alipay account. Gate added that Alipay has an extremely strict real-time risk control system, and if there is a login from a device or IP address that is not used frequently, Alipay will forcibly require multi-factor authentication. Gate stated that the core risk points exposed by this incident are that the customer’s external real-name information, Alipay account, and device permissions have been leaked and then illegally obtained and exploited by third parties.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 3
  • Repost
  • Share
Comment
Add a comment
Add a comment
GateUser-7df43e29
· 5h ago
The leak of user device permissions is a critical point; many phishing methods now first take control of your phone.
View OriginalReply0
ReefUnderTheAurora
· 5h ago
The core risk is the leakage of externally collected real-name information, which suggests that criminal “underground” industry actors already have a complete data chain.
View OriginalReply0
RecedingTideReflection
· 5h ago
Alipay's risk control is so strict, yet accounts are still being stolen. Where exactly does the problem lie?
View OriginalReply0
  • Pinned