A good open source project risk control engine (Radar)

On October 16, 2022October 23, 2022

A lightweight real-time risk control engine based on Java language, built using frameworks such as Springboot + Mongodb + Groovy + Es, suitable for anti-fraud application scenarios, minimalist configuration, and truly out-of-the-box. Through the study of this project, you can quickly understand the definition of risk, then quantify the risk, and finally achieve the purpose of centralized risk management. A real-time risk analysis engine,which can update risk rule in real-time and make it effective immediately. It applies to the anti-fraud application perfectly. The project code called Radar, like the code, monitor the transaction at the back.

Real-time risk control, special scenarios can achieve response within 100ms

Visual rule editor, rich operators, flexible calculation rules

Support Chinese, easier to use

Customize the rule engine to be more flexible and support complex and changeable scenarios

Plug-in design for fast access to other data capability platforms

NoSQL, easy to scale, high performance

Simple to configure and ready to use right out of the box!

With the rapid development of the mobile Internet, the rapid rise of the wool party, from one platform to another platform, where a chicken feather, this is not the most terrible, the ensuing black production makes most Internet applications afraid, usually the benefits of the newly launched APP are relatively large, the risk control system is not perfect, the frequency of BUG is found is relatively high, the black industry uses BUG for a short time to bring huge losses to the platform, a lot of (100 yuan test coupon, a loss of millions of Ws overnight) is an example. In response to this phenomenon, having a real-time risk control engine is the top priority of all apps with financial nature, and Radar came into being. Radar predecessor is the author’s former company’s internal research project, due to many reasons the project commercialization failure, considering the value of the project itself, abandonment of pity, now use Springboot for reconstruction, delete a lot of localization functions, only retain the risk control engine core, more versatile, more lightweight, low secondary development costs, open source out, I hope to bring some help to you who have risk control needs.

We know that after the enterprise becomes bigger, there will be many product lines, and almost every product needs to do risk control, usually we are writing the logic of risk control in the corresponding business function code, a large number of repeated risk control logic code coupled in our business logic, with the accumulation of time, the code will become extremely complex, will cause huge labor costs and risks to the later maintenance.

Therefore, the centralized management of risk is imperative, only through a unified management platform, the use of rule engines, the use of visual configuration, the platform management of different products of risk control strategy is a better way, and this is Radar’s original intention.

Front and back end separation architecture

Back-end technical framework: SpringBoot + Mybatis + tkMapper + Mysql + MongoDB + Redis + Groovy + ES + Swagger

Front-end technology framework: React (SPA)

Springboot: The author is born in Java, and choosing Springboot is a matter of course, convenient for yourself, and convenient for other Java users to extend.

Mybatis + tkMapper: A persistence layer framework, tkMapper provides mapper generic template functionality to reduce duplicate code generation.

Mysql : A relational database in this project, which is mainly used to store meta information for risk models.

MongoDB: Used to store events JSON, providing basic statistical calculations (e.g. max, min, sum, avg,), complex statistical concepts (sd,variance, etc…). ) is calculated in memory.

ES: Provides data query and rule hit reporting services.

Redis: Provides caching support, and Engine uses the publish-subscribe feature to listen for updates to relevant configurations on the management side

Groovy: Rules engine, risk control rules finally generate groovy scripts, real-time editing, dynamic generation, instant effect.

Swagger: Rest API Management

There are a large number of pictures in the manual, in order to facilitate the use of domestic users, so the recommended code cloud wiki link, https://gitee.com/freshday/radar/wikis/manual

Through the management side, you can quickly understand the entire workflow of how the system is from the definition of risk to the quantification of risk to the centralized management of risk. For a better experience, please take a minute to watch the User Guide Demo URL: https://www.riskengine.cn recommend that you register yourself to avoid interference with using the same test account.

WIKI: https://gitee.com/freshday/radar/wikis/home?sort_id=1637444