30 May 2022

Deploying Digital Risk on Cloudflare

Deploying Digital Risk on Cloudflare: Making Real Time Risk Decisions at the Edge a Reality

In Q2 2022, Darwinium released an integration via CloudFlare Workers. This enables any Cloudflare customer to quickly deploy Darwinium and receive the benefits of a holistic security and downstream fraud Solution immediately. The benefit of Cloudflare workers for Darwinium is that they can be executed in Rust, compiled to Web Assembly, are super scalable and run with very low latency.

Getting Honey From Worker Bees

Darwinium is a fraud and security platform designed to run at the network edge. Through Darwinium, businesses can build risk-based assessments across an entire customer web-journey including dynamic injection of JavaScript and API calls, as well as being able to uniquely tailor that user’s experience. Darwinium bridges the gap between security, fraud and abuse solutions by helping businesses understand customer intent, from the packet to the person.

Darwinium is deployed at the network edge. This means that Content Delivery Networks (CDNs) represent an ideal deployment point allowing businesses to maintain their load balancing strategies without impacting end-users.

Darwinium’s real-time engine (built in Rust) utilizes web assembly (WASM) and web assembly script for rules and machine learning execution. Darwinium itself can be hosted or deployed in a Kubernetes cluster in a business’s Virtual Private Cloud (VPC).

On 13th March 2018, Cloudflare announced a new service called Workers, which allow anyone to deploy JavaScript code to Cloudflare’s CDN. This new serverless offering runs on the same widespread global cloud network and provides a lightweight execution environment for new and existing applications, making them fast, reliable, and scalable at the network edge.

Serverless is an interesting proposition and the hype around it has died down in the last 5 years. There are certainly pros and cons for this approach. For DevOps, this gave us infrastructure as code. Darwinium is looking toward the next stage in this process: integration as code where services and applications become part of the automated process that deploys infrastructure.

Cloudflare Workers Key Features

  • Scaling Automatically – No requirement for the application builder to configure auto-scaling, load balancing and paying for unused capacity.
  • Global Network – Powered by Cloudflare’s global network with a 10ms latency.
  • Language – Templated for JavaScript, Rust and C++
  • No Cold Starts – Instantly run code without cold starts
  • Streaming API – Cloudflare provides a powerful streaming ‘Fetch’ API which allows for unlimited body sizes, while maintaining excellent latency characteristics.
  • Storage – Cloudflare provides 3 different persistent storage layers, each with their own characteristics.

Why is this Amazing?

In April 2022, Darwinium released its integration via Cloudflare Workers. This enables Cloudflare customers to quickly deploy Darwinium.

Cloudflare essentially allows Darwinium to write a reverse proxy in JavaScript with a streaming API, like a web browser that leverages CloudFlare’s CDN network.

An interesting limitation for the Darwinium engineers is the total deployed image in CloudFlare Workers must be within 1MB to work at the edge. The team developed a stripped-down version of Darwinium that handles processing in Rust with the ability to call the Darwinium real-time engine and the WASM decisioning functions.

In terms of the detail, Darwinium engineers removed all data loading code from the edge. Instead, source code is generated automatically for each user web journey. This means no loading time to respond to a request and no bulky code to deal with parsing configuration/reporting errors. Darwinium Engineers also re-factored the body-parsing system to fit in with the Cloudflare streaming system. This effectively re-engineered the way Darwinium works.

Originally Darwinium was set up to stream data from the network, run it through functions and send the results to another stream. With a Cloudflare integration, Darwinium is built in a way that it expects to be called multiple times, taking a ‘frame’ of data each time. It then immediately returns a frame of other data. This change allows Darwinium to apply more than one rule to each stream of data, allowing custom parsers to run sequentially on the same page.

Key Darwinium Differentiators (now available via Cloudflare)

Customer Intelligent – Contextualise fraud and abuse intelligence from the packet-to-the-person. Darwinium can inject its own or third-party device profiling JavaScript collecting a huge volume of device signals including behavioral biometrics. Darwinium can also risk-assess content such as images and text. Darwinium image and text similarity allows fuzzy matching for this type of content. This is well suited to abuse use cases – for example looking for malicious images, spam, and other abusive content.

Tailored Journeys – Darwinium is founded on a key concept around profiling user journeys rather than point-in-time interactions. Data mapping directly from the request/response bodies allows Darwinium to dynamically add or remove friction in a customer journey, based on historic and in-session click-stream behavior.

Distributed Orchestration – Bringing data science to the edge, Darwinium features, and models can be built via drag and drop feature editors and integrated notebooks. These features can be propagated across a business’s estate helping multiple business units meaning that Fraud, Security, Abuse, Credit Risk and Marketing and Customer Experience teams can have access to the same single view of the end user.

Decision Control – Models run-when-ready, meaning as soon as the data is available, they execute throughout the customer journey. This allows dynamic strategies based on the business’s risk appetite and executed in real-time.

Darwinium also complements Cloudflare’s newer managed challenge service designed to replace CAPTCHA as a blanket service to detect bots. Darwinium feature enrichment services can further enhance decisions on when and how to challenge a user, by further understanding downstream behavior.

Now, Darwinium customers can enjoy the full functionality of Darwinium including utilizing request/response bodies, profiling large amounts of device data and using this data to make dynamic decisions during a user web journey, all from a 1MB Cloudflare Edge Worker. We think this is truly amazing.


Written by Ben Davey

Share:

  • Share to Facebook
  • Share to Twitter
  • Share to LinkedIn