Deploying Digital Risk on Cloudflare: Making Real Time Risk Decisions at the Edge a Reality
In Q2 2022, Darwinium released an integration via CloudFlare Workers. This enables any Cloudflare customer to quickly deploy Darwinium and receive the benefits of a holistic security and downstream fraud Solution immediately. The benefit of Cloudflare workers for Darwinium is that they can be executed in Rust, compiled to Web Assembly, are super scalable and run with very low latency.
Getting Honey From Worker Bees
Darwinium is deployed at the network edge. This means that Content Delivery Networks (CDNs) represent an ideal deployment point allowing businesses to maintain their load balancing strategies without impacting end-users.
Darwinium’s real-time engine (built in Rust) utilizes web assembly (WASM) and web assembly script for rules and machine learning execution. Darwinium itself can be hosted or deployed in a Kubernetes cluster in a business’s Virtual Private Cloud (VPC).
Serverless is an interesting proposition and the hype around it has died down in the last 5 years. There are certainly pros and cons for this approach. For DevOps, this gave us infrastructure as code. Darwinium is looking toward the next stage in this process: integration as code where services and applications become part of the automated process that deploys infrastructure.
Cloudflare Workers Key Features
- Scaling Automatically – No requirement for the application builder to configure auto-scaling, load balancing and paying for unused capacity.
- Global Network – Powered by Cloudflare’s global network with a 10ms latency.
- No Cold Starts – Instantly run code without cold starts
- Streaming API – Cloudflare provides a powerful streaming ‘Fetch’ API which allows for unlimited body sizes, while maintaining excellent latency characteristics.
- Storage – Cloudflare provides 3 different persistent storage layers, each with their own characteristics.
Why is this Amazing?
In April 2022, Darwinium released its integration via Cloudflare Workers. This enables Cloudflare customers to quickly deploy Darwinium.
An interesting limitation for the Darwinium engineers is the total deployed image in CloudFlare Workers must be within 1MB to work at the edge. The team developed a stripped-down version of Darwinium that handles processing in Rust with the ability to call the Darwinium real-time engine and the WASM decisioning functions.
In terms of the detail, Darwinium engineers removed all data loading code from the edge. Instead, source code is generated automatically for each user web journey. This means no loading time to respond to a request and no bulky code to deal with parsing configuration/reporting errors. Darwinium Engineers also re-factored the body-parsing system to fit in with the Cloudflare streaming system. This effectively re-engineered the way Darwinium works.
Originally Darwinium was set up to stream data from the network, run it through functions and send the results to another stream. With a Cloudflare integration, Darwinium is built in a way that it expects to be called multiple times, taking a ‘frame’ of data each time. It then immediately returns a frame of other data. This change allows Darwinium to apply more than one rule to each stream of data, allowing custom parsers to run sequentially on the same page.
Key Darwinium Differentiators (now available via Cloudflare)
Tailored Journeys – Darwinium is founded on a key concept around profiling user journeys rather than point-in-time interactions. Data mapping directly from the request/response bodies allows Darwinium to dynamically add or remove friction in a customer journey, based on historic and in-session click-stream behavior.
Distributed Orchestration – Bringing data science to the edge, Darwinium features, and models can be built via drag and drop feature editors and integrated notebooks. These features can be propagated across a business’s estate helping multiple business units meaning that Fraud, Security, Abuse, Credit Risk and Marketing and Customer Experience teams can have access to the same single view of the end user.
Decision Control – Models run-when-ready, meaning as soon as the data is available, they execute throughout the customer journey. This allows dynamic strategies based on the business’s risk appetite and executed in real-time.
Darwinium also complements Cloudflare’s newer managed challenge service designed to replace CAPTCHA as a blanket service to detect bots. Darwinium feature enrichment services can further enhance decisions on when and how to challenge a user, by further understanding downstream behavior.
Now, Darwinium customers can enjoy the full functionality of Darwinium including utilizing request/response bodies, profiling large amounts of device data and using this data to make dynamic decisions during a user web journey, all from a 1MB Cloudflare Edge Worker. We think this is truly amazing.