How to prevent malicious clicks on SMS verification codes

1. Scenarios or websites prone to malicious use

Online voting stations (mobile phone number required for verification)

User online registration page (including Mobile phone SMS verification function)

Mobile SMS dynamic password login

2. Ways to maliciously click on mobile phone SMS verification codes

The main ways for users to maliciously click on mobile phone SMS verification codes are: There are two ways, one is manual frequent clicking; the other is continuous clicking through software. In terms of harm, continuous clicking on software is much more harmful.

3. Methods to prevent users from maliciously clicking SMS verification codes

How to prevent SMS interface verification codes from being maliciously clicked? If a user maliciously clicks on the SMS verification code, it will not only increase the company's operating costs, but also have a very bad impact on the company's image (usually text messages will carry the company's signature), so this behavior must be prevented. At present, prevention The main methods include the following aspects:

SMS sending interval setting - Set the time interval for repeated sending of the same number, generally set to 60-120 seconds

IP limitation - According to According to your own business characteristics, set the maximum sending volume of each IP per day

Mobile phone number limitation—According to the business characteristics, set the maximum sending volume of each mobile phone number per day

Process limitation— —Divide mobile phone SMS verification and username and password setting into two steps. After the user successfully sets the username and password, the next step is to perform mobile phone SMS verification, and the verification can only be performed after obtaining a successful receipt of the first step.

Bind the graphic verification code - Bind the graphic verification code and the mobile phone verification code, which can effectively prevent malicious registration of software.