E-Commerce Security

Huawei offers a security solution that ensures data privacy and full-stack security protection for e-commerce customers.
Solution Advantages
  • Data Security and Privacy

    Customers around the world trust Huawei to keep their data safe and secure. Huawei strives to maintain data privacy and never accesses nor profits from data without customers' knowledge.

  • Expert Assurance

    HUAWEI CLOUD experts are on standby 24/7 to offer assistance during key e-commerce events.

  • Data Protection

    DBSS works with other security services to offer multi-level security protection for cloud-based data.

  • Health Check

    Huawei's security experts can identify more than 10 types of potential security risks and provide suggestions for protecting against them.

Business Challenges
  • Data Theft and Leaks

    As a core asset of any e-commerce business, data is the target of malicious attacks. If data is leaked, businesses can expect profit losses and perhaps even a public relations crisis. The diversity and complexity of attacks have challenged data security protection in e-commerce.

  • DDoS and CC Attacks

    Hackers initiate complex attacks and they change up the composition all the time. They mount attacks using a large number of "zombies" and try to saturate connections with heavy traffic attacks. These attacks cause denial of service for websites. Consequently, e-commerce businesses may lose millions and many customers could fall away (especially during sales and promotional events).

  • E-Commerce Fraud

    Fraudulent e-commerce activity skews competition among merchants and consequently compromises consumer benefits. If not addressed, fraud can severely hinder the development of e-commerce businesses.

  • Mobile App Risks

    Mobile apps are a critical component of any sizeable e-commerce operation as consumers want access on the go. Unfortunately, these apps also open up many vulnerabilities. Hackers use app decompilation to detect code vulnerabilities and analyze business logic for opportunities to attack. As a result, app protection has been a challenge for the e-commerce industry.

Typical Scenarios
  • Data Protection

  • DDoS and CC Protection

  • E-Commerce Fraud Prevention

  • Mobile App Security

Data Protection

Multi-layer Protection Through DBSS and Other Security Services

  1. Data Layer: Database Security Service (DBSS) and Data Encryption Workshop (DEW)

    DBSS protects cloud databases from attacks by leveraging reverse proxy and machine learning technologies as well as functions such as sensitive data discovery, database auditing, and injection prevention. Integrated with basic cloud services such as OBS, EVS, and IMS, DEW provides tenants with highly reliable hardware encryption to ensure the security data in the cloud.

  2. Host Layer: Host Security Service (HSS)

    HSS offers comprehensive hacking protection for hosts, including account cracking prevention, weak password detection, malicious program detection, and web tampering protection.

  3. Application Layer: Web Application Firewall (WAF) and Vulnerability Scan Service (VSS)

    WAF examines all HTTP/HTTPS requests to detect and block attacks such as SQL injections, XSS, Trojan horses, and vulnerability exploits. This keeps websites stable and secure and prevents data leaks. VSS periodically detects website vulnerabilities and provides suggestions on security hardening.

  4. Expert Service: Security Expert Service (SES)

    In collaboration with industry authorities in information security, SES performs comprehensive system health checks to detect vulnerabilities. After each health check, professional reports and suggestions are generated.

  5. Related Services

    Database Security Service

    Data Encryption Workshop

    Host Security Service

    Web Application Firewall

    Vulnerability Scan Service

    Manage Detection Response

DDoS and CC Protection

Defense Against Heavy-Traffic DDoS and CC Attacks

  1. Advanced Anti-DDoS (AAD)

    Compared to traditional protection, Advanced Anti-DDoS is more secure and reliable in that it hides origin servers and provides elastic bandwidth for protection services. Advanced Anti-DDoS also supports automatic attack detection and policy matching and can protect servers in real time, allowing cleaned traffic to be distributed in a fast and stable manner.

  2. Web Application Firewall (WAF)

    WAF uses IP addresses and cookie-based, human-machine identification technologies to defend against CC attacks. WAF also examines web requests to block OWASP Top 10 attacks

  3. Related Services

    Advanced Anti-DDoS

    Web Application Firewall

E-Commerce Fraud Prevention

Data Risk Control Solution Helps Identify Fraudulent Actions Such as Manipulation of Sales Numbers and Junk Registrations

  1. E-Commerce Data Risk Control

    To help eliminate e-commerce fraud, Huawei cooperates with professional risk control vendors to provide risk control solutions. These solutions, through protection object-oriented policies, help protect both online buyers and merchants from e-commerce fraud.

  2. Buyers

    Risk control policies are used for such key operations as login and transaction payments to filter malicious actions like fake registration and account theft. Consumers can shop with full confidence that their info is always secure.

  3. Merchants

    Risk control policies are used for such key operations as marketing activities and order placement. Malicious actions like fake transactions and manipulation of sales numbers can be identified. In this way, the interests of all legitimate participants are ensured, helping build a fair and healthy e-commerce ecosystem.

Mobile App Security

Prevention of Malicious App Cracking and Client Forgery

  1. Mobile Security Ecosystem

    In collaboration with multiple professional mobile security service providers, HUAWEI CLOUD ensures the full-lifecycle security of mobile apps, preventing threats such as app decompilation and client forgery.

Solution Architectures


With the e-commerce industry specifically in mind, Huawei provides security services to ensure data privacy and full-stack protection.


  • Data security and privacy
  • Multi-level data security protection
  • E-commerce fraud prevention
  • Mobile app security
Key Event Assurance


To facilitate key e-commerce events (such as major promotions), HUAWEI CLOUD experts design personalized monitoring and contingency plans. These plans take into account customers' specific network architecture, time period, and service type.


  • Proactive pre-inspection and contingency plans
  • Priority assistance and expert teams
  • Dedicated assurance and on-site assistance
Recommended Services
  • Database Security Service
    DBSS protects cloud databases from attacks by leveraging reverse proxy and machine learning technologies as well as functions such as sensitive data discovery, database auditing, and injection prevention.
  • Web Application Firewall
    Bolstered by Huawei's years of defensive expertise, WAF is able to meticulously filter HTTP(s) requests, ensuring network stability, while protecting against attacks and data leaks.
  • Manage Detection Response
    SES is a manual "expert" service provided jointly by Huawei and third-party information security authorities to help you uncover security risks in your systems. SES offers risk removal suggestions and tailors security solutions to your websites.

Create an Account and Experience HUAWEI CLOUD for Free

Register Now