Fraud Protection
CodeSCE watches for abusive behavior — bots creating invoices, cards being tested, scripts scraping the catalog — and slows it down with temporary blocks. The guiding rule: limits are generous, and the fraud layer never blocks an honest purchase or download.
How it works (in brief)
The system tracks behavioral counters keyed on account and IP address over short time windows. Exceeding a threshold triggers a temporary cooldown (HTTP 429 with a Retry-After telling the client when to try again). Counters and blocks are shared across servers when available and fall back to local tracking otherwise.
Identity signals, not device fingerprinting
CodeSCE's abuse detection keys on your account and IP plus behavioral velocity — it does not build a hidden browser/device fingerprint. Per-buyer content tracing is handled separately by Watermarking.
Purchase abuse
Applied when creating a payment invoice:
- Rapid invoicing (per account) — too many invoices in a short window triggers a cooldown. Browsing and buying several modules is fine; machine-gun invoice creation isn't.
- Per-IP invoicing — a wider limit per IP (sized for shared networks like offices and campuses) blocks account-rotation bots.
- Repeated payment failures — a run of failed or expired payments (a classic card-testing signature) triggers a cooldown. A successful payment resets the failure count, so a user who simply mistimed one invoice never accumulates a penalty.
Download scraping
Applied when issuing download links, after ownership is confirmed:
- Total downloads (per account) — an hourly ceiling that's far above what any real buyer needs.
- Distinct modules (per account) — downloading many different modules in an hour is the signature of catalog scraping, so that's capped separately. Re-downloading the same module as many times as you like is not penalized.
- Per-IP downloads — a wider hourly limit per IP catches distributed scraping.
Trip any of these and downloads pause for a cooldown period.
Re-downloading is always free
The limits target breadth (grabbing the whole catalog), not repetition. Pulling your own purchased module again never counts against you.
IP-anomaly flagging
If one account downloads from several different IPs in a short window — a possible sign of credential sharing or distributed scraping — CodeSCE flags and logs it for review. It deliberately does not block on this signal, because legitimate users switch networks all the time (mobile ↔ Wi-Fi, VPNs, carrier-grade NAT). This is a monitoring signal, not a gate.
Fail-open by design
The fraud layer is a protective wrapper, and it's built so its own errors never cost a sale. If the tracking backend is unavailable, checks degrade toward letting honest traffic through rather than blocking it — abuse control should never be more expensive than the transaction it guards.
Next step
Finally, see how payments themselves are verified: Payment Verification →.