Techniques for providing a risk control method and device for resolving the issue of low application software security are described. A transaction request is received from a first user, and the transaction request comprises transaction data, data identifying the first user, and data identifying a second user. An attribute of the first user is determined from the data identifying the first user. An attribute of the second user is identified using the data identifying the second user. In response to the attribute of the first user being determined and the attribute of the second user being identified, an attribute similarity between the first user and the second user is determined. The attribute similarity is compared to a threshold. In response to determining the attribute similarity is less than the threshold, a notification is transmitted to the first user requesting a confirmation of the identified attribute of the second user.