CN103279883B - Electronic-payment transaction risk control method and system - Google Patents
Electronic-payment transaction risk control method and system Download PDFInfo
- Publication number
- CN103279883B CN103279883B CN201310157140.5A CN201310157140A CN103279883B CN 103279883 B CN103279883 B CN 103279883B CN 201310157140 A CN201310157140 A CN 201310157140A CN 103279883 B CN103279883 B CN 103279883B
- Authority
- CN
- China
- Prior art keywords
- payment transaction
- electronic payment
- transaction request
- pending parameter
- risk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present invention provides a kind of Electronic-payment transaction risk control method and system, and the present invention is by being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, then obtain pending parameter from transaction data and it is saved to cache table, according to the White List that pending parameter search is preset, and according to the Black List that pending parameter search is preset, and according to pending parameter acquiring the historical trading data associated and the verification rule preset, whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, under the prerequisite that can drop into reducing cost and do not reveal company and subscriber computer confidential information, reduce and prevent the loss of company in electronic transaction risk.
Description
Technical field
The present invention relates to a kind of Electronic-payment transaction risk control method and system.
Background technology
Electric payment transaction is the indispensable integral part of electronic business web site system. It is mainly through Electronic information network, it may also be useful to the information transmission media of safety, and the currency adopting the mode of digitizing to carry out between electronic account pays and fund circulation. Rely on advanced computer techno-stress hardware, and the ecommerce software in electronic information technical field is as its main technical support. And risk control system is as the main security mechanism of security in electronic transactions, mainly through to synchronizing information collection in electronic information technical field; Data intelligence modeling analysis; Automatically-monitored segmentation field such as grade carries out research to realize correlation function.
Current e-commerce website generally has software and hardware system and the maintenance management flow process of ripe safety; Between client and trade company, trade company and financial institution also by special line or between public network use safety electronic transaction agreement (SET) achieve automated communication safely and efficiently. For ctrip.com, inner data analysis display, causes the major cause of swindle or abnormal trade loss to be day by day serious sensitive electron information leakage.
Real credit card information, the account certificate information maliciously forged or be stolen all can make the safety verification mechanism failure in existing electronic transaction pattern. (such as credit card effective period, CVV2 checking etc.) once there is this type of situation, trade company often needs to undertake serious financial loss. And the security measures of financial institution generally exists hysteresis quality, aftermath also needs trade company to drop into very high manpower and time cost, often gets half the result with twice the effort, enterprise profit is had a negative impact.
In this context, by gathering fraudulent trading information in the industry, set up electric payment transaction risk model database by data modeling technology, and provide business-like transaction risk anticipation system just to arise at the historic moment.
Such as, namely payment card transaction risk control service supplier RetailDecisions (ReD) leading in the world provides this series products (ReDShield).This type of technology can share service supplier adds up more timely known fraud information, and provide risk class to mark in its model framework for client. But use this kind of mode also to there is obvious defect:
This type of wind control model needs provides detailed user sensitive information and order information as data supporting, no matter adopt which kind of encryption mode, also there is the risk of extensive information leakage in frequent transmission this type of information between public network, and the core business data of secret will be in unknown uncontrollable state.
The wind control model that service provider provides has industry universality. In other words, the risk score accuracy rate of specific industry can not be reached optimization; The business change that stable model structure also differs and meets trade company's fast and flexible surely, and link up maintenance cost height.
What international service quality was corresponding is international expenses standard, and the wind control business of straddle is also no small burden concerning the low rate of profit of domestic e-commerce venture, is unfavorable for that enterprise promotes industry competition power.
Summary of the invention
It is an object of the invention to provide a kind of Electronic-payment transaction risk control method and system, it is possible to reduce cost drop into and do not reveal company and subscriber computer confidential information prerequisite under, reduce and the loss of prevention company in electronic transaction risk.
For solving the problem, the present invention provides a kind of Electronic-payment transaction risk control method, comprising:
It is corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal;
Judge that whether described format conversion is successful,
If success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, the Black List then preset according to described pending parameter search, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request,
If unsuccessful, then return unsuccessfully abnormal information.
Further, in the above-mentioned methods, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information.
Further, in the above-mentioned methods, described White List, Black List and verification rule adjust according to the result audited by or refuse.
Further, in the above-mentioned methods, whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then auditing by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Described pending parameter is divided into multiple Information Dimension degree;
Obtain corresponding verification rule and historical trading data according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree;
Grading result according to all dimension degree obtains result of finally grading, and judges whether described pending parameter meets described verification rule according to described final grading result,
If meeting, then audit by described electronic payment transaction request;
If not meeting, then refuse described electronic payment transaction request.
Further, in the above-mentioned methods, judge whether described pending parameter meets described verification rule according to described final grading result, if meeting, then auditing by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Result of finally grading is divided into low risk, risk and excessive risk third gear;
When described final grading result is low risk, examination & verification is by described electronic payment transaction request;
When described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request;
When described final grading result is excessive risk, refuse described electronic payment transaction request.
Another side according to the present invention, it is provided that a kind of electric payment transaction risk control system, comprises Web service interface, for being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request, if unsuccessful, then return unsuccessfully abnormal information.
Further, in said system, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information.
Further, in said system, also comprise Web service module, for described White List, Black List and verification rule being adjusted according to the result audited by or refuse.
Further, in said system, described Web service interface, for described pending parameter is divided into multiple Information Dimension degree, corresponding verification rule and historical trading data are obtained according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree, grading result according to all dimension degree obtains result of finally grading, and judge whether described pending parameter meets described verification rule according to described final grading result, if meeting, then audit by described electronic payment transaction request; If not meeting, then refuse described electronic payment transaction request.
Further, in said system, described Web service interface, for result of finally grading is divided into low risk, risk and excessive risk third gear, when described final grading result is low risk, examination & verification is by described electronic payment transaction request, when described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request, when described final grading result is excessive risk, refuse described electronic payment transaction request.
Compared with prior art, the present invention is by being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request, if unsuccessful, then return unsuccessfully abnormal information, it is possible to reduce cost drop into and do not reveal company and subscriber computer confidential information prerequisite under, reduce and the loss of prevention company in electronic transaction risk.
Accompanying drawing explanation
Fig. 1 is the schematic diagram of the electric payment transaction risk control system of one embodiment of the invention;
Fig. 2 is the interaction figure of the electric payment transaction risk control system of one embodiment of the invention;
Fig. 3 is the White List processing flow chart of one embodiment of the invention;
The verification rule that Fig. 4 is one embodiment of the invention safeguards sequential chart;
Fig. 5 is wind control human users's sequential chart of one embodiment of the invention;
Fig. 6 is the schema of one embodiment of the invention Electronic-payment transaction risk control method.
Embodiment
For enabling above-mentioned purpose, the feature and advantage of the present invention more become apparent, below in conjunction with the drawings and specific embodiments, the present invention is further detailed explanation.
Embodiment one
As shown in Figure 1, the present invention also provides another kind of electric payment transaction risk control system, comprises Web service interface and Web service module.
Web service interface, for being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List (trusting in list) that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, as fed back the information of low risk, if described pending parameter is miss described White List, according to the Black List (distrust list) that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request,If the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request; If unsuccessful, then return unsuccessfully abnormal information. Concrete, described Web service interface can by above-mentioned examination & verification by, refuse or return unsuccessfully abnormal synchronizing information or asynchronous evaluation result fed back to client terminal. Concrete, Web service interface is in e-commerce order generative process, certain flow points between electric payment transaction information has confirmed but actual initiation is concluded the business provides the transaction auditing information with anticipation character as the decision-making foundation distinguishing that malicious falsehood is concluded the business, the payment information analysis verification that can carry out high-performance, can expand, submit to offer on the timing node of order to be close to the real-time automatic analytical results of wind control (each asks the time of response to be first less than 500ms at business order; Support concurrent), and terminate risky transaction in time. Concrete, as shown in Figure 3, carrying out in White List verification, Cache buffer memory technology can be adopted, decreasing the mutual cost with database, judge whether current White List rule buffer memory exists, obtaining if there is not then accessing database, if also rule cannot be obtained in real time from database server, then directly pass back through. Black List checking process and White List are completely the same, and only rule is different. Judge whether that meeting described verification rule is comprise fault-tolerant processing, as incomplete in there is no buffer memory or checking parameter, then skip to next rule and continue verification, do not affect overall auditing flow.
Preferably, by lasting image data and establishment data association model, constantly update the characteristic having fraudulent trading risk extracted in advance, to provide the data model of one group of Continuous optimization and the verification rule containing different risk safety valve value, the information such as the user collected, order, account, product are utilized to carry out sufficient comprehensive descision, obtain a relative more reliable transaction risk grading with this, as far as possible accurately fraudulent trading is identified in advance.
In one embodiment of the invention, Web service interface and Web service module can by, in the different Web server clusters being independently deployed in same Intranet (Intranet), the physical database special by share and access same (group) realizes above-mentioned main function.
In one embodiment of the invention, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information, such as information such as user, order, account, products. Concrete, that can set up industry-leading, authoritative payment fraud database of information sources, and on the predefined action information of all business orders, supplier products information, user profile, payment information basis, set up the fraud information related network having multiple correlation inquiry dimension degree, it is convenient to wind control personnel and can be searched the history that may there is similarity by the user profile of input, card information or even predetermined history behavioural information and swindle record.
Web service module, for adjusting described White List, Black List and verification rule according to the result audited by or refuse. Concrete, as shown in Figure 4, described Web service module also can be used for simplation verification, verification rule query, increases newly, revises, deletes, verifies rule issue maintenance, and support wind control personnel inquiry historical trading data, artificially modifying's risk class etc., upgrade to realize verifying the timely maintenance of rule, such as, the rule simulation that rule configuration flexibly unifies response fast can be provided; In auxiliary lower tachytely and the real-time release realizing verification rule of professional, can keeping the high hit accuracy rate of swindle rule, after have employed the system of this present embodiment in air ticket business, fraud loss can decline 2 orders of magnitude;Compare with the same industry, swindle leading 1 order of magnitude of the same trade of order incidence. As shown in Figure 5, wind control personnel carry out the manual intervention of risk class scoring by Web service module, mainly comprise log in, nullify, inquire about, process, the function such as work allocation, it is achieved the inquiry of centering risk score grade, analysis and intervention process. In addition, for promoting manual operation efficiency, system provides workload and automatically distributes function, it is possible to pending wind control record is evenly distributed to operator on duty and processes separately in list.
In one embodiment of the invention, described Web service interface, for described pending parameter is divided into multiple Information Dimension degree, such as card information, user profile, IP information, order information etc., corresponding verification rule and historical trading data are obtained according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree, grading result according to all dimension degree obtains result of finally grading, and judge whether described pending parameter meets described verification rule according to described final grading result, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request. concrete, multiple Information Dimension degree is found the risk rating rule that can match, the rule grading that each is matched can be recorded in grading result detail, and final grading result can draw from grading is detailed by certain algorithm. some situation may be the maximum value getting detailed score value, it is also possible to detailed score value does complicated weight summation.
Optionally, described Web service interface, for result of finally grading is divided into low risk, risk and excessive risk third gear, when described final grading result is low risk, examination & verification is by described electronic payment transaction request; When described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request, namely allow follow-up artificial adjustment risk class grade, and to client terminal offer state synchronized notification service; When described final grading result is excessive risk, refuse described electronic payment transaction request. Concrete, the manual handling platform that function is abundant can be set up; Carry out in artificial wind control grading ruling process professional, it is provided that abundant various dimensions related information retrieval and history swindle case inquiry function, help wind control staff to decide controversial wind control result as far as possible accurately. Such as, final grading result is divided into 0-99 low risk, 100-199 risk, 200+ excessive risk Three Estate. Excessive risk and low risk are the accurate results that existing model is judged, can not artificially change, and after feeding back to client terminal, business flow process can continue circulation immediately, and it is interval that the wind control result of more than 90% is in this. Risk is then the transaction that rule judgment may be risky, is also the data to model modification most worthy, and wind control personnel analyze the final wind control result of ruling by artificial, and are that analyzing samples carrys out update rule as data.
The present embodiment can in the service such as online air ticket, hotel, tourist service field, reduce cost drop into and do not reveal company and subscriber computer confidential information prerequisite under, reduce and the loss of prevention company in electronic transaction risk.
As illustrated in fig. 1 and 2, mutual object is occurred to include but not limited to electric payment transaction risk control system in the network environment of reality: outward prod line, each product line payment platform (air ticket, hotel, spend a holiday), automated payment system (POS), automatically Timing Processing trigger (timer), Rulemaking personnel, wind control order operator, third party (DeviceID information supplier) and business intelligence portion (historical statistics information supplier) etc.
In one embodiment of the invention, the WebService based on SOA framework that outward prod line, each product line payment platform, automatically Timing Processing trigger, automated payment system provide by calling electric payment transaction risk control system serves the data interaction realized with wind Ore-controlling Role. Rulemaking person, wind control personnel are then that the Web site visualized operation platform based on ASP.NET establishment provided by electric payment transaction risk control system realizes the data interaction with electric payment transaction risk control system.
Electric payment transaction risk control system can adopt server cluster and load balancing technology in physics deployment scheme, so that the independent stability performance of electric payment transaction risk control system is excellent, concrete visual business scale realizes horizontal behavior extension fast.
Traditional transaction risk control system generally only focus on by certain rule to business system acquisition to this transaction information carry out examination & verification verification, generally can not comprise historical statistics information and DeviceID information, Rulemaking is simple and not configurable, often need to carry out two times for specific risk behavior or rule to safeguard, check results is generally simple Logic judgment, not only it is difficult to meet business to the requirement of check results accuracy, may be tackled some on the contrary may successfully conclude the business by mistake, reduce transaction probability of transaction.
Detailed, the present embodiment promotes the verification accuracy rate of electric payment transaction risk control system by multiple preset regular modeling method. First it is expand verification information data source, retain the request information that each client terminal sends to electric payment transaction risk control system, the information item being wherein high weight with statistical model sets up data association mechanism, is ensureing to have greatly expanded under high performance prerequisite between the sample region of rule verification; And in service platform, the information element of excessive risk grading can be selected according to passing case by Rulemaking personnel, artificial setting Black List information list; Also use advanced client-side information identification data and the operation behavior of user is carried out modeling location, from the angle of predefined action assessment transaction risk; More by rule simulation function periodical evaluation rule accuracy, according to merit change, rule can be made adjustment in time. Therefore, the present invention can be embedded in business transaction flow closely as tradition wind Ore-controlling Role, under the prerequisite not affecting transaction flow transfer efficient, it is provided that accuracy is higher, expresses the risk rating result that implication is abundanter.
In sum, the present embodiment under minimizing cost input and the prerequisite not revealing company and subscriber computer confidential information, can reduce and prevent the loss of company in electronic transaction risk.
Embodiment two
As shown in Figure 6, the present invention provides a kind of Electronic-payment transaction risk control method, comprising:
The format conversion of the pending electronic payment transaction request of client terminal is corresponding transaction data according to business type by step S1;
Step S2, judges that whether described format conversion is successful, if success, then forwards step S3 to, if unsuccessful, then forward step S8 to;
Step S3, obtains pending parameter from described transaction data and is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then forward step S4 to, if the miss described White List of described pending parameter, then forward step S5 to;
Step S4, examination & verification is by described electronic payment transaction request;
Step S5, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then forward step S6 to, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then forward step S4 to;
Step S6, according to the historical trading data of described pending parameter acquiring association and default verification rule, and according to historical trading data with whether pending parameter described in the verification rule judgment preset meets described verification rule, if meeting, then forward step S4 to, if not meeting, then step S7;
Step S7, refuses described electronic payment transaction request;
Step S8, returns unsuccessfully abnormal information.
In one embodiment of the invention, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information.
In one embodiment of the invention, described White List, Black List and verification rule adjust according to the result audited by or refuse.
Optionally, whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audits by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Described pending parameter is divided into multiple Information Dimension degree;
Obtain corresponding verification rule and historical trading data according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree;
Grading result according to all dimension degree obtains result of finally grading, and judges whether described pending parameter meets described verification rule according to described final grading result,
If meeting, then audit by described electronic payment transaction request;
If not meeting, then refuse described electronic payment transaction request.
Preferably, judging whether described pending parameter meets described verification rule according to described final grading result, if meeting, then auditing by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Result of finally grading is divided into low risk, risk and excessive risk third gear;
When described final grading result is low risk, examination & verification is by described electronic payment transaction request;
When described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request;
When described final grading result is excessive risk, refuse described electronic payment transaction request.
Other detailed content of embodiment two specifically see embodiment one, can not repeat them here.
The present invention is by being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request,If the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request; If unsuccessful, then return unsuccessfully abnormal information, it is possible to reduce cost drop into and do not reveal company and subscriber computer confidential information prerequisite under, reduce and the loss of prevention company in electronic transaction risk.
In this specification sheets, each embodiment adopts the mode gone forward one by one to describe, and what each embodiment emphasis illustrated is the difference with other embodiments, between each embodiment identical similar portion mutually see. For system disclosed in embodiment, owing to corresponding to the method disclosed in Example, so what describe is fairly simple, relevant part illustrates see method part.
Professional can also recognize further, the unit of each example described in conjunction with embodiment disclosed herein and algorithm steps, can realize with electronic hardware, computer software or the combination of the two, in order to the interchangeableness of hardware and software is clearly described, generally describe composition and the step of each example in the above description according to function. These functions perform with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme. Each specifically can should be used for using different methods to realize described function by professional and technical personnel, but this kind realizes should not thinking the scope exceeding the present invention.
Obviously, invention can be carried out various change and modification and not depart from the spirit and scope of the present invention by the technician of this area. Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these change and modification.
Claims (10)
1. an Electronic-payment transaction risk control method, it is characterised in that, comprising:
It is corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal;
Judge that whether described format conversion is successful,
If success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, the Black List then preset according to described pending parameter search, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request,
If unsuccessful, then return unsuccessfully abnormal information.
2. Electronic-payment transaction risk control method as claimed in claim 1, it is characterised in that, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information.
3. Electronic-payment transaction risk control method as claimed in claim 1, it is characterised in that, described White List, Black List and verification rule adjust according to the result audited by or refuse.
4. Electronic-payment transaction risk control method as claimed in claim 1, it is characterized in that, whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Described pending parameter is divided into multiple Information Dimension degree;
Obtain corresponding verification rule and historical trading data according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree;
Grading result according to all dimension degree obtains result of finally grading, and judges whether described pending parameter meets described verification rule according to described final grading result,
If meeting, then audit by described electronic payment transaction request;
If not meeting, then refuse described electronic payment transaction request.
5. Electronic-payment transaction risk control method as claimed in claim 4, it is characterized in that, judge whether described pending parameter meets described verification rule according to described final grading result, if meeting, then audit by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Result of finally grading is divided into low risk, risk and excessive risk third gear;
When described final grading result is low risk, examination & verification is by described electronic payment transaction request;
When described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request;
When described final grading result is excessive risk, refuse described electronic payment transaction request.
6. an electric payment transaction risk control system, it is characterised in that, comprise Web service interface, for being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request, if unsuccessful, then return unsuccessfully abnormal information.
7. electric payment transaction risk control system as claimed in claim 6, it is characterised in that, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information.
8. electric payment transaction risk control system as claimed in claim 6, it is characterised in that, also comprise Web service module, for described White List, Black List and verification rule being adjusted according to the result audited by or refuse.
9. electric payment transaction risk control system as claimed in claim 6, it is characterized in that, described Web service interface, for described pending parameter is divided into multiple Information Dimension degree, corresponding verification rule and historical trading data are obtained according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree, grading result according to all dimension degree obtains result of finally grading, and judge whether described pending parameter meets described verification rule according to described final grading result, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request.
10. electric payment transaction risk control system as claimed in claim 9, it is characterized in that, described Web service interface, for result of finally grading being divided into low risk, risk and excessive risk third gear, when described final grading result is low risk, examination & verification is by described electronic payment transaction request, when described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request, when described final grading result is excessive risk, refuse described electronic payment transaction request.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310157140.5A CN103279883B (en) | 2013-05-02 | 2013-05-02 | Electronic-payment transaction risk control method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310157140.5A CN103279883B (en) | 2013-05-02 | 2013-05-02 | Electronic-payment transaction risk control method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103279883A CN103279883A (en) | 2013-09-04 |
| CN103279883B true CN103279883B (en) | 2016-06-08 |
Family
ID=49062390
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310157140.5A Active CN103279883B (en) | 2013-05-02 | 2013-05-02 | Electronic-payment transaction risk control method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103279883B (en) |
Families Citing this family (68)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103714456B (en) * | 2014-01-06 | 2015-08-19 | 同济大学 | Software action monitoring verification system |
| CN104050562A (en) * | 2014-06-20 | 2014-09-17 | 上海动联信息技术股份有限公司 | Card swiping device obtaining method based on mobile phone audio communication |
| CN104408646A (en) * | 2014-11-28 | 2015-03-11 | 北京京东尚科信息技术有限公司 | Method and device for promotion rule of disposable commodity |
| CN105791331A (en) * | 2014-12-15 | 2016-07-20 | 阿里巴巴集团控股有限公司 | Business processing method and device |
| CN106295382B (en) * | 2015-05-20 | 2019-06-14 | 阿里巴巴集团控股有限公司 | A kind of Information Risk preventing control method and device |
| CN105989537A (en) * | 2015-07-01 | 2016-10-05 | 盛立金融软件开发(杭州)有限公司 | Security and financial derivative transaction risk control system and risk control method |
| CN106355405A (en) * | 2015-07-14 | 2017-01-25 | 阿里巴巴集团控股有限公司 | Method and device for identifying risks and system for preventing and controlling same |
| CN106484590B (en) * | 2015-09-02 | 2019-06-18 | 阿里巴巴集团控股有限公司 | Data verification method and device |
| CN111404887B (en) | 2015-11-02 | 2023-03-10 | 创新先进技术有限公司 | Service processing method and device |
| CN105354735A (en) * | 2015-11-03 | 2016-02-24 | 云智造电子商务(北京)有限公司 | Platform system for Internet supply chains and transaction method |
| CN105678455A (en) * | 2016-01-05 | 2016-06-15 | 上海瀚银信息技术有限公司 | Method and system for monitoring transaction risk |
| CN107153942B (en) * | 2016-03-02 | 2021-02-26 | 北京京东尚科信息技术有限公司 | Method for dynamically configuring and checking blacklist |
| CN111507638B (en) * | 2016-03-25 | 2024-03-05 | 创新先进技术有限公司 | Risk information output and risk information construction method and device |
| CN107563757B (en) | 2016-07-01 | 2020-09-22 | 阿里巴巴集团控股有限公司 | Data risk identification method and device |
| CN106157007A (en) * | 2016-07-13 | 2016-11-23 | 山西特信环宇信息技术有限公司 | The application platform of a kind of coin of concluding the business and method |
| CN107645482B (en) * | 2016-07-22 | 2020-08-07 | 创新先进技术有限公司 | Risk control method and device for business operation |
| CN107644340A (en) | 2016-07-22 | 2018-01-30 | 阿里巴巴集团控股有限公司 | Risk Identification Method, client device and risk recognition system |
| CN106372178A (en) * | 2016-08-30 | 2017-02-01 | 中国民生银行股份有限公司 | Transaction file processing method and device as well as server |
| CN106447333A (en) * | 2016-11-29 | 2017-02-22 | 中国银联股份有限公司 | Fraudulent trading detection method and server |
| CN107798448A (en) * | 2016-12-15 | 2018-03-13 | 平安科技(深圳)有限公司 | The determination methods and device of black list user |
| CN106815725B (en) * | 2016-12-30 | 2021-02-02 | 中国银联股份有限公司 | Transaction verification method and device |
| CN108305134B (en) * | 2017-01-13 | 2022-07-29 | 阿里巴巴集团控股有限公司 | Safety detection method, equipment and system for air ticket order |
| CN107316134A (en) * | 2017-06-16 | 2017-11-03 | 深圳乐信软件技术有限公司 | A kind of risk control method, device, server and storage medium |
| CN107527287A (en) * | 2017-08-29 | 2017-12-29 | 深圳市分期乐网络科技有限公司 | A kind of risk control method and device |
| CN107886293A (en) * | 2017-09-30 | 2018-04-06 | 平安科技(深圳)有限公司 | Electronic installation, outsourcing service provider employ method and storage medium selectively |
| CN107886431A (en) * | 2017-10-18 | 2018-04-06 | 上海瀚银信息技术有限公司 | Financial air control system based on big data and artificial intelligence |
| CN107944976A (en) * | 2017-12-15 | 2018-04-20 | 康成投资(中国)有限公司 | Online order checking method |
| CN108154368A (en) * | 2017-12-26 | 2018-06-12 | 阿里巴巴集团控股有限公司 | A kind of detection method, device and the equipment of resource risk |
| CN108234644A (en) * | 2017-12-29 | 2018-06-29 | 北京乐盟互动科技有限公司 | The control method and device of business risk |
| CN108280182B (en) * | 2018-01-23 | 2021-06-04 | 马上消费金融股份有限公司 | Examination and approval method and system for flexibly applying internal lists |
| CN112258178B (en) * | 2018-01-23 | 2024-01-26 | 创新先进技术有限公司 | Binding method of payment card, trust evaluation method, device and electronic equipment |
| CN110120964B (en) * | 2018-02-07 | 2022-07-08 | 北京三快在线科技有限公司 | User behavior monitoring method and device and computing equipment |
| CN108305012A (en) * | 2018-02-11 | 2018-07-20 | 深圳市快付通金融网络科技服务有限公司 | A kind of air control regulation obtaining method and device |
| CN108549815B (en) * | 2018-04-02 | 2021-08-20 | 郑州云海信息技术有限公司 | White list library management system and method |
| CN108537671A (en) * | 2018-04-27 | 2018-09-14 | 广州品唯软件有限公司 | A kind of transaction risk appraisal procedure and system |
| CN108960058B (en) * | 2018-05-31 | 2019-12-03 | 平安科技(深圳)有限公司 | Invoice method of calibration, device, computer equipment and storage medium |
| CN108764239B (en) * | 2018-05-31 | 2020-07-24 | 平安科技(深圳)有限公司 | Invoice verification method and device, computer equipment and storage medium |
| CN108985553B (en) * | 2018-06-05 | 2023-08-29 | 中国平安人寿保险股份有限公司 | Abnormal user identification method and equipment |
| CN109064175B (en) * | 2018-06-11 | 2022-08-12 | 创新先进技术有限公司 | Account embezzlement risk prevention and control method and device |
| CN109214908A (en) * | 2018-07-06 | 2019-01-15 | 深圳市买买提信息科技有限公司 | A kind of monitoring method and relevant apparatus |
| CN109063985B (en) * | 2018-07-18 | 2022-04-29 | 创新先进技术有限公司 | Business risk decision method and device |
| CN109359809A (en) * | 2018-09-03 | 2019-02-19 | 中国平安人寿保险股份有限公司 | Task distribution method, system, computer equipment and storage medium |
| CN110930102B (en) * | 2018-09-19 | 2023-05-23 | 优信拍(北京)信息科技有限公司 | Payment method, device and system |
| EP3657419A1 (en) * | 2018-11-23 | 2020-05-27 | Mastercard International Incorporated | Transaction system cache management |
| CN109615389A (en) * | 2018-12-15 | 2019-04-12 | 深圳壹账通智能科技有限公司 | Electronic-payment transaction risk control method, device, server and storage medium |
| CN109769218A (en) * | 2018-12-26 | 2019-05-17 | 中国银联股份有限公司 | A kind of Notice Of Transactions method, apparatus, terminal device and medium |
| CN109794066A (en) * | 2018-12-28 | 2019-05-24 | 广州卓动信息科技有限公司 | Game payment means of defence, equipment, medium and system based on big data |
| CN109784934A (en) * | 2019-03-14 | 2019-05-21 | 浙江鲸腾网络科技有限公司 | A kind of transaction risk control method, apparatus and relevant device and medium |
| CN110147997A (en) * | 2019-04-16 | 2019-08-20 | 深圳壹账通智能科技有限公司 | Data processing method, device, equipment and storage medium |
| CN112101691A (en) * | 2019-06-18 | 2020-12-18 | 创新先进技术有限公司 | Method and device for dynamically adjusting risk level and server |
| CN110298665A (en) * | 2019-06-18 | 2019-10-01 | 四川商通实业有限公司 | Orientation payment off-line trading blacklist management system and method |
| CN110458571B (en) * | 2019-07-05 | 2023-06-02 | 创新先进技术有限公司 | Risk identification method, device and equipment for information leakage |
| CN110648216A (en) * | 2019-09-03 | 2020-01-03 | 中国建设银行股份有限公司 | Wind control method and device |
| CN110827032B (en) * | 2019-09-26 | 2021-08-03 | 支付宝(杭州)信息技术有限公司 | Intelligent wind control decision method and system and service processing method and system |
| CN110782143B (en) * | 2019-10-15 | 2022-05-06 | 支付宝(杭州)信息技术有限公司 | Data processing method and device |
| CN111126976B (en) * | 2019-12-23 | 2023-11-03 | 成都同创佳联科技有限公司 | Digital asset transaction anomaly monitoring method, device and system |
| CN111105215A (en) * | 2019-12-24 | 2020-05-05 | 广州华熙汇控小额贷款有限公司 | Supply chain financial intelligent approval method and system |
| CN111277465A (en) * | 2020-01-20 | 2020-06-12 | 支付宝(杭州)信息技术有限公司 | Abnormal data message detection method and device and electronic equipment |
| CN111260236A (en) * | 2020-01-20 | 2020-06-09 | 上海瀚银信息技术有限公司 | Risk control system and method |
| CN111681005A (en) * | 2020-05-06 | 2020-09-18 | 支付宝(杭州)信息技术有限公司 | Data interaction method and device and electronic equipment |
| CN113065865A (en) * | 2020-07-31 | 2021-07-02 | 开鑫金服(南京)信息服务有限公司 | Abnormal transaction identification method and system |
| CN112101810A (en) * | 2020-09-23 | 2020-12-18 | 中国建设银行股份有限公司 | Risk event control method, device and system |
| CN112270541A (en) * | 2020-10-27 | 2021-01-26 | 广州助蜂网络科技有限公司 | Transaction wind control management method, device, equipment and system |
| CN112966940A (en) * | 2021-03-09 | 2021-06-15 | 数贸科技(北京)有限公司 | Transaction wind control processing system, method, computing device and storage medium |
| CN113034129B (en) * | 2021-03-22 | 2022-04-15 | 深圳市亚飞电子商务有限公司 | Payment method, device and system based on electronic commerce |
| CN114418571B (en) * | 2022-01-18 | 2022-11-15 | 新疆亚欧国际物资交易中心有限公司 | Transaction data rapid auditing and checking method |
| CN116664238A (en) * | 2023-06-02 | 2023-08-29 | 北京科码先锋互联网技术股份有限公司 | Retail industry risk order auditing management method and system |
| CN116664138A (en) * | 2023-07-21 | 2023-08-29 | 上海富友支付服务股份有限公司 | Wind control method and system based on dynamic control in third party payment |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101706937A (en) * | 2009-12-01 | 2010-05-12 | 中国建设银行股份有限公司 | Method and system for monitoring electronic bank risks |
-
2013
- 2013-05-02 CN CN201310157140.5A patent/CN103279883B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101706937A (en) * | 2009-12-01 | 2010-05-12 | 中国建设银行股份有限公司 | Method and system for monitoring electronic bank risks |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103279883A (en) | 2013-09-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103279883B (en) | Electronic-payment transaction risk control method and system | |
| CN104202339B (en) | A kind of across cloud authentication service method based on user behavior | |
| CN103875015A (en) | Multi-factor identity fingerprinting with user behavior | |
| CN105204922B (en) | A kind of data acquisition platform client acquisition method | |
| CN107341619A (en) | A kind of bid information acquisition system and method | |
| CN106779278A (en) | The evaluation system of assets information and its treating method and apparatus of information | |
| CN104424595A (en) | Tax administration monitoring method and tax administration monitoring system thereof | |
| CN102833111B (en) | A kind of visual HTTP data monitoring and managing method and device | |
| CN104408587A (en) | Government project management information system | |
| CN102005010A (en) | Credit standing database maintenance method based on credit standing management system | |
| CN112036995A (en) | Large-scale enterprise financial data management method and system based on block chain and readable storage medium | |
| JP2019125336A (en) | Risk evaluation analysis method using risk evaluation analysis system | |
| US20180342015A1 (en) | An electronic security system and method for investment transaction | |
| CN107808285A (en) | A kind of method of payment, equipment and computer-readable recording medium | |
| CN113034000A (en) | Wind control processing method and device, computing equipment and storage medium | |
| KR20160056304A (en) | A Computer Apparatus for Providing Customized Consulting | |
| CN111415067A (en) | Enterprise and personal credit rating system | |
| KR101927578B1 (en) | System for providing enterprise information and method | |
| CN110913397A (en) | Short message verification method and device, storage medium and computer equipment | |
| CN112308698B (en) | WeChat end loan product management method and system supporting second-level legal person | |
| KR101971087B1 (en) | Displaying method for market sentiment index information and online stock dealing service system | |
| CN107240043A (en) | Intellectual property service management platform system | |
| CN111667283B (en) | Personal credit investigation system based on block chain | |
| US20100042446A1 (en) | Systems and methods for providing core property review | |
| KR20140146255A (en) | Method for managing customer for marketing of finance and system using the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20160205 Address after: 200335 Shanghai city Changning District Admiralty Road No. 968 Building No. 16 10 floor Applicant after: SHANGHAI XIECHENG BUSINESS CO., LTD. Address before: 200335 Shanghai Changning District Fuquan Road No. 99 Applicant before: Ctrip computer technology (Shanghai) Co., Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180418 Address after: 201203 Shanghai, China (Shanghai) free trade trial area 302, 518 Po Bo Road. Patentee after: Ctrip Travel Information Technology (Shanghai) Co., Ltd. Address before: 200335 Shanghai city Changning District Admiralty Road No. 968 Building No. 16 10 floor Patentee before: SHANGHAI XIECHENG BUSINESS CO., LTD. |