Electronic-payment transaction risk control method and system
Technical field
The present invention relates to a kind of Electronic-payment transaction risk control method and system.
Background technology
Electric payment transaction is the indispensable integral part of electronic business web site system. It is mainly through Electronic information network, it may also be useful to the information transmission media of safety, and the currency adopting the mode of digitizing to carry out between electronic account pays and fund circulation. Rely on advanced computer techno-stress hardware, and the ecommerce software in electronic information technical field is as its main technical support. And risk control system is as the main security mechanism of security in electronic transactions, mainly through to synchronizing information collection in electronic information technical field; Data intelligence modeling analysis; Automatically-monitored segmentation field such as grade carries out research to realize correlation function.
Current e-commerce website generally has software and hardware system and the maintenance management flow process of ripe safety; Between client and trade company, trade company and financial institution also by special line or between public network use safety electronic transaction agreement (SET) achieve automated communication safely and efficiently. For ctrip.com, inner data analysis display, causes the major cause of swindle or abnormal trade loss to be day by day serious sensitive electron information leakage.
Real credit card information, the account certificate information maliciously forged or be stolen all can make the safety verification mechanism failure in existing electronic transaction pattern. (such as credit card effective period, CVV2 checking etc.) once there is this type of situation, trade company often needs to undertake serious financial loss. And the security measures of financial institution generally exists hysteresis quality, aftermath also needs trade company to drop into very high manpower and time cost, often gets half the result with twice the effort, enterprise profit is had a negative impact.
In this context, by gathering fraudulent trading information in the industry, set up electric payment transaction risk model database by data modeling technology, and provide business-like transaction risk anticipation system just to arise at the historic moment.
Such as, namely payment card transaction risk control service supplier RetailDecisions (ReD) leading in the world provides this series products (ReDShield).This type of technology can share service supplier adds up more timely known fraud information, and provide risk class to mark in its model framework for client. But use this kind of mode also to there is obvious defect:
This type of wind control model needs provides detailed user sensitive information and order information as data supporting, no matter adopt which kind of encryption mode, also there is the risk of extensive information leakage in frequent transmission this type of information between public network, and the core business data of secret will be in unknown uncontrollable state.
The wind control model that service provider provides has industry universality. In other words, the risk score accuracy rate of specific industry can not be reached optimization; The business change that stable model structure also differs and meets trade company's fast and flexible surely, and link up maintenance cost height.
What international service quality was corresponding is international expenses standard, and the wind control business of straddle is also no small burden concerning the low rate of profit of domestic e-commerce venture, is unfavorable for that enterprise promotes industry competition power.
Summary of the invention
It is an object of the invention to provide a kind of Electronic-payment transaction risk control method and system, it is possible to reduce cost drop into and do not reveal company and subscriber computer confidential information prerequisite under, reduce and the loss of prevention company in electronic transaction risk.
For solving the problem, the present invention provides a kind of Electronic-payment transaction risk control method, comprising:
It is corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal;
Judge that whether described format conversion is successful,
If success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, the Black List then preset according to described pending parameter search, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request,
If unsuccessful, then return unsuccessfully abnormal information.
Further, in the above-mentioned methods, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information.
Further, in the above-mentioned methods, described White List, Black List and verification rule adjust according to the result audited by or refuse.
Further, in the above-mentioned methods, whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then auditing by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Described pending parameter is divided into multiple Information Dimension degree;
Obtain corresponding verification rule and historical trading data according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree;
Grading result according to all dimension degree obtains result of finally grading, and judges whether described pending parameter meets described verification rule according to described final grading result,
If meeting, then audit by described electronic payment transaction request;
If not meeting, then refuse described electronic payment transaction request.
Further, in the above-mentioned methods, judge whether described pending parameter meets described verification rule according to described final grading result, if meeting, then auditing by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Result of finally grading is divided into low risk, risk and excessive risk third gear;
When described final grading result is low risk, examination & verification is by described electronic payment transaction request;
When described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request;
When described final grading result is excessive risk, refuse described electronic payment transaction request.
Another side according to the present invention, it is provided that a kind of electric payment transaction risk control system, comprises Web service interface, for being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request, if unsuccessful, then return unsuccessfully abnormal information.
Further, in said system, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information.
Further, in said system, also comprise Web service module, for described White List, Black List and verification rule being adjusted according to the result audited by or refuse.
Further, in said system, described Web service interface, for described pending parameter is divided into multiple Information Dimension degree, corresponding verification rule and historical trading data are obtained according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree, grading result according to all dimension degree obtains result of finally grading, and judge whether described pending parameter meets described verification rule according to described final grading result, if meeting, then audit by described electronic payment transaction request; If not meeting, then refuse described electronic payment transaction request.
Further, in said system, described Web service interface, for result of finally grading is divided into low risk, risk and excessive risk third gear, when described final grading result is low risk, examination & verification is by described electronic payment transaction request, when described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request, when described final grading result is excessive risk, refuse described electronic payment transaction request.
Compared with prior art, the present invention is by being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request, if unsuccessful, then return unsuccessfully abnormal information, it is possible to reduce cost drop into and do not reveal company and subscriber computer confidential information prerequisite under, reduce and the loss of prevention company in electronic transaction risk.
Accompanying drawing explanation
Fig. 1 is the schematic diagram of the electric payment transaction risk control system of one embodiment of the invention;
Fig. 2 is the interaction figure of the electric payment transaction risk control system of one embodiment of the invention;
Fig. 3 is the White List processing flow chart of one embodiment of the invention;
The verification rule that Fig. 4 is one embodiment of the invention safeguards sequential chart;
Fig. 5 is wind control human users's sequential chart of one embodiment of the invention;
Fig. 6 is the schema of one embodiment of the invention Electronic-payment transaction risk control method.
Embodiment
For enabling above-mentioned purpose, the feature and advantage of the present invention more become apparent, below in conjunction with the drawings and specific embodiments, the present invention is further detailed explanation.
Embodiment one
As shown in Figure 1, the present invention also provides another kind of electric payment transaction risk control system, comprises Web service interface and Web service module.
Web service interface, for being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List (trusting in list) that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, as fed back the information of low risk, if described pending parameter is miss described White List, according to the Black List (distrust list) that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request,If the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request; If unsuccessful, then return unsuccessfully abnormal information. Concrete, described Web service interface can by above-mentioned examination & verification by, refuse or return unsuccessfully abnormal synchronizing information or asynchronous evaluation result fed back to client terminal. Concrete, Web service interface is in e-commerce order generative process, certain flow points between electric payment transaction information has confirmed but actual initiation is concluded the business provides the transaction auditing information with anticipation character as the decision-making foundation distinguishing that malicious falsehood is concluded the business, the payment information analysis verification that can carry out high-performance, can expand, submit to offer on the timing node of order to be close to the real-time automatic analytical results of wind control (each asks the time of response to be first less than 500ms at business order; Support concurrent), and terminate risky transaction in time. Concrete, as shown in Figure 3, carrying out in White List verification, Cache buffer memory technology can be adopted, decreasing the mutual cost with database, judge whether current White List rule buffer memory exists, obtaining if there is not then accessing database, if also rule cannot be obtained in real time from database server, then directly pass back through. Black List checking process and White List are completely the same, and only rule is different. Judge whether that meeting described verification rule is comprise fault-tolerant processing, as incomplete in there is no buffer memory or checking parameter, then skip to next rule and continue verification, do not affect overall auditing flow.
Preferably, by lasting image data and establishment data association model, constantly update the characteristic having fraudulent trading risk extracted in advance, to provide the data model of one group of Continuous optimization and the verification rule containing different risk safety valve value, the information such as the user collected, order, account, product are utilized to carry out sufficient comprehensive descision, obtain a relative more reliable transaction risk grading with this, as far as possible accurately fraudulent trading is identified in advance.
In one embodiment of the invention, Web service interface and Web service module can by, in the different Web server clusters being independently deployed in same Intranet (Intranet), the physical database special by share and access same (group) realizes above-mentioned main function.
In one embodiment of the invention, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information, such as information such as user, order, account, products. Concrete, that can set up industry-leading, authoritative payment fraud database of information sources, and on the predefined action information of all business orders, supplier products information, user profile, payment information basis, set up the fraud information related network having multiple correlation inquiry dimension degree, it is convenient to wind control personnel and can be searched the history that may there is similarity by the user profile of input, card information or even predetermined history behavioural information and swindle record.
Web service module, for adjusting described White List, Black List and verification rule according to the result audited by or refuse. Concrete, as shown in Figure 4, described Web service module also can be used for simplation verification, verification rule query, increases newly, revises, deletes, verifies rule issue maintenance, and support wind control personnel inquiry historical trading data, artificially modifying's risk class etc., upgrade to realize verifying the timely maintenance of rule, such as, the rule simulation that rule configuration flexibly unifies response fast can be provided; In auxiliary lower tachytely and the real-time release realizing verification rule of professional, can keeping the high hit accuracy rate of swindle rule, after have employed the system of this present embodiment in air ticket business, fraud loss can decline 2 orders of magnitude;Compare with the same industry, swindle leading 1 order of magnitude of the same trade of order incidence. As shown in Figure 5, wind control personnel carry out the manual intervention of risk class scoring by Web service module, mainly comprise log in, nullify, inquire about, process, the function such as work allocation, it is achieved the inquiry of centering risk score grade, analysis and intervention process. In addition, for promoting manual operation efficiency, system provides workload and automatically distributes function, it is possible to pending wind control record is evenly distributed to operator on duty and processes separately in list.
In one embodiment of the invention, described Web service interface, for described pending parameter is divided into multiple Information Dimension degree, such as card information, user profile, IP information, order information etc., corresponding verification rule and historical trading data are obtained according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree, grading result according to all dimension degree obtains result of finally grading, and judge whether described pending parameter meets described verification rule according to described final grading result, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request. concrete, multiple Information Dimension degree is found the risk rating rule that can match, the rule grading that each is matched can be recorded in grading result detail, and final grading result can draw from grading is detailed by certain algorithm. some situation may be the maximum value getting detailed score value, it is also possible to detailed score value does complicated weight summation.
Optionally, described Web service interface, for result of finally grading is divided into low risk, risk and excessive risk third gear, when described final grading result is low risk, examination & verification is by described electronic payment transaction request; When described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request, namely allow follow-up artificial adjustment risk class grade, and to client terminal offer state synchronized notification service; When described final grading result is excessive risk, refuse described electronic payment transaction request. Concrete, the manual handling platform that function is abundant can be set up; Carry out in artificial wind control grading ruling process professional, it is provided that abundant various dimensions related information retrieval and history swindle case inquiry function, help wind control staff to decide controversial wind control result as far as possible accurately. Such as, final grading result is divided into 0-99 low risk, 100-199 risk, 200+ excessive risk Three Estate. Excessive risk and low risk are the accurate results that existing model is judged, can not artificially change, and after feeding back to client terminal, business flow process can continue circulation immediately, and it is interval that the wind control result of more than 90% is in this. Risk is then the transaction that rule judgment may be risky, is also the data to model modification most worthy, and wind control personnel analyze the final wind control result of ruling by artificial, and are that analyzing samples carrys out update rule as data.
The present embodiment can in the service such as online air ticket, hotel, tourist service field, reduce cost drop into and do not reveal company and subscriber computer confidential information prerequisite under, reduce and the loss of prevention company in electronic transaction risk.
As illustrated in fig. 1 and 2, mutual object is occurred to include but not limited to electric payment transaction risk control system in the network environment of reality: outward prod line, each product line payment platform (air ticket, hotel, spend a holiday), automated payment system (POS), automatically Timing Processing trigger (timer), Rulemaking personnel, wind control order operator, third party (DeviceID information supplier) and business intelligence portion (historical statistics information supplier) etc.
In one embodiment of the invention, the WebService based on SOA framework that outward prod line, each product line payment platform, automatically Timing Processing trigger, automated payment system provide by calling electric payment transaction risk control system serves the data interaction realized with wind Ore-controlling Role. Rulemaking person, wind control personnel are then that the Web site visualized operation platform based on ASP.NET establishment provided by electric payment transaction risk control system realizes the data interaction with electric payment transaction risk control system.
Electric payment transaction risk control system can adopt server cluster and load balancing technology in physics deployment scheme, so that the independent stability performance of electric payment transaction risk control system is excellent, concrete visual business scale realizes horizontal behavior extension fast.
Traditional transaction risk control system generally only focus on by certain rule to business system acquisition to this transaction information carry out examination & verification verification, generally can not comprise historical statistics information and DeviceID information, Rulemaking is simple and not configurable, often need to carry out two times for specific risk behavior or rule to safeguard, check results is generally simple Logic judgment, not only it is difficult to meet business to the requirement of check results accuracy, may be tackled some on the contrary may successfully conclude the business by mistake, reduce transaction probability of transaction.
Detailed, the present embodiment promotes the verification accuracy rate of electric payment transaction risk control system by multiple preset regular modeling method. First it is expand verification information data source, retain the request information that each client terminal sends to electric payment transaction risk control system, the information item being wherein high weight with statistical model sets up data association mechanism, is ensureing to have greatly expanded under high performance prerequisite between the sample region of rule verification; And in service platform, the information element of excessive risk grading can be selected according to passing case by Rulemaking personnel, artificial setting Black List information list; Also use advanced client-side information identification data and the operation behavior of user is carried out modeling location, from the angle of predefined action assessment transaction risk; More by rule simulation function periodical evaluation rule accuracy, according to merit change, rule can be made adjustment in time. Therefore, the present invention can be embedded in business transaction flow closely as tradition wind Ore-controlling Role, under the prerequisite not affecting transaction flow transfer efficient, it is provided that accuracy is higher, expresses the risk rating result that implication is abundanter.
In sum, the present embodiment under minimizing cost input and the prerequisite not revealing company and subscriber computer confidential information, can reduce and prevent the loss of company in electronic transaction risk.
Embodiment two
As shown in Figure 6, the present invention provides a kind of Electronic-payment transaction risk control method, comprising:
The format conversion of the pending electronic payment transaction request of client terminal is corresponding transaction data according to business type by step S1;
Step S2, judges that whether described format conversion is successful, if success, then forwards step S3 to, if unsuccessful, then forward step S8 to;
Step S3, obtains pending parameter from described transaction data and is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then forward step S4 to, if the miss described White List of described pending parameter, then forward step S5 to;
Step S4, examination & verification is by described electronic payment transaction request;
Step S5, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then forward step S6 to, if the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then forward step S4 to;
Step S6, according to the historical trading data of described pending parameter acquiring association and default verification rule, and according to historical trading data with whether pending parameter described in the verification rule judgment preset meets described verification rule, if meeting, then forward step S4 to, if not meeting, then step S7;
Step S7, refuses described electronic payment transaction request;
Step S8, returns unsuccessfully abnormal information.
In one embodiment of the invention, a kind of or arbitrary combination in described historical trading data comprise user's order information, registration information, website behavioural information, electronic payment information and predefined action information.
In one embodiment of the invention, described White List, Black List and verification rule adjust according to the result audited by or refuse.
Optionally, whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audits by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Described pending parameter is divided into multiple Information Dimension degree;
Obtain corresponding verification rule and historical trading data according to each Information Dimension degree, the verification rule corresponding according to each dimension degree and historical trading data obtain the grading result of this dimension degree;
Grading result according to all dimension degree obtains result of finally grading, and judges whether described pending parameter meets described verification rule according to described final grading result,
If meeting, then audit by described electronic payment transaction request;
If not meeting, then refuse described electronic payment transaction request.
Preferably, judging whether described pending parameter meets described verification rule according to described final grading result, if meeting, then auditing by described electronic payment transaction request, if not meeting, then the step refusing described electronic payment transaction request comprises:
Result of finally grading is divided into low risk, risk and excessive risk third gear;
When described final grading result is low risk, examination & verification is by described electronic payment transaction request;
When described final grading result is risk, by wind control personnel ruling whether by or refuse described electronic payment transaction request;
When described final grading result is excessive risk, refuse described electronic payment transaction request.
Other detailed content of embodiment two specifically see embodiment one, can not repeat them here.
The present invention is by being corresponding transaction data according to business type by the format conversion of the pending electronic payment transaction request of client terminal, judge that whether described format conversion is successful, if success, then obtain pending parameter from described transaction data and it is saved to cache table, according to the White List that described pending parameter search is preset, if described pending parameter hits described White List, then audit by described electronic payment transaction request, if described pending parameter is miss described White List, according to the Black List that described pending parameter search is preset, if the scoring that described pending parameter is hit described Black List and hit described Black List is less than a predetermined threshold value, then according to historical trading data and the default verification rule of the association of described pending parameter acquiring, and whether pending parameter according to historical trading data and default verification rule judgment meets described verification rule, if meeting, then audit by described electronic payment transaction request, if not meeting, then refuse described electronic payment transaction request,If the scoring that described pending parameter is hit described Black List and hit described Black List is more than or equal to a predetermined threshold value, then audit by described electronic payment transaction request; If unsuccessful, then return unsuccessfully abnormal information, it is possible to reduce cost drop into and do not reveal company and subscriber computer confidential information prerequisite under, reduce and the loss of prevention company in electronic transaction risk.
In this specification sheets, each embodiment adopts the mode gone forward one by one to describe, and what each embodiment emphasis illustrated is the difference with other embodiments, between each embodiment identical similar portion mutually see. For system disclosed in embodiment, owing to corresponding to the method disclosed in Example, so what describe is fairly simple, relevant part illustrates see method part.
Professional can also recognize further, the unit of each example described in conjunction with embodiment disclosed herein and algorithm steps, can realize with electronic hardware, computer software or the combination of the two, in order to the interchangeableness of hardware and software is clearly described, generally describe composition and the step of each example in the above description according to function. These functions perform with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme. Each specifically can should be used for using different methods to realize described function by professional and technical personnel, but this kind realizes should not thinking the scope exceeding the present invention.
Obviously, invention can be carried out various change and modification and not depart from the spirit and scope of the present invention by the technician of this area. Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these change and modification.