CN111553700B - Payment risk identification method and device - Google Patents

Payment risk identification method and device Download PDF

Info

Publication number
CN111553700B
CN111553700B CN202010379331.6A CN202010379331A CN111553700B CN 111553700 B CN111553700 B CN 111553700B CN 202010379331 A CN202010379331 A CN 202010379331A CN 111553700 B CN111553700 B CN 111553700B
Authority
CN
China
Prior art keywords
power consumption
risk
payment
consumption characteristics
historical
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010379331.6A
Other languages
Chinese (zh)
Other versions
CN111553700A (en
Inventor
张哲�
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202010379331.6A priority Critical patent/CN111553700B/en
Publication of CN111553700A publication Critical patent/CN111553700A/en
Application granted granted Critical
Publication of CN111553700B publication Critical patent/CN111553700B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • G06F1/26Power supply means, e.g. regulation thereof
    • G06F1/28Supervision thereof, e.g. detecting power-supply failure by out of limits supervision

Abstract

The specification discloses a payment risk identification method and device. The method comprises the following steps: after receiving a payment request, determining the current time t0; obtaining historical electric quantity information of the payer equipment before t0; determining power consumption characteristics of the payer equipment in at least one historical period before t0 according to the obtained historical power information; and judging whether the determined power consumption characteristics accord with preset payment risk power consumption characteristics or not, and carrying out risk identification on the payment request according to a judgment result.

Description

Payment risk identification method and device
Technical Field
The embodiment of the specification relates to the technical field of risk control, in particular to a payment risk identification method and device.
Background
The current payment mode can enable a user to transfer money and pay through a network by using user equipment with a networking function without cash. Such as two-dimensional code payments, internet bank transfers, and the like. The user equipment may specifically be a mobile phone, a tablet, or a computer, which may be networked. The payment method is convenient and fast, can be used by a cheater, and induces the user to transfer money through the network after the user is cheated.
In order to reduce the property damage of the user, it is necessary to identify the risk of the payment action to be implemented before the user implements the payment action.
Disclosure of Invention
In order to carry out risk identification on payment behaviors, the specification provides a payment risk identification method and device. The technical scheme is as follows:
a payment risk identification method, comprising:
after receiving a payment request, determining the current time t0;
obtaining historical electric quantity information of the payer equipment before t0;
determining the power consumption characteristics of the payer equipment in at least one historical period before t0 according to the obtained historical electric quantity information;
and judging whether the determined power consumption characteristics accord with preset payment risk power consumption characteristics or not, and carrying out risk identification on the payment request according to a judgment result.
A payment risk identification apparatus comprising:
the current moment determining module: the payment server is used for determining the current time t0 after receiving the payment request;
historical electric quantity obtaining module: the device is used for obtaining historical electric quantity information of the payer equipment before t0;
a power consumption characteristic determination module: the power consumption characteristics of the payer equipment in at least one historical period before t0 are determined according to the obtained historical power information;
a risk identification module: and the risk identification module is used for judging whether the determined power consumption characteristics accord with preset payment risk power consumption characteristics or not and carrying out risk identification on the payment request according to a judgment result.
Through the technical scheme, whether the power consumption characteristics in the historical time period accord with the power consumption situation of the user equipment in the risk application execution process can be judged through the preset payment risk power consumption characteristics, and the risk application execution situation of the user equipment in the historical time period is deduced, so that the risk identification is carried out on the payment request at the current time according to the judgment result, and the coverage rate and the accuracy rate of the risk identification are improved.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the embodiments of the present specification, and other drawings can be obtained by those skilled in the art according to the drawings.
Fig. 1 is a schematic flowchart of a payment risk identification method provided in an embodiment of the present specification;
fig. 2 is a graph of an example of historical electric quantity information provided by an embodiment of the present specification;
fig. 3 is a schematic structural diagram of a payment risk identification apparatus provided in an embodiment of the present specification;
fig. 4 is a schematic structural diagram of an apparatus for configuring a method according to an embodiment of the present disclosure.
Detailed Description
In order to make those skilled in the art better understand the technical solutions in the embodiments of the present specification, the technical solutions in the embodiments of the present specification will be described in detail below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all the embodiments. All other embodiments that can be derived by one of ordinary skill in the art from the embodiments given herein are intended to be within the scope of protection.
At present, a widely used payment method is that a user uses a user device with a networking function to transfer money and pay through a network without cash, so that the inconvenience of carrying cash is avoided, and meanwhile, remote payment can be supported without face-to-face payment between the user and a merchant. Such as two-dimensional code payments, internet bank transfers, and the like.
The user equipment may specifically be a mobile phone, a tablet, or a computer, which may be networked.
For example, the user may take out and pay with a mobile phone at home using a mobile phone point, or the user may scan a payment code on the user's mobile phone by the merchant or the user may scan a collection code of the merchant using the mobile phone when the user purchases goods at a store.
The payment method is convenient and fast, can be used by a cheater, and induces the user to transfer money through the network after the user is cheated.
For example, a user socializes with a fraudster forging an identity photograph on a social application, establishing trust. After obtaining the trust of the user, the cheater puts forward a request of borrowing money or investing together, etc., cheats the money paid remotely by the user, and then the invisibility of canceling appears no longer. Even if the user realizes after the fact that the fraud is cheated, the true identity of the cheater cannot be found.
Another example is a user with poor risk awareness who, upon receiving the phone call of a fraudster, lies himself as a company customer service and claims that the user has won a large prize in an activity but needs to pay a deposit first. The users with poor risk awareness pay the guarantee money remotely through the online bank transfer under the temptation of the bonus and the authority trust of a certain company.
Because the payment mode does not need a fraudster to prove the true identity of the fraudster, the payment risk is higher, and the probability of the frauds of the user is higher.
In order to reduce the property damage of the user, it is necessary to identify the risk of the payment action to be implemented before the user implements the payment action.
In risk identification of a payment activity, a comprehensive consideration needs to be made from multiple dimensions, such as the size of the payment amount, the frequency of payments by the payer, the credit of the payee, and so on.
Specifically, a risk level can be given for different angles, the risk level of each angle is integrated, and the integrated risk level is obtained through a preset algorithm.
In this specification, a method for risk identification based on behavior information of a user on a user device is provided, and is explained in detail as follows.
Through analysis, a fraudster is generally required to cheat the trust of a user by utilizing social ways such as instant messaging, telephone and the like before the fraudster cheats the user and induces the user to pay remotely by utilizing a network.
For example, a fraudster over the phone, lying himself for a company, uses the company's authority and reputation to cheat the user's trust.
Another example is that a fraudster uses false photos and false identities to attract users to social applications, and then cheats the users' trust through long-term chat social activities, etc.
For most users who are cheated, when a stranger who cannot verify the true identity is confronted, initial trust is generally required to be established before money exchange is possible.
For example, a user, upon receiving a fraudster's phone, hears the party self-service a company and there is a substantial prize, initially trusting the party under the enticement of the prize.
Thus, when a fraudster is engaged in fraud, there is typically a long time to talk to the fraudster or social activity on the social application before the fraudster user is engaged in payment.
For example, it is often necessary to communicate with a fraudster over a telephone for a long period of time before the fraudster can use the user device to make payment. Fraudsters need to explain their identity, origin of the call, etc. in the phone and to explain the clear large prize drawing steps, which account for the need to pay the deposit, which takes a long time.
Another example is where a fraudster needs to communicate with a fraudster user for a long time in a social application. Through talking, lying-talking and the like, an avatar on a social application is compiled, such as a scene-lost person, a rich person, a general person and the like, and the trust of a cheating user on the avatar is cheated in long-term communication. And then a request for borrowing money or co-investing is made to damage the property of the fraudulent user.
Whereas social behavior on a conversation application or a social application typically occurs on the user device of the user.
Therefore, for risk identification of the payment behavior, before the payment behavior occurs, the behavior information of the user on the user equipment has important referential significance, and the risk identification can be carried out according to the dimension of the behavior information of the user on the user equipment.
According to the analysis, for a payment request submitted by a user, if the behavior of the user before the payment request is initiated includes a long-time conversation application use behavior or a social application use behavior, it is determined that the payment behavior has a large payment risk.
For example, when a user initiates a remote payment request on user equipment, historical behavior information of the user on the user equipment in the last 60 minutes is acquired, and a large number of call behaviors are found to be contained in the historical behavior, so that the user can consider that the payment request has high risk in the dimension of behavior information on the user equipment, and then risk identification is comprehensively performed by combining other dimensions.
The method steps of risk identification may include:
and receiving a payment request, acquiring historical behavior information in a preset historical time period before the current time on the user equipment, and carrying out risk identification according to risk behavior information in the historical behavior information. Wherein the risk behavior information comprises social application usage information and call application usage information.
By the risk identification method, the dimensionality of the historical behavior information of the payment risk identification can be increased, and the coverage rate and accuracy rate of the payment risk identification are improved.
However, in practical applications, the behavior information of the user on the user equipment belongs to information at the OS (operating system) level, and for a certain APP (application), the information cannot be generally acquired. Although some operating systems (android systems, iOS systems, etc.) may develop some information acquisition interfaces for applications to some extent, reliance on user authorization is still required. This makes it difficult to directly acquire the behavior information of the user on the user device and perform payment risk identification based on the behavior information in the payment application.
In view of the above problems, the present specification discloses a payment risk identification method: the method comprises the steps of firstly acquiring the power consumption situation of the user equipment before a payment action, and judging whether the power consumption situation accords with the power consumption characteristics of certain specific actions (such as executing a telephone application, an instant messaging application and the like), thereby indirectly deducing whether a user carries out an action which possibly causes a payment risk before carrying out the payment action. Because the electric quantity information of the equipment is easy to obtain for the APP, the scheme can provide a risk identification means on the aspect of the APP, so that the coverage rate and the accuracy rate of payment risk identification are improved.
For convenience of description, the applications of telephone, instant messaging, etc. are referred to as "risk applications" in this specification, and the corresponding payment risk identification logic is: if the risk application is executed on the user device and then the payment operation is executed, the risk potential of the payment operation is increased.
In addition, when the user equipment executes the risk application, the power consumption of the user equipment can present a certain characteristic, for example, the power consumption of the user equipment can be obviously higher than the normal condition in the processes of making a call and carrying out instant messaging chat. In this specification, the power consumption situation presented by the user equipment when executing the risky application is referred to as a "pay risky power consumption feature".
For convenience of description, in this specification, the characteristics of the power consumption situation are collectively quantified as the power consumption per unit time. Other quantitative methods, such as time consumed per unit of power consumption, etc., can be inferred from the description simply and therefore are within the scope of the disclosure.
As shown in fig. 1, a payment risk identification method provided for the embodiment of the present specification may be applied to some application on a service end or a payer device, for example, an application with a payment function.
The payment risk identification method may include the steps of:
s101: after receiving the payment request, determining the current time t0.
S102: historical power information of the payer device before t0 is obtained.
S103: and determining the power consumption characteristics of the payer equipment in at least one historical period before t0 according to the obtained historical power information.
S104: and judging whether the determined power consumption characteristics accord with preset payment risk power consumption characteristics or not, and carrying out risk identification on the payment request according to a judgment result.
In the above method embodiment, the payment risk power consumption characteristic is used as a judgment criterion to judge the power consumption characteristic determined in S103. Therefore, the pay-risk power consumption feature is explained first.
The "pay for risk power consumption feature" is the power consumption situation that the user device presents when executing the risk application.
Thus, in this method embodiment, if a certain power consumption characteristic corresponds to a pay-risk power consumption characteristic, it is assumed that the user equipment is likely to execute a risk application within a historical period corresponding to the power consumption characteristic.
Since in this specification, the characteristics of the power consumption situation are collectively quantified by the power consumption amount per unit time, at least the power consumption amount per unit time is included in the payment risk power consumption characteristics, and the power consumption characteristics determined in S103 may be the power consumption amount per unit time within the corresponding history period. And the amount of power consumed may be in the form of a percentage of the total power of the device, e.g., 4% means 4% of power consumed, and the amount of power consumed per unit time may be in the form of%/hour, e.g., 5%/hour means 5% of power consumed per hour. Of course, the unit of the power consumption and the power consumption per unit time may be measured in other ways, and this specification does not limit this.
The form of the payment risk power consumption feature is described from a plurality of angles, and the corresponding judgment method is described at the same time.
1) Value or range of values
The payment risk power consumption feature may include a specific value of the power consumption per unit time, or may be a value range of the power consumption per unit time.
For example: 5.3%/h and [ 3.4%/h, 4.2%/h ].
When the payment risk power consumption feature includes the value of the power consumption amount per unit time, and when it is determined whether the power consumption feature meets the preset payment risk power consumption feature, it may be specifically determined whether an absolute value of a difference between the power consumption amount per unit time within a certain historical time period determined in S103 and the power consumption amount per unit time in the payment risk power consumption feature satisfies a preset condition.
The preset condition may be an absolute value of 0 or less than a preset threshold.
If the preset conditions are met, the power consumption characteristics accord with the payment risk power consumption characteristics; if not, the power consumption characteristic does not conform to the pay-risk power consumption characteristic.
For example, the preset threshold is 0.3%/hour, the power consumption amount per unit time in the payment risk power consumption feature is 5.3%/hour, and the power consumption feature of a certain history period is 4.7%/hour, so the power consumption feature of the history period does not conform to the payment risk power consumption feature.
When the payment risk power consumption feature includes the value range of the power consumption per unit time, it is determined whether the power consumption feature conforms to the payment risk power consumption feature, specifically, it may be determined whether the value of the power consumption per unit time in a certain historical time period determined in S103 is located in the value range of the power consumption per unit time included in the payment risk power consumption feature.
If yes, the power consumption characteristic accords with the payment risk power consumption characteristic; if not, the power consumption characteristic does not conform to the pay risk power consumption characteristic.
For example, the power consumption per unit time in the payment risk power consumption feature ranges from [ 8.7%/hour, 9.0%/hour ], and the power consumption feature of a certain historical period is 8.8%/hour, so that the power consumption feature of the historical period conforms to the payment risk power consumption feature.
2) Type of device
The pay risk power consumption feature may further include a device type. This is because the power consumption per unit time is different for different types of devices, such as computers, mobile phones, or different brands of mobile phones, different models of mobile phones, even when the same application is running, due to different hardware conditions.
In order to more accurately judge whether the power consumption characteristics conform to the power consumption condition presented by the user equipment when executing the risk application, the payment risk power consumption characteristics can also include the equipment type on the basis of including the power consumption in unit time, and the form of the payment risk power consumption characteristics can be a corresponding relation set of the equipment type and the power consumption characteristics.
As an example, the power consumption per unit time of the risk application on different types of devices is counted to obtain the following payment risk power consumption characteristics:
Figure BDA0002481394030000081
TABLE 1 table of correspondence between device type and power consumption range per unit time
Under the pay-for-risk power consumption characteristics shown in table 1, the power consumption of a certain device per unit time within a certain historical period is 10.5%/hour.
The judging method can be as follows:
the method comprises the steps of firstly obtaining a mobile phone with the type of the equipment being type 3, then determining that the unit time power consumption range corresponding to the mobile phone with the type 3 is [ 7.2%/hour, 9.3%/hour ], and the power consumption characteristic is 10.5%/hour, so that the power consumption characteristic in the historical period does not accord with the payment risk power consumption characteristic.
Therefore, when the payment risk power consumption feature further includes the device type, when determining whether the power consumption feature conforms to the payment risk power consumption feature, it is necessary to first obtain the device type corresponding to the power consumption feature, and then obtain the value or range of the power consumption per unit time corresponding to the device type in the payment risk power consumption feature, and determine the power consumption feature, where the determination method is as described above.
In addition, the payment risk power consumption feature may also include other features that affect the power consumption per unit time and can be acquired, so as to more accurately judge whether the power consumption feature conforms to the power consumption situation presented by the user equipment when executing the risk application. For example, the electric quantity value corresponding to the time point at the beginning of the history period, the battery usage duration of the device, or the number of applications currently running in the background of the device, etc.
According to the form of the payment risk power consumption characteristics including the device type and the corresponding judgment method, the form of the payment risk power consumption characteristics and the corresponding judgment method when the payment risk power consumption characteristics include other characteristics can be deduced simply. And will not be described in detail herein.
3) Risk application
Since in this specification, the payment risk power consumption feature refers to a power consumption situation presented by the user equipment when executing the risk application, in order to more directly and quickly perform risk identification and further facilitate the subsequent payment risk identification step, the payment risk power consumption feature may further include the risk application on the basis of the power consumption per unit time.
The form of paying the risky power consumption characteristics may be a set of correspondence relationships between the risky application and the power consumption characteristics thereof, that is, a set of correspondence relationships between the risky application and the power consumption amount per unit time thereof. The risk applications are in one-to-one correspondence with the power consumption of the unit time, and the corresponding risk applications can be determined in the corresponding relation set according to the power consumption characteristics.
As an example, the payment risk power consumption characteristics obtained by counting the power consumption per unit time of different risk applications are as follows:
risk application ... Social application 1 Call application 2 Instant messaging application 3 ...
Power consumption per unit time ... 2.5%/h 4.5%/h 3.6%/h ...
TABLE 2 corresponding relationship table of risk application and power consumption per unit time
In the case of paying the risky power consumption characteristics as in table 2, the power consumption characteristics in a certain history period on a certain device are 4.5%/hour.
The judging method can be as follows:
by determining the corresponding relation containing the same power consumption per unit time as the power consumption characteristics in the corresponding relation set of the payment risk power consumption characteristics, the risk application in the corresponding relation is determined to be the call application 2. Thus, the risk application used by the device during the history period is the call application 2.
Of course, in the pay risk power consumption feature, the device type and the risk application may be considered at the same time, and for each of the multiple device types, the power consumption per unit time of the multiple risk applications may be counted. The determined risk application can be used as a judgment result while the judgment accuracy is improved, so that the subsequent payment risk identification is facilitated.
For example, after statistical data and analysis, the obtained payment risk power consumption characteristics are as follows:
Figure BDA0002481394030000091
Figure BDA0002481394030000101
TABLE 3 Payment Risk Power consumption characteristics Table
At this time, the judging method may be:
the method comprises the steps of firstly obtaining a mobile phone with the type of 3, and then determining that the power consumption of the mobile phone with the type of 3 in unit time comprises 5.3%/hour, 5.7%/hour, 5.4%/hour and 5.9%/hour. The power consumption feature in a certain historical period is 5.4%/hour, so the power consumption feature in the historical period accords with the payment risk power consumption feature, and the risk application used by the device in the historical period is determined to be the social application 1, so that the subsequent payment risk identification is facilitated.
The preset power consumption characteristics of payment risk may be obtained through data statistics, may be obtained by collecting user data, or may be manually set according to experience, and the present specification is not limited thereto.
Wherein in S103, the power consumption characteristics in only one history period, such as the [ t0- Δ t, t0] period, may be determined; power consumption characteristics over multiple historical periods may also be determined, for example: t0-2 Δ t, t0- Δ t and t0- Δ t, t0. Where Δ t may be set according to actual requirements, e.g. 10 minutes, 30 minutes, etc.
Through the above explanation of the payment risk power consumption feature and the judgment method, the judgment result in S104 can be obtained. If the power consumption characteristics of a plurality of different history periods are determined in S103, it is necessary to perform a judgment respectively to obtain a judgment result.
And risk identification is carried out on the payment request according to the judgment result, and the specific explanation is as follows:
1) After respectively judging whether the power consumption characteristics of each historical time interval in the step S103 meet the preset power consumption characteristics at the payment risk, the judgment results of the power consumption characteristics in all the historical time intervals are integrated, and if the power consumption characteristics meet the preset conditions, it is considered that the payment request has a large payment risk in the dimension of the user equipment behavior information.
For example, the judgment result is counted, and if the ratio of the coincidence of the judgment result and the judgment result reaches a preset threshold value, it is judged that the current payment request has a risk in the dimension of the user equipment behavior information.
Or if one result in the judgment results is in accordance, judging that the current payment request has a greater risk in the dimension of the user equipment behavior information.
Or if one result in the judgment results is not met, judging that the current payment request has less risk in the dimension of the user equipment behavior information.
2) Another possible case is that, after whether the power consumption characteristics of each historical period in S103 meet the preset risk payment power consumption characteristics is respectively determined, and the risk applications used by the payer in the historical period are determined according to the corresponding relationship between the risk applications and the power consumption characteristics thereof, the determination results of the power consumption characteristics in all historical periods and the determined risk applications are integrated, and the payment risk identification is performed according to the usage duration of the risk applications or the types of the risk applications.
In particular, if the usage duration of the risk application exceeds a predetermined threshold, for example half an hour, the payment request is considered to be at a greater risk of payment in the dimension of the user equipment behavior information. It may also be possible to consider the type of the risky application, for example, if the duration of use of the conversation application exceeds one hour or the duration of use of the social application exceeds two hours in the risky application, the payment request is considered to be at a greater risk of payment in the dimension of the user equipment behavior information.
Through the judgment of the use duration, if the payer uses the risk application for a long time before the payment behavior, the payment behavior is considered to have a larger payment risk in the dimension of the user equipment behavior information. This also corresponds to the behavior of the payer device with a greater risk of payment before payment, as analyzed above.
After the details of the risky power consumption characteristics and the corresponding steps are clearly described, the power consumption characteristics in S103 need to be explained.
The power consumption characteristic in S103 is acquired from the history power amount information.
The historical electric quantity information may be electric quantity information within a preset time period before t0. For example, the power information 24 hours before t0.
And the power consumption characteristic is determined in at least one historical period according to the historical electric quantity information.
When the power consumption characteristic is the power consumption per unit time, the determination method may be that the power consumption of the device in a certain history period is divided by the duration of the history period, and the obtained ratio is the power consumption characteristic in the history period.
Obviously, the historical time period is determined according to the historical electric quantity information, and the time length and the electric quantity consumption corresponding to the historical time period can be determined.
The historical electric quantity information may have different forms, and therefore, the selection of the corresponding historical time period will be described while introducing the different forms of the historical electric quantity information.
1) The specific form of the historical electric quantity information may be an electric quantity value corresponding to a time point spaced by a fixed time length, specifically may be an electric quantity value corresponding to a fixed time point spaced by a fixed time length, and may also be an electric quantity value corresponding to a time point spaced by a fixed time length before t0.
For example:
point in time ... 4:30 5:00 5:30 ...
Electric quantity value ... 45% 43% 34% ...
TABLE 4 table of correspondence between fixed time points and electric quantity values
Or
Point in time ... 3 hours before t0 2 hours before t0 1 hour before t0 t0
Electric quantity value ... 45% 43% 34% 24%
TABLE 5 corresponding relationship table of time points at fixed time intervals before t0 and electric quantity values
The historical time period may be a time period between any two fixed time points counted in the historical electric quantity information within a preset range. For example, the period between 4.
The historical time period may also be a time period between any two time points counted in the historical electric quantity information within a preset range. For example, if the period between 3 hours before t0 and t0 in table 5 is selected as the history period, the power consumption per unit time of the history period is (45% -24%)/3 hours, that is, 7%/hour.
2) The historical electric quantity information can also be the corresponding electric quantity value change condition in the preset duration, each moment can correspond to one electric quantity value, the specific form can be a curve fluctuation graph, and the electric quantity value corresponding to each moment in the preset duration is recorded.
Fig. 2 is a graph illustrating an example of historical power information provided in an embodiment of the present disclosure. Wherein, the change situation of the electric quantity value in 30 hours before t0 is recorded, and each moment in 30 hours corresponds to one electric quantity value.
The historical period may be any period within a preset range.
For example, a period from 20 hours before t0 to 19 hours before t0 is selected as the history period.
3) When the user equipment limits that only the application running in the foreground can obtain the current electric quantity value, the application for counting the electric quantity information can count only when the foreground runs.
Therefore, the historical power information may also be a power value corresponding to a time point at which the application of the statistical power information is opened, for example:
Figure BDA0002481394030000131
TABLE 6 table of correspondence between opened time points and electric quantity values
The historical time interval may be a time interval between any two time points of the historical electric quantity information statistics within a preset range.
For example, a period between the time point of opening the application 12 th time and the time point of opening the application 13 th time.
Of course, the specific time points can be 4 and 5, 33 and 03, with a difference of 30 minutes, so the power consumption per unit time can be (45% -43%)/0.5 hour, i.e. 4%/hour.
In the description of the historical period, the preset range is to enable the historical period to be closer to the current time, so that whether risk application is executed on the user equipment in a short time period before the payment behavior of the current time can be determined, and the accuracy of risk identification is improved conveniently.
For example, the preset range may be within 24 hours before the current time t0.
In addition, different history periods may not coincide with each other, or may overlap with each other by a certain amount, but may not completely overlap with each other. For example, the history period of 4. This is not a limitation of the present specification.
And the historical electric quantity information can be obtained from the electric quantity information stored in advance by the application of the statistical electric quantity information.
When the user equipment counts and stores the electricity consumption condition, the electricity consumption condition stored by the user equipment can be directly acquired as historical electricity information. Generally, the user equipment counts and stores the power consumption in the form of fig. 2.
For further ease of understanding, the following description will use a full example of the method as applied to payment applications.
The preset payment risk power consumption characteristics are as follows:
type 1 mobile phone Type 2 computer Type 3 mobile phone Type 4 computer
Social application 1 4%/hour 1%/hour 5%/hour 2%/hour
Social application 2 4.4%/h 1.6%/hour 5.7%/h 2.2%/h
Social applications 3 4.7%/h 1.6%/h 5.4%/h 2.1%/h
Social applications 4 5.5%/h 2.1%/h 5.9%/hour 2.7%/h
TABLE 7 Power consumption characteristics Table for Payment Risk
After receiving the payment request, the payment application determines that the current time is 5.
The payment application acquires historical electric quantity information of the payer equipment in 6 hours before 15 hours from an operating system for counting the historical electric quantity information, wherein the historical electric quantity information is as follows:
Time electric quantity value
9:00 89%
10:00 85%
11:00 81%
12:00 60%
13:00 55%
14:00 50%
15:00 45%
Table 8. Historical electric quantity information table
The payment application determines each hour between 9.
Then, the power consumption characteristics in the six history periods are 4%/hour, 21%/hour, 5%/hour, and 5%/hour, respectively.
The preset payment risk power consumption characteristics also comprise the equipment type, and the payment application determines that the equipment type of the payer equipment is the mobile phone with the model 3.
The payment application determines the six power consumption characteristics, wherein only 5%/hour corresponds to the unit time power consumption of the model 3 handset in table 7, i.e. 12: three power consumption characteristics of three time periods between 00 and 15.
Meanwhile, according to table 7, the payment application may determine that the user device is executing the social application 1 within a period of 12 to 00, which is 3 hours and exceeds a predetermined threshold of 1 hour.
Thus, the payment application considers that the payment request is at greater payment risk, may stop the payment request, or pop the user to alert the user that the payment request is at greater payment risk.
By the method, whether the risk application is executed on the payer equipment before the payment action is performed by the user can be judged according to the power consumption condition of the payer equipment, and the type and the execution duration of the risk application, so that the payment risk identification is performed on the payment action by using the judgment result. The method and the device have the advantages that the privacy information of the user is protected, the dimension of historical behavior information can be added in the payment risk identification, and the coverage rate and the accuracy rate of the payment risk identification are improved.
The method can be implemented at a client side and can also be implemented at a server side. When the user side may be an application configured on the user equipment, for example, an application for payment, the preset information or the pre-stored information may be obtained from other equipment, for example, the corresponding relationship between the preset risk application and the payment risk power consumption feature may be obtained from equipment for performing testing and statistics.
When the above method embodiment is applied to the server, necessary information, such as payment request, historical power information, payer device type, etc., can be obtained from the payer device. The preset information or the pre-stored information may also be acquired from other devices.
The present specification also provides a payment risk identification apparatus, as shown in fig. 3, which is a schematic structural diagram of the payment risk identification apparatus provided in the present specification.
The payment risk identification means may include:
the current time determination module 201: and the payment processing unit is used for determining the current time t0 after receiving the payment request.
The historical electric quantity obtaining module 202: for obtaining historical power information of the payer device before t0.
The power consumption characteristic determination module 203: and the power consumption characteristics of the payer equipment in at least one historical period before t0 are determined according to the obtained historical power information.
Risk identification module 204: and the risk identification module is used for judging whether the determined power consumption characteristics accord with preset payment risk power consumption characteristics or not and carrying out risk identification on the payment request according to a judgment result.
The payment risk power consumption feature may be a power consumption feature counted in advance, or may be a correspondence between at least one risk application counted in advance and the power consumption feature of the at least one risk application.
And the power consumption characteristics of the payer equipment in the historical period are as follows: the payer device consumes electricity per unit time for the historical period.
Meanwhile, the power consumption feature included in the payment risk power consumption feature may be the unit time power consumption amount.
On this basis, the risk identification module 204 may be configured to:
inquiring in the corresponding relation between the risk application and the power consumption characteristics of the payer equipment in any historical time period before t0 according to the power consumption characteristics of the payer equipment; if the matched result is inquired, determining that the payer equipment runs the risk application in the historical period; and performing risk identification on the payment request according to the determined risk application operated by the payer equipment in at least one historical period before t0.
In addition, the pay for risk power consumption feature may also include a device type. That is, the payment risk power consumption characteristics may be payment risk power consumption characteristics respectively counted for different device types, and of course, the counted payment risk power consumption characteristics may be power consumption characteristics, or may be a correspondence between at least one risk application and the power consumption characteristics thereof.
On this basis, the risk identification module 204 may be further configured to:
obtaining a type of the payer device; whether the power consumption characteristics determined by the power consumption characteristic determination module 203 meet the payment risk power consumption characteristics corresponding to the type of equipment is judged.
When the power consumption characteristics determined by the power consumption characteristics determination module 203 are at least two, that is, the power consumption characteristics determination module 203 determines the power consumption characteristics of the payer device in more than two historical periods before t0, the risk identification module 204 may be configured to:
respectively judging whether the power consumption characteristics of each historical time interval accord with preset payment risk power consumption characteristics; and counting the judgment result, and if the judgment result is that the ratio of the coincidence reaches a preset threshold value, judging that the payment request has risk.
For a detailed explanation of the embodiments of the apparatus, reference may be made to the above-mentioned embodiments of the method, which are not described herein again.
Embodiments of the present description also provide a computer device including at least a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements a payment risk identification method when executing the program.
Fig. 4 is a schematic diagram illustrating a more specific hardware structure of a computing device according to an embodiment of the present disclosure, where the computing device may include: a processor 1010, a memory 1020, an input/output interface 1030, a communication interface 1040, and a bus 1050. Wherein the processor 1010, memory 1020, input/output interface 1030, and communication interface 1040 are communicatively coupled to each other within the device via bus 1050.
The processor 1010 may be implemented by a general-purpose CPU (Central Processing Unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and is configured to execute related programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 1020 may be implemented in the form of a ROM (Read Only Memory), a RAM (Random Access Memory), a static storage device, a dynamic storage device, or the like. The memory 1020 may store an operating system and other application programs, and when the technical solution provided by the embodiments of the present specification is implemented by software or firmware, the relevant program codes are stored in the memory 1020 and called to be executed by the processor 1010.
The input/output interface 1030 is used for connecting an input/output module to input and output information. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. The input devices may include a keyboard, a mouse, a touch screen, a microphone, various sensors, etc., and the output devices may include a display, a speaker, a vibrator, an indicator light, etc.
The communication interface 1040 is used for connecting a communication module (not shown in the drawings) to implement communication interaction between the present apparatus and other apparatuses. The communication module can realize communication in a wired mode (for example, USB, network cable, etc.), and can also realize communication in a wireless mode (for example, mobile network, WIFI, bluetooth, etc.).
Bus 1050 includes a path that transfers information between various components of the device, such as processor 1010, memory 1020, input/output interface 1030, and communication interface 1040.
It should be noted that although the above-mentioned device only shows the processor 1010, the memory 1020, the input/output interface 1030, the communication interface 1040 and the bus 1050, in a specific implementation, the device may also include other components necessary for normal operation. In addition, those skilled in the art will appreciate that the above-described apparatus may also include only those components necessary to implement the embodiments of the present description, and not necessarily all of the components shown in the figures.
Embodiments of the present description also provide a computer-readable storage medium on which a computer program is stored, which when executed by a processor implements a payment risk identification method.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
From the above description of the embodiments, it is clear to those skilled in the art that the embodiments of the present disclosure can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the embodiments of the present specification may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments of the present specification.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus embodiment, since it is substantially similar to the method embodiment, it is relatively simple to describe, and reference may be made to some descriptions of the method embodiment for relevant points. The above-described apparatus embodiments are merely illustrative, and the modules described as separate components may or may not be physically separate, and the functions of the modules may be implemented in one or more software and/or hardware when implementing the embodiments of the present disclosure. And part or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the embodiment. One of ordinary skill in the art can understand and implement without inventive effort.
The foregoing is only a detailed description of the embodiments of the present disclosure, and it should be noted that, for those skilled in the art, many modifications and decorations can be made without departing from the principle of the embodiments of the present disclosure, and these modifications and decorations should also be regarded as protection for the embodiments of the present disclosure.

Claims (11)

1. A payment risk identification method, comprising:
after receiving a payment request, determining the current time t0;
obtaining historical electric quantity information of the payer equipment before t0;
determining power consumption characteristics of the payer equipment in at least one historical period before t0 according to the obtained historical power information;
judging whether the determined power consumption characteristics accord with preset payment risk power consumption characteristics or not, and carrying out risk identification on the payment request according to a judgment result, wherein the method comprises the following steps: and determining the risk application and the use duration of the risk application used in each historical period in the payer equipment according to the corresponding relation between the risk application and the power consumption characteristics of the risk application, and performing payment risk identification according to the determined use duration of the risk application.
2. The method of claim 1, the pay-for-risk-electricity-consumption feature being: at least one risk application and the corresponding relation of the power consumption characteristics of the risk application are counted in advance;
the judging whether the determined power consumption characteristics accord with preset payment risk power consumption characteristics or not, and performing risk identification on the payment request according to a judgment result includes:
inquiring in the corresponding relation according to the power consumption characteristics of the payer equipment in any historical time period before t0;
if the matched result is inquired, determining that the payer equipment runs the risk application in the historical period;
and performing risk identification on the payment request according to the determined risk application operated by the payer equipment in at least one historical period before t0.
3. The method of claim 1 or 2, wherein the power consumption of the payer device over the historical period is characterized by: the payer device consumes electricity per unit time for the historical period.
4. The method of claim 1 or 2, the pay for active consumption feature, comprising: respectively counting payment risk power consumption characteristics aiming at different equipment types;
the judging whether the determined power consumption characteristics conform to preset payment risk power consumption characteristics includes:
obtaining a type of the payer device;
and judging whether the determined power consumption characteristics conform to the payment risk power consumption characteristics corresponding to the type of equipment.
5. The method according to claim 1 or 2, wherein in the case that the power consumption characteristics of the payer device in more than two historical periods before t0 are determined, the determined power consumption characteristics are judged whether to conform to preset payment risk power consumption characteristics, and the payment request is risk-identified according to the judgment result: the method comprises the following steps:
respectively judging whether the power consumption characteristics of each historical time interval accord with preset payment risk power consumption characteristics;
and counting the judgment result, and if the judgment result is that the ratio of the coincidence reaches a preset threshold value, judging that the payment request has risk.
6. A payment risk identification apparatus comprising:
the current moment determining module: the payment server is used for determining the current time t0 after receiving the payment request;
historical electric quantity obtaining module: the device is used for obtaining historical electric quantity information of the payer equipment before t0;
a power consumption characteristic determination module: the power consumption characteristics of the payer equipment in at least one historical period before t0 are determined according to the obtained historical power information;
a risk identification module: the method is used for judging whether the determined power consumption characteristics accord with preset payment risk power consumption characteristics or not, and performing risk identification on the payment request according to a judgment result, and comprises the following steps: and determining the risk application and the use duration of the risk application used in each historical period in the payer equipment according to the corresponding relation between the risk application and the power consumption characteristics of the risk application, and performing payment risk identification according to the determined use duration of the risk application.
7. The apparatus of claim 6, the pay for risk power consumption feature being: at least one risk application and the corresponding relation of the power consumption characteristics of the risk application are counted in advance;
the risk identification module is to:
inquiring in the corresponding relation according to the power consumption characteristics of the payer equipment in any historical time period before t0;
if the matched result is inquired, determining that the payer equipment runs the risk application in the historical period;
and performing risk identification on the payment request according to the determined risk application which is operated by the payer equipment in at least one historical period before t0.
8. The apparatus of claim 6 or 7, wherein the power consumption characteristics of the payer device over the historical period are: the payer device consumes electricity per unit time for the historical period.
9. The apparatus of claim 6 or 7, the pay for jeopardy power consumption feature, comprising: respectively counting payment risk power consumption characteristics aiming at different equipment types;
the risk identification module is to:
obtaining a type of the payer device;
and judging whether the determined power consumption characteristics conform to the payment risk power consumption characteristics corresponding to the type of equipment.
10. The apparatus of claim 6 or 7, in the event that the power consumption characteristic determination module determines power consumption characteristics to a payer device within two or more historical periods prior to t0, the risk identification module to:
respectively judging whether the power consumption characteristics of each historical time interval accord with preset payment risk power consumption characteristics or not;
and counting the judgment result, and if the judgment result is that the ratio of the coincidence reaches a preset threshold value, judging that the payment request has risk.
11. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 5 when executing the program.
CN202010379331.6A 2020-05-07 2020-05-07 Payment risk identification method and device Active CN111553700B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010379331.6A CN111553700B (en) 2020-05-07 2020-05-07 Payment risk identification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010379331.6A CN111553700B (en) 2020-05-07 2020-05-07 Payment risk identification method and device

Publications (2)

Publication Number Publication Date
CN111553700A CN111553700A (en) 2020-08-18
CN111553700B true CN111553700B (en) 2023-03-21

Family

ID=72006070

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010379331.6A Active CN111553700B (en) 2020-05-07 2020-05-07 Payment risk identification method and device

Country Status (1)

Country Link
CN (1) CN111553700B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2309710A1 (en) * 2009-10-12 2011-04-13 Research In Motion Limited Call note management on communication device
WO2015176453A1 (en) * 2014-05-20 2015-11-26 中兴通讯股份有限公司 Fraud call recognition method, fraud prevention method, and call terminal
WO2017072783A1 (en) * 2015-10-27 2017-05-04 Biswas Somnath System and method for electronic payment transactions via social media based messaging using non-text triggers
CN107705126A (en) * 2017-09-04 2018-02-16 中国银联股份有限公司 A kind of method and device for judging transaction risk
WO2018058835A1 (en) * 2016-09-27 2018-04-05 宇龙计算机通信科技(深圳)有限公司 Call mode monitoring method, system and communication terminal
CN109003075A (en) * 2017-06-07 2018-12-14 阿里巴巴集团控股有限公司 A kind of Risk Identification Method and device
CN110163612A (en) * 2019-04-02 2019-08-23 阿里巴巴集团控股有限公司 A kind of payment air control method and device
CN110533297A (en) * 2019-08-02 2019-12-03 中国银联股份有限公司 A kind of method and device identifying warping apparatus
CN110532758A (en) * 2019-07-24 2019-12-03 阿里巴巴集团控股有限公司 A kind of Risk Identification Method and device for group

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120295580A1 (en) * 2011-05-19 2012-11-22 Boku, Inc. Systems and Methods to Detect Fraudulent Payment Requests
US9275211B2 (en) * 2013-03-15 2016-03-01 Telesign Corporation System and method for utilizing behavioral characteristics in authentication and fraud prevention
US9210183B2 (en) * 2013-12-19 2015-12-08 Microsoft Technology Licensing, Llc Detecting anomalous activity from accounts of an online service
US10783520B2 (en) * 2014-07-02 2020-09-22 Wells Fargo Bank, N.A. Fraud detection
US9418365B2 (en) * 2014-09-08 2016-08-16 Mastercard International Incorporated Systems and methods for using social network data to determine payment fraud
US10984120B2 (en) * 2018-05-10 2021-04-20 Paypal, Inc. Limiting device functionality based on data detection and processing

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2309710A1 (en) * 2009-10-12 2011-04-13 Research In Motion Limited Call note management on communication device
WO2015176453A1 (en) * 2014-05-20 2015-11-26 中兴通讯股份有限公司 Fraud call recognition method, fraud prevention method, and call terminal
WO2017072783A1 (en) * 2015-10-27 2017-05-04 Biswas Somnath System and method for electronic payment transactions via social media based messaging using non-text triggers
WO2018058835A1 (en) * 2016-09-27 2018-04-05 宇龙计算机通信科技(深圳)有限公司 Call mode monitoring method, system and communication terminal
CN109003075A (en) * 2017-06-07 2018-12-14 阿里巴巴集团控股有限公司 A kind of Risk Identification Method and device
CN107705126A (en) * 2017-09-04 2018-02-16 中国银联股份有限公司 A kind of method and device for judging transaction risk
CN110163612A (en) * 2019-04-02 2019-08-23 阿里巴巴集团控股有限公司 A kind of payment air control method and device
CN110532758A (en) * 2019-07-24 2019-12-03 阿里巴巴集团控股有限公司 A kind of Risk Identification Method and device for group
CN110533297A (en) * 2019-08-02 2019-12-03 中国银联股份有限公司 A kind of method and device identifying warping apparatus

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Towards energy-aware intrusion detection systems on mobile devices;CURTI M, MERLO A, MIGLIARDI M, et al;《Proceedings of the 2013 International Conference on High Performance Computing and Simulation》;20131021;第290-295页 *
基于大数据的电商异常交易风险评估仿真;王颖;《计算机仿真》;20180331;第35卷(第3期);全文 *
基于耗电分析的Android平台恶意软件检测;杨宏宇等;《电子科技大学学报》;20161130;第45卷(第6期);全文 *

Also Published As

Publication number Publication date
CN111553700A (en) 2020-08-18

Similar Documents

Publication Publication Date Title
US11210670B2 (en) Authentication and security for mobile-device transactions
US20170193515A1 (en) Method for determining if a current wallet-based transaction initiated by a digital wallet user is fraudulent
US20120259776A1 (en) Dynamic pre-qualification
CN105335851B (en) Pre-payment confirmation protection method and device based on payment history
CN110738473B (en) Wind control method, system, device and equipment
CN109166027A (en) A kind of loaning bill contract processing method and processing device
US20190354978A1 (en) Server and method for managing an authorization amount over a plurality of payments
CN111126623B (en) Model updating method, device and equipment
US11816658B2 (en) Systems and methods for real-time virtual gift card purchasing
CN109559215A (en) Business datum accounting method, device, equipment and computer readable storage medium
US20160125529A1 (en) System and method for real-time chargeoff monitoring
US20140279438A1 (en) Bridging suspension of accounts
CN111553700B (en) Payment risk identification method and device
US8740067B1 (en) Secondary verification
CN115187262A (en) Payment verification method and system
CN113169871B (en) Computer implementation method of time-based risk management mechanism and smart card
CN108985831B (en) Offline transaction distinguishing method and device and computer equipment
CN110717822A (en) Wind control method, device and equipment in transfer
US20190164162A1 (en) System to perform identity verification
CN108156206B (en) Data transfer method, server, client and system
CN111539742B (en) Information processing method, information processing device, electronic equipment and storage medium
CN112907256A (en) Account verification method and device in online shopping scene
WO2020098375A1 (en) Risk identification-based account transfer request processing method and device
CN114757768A (en) Account management method and related equipment
CN112488825A (en) Object transaction method and device based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant