CN112101810A - Risk event control method, device and system - Google Patents

Risk event control method, device and system Download PDF

Info

Publication number
CN112101810A
CN112101810A CN202011006265.4A CN202011006265A CN112101810A CN 112101810 A CN112101810 A CN 112101810A CN 202011006265 A CN202011006265 A CN 202011006265A CN 112101810 A CN112101810 A CN 112101810A
Authority
CN
China
Prior art keywords
information
transaction
login
audit
operation information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011006265.4A
Other languages
Chinese (zh)
Inventor
翁程侹
梁永健
邓小茜
覃鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
Original Assignee
China Construction Bank Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp filed Critical China Construction Bank Corp
Priority to CN202011006265.4A priority Critical patent/CN112101810A/en
Publication of CN112101810A publication Critical patent/CN112101810A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Human Resources & Organizations (AREA)
  • Economics (AREA)
  • Strategic Management (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Educational Administration (AREA)
  • Databases & Information Systems (AREA)
  • Game Theory and Decision Science (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a risk event control method, device and system. The method comprises the following steps: acquiring operation information of a user, comparing the operation information with historical operation information in a middle station database, and judging whether the operation of the user meets a preset release condition; if not, blocking user operation corresponding to the operation information, and adding an audit tag in the operation information; the operation information is sent to a middle database, and the middle database is used for auditing the operation information according to the audit tag and returning an audit result; and processing the user operation according to the audit result, and sending the processing result and the audit result to a foreground for visual display through a middle database. According to the invention, risk situation judgment is carried out through linkage of background risk monitoring processing and a middle-stage database, visual display is combined, automatic processing of risk events is realized, all-day work is ensured, the problem that no person is on duty in special time and holidays is solved, the manpower auditing cost is greatly saved, and the risk processing time is reduced.

Description

Risk event control method, device and system
Technical Field
The invention relates to the technical field of intelligent wind control, in particular to a risk event control method, device and system.
Background
In the aspect of intelligent wind control of the current financial channel, two problems often appear, namely that a real-time risk situation chart is difficult to develop and deploy rapidly; secondly, the detected risk cannot be automatically processed in time. The automatic risk processing is a big problem, different financial transaction risk events are often judged according to multiple attributes of transactions, such as transaction amount, login site IP and other complex running information, if all the risks are manually processed, the current wind control requirements of enterprises are difficult to meet, and untimely processing and misjudgment conditions may occur.
Disclosure of Invention
The embodiment of the invention mainly aims to provide a risk event control method, a risk event control device and a risk event control system, so that automatic processing of risk events is realized, and the situations of untimely processing and misjudgment are avoided while wind control requirements are met.
In order to achieve the above object, an embodiment of the present invention provides a method, including:
acquiring operation information of a user, comparing the operation information with historical operation information in a middle station database, and judging whether the operation of the user meets a preset release condition;
if the operation information does not meet the preset release condition, blocking the user operation corresponding to the operation information, and adding an audit tag in the operation information;
sending the operation information added with the audit tag to the central station database, wherein the central station database is used for auditing the operation information according to the audit tag and returning an audit result;
and processing the user operation corresponding to the operation information according to the auditing result, and sending the processed result and the auditing result to a foreground for visual display through a database of the foreground.
Optionally, in an embodiment of the present invention, the operation information includes login information and transaction information, where the login information includes an IMEI code, a login IP address, and a login GPS address, and the transaction information includes a transaction amount, a transaction time, and a transaction number.
Optionally, in an embodiment of the present invention, the comparing the operation information with historical operation information in a middlebox database, and determining whether the operation of the user meets a preset release condition includes: comparing the login information or the transaction information with historical login information or historical transaction information in a database of the middle station, and scoring user operation corresponding to the login information or the transaction information; and judging whether the scoring result exceeds a preset threshold value, if so, judging that the operation of the user does not accord with the preset release condition, and if not, judging that the operation of the user accords with the preset release condition.
Optionally, in an embodiment of the present invention, the comparing the login information with historical login information in a middlebox database, and scoring the user operation corresponding to the login information includes: traversing historical login information in the middle station database, judging whether IMEI codes, login IP addresses and login GPS addresses in the login information exist in the historical login information, and scoring user operations corresponding to the login information according to the judgment result.
Optionally, in an embodiment of the present invention, comparing the transaction information with historical transaction information in the middlebox database, and scoring the user operation corresponding to the transaction information includes: comparing the transaction amount, the transaction time and the transaction number in the transaction information with historical transaction information in a database of the central office, judging whether the transaction amount, the transaction time and the transaction number are consistent with the historical transaction information, and scoring the user operation corresponding to the transaction information according to the judgment result.
Optionally, in an embodiment of the present invention, the audit tag includes a manual audit tag and an intelligent audit tag.
Optionally, in an embodiment of the present invention, the sending the operation information added with the audit tag to the central station database, where the central station database is configured to audit the operation information according to the audit tag, and returning an audit result includes: and sending the operation information added with the manual audit tag to the central station database, wherein the central station database is used for performing manual outbound audit on the operation information according to the manual audit tag and returning a manual audit result.
Optionally, in an embodiment of the present invention, the sending the operation information added with the audit tag to the central station database, where the central station database is configured to audit the operation information according to the audit tag, and returning an audit result includes: and sending the operation information added with the intelligent audit tag to the central station database, wherein the central station database is used for verifying the verification code of the operation information according to the intelligent audit tag and returning an intelligent audit result.
An embodiment of the present invention further provides a risk event control device, where the device includes:
the information comparison module is used for acquiring operation information of a user, comparing the operation information with historical operation information in a middle station database and judging whether the operation of the user meets a preset release condition or not;
the tag adding module is used for blocking user operation corresponding to the operation information if the operation information does not accord with the preset release condition, and adding an audit tag in the operation information;
the information auditing module is used for sending the operation information added with the auditing label to the central station database, and the central station database is used for auditing the operation information according to the auditing label and returning an auditing result;
and the visual display module is used for processing the user operation corresponding to the operation information according to the audit result, and sending the processed result and the audit result to the foreground for visual display through the middle database.
Optionally, in an embodiment of the present invention, the operation information includes login information and transaction information, where the login information includes an IMEI code, a login IP address, and a login GPS address, and the transaction information includes a transaction amount, a transaction time, and a transaction number.
Optionally, in an embodiment of the present invention, the information comparing module includes: the scoring unit is used for comparing the login information or the transaction information with historical login information or historical transaction information in the middle database and scoring user operation corresponding to the login information or the transaction information; and the judging unit is used for judging whether the scoring result exceeds a preset threshold value, judging that the operation of the user does not accord with the preset release condition if the scoring result exceeds the preset threshold value, and judging that the operation of the user accords with the preset release condition if the scoring result does not exceed the preset threshold value.
Optionally, in an embodiment of the present invention, the scoring unit is further configured to traverse historical login information in the middle station database, determine whether an IMEI code, a login IP address, and a login GPS address in the login information exist in the historical login information, and score the user operation corresponding to the login information according to a determination result.
Optionally, in an embodiment of the present invention, the scoring unit is further configured to compare a transaction amount, a transaction time, and a transaction number in the transaction information with historical transaction information in a central database, determine whether the transaction amount, the transaction time, and the transaction number are consistent with the historical transaction information, and score the user operation corresponding to the transaction information according to a determination result.
Optionally, in an embodiment of the present invention, the audit tag includes a manual audit tag and an intelligent audit tag.
Optionally, in an embodiment of the present invention, the information auditing module is further configured to send the operation information added with the manual auditing tag to the central station database, where the central station database is configured to perform manual outbound auditing on the operation information according to the manual auditing tag, and return a manual auditing result.
Optionally, in an embodiment of the present invention, the information auditing module is further configured to send the operation information added with the intelligent auditing tag to the central station database, where the central station database is configured to perform verification code auditing on the operation information according to the intelligent auditing tag, and return an intelligent auditing result.
An embodiment of the present invention further provides a system for controlling a risk event, where the system includes: the system comprises a background monitoring engine, a middle database and a foreground display module;
the background monitoring engine acquires operation information of a user, compares the operation information with historical operation information in the middle station database, and judges whether the operation of the user meets a preset release condition; if the operation information does not meet the preset release condition, blocking the user operation corresponding to the operation information, adding an audit tag in the operation information, and sending the operation information added with the audit tag to the middle station database;
the middle database checks the operation information according to the check label and sends a check result to the background monitoring engine and the foreground display module;
the background monitoring engine processes the user operation corresponding to the operation information according to the auditing result and sends the processing result to the foreground display module;
and the foreground display module is used for visually displaying the auditing result and the processing result.
Optionally, in an embodiment of the present invention, the operation information includes login information and transaction information, where the login information includes an IMEI code, a login IP address, and a login GPS address, and the transaction information includes a transaction amount, a transaction time, and a transaction number.
Optionally, in an embodiment of the present invention, the background monitoring engine is further configured to: comparing the login information or the transaction information with historical login information or historical transaction information in a database of the middle station, and scoring user operation corresponding to the login information or the transaction information; and judging whether the scoring result exceeds a preset threshold value, if so, judging that the operation of the user does not accord with the preset release condition, and if not, judging that the operation of the user accords with the preset release condition.
Optionally, in an embodiment of the present invention, the background monitoring engine is further configured to traverse historical login information in the middle station database, determine whether an IMEI code, a login IP address, and a login GPS address in the login information exist in the historical login information, and score a user operation corresponding to the login information according to a determination result.
Optionally, in an embodiment of the present invention, the background monitoring engine is further configured to compare a transaction amount, a transaction time, and a transaction number in the transaction information with historical transaction information in a central station database, determine whether the transaction amount, the transaction time, and the transaction number are consistent with the historical transaction information, and score a user operation corresponding to the transaction information according to a result of the determination.
Optionally, in an embodiment of the present invention, the audit tag includes a manual audit tag and an intelligent audit tag.
Optionally, in an embodiment of the present invention, the central station database is further configured to receive operation information added with a manual audit tag, perform manual outbound audit on the operation information according to the manual audit tag, and return a manual audit result.
Optionally, in an embodiment of the present invention, the central station database is further configured to receive operation information added with an intelligent audit tag, perform verification code audit on the operation information according to the intelligent audit tag, and return an intelligent audit result.
Optionally, in an embodiment of the present invention, the foreground display module is further configured to perform visual display on the audit result and the processing result according to a preset display rule.
Optionally, in an embodiment of the present invention, the foreground display module is further configured to receive an interaction instruction input by a user, and send the interaction instruction to the middle database, so that the middle database performs data maintenance according to the interaction instruction.
The invention also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method when executing the program.
The present invention also provides a computer-readable storage medium storing a computer program for executing the above method.
According to the invention, risk situation judgment is carried out through linkage of background risk monitoring processing and a middle-stage database, and visual display is combined, so that automatic monitoring and risk event processing are realized, the whole-day work is ensured, the problem that no person is on duty in special time and holidays is solved, the manpower auditing cost is greatly saved, and the risk processing time is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
FIG. 1 is a flow chart of a risk event control method according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating comparison between operation information and historical operation information according to an embodiment of the present invention;
FIG. 3 is a schematic structural diagram of a risk event control device according to an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of an information comparison module according to an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a risk event control system according to an embodiment of the present invention;
FIG. 6 is a schematic workflow diagram of a risk event control system according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a risk event control method, a risk event control device and a risk event control system.
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a flowchart of a risk event control method according to an embodiment of the present invention, where the risk event control method may use a background intelligent wind control engine as an execution subject, and the method shown in the diagram includes:
step S1, obtaining the operation information of the user, comparing the operation information with the historical operation information in the middle station database, and judging whether the operation of the user meets the preset releasing condition.
The operation information input by the user can be obtained through application software at the front end, and the operation information comprises login information and transaction information. And comparing the collected operation information input by the user with historical operation information stored in a middle station database, and judging whether the operation of the user meets the preset release condition or not according to the consistency of the operation information and the historical operation information.
Specifically, the user's operation may be scored by the correspondence of the operation information with the historical operation information. For example, whether or not the registered GPS address in the registration information is present in the historical registration information of the user, and if so, what the ratio value of the registered GPS address is, may be regarded as the score of the user registration operation. And judging whether the login operation of the user falls into a preset threshold range or not by comparing the score of the login operation of the user with a preset threshold, and if so, judging that the login operation of the user meets a preset release condition, so that the login operation can be released. If the login operation does not fall within the preset threshold range, the login operation of the user is judged to be not in accordance with the preset release condition, and the login operation is suspended or blocked.
Further, the score of the user operation behavior may also be obtained by scoring the transaction information in the operation information, for example, by comparing the transaction amount in the transaction information with the transaction amount in the historical transaction information of the user. Specifically, the transaction amount may be differentiated from the average of the historical transaction amounts, and the absolute value of the difference may be used as the score of the transaction operation.
Furthermore, monitoring risk events includes, but is not limited to: business transaction amount (transaction amount monitoring), transaction amount (large amount abnormal and the like), risk event pre-interception amount (pipelining monitoring), risk event incident interception amount, risk event in-event blocking amount, anti-phishing monitoring (phishing website monitoring), violence dismantling monitoring (login pipelining monitoring), overseas high-risk IP address and the like.
And step S2, if the preset release condition is not met, blocking the user operation corresponding to the operation information, and adding an audit tag in the operation information.
When the user operation is not in accordance with the preset release condition and is blocked or suspended, the audit tag is added into the operation information. The audit tag comprises a manual audit tag and an intelligent audit tag.
And step S3, sending the operation information added with the audit tag to the middle station database, wherein the middle station database is used for auditing the operation information according to the audit tag and returning an audit result.
And after the operation information added with the audit tag is sent to the middle database, the middle database audits the operation information. Specifically, the database of the middle station initiates manual outbound to the user according to the manual auditing label to verify information, and further, the manual outbound can be automatically performed through the outbound platform without business personnel, so that the problem that the risk event cannot be effectively processed in time due to no person on duty at a special time and on holiday is avoided.
And step S4, processing the user operation corresponding to the operation information according to the auditing result, and sending the processed result and the auditing result to the foreground for visual display through the middle database.
And processing the user operation according to the auditing result returned by the middle database. Specifically, if the audit result is that the audit is passed, the blocked or suspended operation is released, and if the audit result is that the operation is not passed, the user operation is determined as a risk event and is prevented. And the results obtained by processing are sent to a middle database, and the middle database sends the auditing results and the processing results to a foreground for visual display.
Furthermore, the user can customize the data and the form of the visual display, and input an operation instruction through the foreground to maintain the data in the database of the foreground.
As an embodiment of the present invention, the operation information includes login information and transaction information, wherein the login information includes an IMEI code, a login IP address, and a login GPS address, and the transaction information includes a transaction amount, a transaction time, and a transaction number.
In this embodiment, as shown in fig. 2, comparing the operation information with historical operation information in the middlebox database, and determining whether the operation of the user meets the preset release condition includes:
step S21, comparing the login information or transaction information with the historical login information or historical transaction information in the middle database, and scoring the user operation corresponding to the login information or transaction information.
For example, whether or not the registered GPS address in the registration information is present in the historical registration information of the user, and if so, what the ratio value of the registered GPS address is, may be used as the score of the user registration operation. Further, the score of the user operation behavior may also be obtained by scoring the transaction information in the operation information, for example, by comparing the transaction amount in the transaction information with the transaction amount in the historical transaction information of the user. Specifically, the transaction amount may be differentiated from the average of the historical transaction amounts, and the absolute value of the difference may be used as the score of the transaction operation.
And step S22, judging whether the scoring result exceeds a preset threshold value, if so, judging that the operation of the user does not accord with the preset release condition, and if not, judging that the operation of the user accords with the preset release condition.
Specifically, whether the login operation of the user falls within a preset threshold range is judged by comparing the score of the login operation of the user with a preset threshold, and if the login operation of the user falls within the preset threshold range, the login operation of the user is judged to meet a preset release condition, so that the login operation can be released. If the login operation does not fall within the preset threshold range, the login operation of the user is judged to be not in accordance with the preset release condition, and the login operation is suspended or blocked.
In this embodiment, comparing the login information with historical login information in the middlebox database, and scoring the user operation corresponding to the login information includes: traversing historical login information in the middle station database, judging whether IMEI codes, login IP addresses and login GPS addresses in the login information exist in the historical login information, and scoring user operations corresponding to the login information according to the judgment result.
In this embodiment, comparing the transaction information with historical transaction information in the middlebox database, and scoring the user operation corresponding to the transaction information includes: comparing the transaction amount, the transaction time and the transaction number in the transaction information with historical transaction information in a database of the central office, judging whether the transaction amount, the transaction time and the transaction number are consistent with the historical transaction information, and scoring the user operation corresponding to the transaction information according to the judgment result.
And judging whether the IMEI code, the login IP address and the login GPS address in the login information exist in the historical login information of the user, if so, scoring by using the occupied ratio value, and if not, judging that the login operation does not meet the preset release condition. In addition, whether the transaction amount, the transaction time and the transaction number are consistent with the historical transaction information or not is judged, if yes, the difference is made with the historical amount average value, the historical average transaction time and the historical transaction number average value, and the absolute value of the difference is used as a score; if not, the transaction operation is judged to be not in accordance with the preset release condition.
As an embodiment of the present invention, the audit tag includes a manual audit tag and an intelligent audit tag.
In this embodiment, the sending the operation information added with the audit tag to the central station database, where the central station database is configured to audit the operation information according to the audit tag, and returning an audit result includes: and sending the operation information added with the manual audit tag to the central station database, wherein the central station database is used for performing manual outbound audit on the operation information according to the manual audit tag and returning a manual audit result.
The database of the middle station initiates manual outbound to the user according to the manual auditing label to verify information, and further, the manual outbound can be automatically performed through the outbound platform without business personnel, so that the problem that the risk event cannot be effectively processed in time due to no person on duty at a special time and on holiday is solved.
In this embodiment, the sending the operation information added with the audit tag to the central station database, where the central station database is configured to audit the operation information according to the audit tag, and returning an audit result includes: and sending the operation information added with the intelligent audit tag to the central station database, wherein the central station database is used for verifying the verification code of the operation information according to the intelligent audit tag and returning an intelligent audit result.
The database of the middle station sends the verification code to the user for information verification according to the intelligent verification tag, and further, the verification code can be automatically verified by sending a short message or a mail without business personnel, so that the problem that risk events cannot be effectively processed in time due to the fact that no person is on duty at a special time and on holidays is solved.
Fig. 3 is a schematic structural diagram of a risk event control device according to an embodiment of the present invention, where the device includes:
and the information comparison module 10 is configured to acquire operation information of a user, compare the operation information with historical operation information in the middlebox database, and determine whether the operation of the user meets a preset release condition.
The operation information input by the user can be obtained through application software at the front end, and the operation information comprises login information and transaction information. And comparing the collected operation information input by the user with historical operation information stored in a middle station database, and judging whether the operation of the user meets the preset release condition or not according to the consistency of the operation information and the historical operation information.
Specifically, the user's operation may be scored by the correspondence of the operation information with the historical operation information. For example, whether or not the registered GPS address in the registration information is present in the historical registration information of the user, and if so, what the ratio value of the registered GPS address is, may be regarded as the score of the user registration operation. And judging whether the login operation of the user falls into a preset threshold range or not by comparing the score of the login operation of the user with a preset threshold, and if so, judging that the login operation of the user meets a preset release condition, so that the login operation can be released. If the login operation does not fall within the preset threshold range, the login operation of the user is judged to be not in accordance with the preset release condition, and the login operation is suspended or blocked.
Further, the score of the user operation behavior may also be obtained by scoring the transaction information in the operation information, for example, by comparing the transaction amount in the transaction information with the transaction amount in the historical transaction information of the user. Specifically, the transaction amount may be differentiated from the average of the historical transaction amounts, and the absolute value of the difference may be used as the score of the transaction operation.
Furthermore, monitoring risk events includes, but is not limited to: business transaction amount (transaction amount monitoring), transaction amount (large amount abnormal and the like), risk event pre-interception amount (pipelining monitoring), risk event incident interception amount, risk event in-event blocking amount, anti-phishing monitoring (phishing website monitoring), violence dismantling monitoring (login pipelining monitoring), overseas high-risk IP address and the like.
And the tag adding module 20 is configured to block the user operation corresponding to the operation information if the operation information does not meet the preset release condition, and add an audit tag in the operation information.
When the user operation is not in accordance with the preset release condition and is blocked or suspended, the audit tag is added into the operation information. The audit tag comprises a manual audit tag and an intelligent audit tag.
And the information auditing module 30 is configured to send the operation information added with the auditing label to the central station database, where the central station database is configured to audit the operation information according to the auditing label and return an auditing result.
And after the operation information added with the audit tag is sent to the middle database, the middle database audits the operation information. Specifically, the database of the middle station initiates manual outbound to the user according to the manual auditing label to verify information, and further, the manual outbound can be automatically performed through the outbound platform without business personnel, so that the problem that the risk event cannot be effectively processed in time due to no person on duty at a special time and on holiday is avoided.
And the visual display module 40 is configured to process the user operation corresponding to the operation information according to the audit result, and send the processed result and the audit result to the foreground via the middle database for visual display.
And processing the user operation according to the auditing result returned by the middle database. Specifically, if the audit result is that the audit is passed, the blocked or suspended operation is released, and if the audit result is that the operation is not passed, the user operation is determined as a risk event and is prevented. And the results obtained by processing are sent to a middle database, and the middle database sends the auditing results and the processing results to a foreground for visual display.
Furthermore, the user can customize the data and the form of the visual display, and input an operation instruction through the foreground to maintain the data in the database of the foreground.
As one embodiment of the invention, the operation information comprises login information and transaction information, wherein the login information comprises an IMEI code, a login IP address and a login GPS address, and the transaction information comprises a transaction amount, a transaction time and a transaction number.
In this embodiment, as shown in fig. 4, the information comparing module 10 includes:
the scoring unit is used for comparing the login information or the transaction information with historical login information or historical transaction information in the middle database and scoring user operation corresponding to the login information or the transaction information;
and the judging unit is used for judging whether the scoring result exceeds a preset threshold value, judging that the operation of the user does not accord with the preset release condition if the scoring result exceeds the preset threshold value, and judging that the operation of the user accords with the preset release condition if the scoring result does not exceed the preset threshold value.
In this embodiment, the scoring unit is further configured to traverse historical login information in the middle station database, determine whether the IMEI code, the login IP address, and the login GPS address in the login information exist in the historical login information, and score the user operation corresponding to the login information according to a determination result.
In this embodiment, the scoring unit is further configured to compare the transaction amount, the transaction time, and the transaction number in the transaction information with historical transaction information in a database of a central office, determine whether the transaction amount, the transaction time, and the transaction number are consistent with the historical transaction information, and score the user operation corresponding to the transaction information according to a result of the determination.
As an embodiment of the present invention, the audit tag includes a manual audit tag and an intelligent audit tag.
In this embodiment, the information auditing module is further configured to send the operation information added with the manual auditing tag to the central station database, where the central station database is configured to perform manual outbound auditing on the operation information according to the manual auditing tag, and return a manual auditing result.
In this embodiment, the information auditing module is further configured to send the operation information added with the intelligent auditing tag to the central station database, where the central station database is configured to perform verification code auditing on the operation information according to the intelligent auditing tag, and return an intelligent auditing result.
Based on the same application concept as the risk event control method, the invention also provides the risk event control device. Because the principle of solving the problems of the risk event control device is similar to that of a risk event control method, the implementation of the risk event control device can refer to the implementation of the risk event control method, and repeated parts are not described again.
According to the invention, risk situation judgment is carried out through linkage of background risk monitoring processing and a middle-stage database, visual display is combined, automatic processing of risk events is realized, all-day work is ensured, the problem that no person is on duty in special time and holidays is solved, the manpower auditing cost is greatly saved, and the risk processing time is reduced.
Fig. 5 is a schematic structural diagram of a risk event control system according to an embodiment of the present invention, where the system includes: background monitoring engine 100, middle database 200 and foreground display module 300. A schematic workflow of the risk event control system of the present invention is shown in fig. 6.
The background monitoring engine acquires operation information of a user, compares the operation information with historical operation information in the middle station database, and judges whether the operation of the user meets a preset release condition; if the operation information does not meet the preset release condition, blocking the user operation corresponding to the operation information, adding an audit tag in the operation information, and sending the operation information added with the audit tag to the middle station database;
the operation information input by the user can be obtained through front-end application software connected with the background monitoring engine, and the operation information comprises login information and transaction information. The background monitoring engine compares the collected operation information input by the user with historical operation information stored in the middle station database, and judges whether the operation of the user meets the preset release condition or not according to the consistency of the operation information and the historical operation information.
Specifically, the background monitoring engine may score the user's operations by the consistency of the operation information and the historical operation information. For example, whether or not the registered GPS address in the registration information is present in the historical registration information of the user, and if so, what the ratio value of the registered GPS address is, may be regarded as the score of the user registration operation. And judging whether the login operation of the user falls into a preset threshold range or not by comparing the score of the login operation of the user with a preset threshold, and if so, judging that the login operation of the user meets a preset release condition, so that the login operation can be released. If the login operation does not fall within the preset threshold range, the login operation of the user is judged to be not in accordance with the preset release condition, and the login operation is suspended or blocked.
Further, the score of the user operation behavior may also be obtained by scoring the transaction information in the operation information, for example, by comparing the transaction amount in the transaction information with the transaction amount in the historical transaction information of the user. Specifically, the transaction amount may be differentiated from the average of the historical transaction amounts, and the absolute value of the difference may be used as the score of the transaction operation.
When the user operation does not meet the preset release condition and is blocked or suspended, the background monitoring engine adds an audit tag in the operation information. The audit tag comprises a manual audit tag and an intelligent audit tag.
Furthermore, monitoring risk events includes, but is not limited to: business transaction amount (transaction amount monitoring), transaction amount (large amount abnormal and the like), risk event pre-interception amount (pipelining monitoring), risk event incident interception amount, risk event in-event blocking amount, anti-phishing monitoring (phishing website monitoring), violence dismantling monitoring (login pipelining monitoring), overseas high-risk IP address and the like.
The middle database checks the operation information according to the check label and sends the check result to the background monitoring engine and the foreground display module;
and the background monitoring engine sends the operation information added with the audit tag to the middle database, and the middle database audits the operation information. Specifically, the database of the middle station initiates manual outbound to the user according to the manual auditing label to verify information, and further, the manual outbound can be automatically performed through the outbound platform without business personnel, so that the problem that the risk event cannot be effectively processed in time due to no person on duty at a special time and on holiday is avoided.
And the background monitoring engine processes the user operation corresponding to the operation information according to the auditing result and sends the processing result to the foreground display module.
And the background monitoring engine processes the user operation according to the auditing result returned by the middle database. Specifically, if the audit result is that the audit is passed, the blocked or suspended operation is released, and if the audit result is that the operation is not passed, the user operation is determined as a risk event and is prevented.
And the foreground display module is used for visually displaying the auditing result and the processing result. Wherein, the foreground display module comprises chart components such as Echarts and the like.
In the current chart development, because different risks relate to a plurality of channels, different channels need different modules to be displayed, each module needs to be packaged with its own interface, and finally, the interfaces of different modules need to be combined to obtain data needed by the chart. Because the chart components are huge, the implementation cost and the integration cost are high in the process of developing modules one by one, and the rapid development and deployment are difficult to realize. In order to improve development efficiency, save research and development cost and realize rapid deployment, a lightweight diagram component needs to be developed, and unified calling is facilitated.
In this embodiment, the user can customize the data and the form of the visual display in the foreground display module, and input an operation instruction through the foreground display module to perform data maintenance on the data in the foreground database. Specifically, the user can select a proper display mode for data in the foreground display module, customize the layout, set the related data acquisition rule and the like, dynamically display the related risk form in the foreground display module in a visual mode. The user can carry out certain interactive click on the foreground display module, so that the user can conveniently check related data and analyze the data, and can freely select to close and display certain data. If the data has related errors, the user can enter the middle station through the foreground display module to perform manual data maintenance, so that the accuracy of the data is ensured.
Furthermore, by integrating and packaging the chart components, the chart configuration is simplified, the operation can be quickly finished, and the chart configuration efficiency is improved; and the chart style, the layout and the data refreshing time can be self-defined, a single page and multiple charts are supported, and most of use requirements are met.
As one embodiment of the invention, the operation information comprises login information and transaction information, wherein the login information comprises an IMEI code, a login IP address and a login GPS address, and the transaction information comprises a transaction amount, a transaction time and a transaction number.
In this embodiment, the background monitoring engine is further configured to:
comparing the login information or the transaction information with historical login information or historical transaction information in a database of the middle station, and scoring user operation corresponding to the login information or the transaction information;
and judging whether the scoring result exceeds a preset threshold value, if so, judging that the operation of the user does not accord with the preset release condition, and if not, judging that the operation of the user accords with the preset release condition.
In this embodiment, the background monitoring engine is further configured to traverse historical login information in the middle station database, determine whether an IMEI code, a login IP address, and a login GPS address in the login information exist in the historical login information, and score a user operation corresponding to the login information according to a determination result.
In this embodiment, the background monitoring engine is further configured to compare the transaction amount, the transaction time, and the transaction number in the transaction information with historical transaction information in the central database, determine whether the transaction amount, the transaction time, and the transaction number are consistent with the historical transaction information, and score the user operation corresponding to the transaction information according to a determination result.
As an embodiment of the present invention, the audit tag includes a manual audit tag and an intelligent audit tag.
In this embodiment, the central station database is further configured to receive operation information added with a manual audit tag, perform manual outbound audit on the operation information according to the manual audit tag, and return a manual audit result.
In this embodiment, the central station database is further configured to receive the operation information added with the intelligent audit tag, perform verification code audit on the operation information according to the intelligent audit tag, and return an intelligent audit result.
As an embodiment of the present invention, the foreground display module is further configured to perform a visual display on the audit result and the processing result according to a preset display rule.
As an embodiment of the present invention, the foreground display module is further configured to receive an interactive instruction input by a user, and send the interactive instruction to the middle station database, so that the middle station database performs data maintenance according to the interactive instruction.
According to the invention, by integrating and packaging the chart components, the chart configuration is simplified, the operation can be quickly started, and the chart configuration efficiency is improved; and the chart style, the layout and the data refreshing time can be self-defined, a single page and multiple charts are supported, and most of use requirements are met. Through middle-background linkage, a big data algorithm is adopted to judge risk situations, risk events are automatically processed, the whole day work is carried out within 7 x 24 hours, the problem that no person is on duty in special time and holidays does not exist, the manpower auditing cost is greatly saved, and the risk processing time is shortened.
The invention also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method when executing the program.
The present invention also provides a computer-readable storage medium storing a computer program for executing the above method.
As shown in fig. 7, the electronic device 600 may further include: a communication module 6110, an input unit 6120, an audio processing unit 6130, a display 6160, and a power supply 6170. It is noted that the electronic device 600 does not necessarily include all of the components shown in fig. 7; furthermore, the electronic device 600 may also comprise components not shown in fig. 7, which may be referred to in the prior art.
As shown in fig. 7, a central processor 6100, also sometimes referred to as a controller or operational control, may include a microprocessor or other processor device and/or logic device, which central processor 6100 receives input and controls the operation of the various components of the electronic device 600.
The memory 6140 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable devices. The information relating to the failure may be stored, and a program for executing the information may be stored. And the central processing unit 6100 may execute the program stored in the memory 6140 to realize information storage or processing, or the like.
The input unit 6120 provides input to the central processor 6100. The input unit 6120 is, for example, a key or a touch input device. The power supply 6170 is used to provide power to the electronic device 600. The display 6160 is used for displaying display objects such as images and characters. The display may be, for example, an LCD display, but is not limited thereto.
The memory 6140 may be a solid state memory, such as Read Only Memory (ROM), Random Access Memory (RAM), SIM card, or the like. There may also be a memory that holds information even when power is off, can be selectively erased, and is provided with more data, an example of which is sometimes called an EPROM or the like. The memory 6140 may also be some other type of device. The memory 6140 includes a buffer memory 6141 (sometimes referred to as a buffer). The memory 6140 may include an application/function store 6142, the application/function store 6142 to store application programs and function programs or procedures for performing operations of the electronic device 600 by the central processor 6100.
The memory 6140 may also include a data store 6143, the data store 6143 for storing data, such as contacts, digital data, pictures, sounds, and/or any other data used by the electronic device. The driver store 6144 of the memory 6140 may include various drivers for the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging application, address book application, etc.).
The communication module 6110 is a transmitter/receiver 6110 which transmits and receives signals via an antenna 6111. A communication module (transmitter/receiver) 6110 is coupled to the central processor 6100 to provide input signals and receive output signals, which may be the same as in the case of a conventional mobile communication terminal.
Based on different communication technologies, a plurality of communication modules 6110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, may be disposed in the same electronic device. The communication module (transmitter/receiver) 6110 is also coupled to a speaker 6131 and a microphone 6132 via an audio processor 6130 to provide audio output via the speaker 6131 and receive audio input from the microphone 6132 to implement general telecommunications functions. The audio processor 6130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 6130 is also coupled to the central processor 6100, thereby enabling recording locally through the microphone 6132 and playing locally stored sounds through the speaker 6131.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (28)

1. A method of risk event control, the method comprising:
acquiring operation information of a user, comparing the operation information with historical operation information in a middle station database, and judging whether the operation of the user meets a preset release condition;
if the operation information does not meet the preset release condition, blocking the user operation corresponding to the operation information, and adding an audit tag in the operation information;
sending the operation information added with the audit tag to the central station database, wherein the central station database is used for auditing the operation information according to the audit tag and returning an audit result;
and processing the user operation corresponding to the operation information according to the auditing result, and sending the processed result and the auditing result to a foreground for visual display through a database of the foreground.
2. The method of claim 1, wherein the operation information comprises login information and transaction information, wherein the login information comprises an IMEI code, a login IP address and a login GPS address, and the transaction information comprises a transaction amount, a transaction time and a transaction number.
3. The method of claim 2, wherein comparing the operation information with historical operation information in a middlebox database and determining whether the user operation meets a preset release condition comprises:
comparing the login information or the transaction information with historical login information or historical transaction information in a database of the middle station, and scoring user operation corresponding to the login information or the transaction information;
and judging whether the scoring result exceeds a preset threshold value, if so, judging that the operation of the user does not accord with the preset release condition, and if not, judging that the operation of the user accords with the preset release condition.
4. The method of claim 3, wherein comparing the login information with historical login information in a middlebox database and scoring user actions corresponding to the login information comprises:
traversing historical login information in the middle station database, judging whether IMEI codes, login IP addresses and login GPS addresses in the login information exist in the historical login information, and scoring user operations corresponding to the login information according to the judgment result.
5. The method of claim 3, wherein comparing the transaction information to historical transaction information in a database of the central office and scoring user actions corresponding to the transaction information comprises:
comparing the transaction amount, the transaction time and the transaction number in the transaction information with historical transaction information in a database of the central office, judging whether the transaction amount, the transaction time and the transaction number are consistent with the historical transaction information, and scoring the user operation corresponding to the transaction information according to the judgment result.
6. The method of claim 1, wherein the audit tag comprises a manual audit tag and a smart audit tag.
7. The method according to claim 6, wherein the sending the operation information added with the audit tag to the central station database, the central station database being configured to audit the operation information according to the audit tag, and returning an audit result includes:
and sending the operation information added with the manual audit tag to the central station database, wherein the central station database is used for performing manual outbound audit on the operation information according to the manual audit tag and returning a manual audit result.
8. The method according to claim 6, wherein the sending the operation information added with the audit tag to the central station database, the central station database being configured to audit the operation information according to the audit tag, and returning an audit result includes:
and sending the operation information added with the intelligent audit tag to the central station database, wherein the central station database is used for verifying the verification code of the operation information according to the intelligent audit tag and returning an intelligent audit result.
9. A risk event control apparatus, characterized in that the apparatus comprises:
the information comparison module is used for acquiring operation information of a user, comparing the operation information with historical operation information in a middle station database and judging whether the operation of the user meets a preset release condition or not;
the tag adding module is used for blocking user operation corresponding to the operation information if the operation information does not accord with the preset release condition, and adding an audit tag in the operation information;
the information auditing module is used for sending the operation information added with the auditing label to the central station database, and the central station database is used for auditing the operation information according to the auditing label and returning an auditing result;
and the visual display module is used for processing the user operation corresponding to the operation information according to the audit result, and sending the processed result and the audit result to the foreground for visual display through the middle database.
10. The apparatus of claim 9, wherein the operation information comprises login information and transaction information, wherein the login information comprises an IMEI code, a login IP address and a login GPS address, and the transaction information comprises a transaction amount, a transaction time and a transaction number.
11. The apparatus of claim 10, wherein the information comparison module comprises:
the scoring unit is used for comparing the login information or the transaction information with historical login information or historical transaction information in the middle database and scoring user operation corresponding to the login information or the transaction information;
and the judging unit is used for judging whether the scoring result exceeds a preset threshold value, judging that the operation of the user does not accord with the preset release condition if the scoring result exceeds the preset threshold value, and judging that the operation of the user accords with the preset release condition if the scoring result does not exceed the preset threshold value.
12. The apparatus according to claim 11, wherein the scoring unit is further configured to traverse historical login information in the middle station database, determine whether an IMEI code, a login IP address, and a login GPS address in the login information exist in the historical login information, and score the user operation corresponding to the login information according to a determination result.
13. The device according to claim 11, wherein the scoring unit is further configured to compare a transaction amount, a transaction time, and a transaction number in the transaction information with historical transaction information in a database of a central office, determine whether the transaction amount, the transaction time, and the transaction number are consistent with the historical transaction information, and score the user operation corresponding to the transaction information according to a determination result.
14. The apparatus of claim 9, wherein the audit tag comprises a manual audit tag and a smart audit tag.
15. The device according to claim 14, wherein the information auditing module is further configured to send operation information added with a manual auditing tag to the central station database, and the central station database is configured to perform manual outbound auditing on the operation information according to the manual auditing tag, and return a manual auditing result.
16. The device according to claim 14, wherein the information auditing module is further configured to send the operation information added with the intelligent auditing tag to the central station database, and the central station database is configured to perform verification code auditing on the operation information according to the intelligent auditing tag and return an intelligent auditing result.
17. A risk event control system, the system comprising: the system comprises a background monitoring engine, a middle database and a foreground display module;
the background monitoring engine acquires operation information of a user, compares the operation information with historical operation information in the middle station database, and judges whether the operation of the user meets a preset release condition; if the operation information does not meet the preset release condition, blocking the user operation corresponding to the operation information, adding an audit tag in the operation information, and sending the operation information added with the audit tag to the middle station database;
the middle database checks the operation information according to the check label and sends a check result to the background monitoring engine and the foreground display module;
the background monitoring engine processes the user operation corresponding to the operation information according to the auditing result and sends the processing result to the foreground display module;
and the foreground display module is used for visually displaying the auditing result and the processing result.
18. The system of claim 17, wherein the operation information comprises login information and transaction information, wherein the login information comprises an IMEI code, a login IP address, and a login GPS address, and the transaction information comprises a transaction amount, a transaction time, and a transaction number.
19. The system of claim 18, wherein the background monitoring engine is further configured to:
comparing the login information or the transaction information with historical login information or historical transaction information in a database of the middle station, and scoring user operation corresponding to the login information or the transaction information;
and judging whether the scoring result exceeds a preset threshold value, if so, judging that the operation of the user does not accord with the preset release condition, and if not, judging that the operation of the user accords with the preset release condition.
20. The system of claim 19, wherein the background monitoring engine is further configured to traverse historical login information in the middle station database, determine whether an IMEI code, a login IP address, and a login GPS address in the login information exist in the historical login information, and score a user operation corresponding to the login information according to a determination result.
21. The system of claim 19, wherein the background monitoring engine is further configured to compare a transaction amount, a transaction time, and a transaction number in the transaction information with historical transaction information in a central database, determine whether the transaction amount, the transaction time, and the transaction number are consistent with the historical transaction information, and score a user operation corresponding to the transaction information according to a determination result.
22. The system of claim 17, wherein the audit tag comprises a manual audit tag and a smart audit tag.
23. The system according to claim 22, wherein the central station database is further configured to receive operation information added with a manual audit tag, perform manual outbound audit on the operation information according to the manual audit tag, and return a manual audit result.
24. The system of claim 22, wherein the central database is further configured to receive operation information added with an intelligent audit tag, perform verification code audit on the operation information according to the intelligent audit tag, and return an intelligent audit result.
25. The system of claim 17, wherein the foreground display module is further configured to visually display the review result and the processing result according to a preset display rule.
26. The system of claim 17, wherein the foreground display module is further configured to receive an interactive instruction input by a user, and send the interactive instruction to the middle database, so that the middle database performs data maintenance according to the interactive instruction.
27. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 8 when executing the program.
28. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program for executing the method of any one of claims 1 to 8.
CN202011006265.4A 2020-09-23 2020-09-23 Risk event control method, device and system Pending CN112101810A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011006265.4A CN112101810A (en) 2020-09-23 2020-09-23 Risk event control method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011006265.4A CN112101810A (en) 2020-09-23 2020-09-23 Risk event control method, device and system

Publications (1)

Publication Number Publication Date
CN112101810A true CN112101810A (en) 2020-12-18

Family

ID=73755052

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011006265.4A Pending CN112101810A (en) 2020-09-23 2020-09-23 Risk event control method, device and system

Country Status (1)

Country Link
CN (1) CN112101810A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114996676A (en) * 2022-08-01 2022-09-02 北京云成金融信息服务有限公司 Supply chain financial platform authentication system and method based on historical data analysis

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009059116A2 (en) * 2007-10-31 2009-05-07 Equifax, Inc. Methods and systems for providing risk ratings for use in person-to-person transactions
CN103279883A (en) * 2013-05-02 2013-09-04 携程计算机技术(上海)有限公司 Electronic-payment transaction risk control method and system
CN109741065A (en) * 2019-01-28 2019-05-10 广州虎牙信息科技有限公司 A kind of payment risk recognition methods, device, equipment and storage medium
CN109784934A (en) * 2019-03-14 2019-05-21 浙江鲸腾网络科技有限公司 A kind of transaction risk control method, apparatus and relevant device and medium
WO2020007153A1 (en) * 2018-07-03 2020-01-09 阿里巴巴集团控股有限公司 Risk control model training method, apparatus and device, and risk control method, apparatus, and device for identifying reused telephone number account fraud

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009059116A2 (en) * 2007-10-31 2009-05-07 Equifax, Inc. Methods and systems for providing risk ratings for use in person-to-person transactions
CN103279883A (en) * 2013-05-02 2013-09-04 携程计算机技术(上海)有限公司 Electronic-payment transaction risk control method and system
WO2020007153A1 (en) * 2018-07-03 2020-01-09 阿里巴巴集团控股有限公司 Risk control model training method, apparatus and device, and risk control method, apparatus, and device for identifying reused telephone number account fraud
CN109741065A (en) * 2019-01-28 2019-05-10 广州虎牙信息科技有限公司 A kind of payment risk recognition methods, device, equipment and storage medium
CN109784934A (en) * 2019-03-14 2019-05-21 浙江鲸腾网络科技有限公司 A kind of transaction risk control method, apparatus and relevant device and medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114996676A (en) * 2022-08-01 2022-09-02 北京云成金融信息服务有限公司 Supply chain financial platform authentication system and method based on historical data analysis

Similar Documents

Publication Publication Date Title
CN108416485B (en) User identity recognition method, electronic device and computer readable storage medium
CN107886414B (en) Order combination method and equipment and computer storage medium
CN107908680A (en) Management method, electronic device and the computer-readable recording medium of wechat public platform
CN110096244B (en) Information sharing method based on data processing and related equipment
CN111782470B (en) Distributed container log data processing method and device
CN110908875B (en) Inspection method and device based on operation terminal
CN108335093A (en) It transfers accounts control method, system, terminal, computer readable storage medium
CN112615753B (en) Link abnormity tracking method, first node, second node and link
CN111931189B (en) API interface reuse risk detection method, device and API service system
CN113435989A (en) Financial data processing method and device
CN107861765B (en) Product configuration method, apparatus, and computer-readable storage medium
CN113760611B (en) System site switching method and device, electronic equipment and storage medium
CN111507698A (en) Processing method and device for transferring accounts, computing equipment and medium
CN111222869A (en) Transaction data processing method, device, computer equipment and medium
CN112101810A (en) Risk event control method, device and system
CN113791792A (en) Application calling information acquisition method and device and storage medium
CN114285657B (en) Firewall security policy change verification method and device
CN113515447B (en) Automatic testing method and device for system
CN111049877B (en) Big data external output method and device and data open platform
CN110533432B (en) Service processing method, device, server and client
CN113890906A (en) Call forwarding method and device, electronic equipment and computer readable storage medium
CN114428723A (en) Test system, system test method, related device and storage medium
CN111131502A (en) Multi-system parking service information pushing method, device, equipment and medium
CN112929162B (en) Password management method and system, electronic equipment and readable storage medium
CN113610628A (en) Pre-loan risk event investigation method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination