JP7445074B1 - Payment management device, payment management method, program, and payment management system - Google Patents

Abstract

[Problem] In a system that detects unauthorized use of a credit card based on authorization data, it is possible to determine whether or not there is unauthorized use by taking into account user behavior that is not linked to authorization data. [Solution] A payment management device that provides an electronic payment service to the user in cooperation with an application program running on the user's terminal device, which stores operation information regarding operations performed by the user on the application program. an acquisition unit that acquires information from an application program; and a detection unit that detects a specific operation performed on the application program based on the operation information; A payment management device that sends information for recording the fact that the specific operation has occurred to a credit payment management device that manages credit cards registered in the application program. [Selection diagram] Figure 12

Description

The present invention relates to a payment management device, a payment management method, a program, and a payment management system.

Generally, when a user makes a payment using a credit card, the store inquires about the user's credit information with the credit card company and performs procedures to confirm whether payment is possible. This procedure is called "authorization" (sometimes also called credit inquiry or credit approval), and credit card payments are considered completed when the authorization confirms that the payment can be made. It is something. Conventionally, a technique has been proposed to improve the reliability of a score value for credit determination based on this electronic message data for authorization (hereinafter referred to as "authorization data"). For example, a method has been proposed in which a score value is calculated using, in addition to authorization data, historical information such as the difference in usage time and the difference in usage amount from the authorization data from the previous usage (for example, see Patent Document 1). ). Furthermore, for example, a method has been proposed in which the probability of occurrence of unauthorized use is calculated using a trained model of the authorizer data, and the reliability of the trained model is reflected in the calculated probability of occurrence to calculate a score value (for example, patent (See Reference 2).

Japanese Patent Application Publication No. 2004-348536 Japanese Patent Application Publication No. 2004-334526

Deferred payment payments using credit cards can be made by using a physical credit card at a store, by entering credit card information on a website, or by using a credit card in an application program running on a terminal device such as a smartphone. There are various ways of using the credit card, such as registering the card and using the credit card through the application program.
However, the above-mentioned conventional technology detects unauthorized use using authorization data exchanged when a credit card is actually used. Therefore, in the conventional technology, even if the action is related to fraudulent use of a credit card, it may not be possible to take into account the action that is not linked to the authorization data when determining whether or not the credit card is fraudulently used.

The present invention has been made in consideration of such circumstances, and is a system that detects fraudulent use of credit cards based on authorization data. One of the objects of the present invention is to provide a payment management device, a payment management method, a program, and a payment management system that allow payment management to be performed in consideration of the actions of individuals.

One aspect of the present invention is a payment management device that provides an electronic payment service to the user in cooperation with an application program running on a user's terminal device, wherein the user performs operations on the application program. an acquisition unit that acquires operation information regarding an operation performed by the application program from the application program; and a detection unit that detects a specific operation performed on the application program based on the operation information; When it is detected that the specific operation has been performed on the program, information to record that the specific operation has occurred is sent to the credit payment management device that manages the credit card registered in the application program. This is a payment management device that sends

According to one aspect of the present invention, in a system that detects fraudulent use of a credit card based on authorization data, a determination as to whether or not there is fraudulent use is made by considering user behavior that is not linked to the authorization data. It is possible to provide a payment management device, a payment management method, a program, and a payment management system that enable this.

1 is a diagram illustrating an example of a configuration for realizing an electronic payment service. FIG. 1 is a sequence diagram (Part 1) illustrating the general flow of electronic payment. FIG. 2 is a sequence diagram (Part 2) illustrating the general flow of electronic payment. FIG. 1 is a configuration diagram of a payment server 100 according to a first embodiment. 3 is a diagram showing an example of the contents of user information 172. FIG. It is a diagram showing an example of the contents of member store/store information 176. FIG. 3 is a diagram conceptually illustrating each process of terminal payment and card payment. FIG. 3 is a diagram illustrating an example of the contents of card payment setting information 272. It is a configuration diagram of an affiliated credit card company server 200 according to the first embodiment. 3 is a diagram illustrating an example of the contents of authorization information 276. FIG. FIG. 3 is a sequence diagram illustrating an example of the flow of processing for detecting that an unauthorized operation has been performed on the payment application 20 and notifying the affiliated credit card company server 200. FIG. 5 is a diagram illustrating an example of screen transitions defined as fraudulent operations that should be detected in the payment server 100. FIG.

DESCRIPTION OF THE PREFERRED EMBODIMENTS Embodiments of a payment management device, payment management method, program, and payment management system of the present invention will be described below with reference to the drawings. The application program, the payment server, and the affiliated credit card company server cooperate to provide electronic payment services. In the following description, the application program will be referred to as a payment application. Further, the combination of the payment server and the affiliated credit card company server may be referred to as a payment management system. An electronic payment service is a service that supports payments for purchases of products and services at stores. A store is, for example, a physical store (actual store) that exists in real space, but may also include a virtual store for electronic commerce. Virtual stores may include those provided by entities different from the operator of the electronic payment service. In this case, when paying for shopping at the virtual store, the screen is controlled to transition to an interface screen of the electronic payment service. In an electronic payment service, a store is treated as belonging to a member store (brand), for example, and processing such as payment when a purchase is made at a store is mainly performed between a user and the member store. Alternatively, processing such as payment may be performed between the user and the store.

[Electronic payment service]
FIG. 1 is a diagram illustrating an example of a configuration for realizing an electronic payment service. The electronic payment service is realized mainly by the payment server 100 and the affiliated credit card company server 200. The payment server 100, for example, communicates with each of one or more user terminal devices 10, one or more first store terminal devices 50, one or more credit processing terminals 55, and one or more second store terminal devices 70 via the network NW. to communicate. Affiliated credit card company server 200 communicates with administrator terminal device 80 via network NW. The network NW includes, for example, the Internet, a LAN (Local Area Network), a wireless base station, a provider device, and the like. Here, the payment server 100 is an example of a "payment management device," and the affiliated credit card company server 200 is an example of a "credit payment management device."

The user terminal device 10 is, for example, a portable terminal device such as a smartphone or a tablet terminal. The user terminal device 10 is a computer device having at least an optical reading function, a communication function, a display function, an input reception function, and a program execution function. In the following description, the configurations for realizing these functions are respectively referred to as a camera, a communication device, a touch panel, a CPU (Central Processing Unit), and the like. In the user terminal device 10, the payment application 20 is executed by a processor such as a CPU, so that the payment application 20 operates in cooperation with the payment server 100 to provide electronic payment services to the user. The payment application 20 is installed on the user terminal device 10 from an application store, for example, and controls a camera, a communication device, a touch panel, and the like.

The first store terminal device 50 is installed in a store, for example. The first store terminal device 50 is a computer device having at least a product price acquisition function, an optical reading function, a program execution function, and a communication function. The first store terminal device 50 includes a so-called POS (Point of Sale) device, and the POS device may realize a product price acquisition function and an optical reading function. The store code image 60 is placed in a store, and a code image such as a QR code (registered trademark) is printed on a paper or plastic medium. Note that the store code image 60 may be displayed on a display (or a display of a terminal device such as a smartphone) placed in the store.

The credit processing terminal 55 is installed in the store similarly to the first store terminal device 50. The credit processing terminal 55 includes, for example, a credit payment terminal (credit card reader) and a POS device. The credit card payment terminal reads the PIN (Personal Identification Number) from the inserted or held credit card (including the affiliated card 57) and compares it with the PIN input by the user, or reads the BIN (Bank identification number) code, etc., to the affiliated credit card company server 200 via the POS device. The POS device cooperates with the credit card payment terminal to transmit information such as the payment amount to the affiliated credit card company server 200. An advance payment agent server (acquirer) may be interposed between the credit processing terminal 55 and the affiliated credit card company server 200. In the following, to simplify the explanation, description of the advance payment agency server will be omitted. The affiliated card 57 is, for example, similar to a commonly used credit card, and has a communication chip embedded in the card base material. The communication chip has a built-in storage medium that stores a PIN, and communicates with an external device via a contactor (or wireless antenna). Alternatively, the affiliated card 57 may be a magnetic card.

The second store terminal device 70 is used by an operator of a member store. The second store terminal device 70 is a smartphone, a tablet terminal, a personal computer, or the like. In the second store terminal device 70, an interface 72 for member stores operates. The member store interface 72 may be an application for member stores or may be a browser. The member store interface 72 receives coupon settings and the like from the member store operator and transmits them to the payment server 100. The second store terminal device 70, which is a smartphone, has the function of displaying a code image corresponding to the store code image and reading the code image displayed by the user terminal device 10 by executing an application for member stores. have

The payment server 100 realizes electronic payment based on payment information received from the user terminal device 10 or the first store terminal device 50. The first store terminal device 50 may include a POS device and a member store server, in which case payment information is transmitted from the POS device to the payment server 100 via the member store server. In the following description, it is assumed that payment information is transmitted from the first store terminal device 50 without making any particular distinction.

The affiliated credit card company server 200 manages affiliated credit card payments that are part of the electronic payment service. The affiliated credit card company server 200 is operated by, for example, a group company (affiliated credit card company) of the payment server 100. The affiliated credit card company may be a separate entity from the external credit card company that provides the credit card as a fund source for charging the charge balance.

Note that when there is a request for affiliated credit card payment, the affiliated credit card company server 200 executes an authorization to confirm whether payment is possible using the affiliated credit card. The affiliated credit card company server 200 executes the payment process if it is confirmed that the payment is possible through the authorization, and if it cannot be confirmed that the payment is possible, it responds with disapproval to the payment request. do. More specifically, at the time of authorization, it is confirmed that the payment amount is within the usage limit and that it does not fall under the category of unauthorized use. The affiliated credit card company server 200 stores in advance one or more rules for detecting fraudulent use of the affiliated card 57 as fraud detection rules, and compares the authorization data with the fraud detection rules to determine whether the authorization Determine whether card use is unauthorized use.

The administrator terminal device 80 is a terminal device used by the administrator of the affiliated credit card company server 200 to confirm the operational status and validity of fraud detection rules, and to make decisions. The administrator terminal device 80 provides a user interface for determining fraud detection rules to the user (administrator) of the administrator terminal device 80 by running a management application 82 that is an application program for managing fraud detection rules. I will provide a. For example, the management application 82 acquires and displays information regarding the operational status of fraud detection rules from the affiliated credit card company server 200, accepts an operation to change the fraud detection rules, and notifies the affiliated credit card company server 200 of the changes. . The affiliated credit card company server 200 reflects the notified changes in the fraud detection rules. Note that the management application 82 may be configured as a dedicated application, or may be configured using a general-purpose application such as a web browser.

2 and 3 are sequence diagrams illustrating the general flow of electronic payment. There may be two patterns, pattern 1 and pattern 2, in electronic payment.

In the case of pattern 1 (hereinafter referred to as user scan) shown in FIG. 2, the user terminal device 10 with the payment application 20 activated decodes the store code image 60 using an optical reading function (S1). The store code image 60 includes information on a store URL (Uniform Resource Locator). This store URL is the domain of the electronic payment service added with information that can identify the store, and is associated with member store IDs, store IDs, etc. in the payment server 100 (described later). The payment application 20 transmits first payment information including the store URL and account ID to the payment server 100 (S2). The payment server 100 searches for store information (described later) from the member store ID and store ID corresponding to the store URL, obtains the member store name and store name information (S3), and sends the information to the payment application 20 (S4). . The user inputs the payment amount into the user terminal device 10 on the screen on which the member store name and store name are displayed (S5). Then, the user terminal device 10 generates second payment information including at least the payment amount and transmits it to the payment server 100 (S6). The payment server 100 performs electronic payment based on the received second payment information (S7). Then, the payment server 100 transmits a payment completion notification (information for displaying the payment completion screen) to the payment application 20 (S8), and the payment application 20 displays the payment completion screen (S9). Note that when the store code image 60 is displayed on a display placed in a store, the store code image 60 may include not only the store URL but also information on the payment amount. In this case, the step for the user to input the payment amount is omitted, and the first payment information includes information on the payment amount and is sent to the payment server 100. Information on the member store name and store name may be included and displayed on the payment completion screen.

In the case of pattern 2 (hereinafter referred to as store scan) shown in FIG. 3, when the payment application 20 is started, when a payment operation is performed on the payment application 20, and when the automatic update timing (for example, every minute) is reached. , and at other timings, the payment application 20 transmits a one-time code issuance request to the payment server 100 (S11). The payment server 100 generates a one-time code (S12) and sends it to the payment application 20 (S13). The payment application 20 displays a code image, such as a QR code (registered trademark) or barcode, generated based on the one-time code (S14). The user holds up (presents) the display surface of the user terminal device 10 to the first store terminal device 50, and the first store terminal device 50 decodes the code image using an optical reading function and obtains a one-time code, etc. (S15). Then, the first store terminal device 50 generates payment information including a one-time code, payment amount, member store ID, store ID, etc., and transmits it to the payment server 100 (S16). Information on the payment amount is obtained in advance by barcode reading, manual input, etc. The payment server 100 identifies the user corresponding to the one-time code based on the received information and performs electronic payment (S17). Then, the payment server 100 transmits a payment completion notification to the payment application 20 (S18), and the payment application 20 displays a payment completion screen (S19).

Note that electronic payment may be performed using only one of the above patterns. Moreover, the "account ID" explained in FIG. 2 may be other information (for example, a telephone number) that can be used as user identification information. Furthermore, the issuance of a one-time code may be omitted in the store scan, and the payment application 20 may display a code image generated based on the user's account ID. In that case, the payment server 100 identifies the user corresponding to the account ID instead of identifying the user corresponding to the one-time code.

[Payment server]
FIG. 4 is a configuration diagram of the payment server 100 according to the first embodiment. The payment server 100 includes, for example, a communication section 110, a payment content providing section 120, a payment processing section 130, an information management section 140, a noteworthy operation detection section 150, and a storage section 170. Components other than the communication unit 110 and the storage unit 170 are realized by, for example, a hardware processor such as a CPU executing a program (software). Some or all of these components are hardware (circuit parts) such as LSI (Large Scale Integration), ASIC (Application Specific Integrated Circuit), FPGA (Field-Programmable Gate Array), and GPU (Graphics Processing Unit). (including circuitry), or may be realized by collaboration between software and hardware. The program may be stored in advance in a storage device (a storage device with a non-transitory storage medium) such as an HDD (Hard Disk Drive) or flash memory, or may be stored in a removable storage device such as a DVD or CD-ROM. It may be stored in a medium (non-transitory storage medium), and installed in the storage device by loading the storage medium into a drive device.

The storage unit 170 is an HDD, flash memory, RAM (Random Access Memory), or the like. The storage unit 170 may be a NAS (Network Attached Storage) device that can be accessed by the payment server 100 via a network. The storage unit 170 stores information such as user information 172, payment content information 174, and member store/store information 176.

The communication unit 110 is a communication interface for connecting to the network NW. Communication unit 110 is, for example, a network interface card.

The payment content providing unit 120 has, for example, the function of a web server, and provides the user terminal device 10 with information (content) for displaying various screens of the electronic payment service. The payment content providing unit 120 reads necessary content from the payment content information 174 as appropriate and provides it to the user terminal device 10. The user terminal device 10 receives various inputs from the user while the content is being played by the payment application 20, and transmits the above-mentioned payment information and the like to the payment server 100.

The payment processing unit 130 performs payment processing based on the payment information transmitted by the user terminal device 10 or the first store terminal device 50. The payment processing unit 130 performs payment processing while referring to the user information 172.

FIG. 5 is a diagram showing an example of the contents of the user information 172. User information 172 is an example of user registration information. User information 172 includes, for example, user URL, account ID, phone number, password, email address, user ID, name/address/date of birth, registration date, charge balance, deferred payment setting, deferred payment limit, deferred payment. Information such as usage amount, available deferred payment amount, terminal payment method, card payment method, affiliated card number, bank account, credit card number, charge history information, payment history information, etc. are associated with each other. The user URL is used for remittance processing between users. When registering for a new electronic payment service, it is mandatory to register a phone number and password. The account ID is issued to the user by the payment server 100, and the user ID is an ID that can be arbitrarily set (or does not need to be set) by the user. Similarly, e-mail address, name, address, and date of birth are information that can (or does not need to be) set arbitrarily by the user. The registration date is the date the user registered with the electronic payment service (the date the account was created). Hereinafter, the user instance (electronic payment account) to which this information is associated will be referred to as an account.

The charge balance is information indicating the balance of electronic money set by the user transferring money to the account in advance. Methods of remittance include remittance from an ATM (Automatic Teller Machine) of a designated business (bank), remittance from a registered bank account, etc. The deferred payment setting is information indicating whether the setting to enable electronic payment by deferred payment has been completed, and is set to either "completed" or "not yet". The deferred payment setting is flag information common to "terminal payment" and "card payment" which will be described later. A user who can use deferred payment for terminal payment is a user who has been given an affiliate card 57. Note that instead of this, the deferred payment setting may be setting information that is set separately for "terminal payment" and "card payment". The terminal payment method is setting information that indicates whether the user performs electronic payment using the charge balance or deferred payment in "terminal payment." The card payment method is setting information that indicates whether the user performs electronic payment using the charge balance or deferred payment in "card payment." The card payment method is synchronized in real time with the affiliated credit card company server 200. The affiliated card number is the number of the affiliated card 57 (for example, PAN (Primary Account Number)). The bank account and credit card number are each information about a bank account or credit card number (account number, card number) that can be used to deposit money into the electronic payment service. This credit card number is a number of a credit card different from the affiliated card 57. The charging history information is a history of the user increasing the charging balance by remitting money to the electronic payment service in advance. The payment history information is information that shows the details of the payments made by the user (date and time, store ID of the store where the purchase was made, payment amount, payment method, etc.) for each payment.

FIG. 6 is a diagram showing an example of the contents of the affiliated store/store information 176. The affiliated store/store information 176 includes, for example, a first table 176A in which affiliated store IDs and store IDs are associated with store URLs, and affiliated store names and sales proceeds (described above) are associated with affiliated store IDs. 176B, and a third table 176C in which store IDs are associated with store IDs. In addition to this information, the member store/store information 176 may include information such as the member store or store category, store location, payment pattern, and the like.

The information management unit 140 manages user information 172 and member store/store information 176 based on information acquired from the user terminal device 10 and the second store terminal device 70. The information management unit 140 adds, edits, deletes, etc. new records for the user information 172 and member store/store information 176.

The attention operation detection unit 150 detects that the attention operation has been performed on the payment application 20 based on the operation information received from the payment application 20. Here, the operation information is information regarding operations performed on the payment application 20. Further, the operation of interest here refers to an operation performed on the payment application 20 for which the history of the operation is determined to be effective information for detecting fraudulent use of a credit card. Which operation is to be regarded as a noteworthy operation may be arbitrarily set depending on the details and circumstances of past unauthorized use, the fraud detection policy, and the like. The attention operation detection unit 150 recognizes the operation performed on the payment application 20 based on the operation information, and if the recognized operation corresponds to the attention operation, it notifies the affiliated credit card company server 200 to that effect. do. Hereinafter, this notification will be referred to as a "noted operation detection notification." It is assumed that in the affiliated credit card company server 200, operations that should be detected as attention operations are registered in advance in the storage unit 170 as attention operation information 178. Here, the attention operation is an example of a "specific operation", and the attention operation information 178 is an example of "operation definition information". Further, the attention operation detection unit 150 is an example of an “acquisition unit” and a “detection unit”.

Here, terminal payment and card payment will be explained. FIG. 7 is a diagram conceptually showing each process of terminal payment and card payment. As explained below, electronic payment services include (1) terminal payment/payment by charge balance, (2) terminal payment/payment by deferred payment, (3) card payment/payment by charge balance, (4) card payment/payment by charge balance. Four types of electronic payments can be made: deferred payment.

[Terminal payment]
(1) When the payment server 100 (payment processing unit 130) acquires payment information from the user terminal device 10 or the first store terminal device 50, terminal payment is started. The payment server 100 refers to the user information 172 and obtains the "terminal payment method" of the user. The payment server 100 performs electronic payment through its own processing for users whose "terminal payment method" is set to "charge balance." In this case, the payment processing unit 130 performs electronic payment by decreasing the charge balance managed in association with the user ID and increasing the item value of the member store's sales proceeds. For example, the item value of the sales proceeds of a member store is not used as electronic money itself, but the amount corresponding to the item value of the sales proceeds is determined in a cycle according to the agreement between the member store and the electronic payment service. Money will be transferred to your bank account.

(2) In terminal payment, the payment server 100 provides payment information regarding the user whose "terminal payment method" is set to "deferred payment" together with the affiliated card number of the user obtained by referring to the user information 172. is transferred to the affiliated credit card company server 200. The affiliated credit card company server 200 checks whether the cumulative payment amount indicated by the payment information does not exceed the upper limit for the current month, and if it does not exceed the upper limit, the acquired payment amount is used as the cumulative payment amount for the user. Perform processing such as adding to . For example, the cumulative amount of payment for one month is paid by debiting a bank account on the next month's payment date.

[credit card payment]
(3) When the affiliated credit card company server 200 acquires payment information from the credit processing terminal 55, electronic payment (card payment) using the affiliated card 57 is started. Affiliated credit card company server 200 refers to card payment setting information 272 stored in storage unit 270. FIG. 8 is a diagram showing an example of the contents of the card payment setting information 272. The card payment setting information 272 is information in which information unique to the user (eg, PAN), card payment method, and account ID of the user are associated with each other. The card payment method and account ID are the same information included in the user information 172 in FIG. 5, and are synchronously linked with the payment server 100. The affiliated credit card company server 200 sends payment information for a user whose "card payment method" is set to "charge balance" together with the user's account ID obtained by referring to the card payment setting information 272. Transfer to server 100. Based on the acquired payment information, the payment server 100 performs the same process as when the "terminal payment method" is set to "charge balance" in terminal payment.

(4) In card payment, the affiliated credit card company server 200 performs electronic payment through its own processing for users whose "card payment method" is set to "deferred payment." In this case, the affiliated credit card company server 200 performs the same process as when the "terminal payment method" is set to "deferred payment" in terminal payment.

Switching between "charge balance" and "deferred payment" in each of "terminal payment" and "card payment" is performed according to the user's operation on the payment application 20. The payment application 20 has an interface screen for selecting a payment method between "charge balance" and "deferred payment" (or other payment method) in "terminal payment" and a "charge balance" and "charge balance" in "card payment". An interface screen for selecting one of the payment methods for "deferred payment" (or other payment methods) is separately provided to the user.

Note that in "terminal payment" and "card payment", if payment using a credit card (in the example of this embodiment, credit card payment or deferred payment) is requested, the affiliated credit card company server 200 will Authorization data regarding the use of the credit card is obtained from the credit processing terminal 55, and the obtained authorization data is compared with fraud detection rules to determine whether or not the use of the credit card is fraudulent. is responded to the credit processing terminal 55. The credit processing terminal 55 continues or cancels the payment depending on the determination result. The affiliated credit card company server 200 executes such authorization determination processing each time a payment using a credit card occurs, and records and accumulates the determination results.

[Affiliate credit card company server]
FIG. 9 is a configuration diagram of the affiliated credit card company server 200 according to the first embodiment. The affiliated credit card company server 200 includes, for example, a communication section 210, a credit payment processing section 230, an information management section 240, a fraud detection section 250, and a storage section 270. Components other than the communication unit 210 and the storage unit 270 are realized by, for example, a hardware processor such as a CPU executing a program (software). Some or all of these components are hardware (circuit parts) such as LSI (Large Scale Integration), ASIC (Application Specific Integrated Circuit), FPGA (Field-Programmable Gate Array), and GPU (Graphics Processing Unit). (including circuitry), or may be realized by collaboration between software and hardware. The program may be stored in advance in a storage device (a storage device with a non-transitory storage medium) such as an HDD (Hard Disk Drive) or flash memory, or may be stored in a removable storage device such as a DVD or CD-ROM. It may be stored in a medium (non-transitory storage medium), and installed in the storage device by loading the storage medium into a drive device.

The communication unit 210 is a communication interface for connecting to the network NW. The communication unit 210 is, for example, a network interface card.

The credit payment processing unit 230 executes payment processing for credit card payment using the affiliated card 57 based on payment information transmitted or transferred from the credit processing terminal 55 or the payment server 100. More specifically, the credit payment processing unit 230 executes authorization in response to receiving a payment request from the credit processing terminal 55 or the payment server 100, and as a result of the authorization, it is possible to make payment by credit card for the target user. Payment processing is executed when usage of the service is approved. The credit payment processing unit 230 stores the details of the executed authorization in authorization information 276, which will be described later.

The credit payment processing unit 230 performs payment processing while referring to the user information 274. The user information 274 is information that manages various types of user information related to electronic payment services using credit cards in association with user identification information. The user information 274 includes, for example, information such as credit card number, bank account, and transaction history.

Note that if the affiliated credit card company server 200 is operated by, for example, a group company (affiliated credit card company) of the payment server 100, the user information 274 of the affiliated credit card company server 200 is the user information held by the payment server 100. The same content as the information 172 may be managed. In this case, the user information 274 held by the affiliated credit card company server 200 and the user information 172 held by the payment server 100 may be synchronized with each other at a predetermined timing.

The storage unit 270 is an HDD, flash memory, RAM (Random Access Memory), or the like. The storage unit 270 may be a NAS (Network Attached Storage) device that can be accessed by the affiliated credit card company server 200 via a network. The storage unit 270 stores information such as card payment setting information 272, user information 274, authorization information 276, and fraud detection rules 278.

FIG. 10 is a diagram showing an example of the contents of the authorization information 276. Authorization information 276 is information regarding authorizations executed by the affiliated credit card company server 200 in the past. The authorization information 276 is, for example, information in which the authorization ID, which is the identification information of the authorization, is associated with the time when the payment request occurred, the payment amount, the member store ID, the user ID, the determination result based on the fraud detection rule 278, etc. It is. The authorization ID is uniquely assigned, for example, at the timing when the affiliated credit card company server 200 receives a payment request. For example, as an example of the determination result based on the fraud detection rule 278, a determination as to whether payment is possible or not, and a rule to be applied when it is determined that payment is not possible may be held. Authorization information is an example of "history information."

Return to FIG. 9. The fraud detection rule 278 is a rule for detecting fraudulent use of the affiliated card 57. The fraud detection rule 278 may set a rule for determining whether the use of the affiliated card 57 that has occurred is fraudulent use, or a rule for determining that the use is not fraudulent use. It may also be one that stipulates. More specifically, the fraud detection rules 278 define rules for determining whether or not the target payment is due to unauthorized use based on the authorization data. The fraud detection rule 278 may determine the presence or absence of unauthorized use by combining matters recognized from the authorization data and details of operations performed on the payment application 20.

For example, an example of a fraud detection rule for determining fraudulent use of a lost card is ``the card has been used consecutively for a predetermined number of times or more at a convenience store late at night.'' Further, for example, an example of a fraud detection rule for determining fraudulent use by a specific method is "the product was used to pay a predetermined amount or more at store B immediately after being used at store A."

The information management unit 240 manages the fraud detection rules 278 based on information acquired from the administrator terminal device 80. For example, the information management unit 240 accepts an editing operation for the fraud detection rule 278 via the management application 82 of the administrator terminal device 80, and adds a new rule to the fraud detection rule 278, edits or deletes an existing rule, etc. conduct. Here, the information management section 240 is an example of a "support information providing section."

The information management unit 240 provides support information for supporting the management of the fraud detection rules 278 to the administrator. The support information may be any information that is useful for the administrator to maintain the fraud detection rules 278. For example, the support information includes information such as the details of payments made in the past, the results of detection of unauthorized use based on existing rules, the details of operation information notified from the payment application 20, and various trends grasped from the contents. may be included. For example, the support information may include information such as the presentation of rules that are recommended to be deleted or changed, the basis for that recommendation, and the effects that will be obtained if the presented rules are deleted or changed. . The administrator can check the support information via the management application 82, and can review existing rules or consider new rules based on the content of the support information.

Fraud detection section 250 detects fraudulent use of affiliated card 57 based on authorization information 276 and fraud detection rules 278 when affiliated card 57 is used. Note that the fraud detection unit 250 and the fraud detection rules 278 may be provided in a server different from the affiliated credit card company server 200.

In FIG. 11, it is detected that a predetermined notable operation (hereinafter referred to as "notable operation") regarding fraudulent use of the affiliated card 57 has been performed on the payment application 20, and the affiliated credit card company server 200 is notified. FIG. 2 is a sequence diagram showing an example of the flow of processing. The following describes a series of processing steps: (1) transmission of operation information by the payment application 20, (2) detection and notification of the operation of interest by the payment server 100, (3) recording of the operation of interest by the affiliated credit card company server 200, Classify and explain.

(1) Transmission of operation information by the payment application 20 First, in response to receiving a user's operation on the user terminal device 10, the payment application 20 generates operation information regarding the operation and transmits it to the payment server 100 ( S210). As described above, the operation information is information for notifying the payment server 100 of the operation performed on the payment application 20. In this embodiment, a case will be described in which a terminal identification number is used as an example of operation information. The terminal identification number is a 13-digit identification number (also called TID) that is set on a terminal device such as the credit processing terminal 55 that executes credit payment processing. The terminal identification number includes a number to identify the business entity that manages the terminal device, and by referring to the terminal identification number, it is possible to identify which terminal device the payment processing was performed on. It is possible.

In this embodiment, among the screens displayed by the payment application 20 to provide various functions, each screen corresponding to the operation of interest (screen of interest) has its own unique terminal identification number in advance as screen identification information. Can be matched. The reason why the terminal identification number is used as the screen identification information here is to have the affiliated credit card company server 200 record that the attention operation has been performed on the payment application 20 by "0 yen payment" described later. . When the user operates the screen of interest, the payment application 20 transmits the terminal identification number associated with the screen of interest to the payment server 100 as operation information. FIG. 11 shows the flow of processing when one screen of interest is operated, but if multiple screens of interest are operated in the payment application 20, the flow of processing will be repeated each time a new screen of interest is operated. In this case, a series of processes shown in FIG. 11 are executed. Here, the 0 yen payment is an example of a "specific credit payment".

Note that, as described above, the terminal identification number is originally an identification number set to the credit processing terminal 55. Furthermore, it is necessary to record which payment application 20 the operation of interest was performed on so that it can be traced back later. Therefore, it is assumed that the terminal identification number used as screen identification information in this embodiment is generated so as to satisfy the following conditions. Note that the terminal identification number as the screen identification information may be generated in any manner as long as the following conditions are satisfied.
・Contains information that makes it possible to identify the screen displayed by the operation of interest ・Does not overlap with the number set on the credit processing terminal 55 ・Contains information that makes it possible to identify the payment application 20 to be operated The information that makes it possible to identify the application 20 may be, for example, the identification information of the user, the identification information of the user terminal device 10 on which the payment application 20 operates, or a combination thereof. It's okay. Further, the operation information may include other information in addition to the terminal identification number described above.

(2) Detection of attention operation on payment application 20 Next, in payment server 100, attention operation detection unit 150 detects attention operation performed on payment application 20 based on the operation information received from payment application 20. (S220) More specifically, the attention operation detection unit 150 recognizes the operation (target operation) performed on the payment application 20 based on the operation information (S221), and the target operation is the attention operation. It is determined based on the attention operation information 178 (S222). More specifically, if the target operation is registered in the attention operation information 178, the attention operation detection unit 150 determines that the target operation is the attention operation, and if it is not registered, the target operation is the attention operation. It is determined that it is not an operation. Here, if it is determined that the target operation is not the attention operation, subsequent processing is skipped and the series of processing ends. On the other hand, if it is determined in S222 that the target operation is the attention operation, the attention operation detection unit 150 notifies the affiliated credit card company server 200 to that effect (S230: attention operation detection notification).

(3) Recording of attention operation by affiliated credit card company server Next, when the attention operation detection notification is received, the affiliated credit card company server 200 records that the attention operation has been performed on the payment application 20. (S240). In this way, by recording that the attention operation has been performed on the payment application 20 in the affiliated credit card company server 200, the affiliated credit card company server 200 uses the fraud detection rule 278 and the detection of the attention operation. In combination with the situation, it is possible to detect fraudulent use of a credit card due to operation of the payment application 20. Furthermore, by recording that the operation of interest has been performed on the payment application 20 in the affiliated credit card company server 200, the operator of the affiliated credit card company can also monitor the occurrence of the operation of interest on the payment application 20. In addition, new fraud detection rules can be added or reviewed.

In the following, "0 yen authorization data" (specific authorization data) is sent to the affiliated credit card company server 200 as an example of a method for making the affiliated credit card company server 200 record that a noteworthy operation has been performed on the payment application 20. Explain how to do this. The 0 yen authorization data is the authorization data that requests the affiliated credit card company server 200 to make a credit payment with a payment amount of 0 yen (hereinafter referred to as "0 yen payment").

Generally, the authorization data exchanged in credit card payments includes information such as the terminal identification number of the credit processing terminal, the cardholder number of the credit card, and the payment amount. The attention operation detection unit 150 uses a terminal identification number assigned so as not to overlap with the terminal identification number for normal payment as screen identification information, and a card member number of the affiliated card 57 (in the example of FIG. 5, the affiliated card number). Generate 0 yen authorization data based on. The attention operation detection unit 150 transmits the generated zero yen authorization data to the affiliated credit card company server 200 as a notice of attention operation detection. The affiliated credit card company server 200 executes credit payment processing based on the 0 yen authorization data received from the payment server 100 (S241).

As a result, in response to the detected operation of interest on the payment application 20, the affiliated credit card company server 200 executes a zero yen payment. That is, the fact that the noteworthy operation was performed on the payment application 20 is recorded in the affiliated credit card company server 200 as a payment history of 0 yen payment (S242). More specifically, since the content of the 0 yen authorization data is recorded in the payment history of the 0 yen payment, the affiliated credit card company server 200 refers to the terminal identification number for the 0 yen payment, and by referring to the terminal identification number for the 0 yen payment, It is possible to specify the displayed screen, the payment application 20 on which the operation of interest was performed, and the credit card used.

FIG. 12 is a diagram illustrating an example of a screen (target screen) defined as a target operation in the payment server 100. In FIG. 12, TID represents a terminal identification number. FIG. 12 shows a campaign screen PG1 (TID=A), a top-up screen PG2 (TID=B), a stamp card screen PG3 (TID=C), and an account information management screen PG4 (TID=C) as an example of attention screens. =D) and four screens are shown. The campaign screen PG1 is a screen for providing information and functions regarding the ongoing campaign. Top-up screen PG2 is a screen that provides funds transfer means. The stamp card screen PG3 is a screen that provides a stamp card function. The account information management screen PG4 is a screen that provides account information management functions. When any one of the campaign screen PG1, top-up screen PG2, stamp card screen PG3, and account information management screen PG4 is displayed by the user's operation, the payment application 20 uses the terminal of the displayed screen. The operation information including the identification number is transmitted to the payment server 100.

The example in FIG. 12 represents a case where an operation is performed on the payment application 20 to display the campaign screen PG1. In this case, operation information including the terminal identification number TID=A is transmitted from the payment application 20 to the payment server 100. The payment server 100 detects that the operation of interest has been performed on the payment application 20 because the terminal identification number (TID=A) indicated by the operation information is defined in the operation information of interest 178 as the screen of interest. . The payment server 100 generates 0 yen authorization data for implementing a 0 yen payment using the terminal identification number (TID=A) corresponding to the attention operation, and sends it to the affiliated credit card company server 200 (attention operation detection notification). ). Subsequently, in the affiliated credit card company server 200, the credit payment processing unit 230 executes a credit payment process using the 0 yen authorization data received from the payment server 100, thereby adding the 0 yen authorization data to the authorization information 276. Record.

In this way, by recording the noted operation on the payment application 20 as 0 yen authorization data in the authorization information 276 together with the authorization data for normal payments, the affiliated credit card company server 200 can use the fraud detection framework based on the fraud detection rules 278. In this case, it becomes possible to perform fraud detection focusing on operations on the payment application 20. Furthermore, by managing the authorization information 276 in this manner, the operator of the affiliated credit card company can create new fraud detection rules based on the details of operations performed on the payment application 20. This makes it possible to review existing fraud detection rules. For example, the administrator refers to the authorization information 276 (an example of support information) via the administrator terminal device 80 and maintains fraud detection rules based on the details of operations performed on the payment application 20. be able to.

For example, if we consider that the operation of changing registered information on the account information management screen PG4 and then moving to the top-up screen PG2 to transfer funds is likely to be an operation intended for unauthorized use, By defining this screen transition as an unauthorized screen transition pattern in the fraud detection rule 278, it becomes possible for the affiliated credit card company server 200 to detect an operation that involves such a screen transition as an unauthorized operation. According to such a screen transition detection method, any screen transition can be detected, not only operations that are not intended for unauthorized use. For example, if you check the campaign screen PG1 or the stamp card screen PG3 and then move to the Top-up screen PG2 to transfer funds, if you think that there is a high possibility that the operation was due to legitimate use, you can change the screen transition. By defining a valid screen transition pattern, it is also possible for the affiliated credit card company server 200 to detect an operation that involves such a screen transition as a valid operation. Note that whether an operation that involves a certain screen transition is considered to be an unauthorized operation or a legitimate operation may be determined depending on the time spent on each screen. Therefore, the definition of a fraudulent pattern or a valid pattern may include the time spent on each screen as well as the screen transition pattern. Further, in this case, the payment server 100 can recognize the time spent on each screen by determining the interval at which zero yen payments are made based on the authorization information 276.

The fraud detection rules 278 may include rules for detecting fraudulent use based on normal payment authorization data, or rules for detecting fraudulent use based on notable operations performed on the payment application 20. It may include rules for detecting unauthorized use, or it may include rules for detecting unauthorized use by combining the two. For example, a fraud detection rule is such that when a normal payment is executed, the operations of interest performed during a predetermined period before the payment are subject to predetermined conditions (e.g., types and combinations of operations, order of execution, number of executions, execution interval, etc.) If the above conditions are met, the payment may be determined to be due to unauthorized use.

Further, for example, the fraud detection rule 278 may include a rule that excludes a situation that was conventionally determined to be unauthorized use based on authorization data from unauthorized use based on the operation of interest. For example, in the fraud detection rule 278, it has been determined that fraudulent use has been made if multiple payments have been made within a certain period of time at a particular member store during normal payment execution (authorization execution). There are rules to do so. In such a situation where conventional fraud detection rules would determine that fraudulent use has occurred, if there is a certain screen transition (a specific noteworthy operation or a combination thereof) between the multiple payments, fraudulent use will be detected. The fraud detection rules 278 may include a rule that does not determine that. In this way, by adding rules based on attentional operations to conventional fraud detection rules, it is possible to set more accurate fraud detection rules.

According to the embodiment described above, in a system that detects fraudulent use of a credit card based on authorization data, a determination as to whether or not there is fraudulent use is made by considering user behavior that is not linked to authorization data. becomes possible. For example, in a system for detecting unauthorized use of a credit card based on authorization data, it is possible to take into consideration the details of operations performed on the payment application 20 operating on the user terminal device 10.

<Modified example>
In the above embodiment, a unique terminal identification number is assigned to every screen of the payment application 20, and the payment server 100 detects the operation of interest based on the operation information of interest 178 and the operation information received from the payment application 20. Although the case has been described, the terminal identification number as the operation information may be assigned only to the screen of interest among the screens of the payment application 20. In this case, the terminal identification number is notified to the payment server 100 only when the operation of interest is performed in the payment application 20. Therefore, in this case, the payment server 100 may be configured to generate zero yen authorization data only for operations for which a terminal identification number has been notified.

The payment application 20 may be configured to limit some of the functions provided by the payment application 20 when the attention operation detection notification is sent. For example, in the example of FIG. 12, the payment application 20 may temporarily disable funds transfer by restricting the use of the top-up screen PG2 (TID=B). Further, for example, in the example shown in FIG. 12, the payment application 20 may temporarily prevent account information from being changed by restricting the use of the account information management screen PG4 (TID=D). The payment application 20 may be configured to release the functional restriction in response to an instruction from the affiliated credit card company server 200. On the other hand, after receiving the attention operation detection notification from the payment application 20, the affiliated credit card company server 200 imposes the above-mentioned functional restrictions on the payment application 20 if a predetermined condition is satisfied regarding the payment application 20 that is the sender. You may also instruct cancellation. The predetermined condition may be that a predetermined period of time has passed since the start of functional restriction, or that it has been confirmed that the operation detected as the attention operation is not intended for unauthorized use. . The affiliated credit card company server 200 may be configured to notify the payment application 20 of these cancellation instructions via the payment server 100. Further, the function restriction may be implemented in response to the detection of one operation of interest, a combination of multiple operations of interest, or the detection of multiple operations of interest.

When the affiliated credit card company server 200 detects fraudulent use of the affiliated card 57 that is not due to the operation of interest (for example, when fraudulent use is detected only from authorization data for normal payment), it notifies the payment application 20 of this fact. It may be configured to do so. In this case, the payment application 20 may be configured to limit some of the functions provided by the payment application 20 in response to receiving the notification. Further, in this case as well, the payment application 20 may be configured to cancel the functional restriction in accordance with an instruction from the affiliated credit card company server 200, as described above.

The affiliated credit card company server 200 analyzes trends in fraudulent use based on the occurrence of fraudulent use recognized by the operation of interest and the occurrence of fraudulent use detected based on normal payment authorization data. It may be configured as follows. For example, the affiliated credit card company server 200 may be configured to learn attention operations or combinations thereof that are likely to occur at the timing of the unauthorized use, based on the detection result of unauthorized use by the authorization data. Conversely, if there is any unauthorized use that could not be detected with the authorization data, the affiliated credit card company server 200 will check the characteristics of the noted operation or combination thereof that occurred at the timing when the unauthorized use occurred. may be configured to learn. A machine learning algorithm (for example, supervised learning) may be used for these learnings.

Although the mode for implementing the present invention has been described above using embodiments, the present invention is not limited to these embodiments in any way, and various modifications and substitutions can be made without departing from the gist of the present invention. can be added.

10 User terminal device 20 Payment application 50 First store terminal device 55 Credit processing terminal 57 Affiliated card 60 Store code image 70 Second store terminal device 72 Interface for member stores 80 Administrator terminal device 82 Management application 100 Payment server 110 Communication department 120 Payment content providing section 130 Payment processing section 140 Information management section 150 Attention operation detection section 170 Storage section 172 User information 174 Payment content information 176 Member store/store information 178 Attention operation information 200 Affiliated credit card company server 210 Communication section 230 Credit Payment processing unit 240 Information management unit 250 Fraud detection unit 270 Storage unit 272 Card payment setting information 274 User information 276 Authorization information 278 Fraud detection rules

Claims (9)

A payment management device that provides an electronic payment service to the user in cooperation with an application program running on the user's terminal device,
an acquisition unit that acquires operation information regarding operations performed by the user on the application program from the application program;
a detection unit that detects, based on the operation information , a specific operation that is set as an operation effective for detecting fraudulent use of a credit card among operations performed on the application program based on the operation information ; ,
Equipped with
When the detection unit detects that the specific operation has been performed on the application program, the detection unit sends a specific credit card payment with a payment amount of 0 yen as information for recording that the specific operation has occurred. transmitting the requested specific authorization data to a credit payment management device that executes credit payment processing using the credit card registered in the application program;
Payment management device. The detection unit stores in advance operation definition information in which the specific operation to be detected is defined, and the operation performed on the application program based on the operation information and the operation definition information is the specified operation. Determine whether or not it is an operation,
The payment management device according to claim 1. Each of the specific operations is associated with unique identification information in advance,
The application program is configured to transmit, when the specific operation is performed, the operation information including the identification information corresponding to the specific operation to the payment management device;
The detection unit detects that the specific operation has been performed on the application program based on the identification information included in the operation information.
The payment management device according to claim 1. The detection unit transmits operation information regarding the specific operation to the credit payment management device in association with the specific authorization data.
The payment management device according to claim 1 . The specific authorization data includes a terminal identification number for uniquely identifying the terminal that performs the target payment,
The detection unit detects the terminal identification number, which is a terminal identification number used for a specific credit card payment in which the payment amount is 0 yen, and is numbered so as not to overlap with a terminal identification number used in a normal credit card payment. generating the specific authorization data using
The payment management device according to claim 1 . A payment management device that provides electronic payment services to the user in cooperation with an application program running on the user's terminal device,
Obtaining operation information regarding operations performed by the user on the application program from the application program;
Detecting, based on the operation information , a specific operation that is set as an operation effective for detecting fraudulent use of a credit card among operations performed on the application program based on the operation information ;
When it is detected that the specific operation has been performed on the application program, specific authorization data that requests a specific credit card payment with a payment amount of 0 yen is used as information to record that the specific operation has occurred. to a credit payment management device that executes credit payment processing using the credit card registered in the application program;
Payment management methods. A payment management device that provides electronic payment services to the user in cooperation with an application program running on the user's terminal device;
obtaining operation information regarding operations performed by the user on the application program from the application program;
Among the operations performed on the application program based on the operation information, a specific operation set as an operation effective for detecting fraudulent use of a credit card is detected based on the operation information ;
When it is detected that the specific operation has been performed on the application program, specific authorization data that requests a specific credit card payment with a payment amount of 0 yen is used as information to record that the specific operation has occurred. to a credit payment management device that executes credit payment processing using a credit card registered in the application program;
program for. A payment management device that provides an electronic payment service to the user in cooperation with an application program running on a user's terminal device, and a credit payment management device that manages credit cards registered in the application program. A payment management system,
The payment management device includes:
an acquisition unit that acquires operation information regarding operations performed by the user on the application program from the application program;
a detection unit that detects, based on the operation information , a specific operation that is set as an operation effective for detecting fraudulent use of a credit card among operations performed on the application program based on the operation information ; ,
Equipped with
When the detection unit detects that the specific operation has been performed on the application program, the detection unit sends a specific credit card payment with a payment amount of 0 yen as information for recording that the specific operation has occurred. transmitting the requested specific authorization data to a credit payment management device that executes credit payment processing using a credit card registered in the application program;
The credit payment management device executes credit payment processing that sets the payment amount to 0 yen based on the information received from the payment management device and for recording that the specific operation has occurred. Records that a specific operation has occurred,
Payment management system. The credit payment management device detects fraudulent use of the credit card based on authorization data received during execution of normal credit payment processing and a record indicating that the specific operation has occurred.
The payment management system according to claim 8 .

Images