WO2015101166A1 - Method for detecting false card risk and transaction processing system for implementing same - Google Patents

Method for detecting false card risk and transaction processing system for implementing same Download PDF

Info

Publication number
WO2015101166A1
WO2015101166A1 PCT/CN2014/093830 CN2014093830W WO2015101166A1 WO 2015101166 A1 WO2015101166 A1 WO 2015101166A1 CN 2014093830 W CN2014093830 W CN 2014093830W WO 2015101166 A1 WO2015101166 A1 WO 2015101166A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
card
financial
processing system
abnormal
Prior art date
Application number
PCT/CN2014/093830
Other languages
French (fr)
Chinese (zh)
Inventor
钟国业
吴金坛
Original Assignee
中国银联股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国银联股份有限公司 filed Critical 中国银联股份有限公司
Publication of WO2015101166A1 publication Critical patent/WO2015101166A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing

Definitions

  • the transaction is an online transaction
  • the data includes an updated online transaction ATC value in the financial IC card
  • the transaction processing system executes the method in the following manner
  • the abnormality determining step if the updated online transaction ATC value is less than or equal to the current online transaction ATC value stored by the transaction processing system, it is determined that the transaction requested to be processed is abnormal.
  • the transaction is an online transaction
  • the data includes an updated electronic cash offline consumption balance in the financial IC card
  • the transaction processing system is in the following manner Performing the abnormality determining step: if the updated electronic cash offline consumption balance is greater than the electronic cash offline consumption balance returned by the transaction processing system to the financial IC card after the last online deposit, determining the request processing The transaction was abnormal.
  • the transaction is an offline transaction
  • the data includes a transaction amount corresponding to the transaction
  • the transaction processing system performs the abnormality determination step in the following manner: if the transaction amount is greater than a current electronic cash offline consumption balance stored by the transaction processing system, Then, it is judged that the transaction requested to be processed is abnormal.
  • An abnormality determining unit configured to determine, according to the data, whether the transaction processed by the request is abnormal
  • FIG. 1 is a schematic diagram of a transaction processing system in accordance with one embodiment of the present invention.
  • an application transaction counter refers to a counter for counting the number of transactions of a financial IC card, including online and offline transactions.
  • the financial IC card 30 is designed to configure the ATC, and the corresponding ATC is also configured for the financial IC card in the transaction processing system 10.
  • the abnormality determining unit 130 can determine whether the transaction is abnormal based on the matching of the count values of the two. For example, it is assumed that the initial values of the ATC at the storage unit 120 of the financial IC card and the transaction processing system 10 are both 0. In the transaction process, the data transmitted by the transaction terminal 20 to the transaction processing system 10 is included in the financial IC card.
  • a unique card serial number will be assigned to each financial IC card for personalization.
  • the abnormality determining unit 130 can verify the financial IC by its matching with the record stored in the storage unit 120 in advance. Whether the card is legal and valid.
  • the electronic cash offline balance stored at the card is generally set to the same value as the current electronic cash offline consumption balance N stored at the storage unit 120. Subsequently, the current electronic cash offline consumption balance N varies with the amount of online inventory transactions and electronic cash offline consumption, and the update method is:
  • FIG. 2 is a flow chart of a method of monitoring the risk of a fake card in accordance with another embodiment of the present invention.
  • the structure of the transaction processing system shown in FIG. 1 is employed, but it will be appreciated from the following description that the method of the present embodiment does not depend on a specific structure.
  • step S201 the communication unit 110 of the transaction processing system 10 receives data associated with the transaction requested by the financial IC card 30 from the transaction terminal 20.
  • these data include, for example, but are not limited to, a card serial number of a financial IC card, a transaction certificate (TC), an application transaction counter (ATC) count value, a random number, and a dynamic signature number. According to the transaction amount, electronic cash offline balance and card records, and any combination of these parameters.
  • step S301 The abnormality determining unit 130 determines whether the ATC value uploaded by the transaction terminal 20 is equal to the corresponding ATC value stored at the storage unit 120. If they are equal, it is determined that the transaction is abnormal and proceeds to step S203, otherwise Then, the process proceeds to step S302.
  • step S302 the abnormality determining unit 130 determines whether the data uploaded by the transaction terminal 20 contains the card serial number, and if so, proceeds to step S303, otherwise proceeds to step S304.
  • step S303 the abnormality determining unit 130 determines whether the storage unit 120 has a record matching the card serial number uploaded by the transaction terminal 20, and if so, determines that the financial IC card is legally valid and proceeds to step S304, otherwise, proceeds to step S203.
  • step S304 the abnormality determining unit 130 determines whether the transaction requested to be processed is the electronic cash offline consumption mode, and if so, proceeds to step S305, otherwise proceeds to step S306.
  • step S307 the abnormality determining unit 130 determines whether the electronic cash offline consumption transaction amount uploaded by the transaction terminal 20 is greater than the current electronic cash offline consumption balance N stored at the storage unit 120, and if so, determines that the transaction is abnormal and proceeds to step S203. Otherwise, then Transfer to normal business processes.
  • the abnormality determining unit 130 determines whether the online transaction ATC value uploaded by the transaction terminal 20 is greater than the corresponding current online transaction ATC value stored at the storage unit 120, and if it is greater than, enters Step S308, otherwise, it is judged that the transaction is abnormal and proceeds to step S203.
  • the abnormality determining unit 130 determines whether the electronic cash offline balance is included in the data uploaded by the transaction terminal 20. If yes, the process proceeds to step S309, otherwise, the normal business process is transferred.
  • the issuing bank can use the system to determine the risk of the fake card in real time or afterwards according to the actual situation and can improve the probability and efficiency of identifying the fake card.
  • the transaction processing system can take various measures to prevent the risk from spreading.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method for detecting false card risk comprises the following steps: a receiving step (S201), a transaction processing system receiving from a transaction terminal the data associated with the transaction which a financial IC card requests to process; an abnormity judgment step (S202), the transaction processing system judging whether the transaction processed under the request is abnormal according to the data; a false card risk determination step (S204), the transaction processing system determining that the false card risk exists on the financial IC card if the financial IC card abnormal number is greater than a first threshold or the frequency of the transaction which the financial IC card requests to process is greater than a second threshold. The method can find false card risk timely and improve the probability and efficiency of the identification of a false card. A transaction processing system is also disclosed.

Description

监测伪卡风险的方法和实现该方法的交易处理系统Method for monitoring pseudo card risk and transaction processing system implementing the method 技术领域Technical field
本发明涉及计算机技术,特别涉及一种监测伪卡风险的方法以及实现上述方法的交易处理系统。The present invention relates to computer technology, and more particularly to a method of monitoring the risk of a fake card and a transaction processing system implementing the above method.
背景技术Background technique
随着金融IC卡的普及,通过伪造卡片盗取持卡人资金的案件日益增多。该类案件不仅使持卡人蒙受损失,而且也常常导致发卡行与持卡人之间产生法律和经济纠纷。因此如何从技术上防范伪造的金融IC卡的重要性变得更为突出。With the popularization of financial IC cards, cases of cardholders’ funds being stolen by counterfeiting cards are increasing. Such cases not only cause losses to the cardholder, but also often lead to legal and economic disputes between the card issuer and the cardholder. Therefore, the importance of technically preventing counterfeit financial IC cards has become more prominent.
目前判断金融IC卡的真伪一般有两种方法,即交易终端的脱机数据认证和发卡行的联机认证。在前种方法中,交易终端将在本地对卡片进行脱机认证,如果用户的认证信息(例如密码或诸如指纹和虹膜之类的生物学信息)与卡片内存储的数据匹配,则认证通过,否则,则终止交易。而在后一种方法中,交易终端将用户的认证信息加密后发送至远程交易处理系统,只有在接收到交易处理系统的授权请求密文认证之后,交易终端才继续进一步的处理,否则,则终止交易。但是如果伪造的金融IC卡是根据卡片内的个人化数据克隆出来的时候,这种基于身份信息的验证机制可能将失效。At present, there are generally two methods for judging the authenticity of a financial IC card, namely offline data authentication of the transaction terminal and online authentication of the issuing bank. In the former method, the transaction terminal will perform offline authentication of the card locally, and if the user's authentication information (such as a password or biological information such as a fingerprint and an iris) matches the data stored in the card, the authentication is passed. Otherwise, the transaction is terminated. In the latter method, the transaction terminal encrypts the user's authentication information and sends it to the remote transaction processing system. The transaction terminal continues to process further after receiving the authorization request ciphertext authentication of the transaction processing system. Otherwise, Terminate the transaction. However, if the forged financial IC card is cloned based on the personalized data in the card, the authentication mechanism based on the identity information may be invalid.
由此可见,迫切需要提供一种能够更为准确和及时地监测伪卡风险的方法以提高伪卡风险防范能力。It can be seen that there is an urgent need to provide a method for monitoring the risk of pseudo-cards more accurately and timely to improve the risk prevention capability of pseudo-cards.
发明内容Summary of the invention
本发明的一个目的是提供一种监测伪卡风险的方法,其能够为准确、及时地识别伪卡提供技术基础。It is an object of the present invention to provide a method of monitoring the risk of a fake card that provides a technical basis for accurate and timely identification of a fake card.
按照本发明的一个实施例的监测伪卡风险的方法包括下列步骤:A method of monitoring the risk of a fake card in accordance with an embodiment of the present invention includes the following steps:
接收步骤,在该步骤中交易处理系统从交易终端接收与金融IC卡请求处理的交易相关联的数据;a receiving step in which the transaction processing system receives data associated with the transaction processed by the financial IC card request from the transaction terminal;
异常判断步骤,在该步骤中,所述交易处理系统根据所述数据判断请求处理的交易是否异常; An abnormality determining step, in which the transaction processing system determines whether the transaction requested to be processed is abnormal according to the data;
伪卡风险确定步骤,在该步骤中,如果该金融IC卡出现异常的交易的次数大于第一阈值,或者如果该金融IC卡请求处理的交易的频度大于第二阈值,则所述交易处理系统确定该张金融IC卡存在伪卡风险。a pseudo card risk determining step, in which, if the number of abnormal transactions of the financial IC card is greater than a first threshold, or if the frequency of the transaction requested by the financial IC card is greater than a second threshold, the transaction processing The system determines that there is a risk of a fake card in the financial IC card.
优选地,在上述监测伪卡风险的方法中,所述数据包含在所述金融IC卡内的已更新ATC值,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述已更新ATC值等于所述交易处理系统存储的当前ATC值,则判断请求处理的交易出现异常。Preferably, in the above method for monitoring the risk of a fake card, the data includes an updated ATC value in the financial IC card, and the transaction processing system performs the abnormality determining step in the following manner: if the The updated ATC value is equal to the current ATC value stored by the transaction processing system, and it is determined that the transaction requested to be processed is abnormal.
优选地,在上述监测伪卡风险的方法中,所述交易为联机交易,所述数据包含在所述金融IC卡内已更新的联机交易ATC值,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述已更新的联机交易ATC值小于或等于所述交易处理系统存储的当前联机交易ATC值,则判断请求处理的交易出现异常。Preferably, in the above method for monitoring the risk of a fake card, the transaction is an online transaction, the data includes an updated online transaction ATC value in the financial IC card, and the transaction processing system executes the method in the following manner The abnormality determining step: if the updated online transaction ATC value is less than or equal to the current online transaction ATC value stored by the transaction processing system, it is determined that the transaction requested to be processed is abnormal.
优选地,在上述监测伪卡风险的方法中,所述数据包含与所述金融IC卡对应的卡片序列号,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果与金融IC卡对应的卡片序列号在所述交易处理系统存储的有效卡片序列号记录中无匹配的记录项,则判断请求处理的交易出现异常。Preferably, in the above method for monitoring the risk of a fake card, the data includes a card serial number corresponding to the financial IC card, and the transaction processing system performs the abnormality determining step in the following manner: if with a financial IC card If the corresponding card serial number does not have a matching record in the valid card serial number record stored in the transaction processing system, it is determined that the transaction requested to be processed is abnormal.
优选地,在上述监测伪卡风险的方法中,所述交易为联机交易,所述数据包含在所述金融IC卡内已更新的电子现金脱机消费余额,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述已更新的电子现金脱机消费余额大于上一次联机圈存后所述交易处理系统返回给所述金融IC卡的电子现金脱机消费余额,则判断请求处理的交易出现异常。Preferably, in the above method for monitoring the risk of a fake card, the transaction is an online transaction, the data includes an updated electronic cash offline consumption balance in the financial IC card, and the transaction processing system is in the following manner Performing the abnormality determining step: if the updated electronic cash offline consumption balance is greater than the electronic cash offline consumption balance returned by the transaction processing system to the financial IC card after the last online deposit, determining the request processing The transaction was abnormal.
优选地,在上述监测伪卡风险的方法中,所述交易为脱机交易,所述数据包含与所述交易对应的交易金额和在所述金融IC卡内已更新的电子现金脱机消费余额,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述交易金额与所述已更新的电子现金脱机消费余额之和大于上一次联机圈存后所述交易处理系统返回给所述金融IC卡的电子现金脱机消费余额,则判断请求处理的交易出现异常。Preferably, in the above method for monitoring the risk of the fake card, the transaction is an offline transaction, and the data includes a transaction amount corresponding to the transaction and an updated electronic cash offline consumption balance in the financial IC card. And the transaction processing system performs the abnormality determining step in the following manner: if the sum of the transaction amount and the updated electronic cash offline consumption balance is greater than the last online deposit, the transaction processing system returns The electronic cash offline consumption balance of the financial IC card determines that the transaction requested to be processed is abnormal.
优选地,在上述监测伪卡风险的方法中,所述交易为脱机交易, 所述数据包含与所述交易对应的交易金额,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述交易金额大于所述交易处理系统存储的当前电子现金脱机消费余额,则判断请求处理的交易出现异常。Preferably, in the above method for monitoring the risk of the fake card, the transaction is an offline transaction, The data includes a transaction amount corresponding to the transaction, and the transaction processing system performs the abnormality determination step in the following manner: if the transaction amount is greater than a current electronic cash offline consumption balance stored by the transaction processing system, Then, it is judged that the transaction requested to be processed is abnormal.
本发明的另外一个目的是提供一种交易处理系统,其能够为准确、及时地识别伪卡提供技术基础。It is another object of the present invention to provide a transaction processing system that provides a technical basis for accurate and timely identification of a fake card.
按照本发明一个实施例的交易处理系统包括:A transaction processing system in accordance with one embodiment of the present invention includes:
通信单元,用于从交易终端接收与金融IC卡请求处理的交易相关联的数据;a communication unit, configured to receive, from the transaction terminal, data associated with the transaction processed by the financial IC card request;
存储单元,用于存储与所述金融IC卡相关联的卡片数据;a storage unit, configured to store card data associated with the financial IC card;
异常判断单元,用于根据所述数据判断请求处理的交易是否异常;An abnormality determining unit, configured to determine, according to the data, whether the transaction processed by the request is abnormal;
伪卡风险评估单元,用于按照下列方式确定伪卡风险:如果该金融IC卡出现异常的交易的次数大于第一阈值,或者如果该金融IC卡请求处理的交易的频度大于第二阈值,则确定该张金融IC卡存在伪卡风险。a pseudo card risk evaluation unit, configured to determine a pseudo card risk according to the following manner: if the number of abnormal transactions of the financial IC card is greater than a first threshold, or if the frequency of the transaction requested by the financial IC card is greater than a second threshold, Then it is determined that the financial IC card has a risk of a fake card.
优选地,在上述交易处理系统中,所述数据包含在所述金融IC卡内的已更新ATC值,并且所述异常判断单元按照下列方式执行异常判断:如果所述已更新ATC值等于所述存储单元存储的当前ATC值,则判断请求处理的交易出现异常。Preferably, in the above transaction processing system, the data includes an updated ATC value in the financial IC card, and the abnormality determining unit performs an abnormality determination in the following manner: if the updated ATC value is equal to the The current ATC value stored in the storage unit determines that the transaction requested to be processed is abnormal.
优选地,在上述交易处理系统中,所述交易为联机交易,所述数据包含在所述金融IC卡内已更新的联机交易ATC值,并且所述异常判断单元按照下列方式执行异常判断:如果所述已更新的联机交易ATC值小于或等于所述存储单元存储的当前联机交易ATC值,则判断请求处理的交易出现异常。Preferably, in the above transaction processing system, the transaction is an online transaction, the data includes an updated online transaction ATC value in the financial IC card, and the abnormality determining unit performs an abnormality determination in the following manner: If the updated online transaction ATC value is less than or equal to the current online transaction ATC value stored by the storage unit, it is determined that the transaction requested to be processed is abnormal.
优选地,在上述交易处理系统中,所述数据包含与所述金融IC卡对应的卡片序列号,并且所述异常判断单元按照下列方式执行异常判断:如果与金融IC卡对应的卡片序列号在所述存储单元存储的有效卡片序列号记录中无匹配的记录项,则判断请求处理的交易出现异常。Preferably, in the above transaction processing system, the data includes a card serial number corresponding to the financial IC card, and the abnormality determining unit performs abnormality determination in the following manner: if the card serial number corresponding to the financial IC card is If there is no matching record item in the valid card serial number record stored by the storage unit, it is determined that the transaction requested to be processed is abnormal.
优选地,在上述交易处理系统中,所述交易为联机交易,所述数据包含在所述金融IC卡内已更新的电子现金脱机消费余额,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述已更新的电子现金脱机消费余额大于上一次联机圈存后所述交易处理系统返 回给所述金融IC卡的电子现金脱机消费余额,则判断请求处理的交易出现异常。Preferably, in the above transaction processing system, the transaction is an online transaction, the data includes an updated electronic cash offline consumption balance in the financial IC card, and the transaction processing system performs the following manner Abnormal judgment step: if the updated electronic cash offline consumption balance is greater than the transaction processing system returned after the last online deposit When the electronic cash offline consumption balance of the financial IC card is returned, it is judged that the transaction requested to be processed is abnormal.
优选地,在上述交易处理系统中,所述交易为脱机交易,所述数据包含与所述交易对应的交易金额和在所述金融IC卡内已更新的电子现金脱机消费余额,并且所述异常判断单元按照下列方式执行异常判断:如果所述交易金额与所述已更新的电子现金脱机消费余额之和大于上一次联机圈存后所述交易处理系统返回给所述金融IC卡的电子现金脱机消费余额,则判断请求处理的交易出现异常。Preferably, in the above transaction processing system, the transaction is an offline transaction, and the data includes a transaction amount corresponding to the transaction and an updated electronic cash offline consumption balance in the financial IC card, and The abnormality determining unit performs abnormality judgment in the following manner: if the sum of the transaction amount and the updated electronic cash offline consumption balance is greater than the last online deposit, the transaction processing system returns to the financial IC card If the electronic cash offline consumption balance is used, it is judged that the transaction processed by the request is abnormal.
优选地,在上述交易处理系统中,所述交易为脱机交易,所述数据包含与所述交易对应的交易金额,并且所述异常判断单元按照下列方式执行异常判断:如果所述交易金额大于所述存储单元存储的当前电子现金脱机消费余额,则判断请求处理的交易出现异常。Preferably, in the above transaction processing system, the transaction is an offline transaction, the data includes a transaction amount corresponding to the transaction, and the abnormality determining unit performs an abnormality determination in the following manner: if the transaction amount is greater than The current electronic cash offline consumption balance stored by the storage unit determines that the transaction requested to be processed is abnormal.
附图说明DRAWINGS
从结合附图的以下详细说明中,将会使本发明的上述和其它目的及优点更加完全清楚。The above and other objects and advantages of the present invention will become more fully apparent from the Detailed Description
图1为按照本发明一个实施例的交易处理系统的示意图。1 is a schematic diagram of a transaction processing system in accordance with one embodiment of the present invention.
图2为按照本发明另一个实施例的监测伪卡风险的方法的流程图。2 is a flow chart of a method of monitoring the risk of a fake card in accordance with another embodiment of the present invention.
图3为图2所示方法中的异常判断例程的流程图。3 is a flow chart of an abnormality determination routine in the method of FIG. 2.
具体实施方式detailed description
下面参照其中图示了本发明示意性实施例的附图更为全面地说明本发明。但本发明可以按不同形式来实现,而不应解读为仅限于本文给出的各实施例。给出的上述各实施例旨在使本文的披露全面完整,从而使对本发明保护范围的理解更为全面和准确。The invention will now be described more fully hereinafter with reference to the accompanying drawings However, the invention may be embodied in different forms and should not be construed as limited to the various embodiments presented herein. The various embodiments described above are intended to be complete and complete, so that the understanding of the scope of the invention is more comprehensive and accurate.
诸如“包含”和“包括”之类的用语表示除了具有在说明书和权利要求书中有直接和明确表述的单元和步骤以外,本发明的技术方案也不排除具有未被直接或明确表述的其它单元和步骤的情形。The use of terms such as "including" and "comprises" or "comprises" or "comprises" or "comprising" or "comprises" The situation of the unit and the steps.
诸如“第一”和“第二”之类的用语并不表示单元在时间、空间、大小等方面的顺序而仅仅是作区分各单元之用,并且对于单元的数量也无限定作用。Terms such as "first" and "second" do not denote the order of the elements in terms of time, space, size, etc., but merely for distinguishing the units, and also have no limiting effect on the number of units.
按照本发明的一个实施例,通过分析金融IC卡的交易行为模式来 识别异常交易,并借助可定制的事件规则集来确定伪卡风险,由此采取相应的处理措施(例如生成警告消息、拒绝交易或者锁卡等)。由于事件规则可以根据应用情况定制和修改,因而能够准确、及时地监测伪卡风险。According to an embodiment of the present invention, by analyzing the trading behavior pattern of the financial IC card Identify anomalous transactions and use a customizable set of event rules to determine the risk of the fake card, thereby taking appropriate action (such as generating a warning message, rejecting a transaction, or locking a card, etc.). Since the event rules can be customized and modified according to the application, the risk of the fake card can be monitored accurately and timely.
图1为按照本发明一个实施例的交易处理系统的示意图。如图1所示,按照本实施例的交易处理系统10包括通信单元110、存储单元120、异常判断单元130和伪卡风险评估单元140,其中,异常判断单元130与通信单元110、存储单元120和伪卡风险评估单元140相连,伪卡风险评估单元140与通信单元110、存储单元120和异常判断单元130相连。1 is a schematic diagram of a transaction processing system in accordance with one embodiment of the present invention. As shown in FIG. 1, the transaction processing system 10 according to the present embodiment includes a communication unit 110, a storage unit 120, an abnormality determination unit 130, and a pseudo-card risk evaluation unit 140, wherein the abnormality determination unit 130 and the communication unit 110 and the storage unit 120 The pseudo card risk evaluation unit 140 is connected to the communication unit 110, the storage unit 120, and the abnormality determining unit 130.
通信单元110例如经网络与远程交易终端20连接,其与交易终端20交互通信。在一个典型的应用场景下,当用户在交易终端20处进行交易时,交易终端20向通信单元110发送与金融IC卡30请求处理的交易相关联的数据。这些数据例如包括但不限于金融IC卡的卡片序列号、交易证书(TC)、应用交易计数器(ATC)的计数值、随机数、动态签名数据、交易金额、电子现金脱机余额和卡片记录以及这些参数的任意组合等。The communication unit 110 is connected to the remote transaction terminal 20 via a network, for example, which is in interactive communication with the transaction terminal 20. In a typical application scenario, when a user conducts a transaction at the transaction terminal 20, the transaction terminal 20 transmits data associated with the transaction requested by the financial IC card 30 to the communication unit 110. Such data includes, for example, but is not limited to, a card serial number of a financial IC card, a transaction certificate (TC), an application transaction counter (ATC) count value, a random number, dynamic signature data, a transaction amount, an electronic cash offline balance, and a card record. Any combination of these parameters, etc.
存储单元120用于存储与金融IC卡相关联的卡片数据。The storage unit 120 is for storing card data associated with the financial IC card.
异常判断单元130对交易终端20经通信单元110上传的交易数据进行解析以判断交易是否出现异常并且将异常情况上报伪卡风险评估单元140。The abnormality judging unit 130 parses the transaction data uploaded by the transaction terminal 20 via the communication unit 110 to determine whether the transaction is abnormal and reports the abnormality to the pseudo-card risk evaluation unit 140.
在本说明书中,应用交易计数器(ATC)指的是这样一种计数器,其用于对金融IC卡的交易笔数(包括联机和脱机交易)进行计数。优选地,将金融IC卡30设计为配置ATC,并且在交易处理系统10中为该张金融IC卡也配置相应的ATC。通过在交易结束时使二者同步更新,可以使异常判断单元130根据二者计数值的匹配与否来判断交易是否异常。例如假设金融IC卡和交易处理系统10的存储单元120处的ATC的初始值均为0,在交易过程中,使交易终端20向交易处理系统10发送的数据中包含在金融IC卡内已经更新的ATC值,此时存储单元10处的ATC值尚未更新,因此应该小于前者。一旦异常判断单元130发现存储单元120处的对应ATC值等于接收到的数据中的ATC值,则可判断交易出现异常。此外,针对联机交易,还可以为金 融IC卡30配置专门的ATC(也称为联机交易ATC),相应地,在存储单元120中也配置与该联机交易ATC对应的ATC(也称为交易处理系统的当前联机交易ATC)。由此异常判断单元130可以根据二者计数值的匹配与否发现联机交易中的异常交易。In this specification, an application transaction counter (ATC) refers to a counter for counting the number of transactions of a financial IC card, including online and offline transactions. Preferably, the financial IC card 30 is designed to configure the ATC, and the corresponding ATC is also configured for the financial IC card in the transaction processing system 10. By synchronously updating the two at the end of the transaction, the abnormality determining unit 130 can determine whether the transaction is abnormal based on the matching of the count values of the two. For example, it is assumed that the initial values of the ATC at the storage unit 120 of the financial IC card and the transaction processing system 10 are both 0. In the transaction process, the data transmitted by the transaction terminal 20 to the transaction processing system 10 is included in the financial IC card. The ATC value, at this time, the ATC value at the storage unit 10 has not been updated, and therefore should be smaller than the former. Once the abnormality determining unit 130 finds that the corresponding ATC value at the storage unit 120 is equal to the ATC value in the received data, it can be judged that the transaction is abnormal. In addition, for online transactions, it can also be gold The integrated IC card 30 is configured with a dedicated ATC (also referred to as an online transaction ATC), and correspondingly, an ATC (also referred to as a current online transaction ATC of the transaction processing system) corresponding to the online transaction ATC is also disposed in the storage unit 120. Thus, the abnormality determining unit 130 can find an abnormal transaction in the online transaction according to the matching of the count values of the two.
在每张金融IC卡作个人化处理时,将被分配一个唯一的卡片序列号。在本实施例中,当交易终端20上传至通信单元110的数据中包含该卡片序列号时,异常判断单元130可以通过其与预先存储在存储单元120内的记录的匹配性来验证该金融IC卡是否合法有效。A unique card serial number will be assigned to each financial IC card for personalization. In the present embodiment, when the card serial number is included in the data uploaded by the transaction terminal 20 to the communication unit 110, the abnormality determining unit 130 can verify the financial IC by its matching with the record stored in the storage unit 120 in advance. Whether the card is legal and valid.
在进行联机圈存交易时,交易处理系统10将向金融IC卡返回联机圈存后该卡片的电子现金脱机余额M。在对金融IC卡作个人化处理时,其上存储的电子现金脱机余额和交易处理系统10返回的联机圈存后该卡片的电子现金脱机余额一般被设定为取相同的数值。在随后的使用过程中,交易处理系统10返回的电子现金脱机余额M仅随每笔联机圈存交易的金额而变化,即,在进行联机圈存交易时,所返回的电子现金脱机余额M被更新为圈存金额和圈存交易上传的电子现金脱机余额之和。During the online inventory transaction, the transaction processing system 10 will return the electronic cash offline balance M of the card to the financial IC card after the online deposit. When the financial IC card is personalized, the electronic cash offline balance stored thereon and the online cash balance of the card after the online transaction of the transaction processing system 10 are generally set to take the same value. In the subsequent use, the electronic cash offline balance M returned by the transaction processing system 10 only changes with the amount of each online deposit transaction, that is, the electronic cash offline balance returned when the online deposit transaction is performed. M is updated to the sum of the inventory amount and the electronic cash offline balance uploaded by the inventory transaction.
在本实施例中,异常判断单元130可以利用交易过程涉及的金额来判断是否出现交易异常。例如,对于脱机交易模式,当交易终端20经通信单元110上传电子现金脱机消费交易金额和电子现金脱机余额时,如果二者之和大于上一次联机圈存后交易处理系统10返回给金融IC卡的电子现金脱机余额M,则异常判断单元130确定出现交易异常并且上报伪卡风险评估单元140。或者对于联机交易模式,如果交易终端20上传的电子现金脱机余额大于上一次联机圈存后交易处理系统10返回给金融IC卡的电子现金脱机余额M,则异常判断单元130确定出现交易异常并且上报伪卡风险评估单元140。In the present embodiment, the abnormality determining unit 130 may use the amount involved in the transaction process to determine whether a transaction abnormality has occurred. For example, for the offline transaction mode, when the transaction terminal 20 uploads the electronic cash offline consumption transaction amount and the electronic cash offline balance via the communication unit 110, if the sum of the two is greater than the last online deposit, the transaction processing system 10 returns The electronic cash offline balance M of the financial IC card, the abnormality determining unit 130 determines that a transaction abnormality has occurred and reports the pseudo-card risk evaluation unit 140. Or, for the online transaction mode, if the electronic cash offline balance uploaded by the transaction terminal 20 is greater than the electronic cash offline balance M returned by the transaction processing system 10 to the financial IC card after the last online deposit, the abnormality determining unit 130 determines that the transaction abnormality occurs. And the fake card risk evaluation unit 140 is reported.
在对金融IC片作个人化处理时,一般将卡片处存储的电子现金脱机余额与存储单元120处存储的当前电子现金脱机消费余额N设定为取相同的数值。随后,当前电子现金脱机消费余额N随联机圈存交易和电子现金脱机消费的金额而变化,其更新方式为:When personalizing the financial IC chip, the electronic cash offline balance stored at the card is generally set to the same value as the current electronic cash offline consumption balance N stored at the storage unit 120. Subsequently, the current electronic cash offline consumption balance N varies with the amount of online inventory transactions and electronic cash offline consumption, and the update method is:
1)当发生圈存交易时,交易处理系统10将当前电子现金脱机消费余额N更新为每笔联机圈存后返回给卡片的电子现金脱机余额(即上面所述的电子现金脱机余额M)。 1) When a loop transaction occurs, the transaction processing system 10 updates the current electronic cash offline consumption balance N to the electronic cash offline balance returned to the card after each online deposit (ie, the electronic cash offline balance described above) M).
2)当发生电子现金脱机消费时,交易处理系统10用当前电子现金脱机消费余额N减去交易终端20上传的电子现金脱机消费的交易金额后并且用得到的差值去更新所存储的当前电子现金脱机消费余额N。2) When the electronic cash offline consumption occurs, the transaction processing system 10 subtracts the transaction amount of the electronic cash offline consumption uploaded by the transaction terminal 20 with the current electronic cash offline consumption balance N and updates the stored value with the obtained difference value. Current electronic cash offline consumption balance N.
在本实施例中,对于脱机交易模式,还可以根据交易终端20上传的电子现金脱机消费交易金额和交易处理系统10处存储的当前电子现金脱机消费余额N来判断是否出现交易异常。具体而言,如果电子现金脱机消费交易金额大于当前电子现金脱机消费余额N,则异常判断单元130确定出现交易异常并且上报伪卡风险评估单元140。In this embodiment, for the offline transaction mode, whether the transaction abnormality occurs may be determined according to the electronic cash offline consumption transaction amount uploaded by the transaction terminal 20 and the current electronic cash offline consumption balance N stored at the transaction processing system 10. Specifically, if the electronic cash offline consumption transaction amount is greater than the current electronic cash offline consumption balance N, the abnormality determining unit 130 determines that a transaction abnormality occurs and reports the pseudo-card risk assessment unit 140.
对于出现异常交易的金融IC卡,伪卡风险评估单元140根据下列方式确定伪卡风险:For a financial IC card in which an abnormal transaction occurs, the pseudo-card risk evaluation unit 140 determines the pseudo-card risk according to the following manner:
1)如果一张金融IC卡出现异常交易的次数大于第一阈值,则确定该张金融IC卡存在伪卡风险;或者1) if the number of abnormal transactions of a financial IC card is greater than the first threshold, it is determined that the financial IC card has a risk of a fake card; or
2)如果该金融IC卡请求处理的交易的频度大于第二阈值,则确定该张金融IC卡存在伪卡风险。2) If the frequency of the transaction requested by the financial IC card is greater than the second threshold, it is determined that the financial IC card has a pseudo-card risk.
这里的第一和第二阈值均可根据实际应用情况灵活调整。此外,交易的频度可以用单位时间间隔内交易处理系统10接收到的同一张金融IC卡联机交易的笔数来表征,其中单位时间间隔的长度T可以灵活设置。当交易频度较大时,基本上可确定有多张实体卡片几乎同时发生了多笔交易,因此存在很大的伪卡风险。The first and second thresholds here can be flexibly adjusted according to the actual application. In addition, the frequency of the transaction can be characterized by the number of online transactions of the same financial IC card received by the transaction processing system 10 in a unit time interval, wherein the length T of the unit time interval can be flexibly set. When the transaction frequency is large, it is basically determined that there are multiple physical cards, and multiple transactions occur at the same time, so there is a large risk of pseudo-cards.
在伪卡风险评估单元140确定存在伪卡风险后,交易处理系统10可以拒绝交易终端20的交易请求,或者在拒绝的同时,通过启动锁应用或者锁卡片的发卡行脚本,以使卡片应用锁定或者应用永久失效。此外,对于虽然未被确定存在伪卡风险但是已经出现交易异常的金融IC卡,也可以生成告警消息。After the pseudo-card risk assessment unit 140 determines that there is a pseudo-card risk, the transaction processing system 10 may reject the transaction request of the transaction terminal 20, or at the same time as rejecting, by launching the lock application or locking the card issuer script to lock the card application Or the application is permanently disabled. In addition, an alert message may be generated for a financial IC card that has not been determined to have a risk of a fake card but an abnormal transaction has occurred.
图2为按照本发明另一个实施例的监测伪卡风险的方法的流程图。示例性地,这里假设采用图1所示的交易处理系统的结构,但是从下面的描述中将会认识到,本实施例的方法并不依赖于特定的结构。2 is a flow chart of a method of monitoring the risk of a fake card in accordance with another embodiment of the present invention. Illustratively, it is assumed here that the structure of the transaction processing system shown in FIG. 1 is employed, but it will be appreciated from the following description that the method of the present embodiment does not depend on a specific structure.
如图2所示,在步骤S201中,交易处理系统10的通信单元110从交易终端20接收与金融IC卡30请求处理的交易相关联的数据。如上所述,这些数据例如包括但不限于金融IC卡的卡片序列号、交易证书(TC)、应用交易计数器(ATC)的计数值、随机数、动态签名数 据、交易金额、电子现金脱机余额和卡片记录以及这些参数的任意组合等。As shown in FIG. 2, in step S201, the communication unit 110 of the transaction processing system 10 receives data associated with the transaction requested by the financial IC card 30 from the transaction terminal 20. As described above, these data include, for example, but are not limited to, a card serial number of a financial IC card, a transaction certificate (TC), an application transaction counter (ATC) count value, a random number, and a dynamic signature number. According to the transaction amount, electronic cash offline balance and card records, and any combination of these parameters.
接着进入步骤S202或异常交易判断例程,由异常判断单元130根据与金融IC卡30请求处理的交易相关联的数据异常判断交易是否异常。有关异常交易判断的具体流程将在下面借助图3作详细描述。Next, the process proceeds to step S202 or the abnormality transaction determination routine, and the abnormality determination unit 130 determines whether the transaction is abnormal based on the data abnormality associated with the transaction requested by the financial IC card 30. The specific flow of the abnormal transaction judgment will be described in detail below with reference to FIG.
如果判断出现交易异常,则进入步骤S203,异常判断单元130向伪卡风险评估单元140上报出现交易异常的金融IC卡30,否则转入正常业务流程。If it is determined that a transaction abnormality has occurred, the process proceeds to step S203, and the abnormality determining unit 130 reports the financial IC card 30 in which the transaction abnormality occurs to the pseudo-card risk assessment unit 140, and otherwise proceeds to the normal business process.
接着进入步骤S204,伪卡风险评估单元140按照上面所述的方式,对异常判断单元130判断出现异常交易的卡片的伪卡风险进行评估并且生成相应的风险评估报告,使得交易处理系统10能够据此采取相应的处理措施,例如包括但不限于拒绝交易请求、使卡片应用锁定或者应用永久失效以及生成告警消息等。Next, proceeding to step S204, the pseudo-card risk assessment unit 140 evaluates the pseudo-card risk of the card in which the abnormal transaction occurs, and generates a corresponding risk assessment report, in accordance with the manner described above, so that the transaction processing system 10 can This takes corresponding measures, including, but not limited to, rejecting the transaction request, locking the card application or permanently invalidating the application, and generating an alert message.
图3为图2所示方法中的异常判断例程的流程图。3 is a flow chart of an abnormality determination routine in the method of FIG. 2.
如图3所示,首先进入步骤S301,异常判断单元130判断交易终端20上传的ATC值与存储单元120处存储的对应ATC值是否相等,如果相等,则判断交易出现异常并进入步骤S203,否则,则进入步骤S302。As shown in FIG. 3, the process proceeds to step S301. The abnormality determining unit 130 determines whether the ATC value uploaded by the transaction terminal 20 is equal to the corresponding ATC value stored at the storage unit 120. If they are equal, it is determined that the transaction is abnormal and proceeds to step S203, otherwise Then, the process proceeds to step S302.
在步骤S302,异常判断单元130判断交易终端20上传的数据是否包含卡片序列号,如果包括,则进入步骤S303,否则进入步骤S304。In step S302, the abnormality determining unit 130 determines whether the data uploaded by the transaction terminal 20 contains the card serial number, and if so, proceeds to step S303, otherwise proceeds to step S304.
在步骤S303,异常判断单元130确定存储单元120是否存在与交易终端20上传的卡片序列号相匹配的记录,如果存在,则确定金融IC卡合法有效并且进入步骤S304,否则,则进入步骤S203。In step S303, the abnormality determining unit 130 determines whether the storage unit 120 has a record matching the card serial number uploaded by the transaction terminal 20, and if so, determines that the financial IC card is legally valid and proceeds to step S304, otherwise, proceeds to step S203.
在步骤S304,异常判断单元130判断请求处理的交易是否为电子现金脱机消费模式,如果是,则进入步骤S305,否则进入步骤S306。In step S304, the abnormality determining unit 130 determines whether the transaction requested to be processed is the electronic cash offline consumption mode, and if so, proceeds to step S305, otherwise proceeds to step S306.
在步骤S305,异常判断单元130确定交易终端20上传的电子现金脱机消费交易金额和电子现金脱机余额之和是否大于上一次联机圈存后交易处理系统10返回给金融IC卡的电子现金脱机余额M,如果是,则确定交易异常并进入步骤S203,否则,则进入步骤S307。In step S305, the abnormality determining unit 130 determines whether the sum of the electronic cash offline consumption transaction amount and the electronic cash offline balance uploaded by the transaction terminal 20 is greater than the electronic cash withdrawal of the transaction processing system 10 returned to the financial IC card after the last online registration. The machine balance M, if yes, determines that the transaction is abnormal and proceeds to step S203, otherwise, proceeds to step S307.
在步骤S307,异常判断单元130确定交易终端20上传的电子现金脱机消费交易金额是否大于存储单元120处存储的当前电子现金脱机消费余额N,如果是,则确定交易异常并进入步骤S203,否则,则 转入正常业务流程。In step S307, the abnormality determining unit 130 determines whether the electronic cash offline consumption transaction amount uploaded by the transaction terminal 20 is greater than the current electronic cash offline consumption balance N stored at the storage unit 120, and if so, determines that the transaction is abnormal and proceeds to step S203. Otherwise, then Transfer to normal business processes.
参见图3,在步骤S304的另一个分支步骤S306中,异常判断单元130判断交易终端20上传的联机交易ATC值是否大于存储单元120处存储的对应的当前联机交易ATC值,如果大于,则进入步骤S308,否则,则判断交易出现异常并进入步骤S203。Referring to FIG. 3, in another branching step S306 of step S304, the abnormality determining unit 130 determines whether the online transaction ATC value uploaded by the transaction terminal 20 is greater than the corresponding current online transaction ATC value stored at the storage unit 120, and if it is greater than, enters Step S308, otherwise, it is judged that the transaction is abnormal and proceeds to step S203.
在步骤S308。异常判断单元130判断交易终端20上传的数据中是否包含电子现金脱机余额,如果包括,则进入步骤S309,否则,则转入正常业务流程。At step S308. The abnormality determining unit 130 determines whether the electronic cash offline balance is included in the data uploaded by the transaction terminal 20. If yes, the process proceeds to step S309, otherwise, the normal business process is transferred.
在步骤S309中,异常判断单元130判断交易终端20上传的电子现金脱机余额大于存储单元120存储的上一次联机圈存后交易处理系统10返回给金融IC卡的电子现金脱机余额M。如果大于,则判断交易出现异常并进入步骤S203,否则,则转入正常业务流程。In step S309, the abnormality determining unit 130 determines that the electronic cash offline balance uploaded by the transaction terminal 20 is greater than the electronic cash offline balance M returned by the transaction processing system 10 to the financial IC card stored in the last online storage after the storage unit 120. If it is greater, it is judged that the transaction is abnormal and proceeds to step S203, otherwise, it is transferred to the normal business process.
按照本发明的实施例具有下列优点。Embodiments in accordance with the present invention have the following advantages.
作为交易处理系统原有风险控制手段的补充,能够帮助发卡行提前发现伪卡风险。As a supplement to the original risk control measures of the transaction processing system, it can help the issuing bank to detect the risk of the fake card in advance.
发卡行可根据实际情况,利用该系统实时或者事后确定伪卡风险并且可以提高识别伪卡的概率和效率。The issuing bank can use the system to determine the risk of the fake card in real time or afterwards according to the actual situation and can improve the probability and efficiency of identifying the fake card.
在确定伪卡风险或发现交易异常时,交易处理系统可以采取各种处置措施以防止风险扩散。In determining the risk of a fake card or discovering a transaction anomaly, the transaction processing system can take various measures to prevent the risk from spreading.
由于可以在不背离本发明基本精神的情况下,以各种形式实施本发明,因此上面描述的具体实施方式仅是说明性的而不是限制性的。本发明的范围由所附权利要求定义,对上面描述方式所作的各种变化或变动都属于所附权利要求的保护范围。 The present invention has been described by way of example only and not by way of limitation. The scope of the invention is defined by the appended claims, and various changes and modifications may be made in the scope of the appended claims.

Claims (14)

  1. 一种监测伪卡风险的方法,其特征在于,包括下列步骤:A method for monitoring the risk of a fake card, comprising the steps of:
    接收步骤,在该步骤中交易处理系统从交易终端接收与金融IC卡请求处理的交易相关联的数据;a receiving step in which the transaction processing system receives data associated with the transaction processed by the financial IC card request from the transaction terminal;
    异常判断步骤,在该步骤中,所述交易处理系统根据所述数据判断请求处理的交易是否异常;An abnormality determining step, in which the transaction processing system determines whether the transaction requested to be processed is abnormal according to the data;
    伪卡风险确定步骤,在该步骤中,如果该金融IC卡出现异常的交易的次数大于第一阈值,或者如果该金融IC卡请求处理的交易的频度大于第二阈值,则所述交易处理系统确定该张金融IC卡存在伪卡风险。a pseudo card risk determining step, in which, if the number of abnormal transactions of the financial IC card is greater than a first threshold, or if the frequency of the transaction requested by the financial IC card is greater than a second threshold, the transaction processing The system determines that there is a risk of a fake card in the financial IC card.
  2. 如权利要求1所述的监测伪卡风险的方法,其中,所述数据包含在所述金融IC卡内的已更新ATC值,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述已更新ATC值等于所述交易处理系统存储的当前ATC值,则判断请求处理的交易出现异常。A method of monitoring a risk of a fake card according to claim 1, wherein said data includes an updated ATC value in said financial IC card, and said transaction processing system performs said abnormality determining step in the following manner: The updated ATC value is equal to the current ATC value stored by the transaction processing system, and then it is determined that the transaction requested to be processed is abnormal.
  3. 如权利要求1所述的监测伪卡风险的方法,其中,所述交易为联机交易,所述数据包含在所述金融IC卡内已更新的联机交易ATC值,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述已更新的联机交易ATC值小于或等于所述交易处理系统存储的当前联机交易ATC值,则判断请求处理的交易出现异常。A method of monitoring the risk of a fake card according to claim 1, wherein said transaction is an online transaction, said data comprising an updated online transaction ATC value in said financial IC card, and said transaction processing system is as follows The method performs the abnormality determining step: if the updated online transaction ATC value is less than or equal to the current online transaction ATC value stored by the transaction processing system, it is determined that the transaction requested to be processed is abnormal.
  4. 如权利要求1所述的监测伪卡风险的方法,其中,所述数据包含与所述金融IC卡对应的卡片序列号,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果与金融IC卡对应的卡片序列号在所述交易处理系统存储的有效卡片序列号记录中无匹配的记录项,则判断请求处理的交易出现异常。A method of monitoring a risk of a fake card according to claim 1, wherein said data includes a card serial number corresponding to said financial IC card, and said transaction processing system performs said abnormality determining step in the following manner: if If the card serial number corresponding to the financial IC card does not have a matching record in the valid card serial number record stored in the transaction processing system, it is determined that the transaction requested to be processed is abnormal.
  5. 如权利要求1所述的监测伪卡风险的方法,其中,所述交易为联机交易,所述数据包含在所述金融IC卡内已更新的电子现金脱机消费余额,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述已更新的电子现金脱机消费余额大于上一次联机圈存后所述交易处理系统返回给所述金融IC卡的电子现金脱机消费余额,则判断请求处理的交易出现异常。A method of monitoring a risk of a fake card according to claim 1, wherein said transaction is an online transaction, said data comprising an updated electronic cash offline consumption balance in said financial IC card, and said transaction processing system Performing the abnormality determining step according to the following manner: if the updated electronic cash offline consumption balance is greater than the electronic cash offline consumption balance returned by the transaction processing system to the financial IC card after the last online deposit, It is judged that the transaction processed by the request is abnormal.
  6. 如权利要求1所述的监测伪卡风险的方法,其中,所述交易为 脱机交易,所述数据包含与所述交易对应的交易金额和在所述金融IC卡内已更新的电子现金脱机消费余额,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述交易金额与所述已更新的电子现金脱机消费余额之和大于上一次联机圈存后所述交易处理系统返回给所述金融IC卡的电子现金脱机消费余额,则判断请求处理的交易出现异常。A method of monitoring the risk of a fake card as claimed in claim 1 wherein said transaction is Offline transaction, the data including a transaction amount corresponding to the transaction and an updated electronic cash offline consumption balance in the financial IC card, and the transaction processing system performs the abnormality determination step in the following manner: If the sum of the transaction amount and the updated electronic cash offline consumption balance is greater than the electronic cash offline consumption balance returned by the transaction processing system to the financial IC card after the last online deposit, determining the request processing The transaction was abnormal.
  7. 如权利要求1所述的监测伪卡风险的方法,其中,所述交易为脱机交易,所述数据包含与所述交易对应的交易金额,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述交易金额大于所述交易处理系统存储的当前电子现金脱机消费余额,则判断请求处理的交易出现异常。A method of monitoring a risk of a fake card according to claim 1, wherein said transaction is an offline transaction, said data includes a transaction amount corresponding to said transaction, and said transaction processing system executes said abnormality in the following manner Judgment step: if the transaction amount is greater than the current electronic cash offline consumption balance stored by the transaction processing system, it is determined that the transaction requested to be processed is abnormal.
  8. 一种交易处理系统,其特征在于,包括:A transaction processing system, comprising:
    通信单元,用于从交易终端接收与金融IC卡请求处理的交易相关联的数据;a communication unit, configured to receive, from the transaction terminal, data associated with the transaction processed by the financial IC card request;
    存储单元,用于存储与所述金融IC卡相关联的卡片数据;a storage unit, configured to store card data associated with the financial IC card;
    异常判断单元,用于根据所述数据判断请求处理的交易是否异常;An abnormality determining unit, configured to determine, according to the data, whether the transaction processed by the request is abnormal;
    伪卡风险评估单元,用于按照下列方式确定伪卡风险:如果该金融IC卡出现异常的交易的次数大于第一阈值,或者如果该金融IC卡请求处理的交易的频度大于第二阈值,则确定该张金融IC卡存在伪卡风险。a pseudo card risk evaluation unit, configured to determine a pseudo card risk according to the following manner: if the number of abnormal transactions of the financial IC card is greater than a first threshold, or if the frequency of the transaction requested by the financial IC card is greater than a second threshold, Then it is determined that the financial IC card has a risk of a fake card.
  9. 如权利要求8所述的交易处理系统,其中,所述数据包含在所述金融IC卡内的已更新ATC值,并且所述异常判断单元按照下列方式执行异常判断:如果所述已更新ATC值等于所述存储单元存储的当前ATC值,则判断请求处理的交易出现异常。The transaction processing system according to claim 8, wherein said data includes an updated ATC value in said financial IC card, and said abnormality determining unit performs abnormality determination in the following manner: if said updated ATC value If it is equal to the current ATC value stored by the storage unit, it is judged that the transaction requested to be processed is abnormal.
  10. 如权利要求8所述的交易处理系统,其中,所述交易为联机交易,所述数据包含在所述金融IC卡内已更新的联机交易ATC值,并且所述异常判断单元按照下列方式执行异常判断:如果所述已更新的联机交易ATC值小于或等于所述存储单元存储的当前联机交易ATC值,则判断请求处理的交易出现异常。The transaction processing system according to claim 8, wherein said transaction is an online transaction, said data includes an updated online transaction ATC value in said financial IC card, and said abnormality determining unit performs an abnormality in the following manner Judging: if the updated online transaction ATC value is less than or equal to the current online transaction ATC value stored by the storage unit, it is determined that the transaction requested to be processed is abnormal.
  11. 如权利要求8所述的交易处理系统,其中,所述数据包含与所述金融IC卡对应的卡片序列号,并且所述异常判断单元按照下列方式执行异常判断:如果与金融IC卡对应的卡片序列号在所述存储单元 存储的有效卡片序列号记录中无匹配的记录项,则判断请求处理的交易出现异常。The transaction processing system according to claim 8, wherein said data includes a card serial number corresponding to said financial IC card, and said abnormality determining unit performs abnormality determination in the following manner: if a card corresponding to the financial IC card Serial number in the storage unit If there is no matching record item in the stored valid card serial number record, it is judged that the transaction processed by the request is abnormal.
  12. 如权利要求8所述的交易处理系统,其中,所述交易为联机交易,所述数据包含在所述金融IC卡内已更新的电子现金脱机消费余额,并且所述交易处理系统按照下列方式执行所述异常判断步骤:如果所述已更新的电子现金脱机消费余额大于上一次联机圈存后所述交易处理系统返回给所述金融IC卡的电子现金脱机消费余额,则判断请求处理的交易出现异常。The transaction processing system according to claim 8, wherein said transaction is an online transaction, said data includes an updated electronic cash offline consumption balance in said financial IC card, and said transaction processing system is in the following manner Performing the abnormality determining step: if the updated electronic cash offline consumption balance is greater than the electronic cash offline consumption balance returned by the transaction processing system to the financial IC card after the last online deposit, determining the request processing The transaction was abnormal.
  13. 如权利要求8所述的交易处理系统,其中,所述交易为脱机交易,所述数据包含与所述交易对应的交易金额和在所述金融IC卡内已更新的电子现金脱机消费余额,并且所述异常判断单元按照下列方式执行异常判断:如果所述交易金额与所述已更新的电子现金脱机消费余额之和大于上一次联机圈存后所述交易处理系统返回给所述金融IC卡的电子现金脱机消费余额,则判断请求处理的交易出现异常。A transaction processing system according to claim 8, wherein said transaction is an offline transaction, said data including a transaction amount corresponding to said transaction and an updated electronic cash offline consumption balance in said financial IC card And the abnormality judging unit performs an abnormality judgment in the following manner: if the sum of the transaction amount and the updated electronic cash offline consumption balance is greater than the last online deposit, the transaction processing system returns to the financial If the IC card's electronic cash offline consumption balance is used, it is judged that the transaction processed by the request is abnormal.
  14. 如权利要求8所述的交易处理系统,其中,所述交易为脱机交易,所述数据包含与所述交易对应的交易金额,并且所述异常判断单元按照下列方式执行异常判断:如果所述交易金额大于所述存储单元存储的当前电子现金脱机消费余额,则判断请求处理的交易出现异常。 The transaction processing system according to claim 8, wherein said transaction is an offline transaction, said data includes a transaction amount corresponding to said transaction, and said abnormality determining unit performs abnormality determination in the following manner: if said If the transaction amount is greater than the current electronic cash offline consumption balance stored in the storage unit, it is determined that the transaction requested to be processed is abnormal.
PCT/CN2014/093830 2013-12-30 2014-12-15 Method for detecting false card risk and transaction processing system for implementing same WO2015101166A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310742874.X 2013-12-30
CN201310742874.XA CN104751566B (en) 2013-12-30 2013-12-30 It monitors the method for pseudo- card risk and realizes the transaction processing system of this method

Publications (1)

Publication Number Publication Date
WO2015101166A1 true WO2015101166A1 (en) 2015-07-09

Family

ID=53493179

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/093830 WO2015101166A1 (en) 2013-12-30 2014-12-15 Method for detecting false card risk and transaction processing system for implementing same

Country Status (4)

Country Link
CN (1) CN104751566B (en)
HK (1) HK1211943A1 (en)
TW (1) TWI621082B (en)
WO (1) WO2015101166A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110490600A (en) * 2019-08-23 2019-11-22 中国联合网络通信集团有限公司 Handle method, server, the terminal of banking
CN110544100A (en) * 2019-09-10 2019-12-06 北京三快在线科技有限公司 Business identification method, device and medium based on machine learning

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105205659A (en) * 2015-08-28 2015-12-30 深圳市雪球科技有限公司 Mobile payment apparatus, and mobile payment method thereof and online liquidation method thereof
CN107133833A (en) * 2016-02-26 2017-09-05 阿里巴巴集团控股有限公司 abnormal transaction identification method and device
CN108228706A (en) * 2017-11-23 2018-06-29 中国银联股份有限公司 For identifying the method and apparatus of abnormal transaction corporations
CN110414985A (en) * 2019-06-12 2019-11-05 阿里巴巴集团控股有限公司 A kind of detection method and device of exception account
CN112241881A (en) * 2019-07-17 2021-01-19 天地融科技股份有限公司 Off-line transaction method and system based on electronic cash

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006039729A (en) * 2004-07-23 2006-02-09 Oki Electric Ind Co Ltd Transaction system, transaction device and settlement system
CN101488249A (en) * 2008-01-15 2009-07-22 中国移动通信集团公司 Method and apparatus for verifying customer transaction
CN101882233A (en) * 2010-06-02 2010-11-10 方亚南 Multifunctional chip card
CN103021082A (en) * 2012-12-13 2013-04-03 捷德(中国)信息科技有限公司 IC (Integrated Circuit) card transaction method and IC card
CN103440706A (en) * 2013-08-23 2013-12-11 捷德(中国)信息科技有限公司 Method and device for eliminating QPBOC abnormal transaction of financial IC card

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5991411A (en) * 1996-10-08 1999-11-23 International Business Machines Corporation Method and means for limiting adverse use of counterfeit credit cards, access badges, electronic accounts or the like
CN1403967A (en) * 2001-08-23 2003-03-19 广频科技股份有限公司 Credit card trade safety management system and method
CN101448249B (en) * 2008-01-25 2011-03-16 中兴通讯股份有限公司 Method for releasing data cached in serving gateway
TWI587226B (en) * 2012-04-17 2017-06-11 台灣開發建設股份有限公司 Electronic tag and processing system and method for securing electronic tag
CN106446021B (en) * 2013-06-24 2019-08-02 北京奇虎科技有限公司 A kind of method and system of anomaly data detection processing

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006039729A (en) * 2004-07-23 2006-02-09 Oki Electric Ind Co Ltd Transaction system, transaction device and settlement system
CN101488249A (en) * 2008-01-15 2009-07-22 中国移动通信集团公司 Method and apparatus for verifying customer transaction
CN101882233A (en) * 2010-06-02 2010-11-10 方亚南 Multifunctional chip card
CN103021082A (en) * 2012-12-13 2013-04-03 捷德(中国)信息科技有限公司 IC (Integrated Circuit) card transaction method and IC card
CN103440706A (en) * 2013-08-23 2013-12-11 捷德(中国)信息科技有限公司 Method and device for eliminating QPBOC abnormal transaction of financial IC card

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110490600A (en) * 2019-08-23 2019-11-22 中国联合网络通信集团有限公司 Handle method, server, the terminal of banking
CN110490600B (en) * 2019-08-23 2022-04-26 中国联合网络通信集团有限公司 Method, server and terminal for processing banking business
CN110544100A (en) * 2019-09-10 2019-12-06 北京三快在线科技有限公司 Business identification method, device and medium based on machine learning

Also Published As

Publication number Publication date
CN104751566A (en) 2015-07-01
CN104751566B (en) 2018-11-27
HK1211943A1 (en) 2016-06-03
TW201528171A (en) 2015-07-16
TWI621082B (en) 2018-04-11

Similar Documents

Publication Publication Date Title
WO2015101166A1 (en) Method for detecting false card risk and transaction processing system for implementing same
US10771251B1 (en) Identity management service via virtual passport
US8296232B2 (en) Systems and methods for screening payment transactions
US20110010289A1 (en) Method And System For Controlling Risk Using Static Payment Data And An Intelligent Payment Device
US20130282562A1 (en) Systems and methods for preventing fraudulent purchases
CN104867009A (en) Intelligent card, quota control system thereof, and quota control method thereof
US20130342311A1 (en) Production method, rfid transponder, authentication method, reader device and computer program product
US20230205859A1 (en) Biometric override for incorrect failed authorization
US11017396B2 (en) Automatic transaction device and control method thereof
WO2017106231A1 (en) System and method of identifying baker's fraud in transactions
US11804109B2 (en) Method, apparatus, and system for detecting card skimming devices
WO2013125245A1 (en) Reader device, data processing device equipped with same, and authenticity determination method
CN112801667A (en) Real-time transaction abnormity detection method and device
CN109074577A (en) wallet management system
US20070181670A1 (en) System, method and computer program product for POS-based capture of reference magnetic signatures
CN102129742A (en) Method for preventing embezzlement of bank card
US20190266594A1 (en) Reducing fraudulent data transfers
CN111681010A (en) Transaction verification method and device
US11868972B2 (en) Method and system of validating cash transactions
KR20150060374A (en) Fraud detection method and server for card payment in e-commerce
US20160080151A1 (en) Systems and Methods of Authentication of Communications
JP5208685B2 (en) Scrutiny management of automatic transaction equipment
OA20195A (en) Method and system of validating cash transactions.
CN116888611A (en) Technology for processing transaction by using contactless card based on one or more configurations of contactless card
Sretenović et al. PREVENTION OF FRAUD IN ELECTRONIC PAYMENT SYSTEMS

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14876892

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC , EPO FORM 1205A DATED 16-11-16

122 Ep: pct application non-entry in european phase

Ref document number: 14876892

Country of ref document: EP

Kind code of ref document: A1