WO2023053541A1 - Fraud detection system, fraud detection method, and program - Google Patents

Fraud detection system, fraud detection method, and program Download PDF

Info

Publication number
WO2023053541A1
WO2023053541A1 PCT/JP2022/016533 JP2022016533W WO2023053541A1 WO 2023053541 A1 WO2023053541 A1 WO 2023053541A1 JP 2022016533 W JP2022016533 W JP 2022016533W WO 2023053541 A1 WO2023053541 A1 WO 2023053541A1
Authority
WO
WIPO (PCT)
Prior art keywords
mail
fraud detection
transaction data
credit card
product
Prior art date
Application number
PCT/JP2022/016533
Other languages
French (fr)
Japanese (ja)
Inventor
靖裕 日昔
Original Assignee
Bhi株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bhi株式会社 filed Critical Bhi株式会社
Publication of WO2023053541A1 publication Critical patent/WO2023053541A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Definitions

  • the present invention relates to fraud detection systems, fraud detection methods, and programs.
  • Patent Document 1 determines the possibility of credit card fraud.
  • the present invention has been made in view of this background, and aims to provide a technology that can detect the possibility of unauthorized use of a credit card.
  • the main invention of the present invention for solving the above problems is a fraud detection system, comprising a payment information acquisition unit that acquires payment information related to a product or service purchased by a user from a server of a credit card company; a fraud detection unit that detects the possibility of fraudulent use of a credit card when an e-mail regarding the purchase of the product or service addressed to the user from the service seller does not arrive; and a notification unit that notifies the user when detected.
  • FIG. 3 is a diagram illustrating an example hardware configuration of a management server 2;
  • FIG. 3 is a diagram showing a software configuration example of a management server 2;
  • FIG. It is a figure explaining operation
  • the present invention has, for example, the following configurations.
  • a fraud detection system comprising: [Item 2] The fraud detection system according to item 1, an e-mail acquisition unit that acquires an e-mail addressed to the user from a mail server; a transaction data extraction unit that analyzes the e-mail and extracts transaction data related to the purchase of the product or service from the e-mail; further comprising The fraud detection unit determines whether the transaction data extraction unit has succeeded in extracting the transaction data, and the settlement date, settlement amount, and name of the seller
  • a fraud detection system characterized by: [Item 3] The fraud detection system according to item 1 or 2, The fraud detection unit detects the possibility of fraudulent use when the e-mail does not arrive within a predetermined time after the payment information is acquired;
  • a fraud detection system characterized by: [Item 4] The fraud detection system according to any one of items 1 to 3, further comprising a detection history storage unit that stores information related to the unauthorized use detected by the unauthorized detection unit;
  • a fraud detection system attempts to detect the risk of fraudulent use of a credit card.
  • a store related to electronic commerce (any store that can sell products, such as an EC site or an online shopping mall) It may be a store or an individual who sells goods.In addition, it may be a company that provides services as well as sales of goods. The same.) is used.
  • Transaction histories sent by e-mail have the same meaning as receipts in the real world.
  • the risk of unauthorized use of the credit card is detected by using e-mails containing such transaction details. Specifically, when payment by credit card is approved for a certain transaction, information including the details of the transaction (hereinafter referred to as payment information) is received, and an e-mail with the same content as the transaction details related to the payment information is sent to the user. is not received, it is determined that there is a risk of unauthorized use of the credit card.
  • payment information information including the details of the transaction
  • an e-mail with the same content as the transaction details related to the payment information is sent to the user. is not received, it is determined that there is a risk of unauthorized use
  • FIG. 1 is a diagram showing an example of the overall configuration of the fraud detection system of this embodiment.
  • the fraud detection system of this embodiment includes a management server 2 .
  • the management server 2 is communicably connected to each of the credit card server 1 and the mail server 3 via a communication network.
  • the communication network is, for example, the Internet, and is constructed by a public telephone line network, a mobile telephone line network, a wireless communication path, Ethernet (registered trademark), and the like.
  • the credit card server 1 is a computer operated by a credit card company.
  • the credit card server 1 provides the management server 2 with settlement information including the result of credit card settlement approval at the credit card company.
  • the mail server 3 is a computer that manages e-mails of credit card users.
  • the e-mail server 30 is a so-called MRA (Mail Retrieval Agent), has mailboxes, and can provide e-mails delivered to the mailboxes by protocols such as IMAP and POP, for example. It is assumed that the management server 2 has previously obtained permission from the user to access the mailbox managed by the mail server 3 .
  • MRA Mail Retrieval Agent
  • the management server 2 is a computer that detects the risk of unauthorized use of credit cards.
  • the management server 2 may be a general-purpose computer such as a workstation or personal computer, or may be logically implemented by cloud computing.
  • FIG. 2 is a diagram showing a hardware configuration example of the management server 2. As shown in FIG. Note that the illustrated configuration is an example, and other configurations may be employed.
  • the management server 2 includes a CPU 201 , a memory 202 , a storage device 203 , a communication interface 204 , an input device 205 and an output device 206 .
  • the storage device 203 is, for example, a hard disk drive, solid state drive, flash memory, etc., which stores various data and programs.
  • the communication interface 204 is an interface for connecting to the communication network 3, and includes, for example, an adapter for connecting to Ethernet (registered trademark), a modem for connecting to a public telephone network, and a wireless communication device for performing wireless communication.
  • the input device 205 is, for example, a keyboard, mouse, touch panel, button, microphone, etc. for inputting data.
  • the output device 206 is, for example, a display, printer, speaker, or the like that outputs data.
  • Each functional unit of the management server device 2, which will be described later, is implemented by the CPU 201 reading a program stored in the storage device 203 into the memory 202 and executing it. It is implemented as part of the storage area provided by 203 .
  • the credit card server 1 and mail server 3 can also have the same hardware configuration as the management server 2 .
  • FIG. 3 is a diagram showing a software configuration example of the management server 2.
  • the management server 2 includes a payment information acquisition unit 211, an e-mail acquisition unit 212, a transaction data extraction unit 213, a fraud detection unit 214, a notification unit 215, a fraud level provision unit 216, a payment information storage unit 231, a transaction data storage unit 232, A rule storage unit 233 , a billing name storage unit 234 , a detection history storage unit 235 , and a fraud degree information storage unit 236 are provided.
  • the payment information storage unit 231 stores payment information related to payments approved by credit card companies.
  • the payment information includes information indicating the user of the credit card (hereinafter referred to as user ID), date of use, destination (store name), amount used, payment type, current payment amount, and the like.
  • the transaction data storage unit 232 stores information on purchased products (hereinafter referred to as transaction data).
  • the transaction data includes the user ID indicating the user who purchased the product, the date and time when the e-mail regarding the purchase of the product was received, the date when the user purchased the product (transaction date), the store name indicating the store where the product was purchased, The product name indicating the purchased product, product price, shipping fee, payment amount, payment method, etc. can be included. These can be obtained from an e-mail sent by a seller (store) such as an EC site to a user who is a purchaser as information for confirmation. If multiple products are purchased with one payment, the transaction data may include multiple pairs of product names and product prices. In addition, when multiple deliveries are performed, multiple shipping charges may be included.
  • the settlement amount is the sum of the purchase amount of the product plus the shipping fee, and the amount for settlement by credit card after applying the discount by using points or coupons.
  • the means of payment are
  • the rule storage unit 233 stores rules for analyzing email data.
  • the rule storage unit 233 can store rules for each store.
  • a rule may be, for example, a learning model learned by machine learning of e-mail data.
  • the rule storage unit 233 further associates and stores the pattern of the address that is the transmission source of the e-mail (it may be the address itself, or it may be a pattern expressing the address using a regular expression or the like). can also be
  • the billing name storage unit 234 associates and stores the name of the store, which is the subject of the commercial transaction, with the name of the billing person (description) who makes the billing as the member store of the credit card.
  • the payment information obtained from the credit card server 1 will include this biller name as the billing party.
  • the detection history storage unit 235 is a database of blacklists of fraudulent detections.
  • the detection history storage unit 235 stores information (hereinafter referred to as detection information) related to fraudulent use detected by the fraud detection unit 214, which will be described later.
  • the detection information includes the user ID, the date and time when fraud was detected, the date of use of the credit card related to the fraudulent use, the name of the store, the name of the product, and the like.
  • the fraud level information storage unit 236 associates at least one of the product and the store for which the fraud detection unit has detected fraudulent use, and stores the fraud level, which is the degree to which fraudulent use is detected for at least one of the product and the store.
  • the degree of fraud can be expressed, for example, as a ratio of the number of cases of fraud detected for the product and store to the number of transaction data including the product and store.
  • the payment information acquisition unit 211 acquires payment information from the credit card server 1 .
  • the payment information acquisition unit 211 can register the acquired payment information in the payment information storage unit 231 .
  • the payment information acquisition unit 211 may, for example, periodically access the credit card server 1 to acquire additional payment information, or may be triggered by the payment being approved by the credit card server 1. Payment information may be sent and received.
  • the e-mail acquisition unit 212 acquires e-mail data addressed to the user.
  • the e-mail acquisition unit 212 can access the mail server 3 and acquire e-mail data from the user's mailbox according to protocols such as POP (Post Office Protocol) and IMAP (Internet Message Access Protocol).
  • the management server 2 is provided with a mail server storage section for managing mail servers to be accessed in association with user IDs, and the e-mail acquisition section 212 accesses all mail servers registered in the mail server storage section. can also be configured to collect email data.
  • the transaction data extraction unit 213 analyzes the e-mail and extracts transaction data related to product purchase from the e-mail.
  • E-mail data related to commercial transactions includes information related to transactions (transaction data).
  • Transaction data extraction unit 213 can extract transaction data from e-mail data according to rules registered in rule storage unit 233 .
  • the transaction data extracting unit 213 reads from the rule storage unit 233 a rule corresponding to an address pattern matching the source address included in the e-mail data, and extracts the transaction data from the e-mail data based on the read rule. can be extracted. Further, the transaction data extraction unit 213 may apply all the rules stored in the rule storage unit 233 and use the rules that successfully extract transaction data. A store name corresponding to the rule can be specified.
  • the transaction data extraction unit 213 acquires from the e-mail data information (for example, a URL for viewing the transaction history) for specifying the transaction history managed by the EC site, etc. Based on this, it is possible to access the EC site and acquire the transaction data. In this case, the transaction data extraction unit 213 can extract the transaction data displayed as the transaction history from the linked web page by scraping or the like. Further, the transaction data extracting unit 213 can acquire transaction data by passing information for identifying the transaction history extracted from the e-mail data to an API provided by the EC site.
  • the e-mail data information for example, a URL for viewing the transaction history
  • the fraud detection unit 214 can detect the possibility of fraudulent use of the credit card when an e-mail regarding the purchase of the product addressed to the user from the store or EC site that sells the product does not arrive after payment. .
  • the fraud detection unit 214 determines whether the transaction data extraction unit 213 has succeeded in extracting transaction data, and the payment date, payment amount, and seller name included in the extracted transaction data, and the usage date and usage date included in the payment information. By comparing the amount and the destination of use, it is possible to determine whether or not there is an e-mail regarding the purchase of the product. Further, the fraud detection unit 214 may detect the possibility of fraudulent use when no e-mail arrives within a predetermined time after the payment information acquisition unit 211 acquires the payment information.
  • the notification unit 215 notifies the user when the possibility of unauthorized use is detected.
  • the notification unit 215 may notify the possibility of unauthorized use by e-mail, or may notify by a message or push notification by a chat service.
  • the notifier 215 can include, for example, payment information corresponding to the detected fraud in the message.
  • the fraud level providing unit 216 can provide the fraud level in response to an external request. At least one of a product and a store is specified in the request. The fraud level providing unit 216 can read out the fraud level corresponding to at least one of the specified product and store from the fraud level information storage unit 236 and respond to the request.
  • FIG. 4 is a diagram for explaining the operation of the fraud detection system of this embodiment.
  • the management server 2 acquires payment information from the credit card server 1 and registers it in the payment information storage unit 231 (S301).
  • the management server 2 acquires the e-mail from the mail server 3 (S302), extracts transaction data from the acquired e-mail, and registers it in the transaction data storage unit 232 (S303).
  • the management server 2 determines that the time from the acquisition of the payment information in step S301 exceeds a predetermined threshold. If the timeout has not occurred (S305: NO), the process from step S302 is repeated.
  • the management server 2 When a timeout occurs (S305: YES), the management server 2 notifies the user of the possibility of unauthorized use of the credit card (S306).
  • the fraud detection system of the present embodiment after the credit card company approves the payment, the purchase of the product from the product provider (store) related to the payment is made within a predetermined time.
  • the possibility of unauthorized use of the credit card can be detected by not receiving an e-mail notifying that the transaction related to the product has been made to the person (user).

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

[Problem] To make it possible to detect the possibility of fraudulent use of a credit card. [Solution] This fraud detection system is characterized by comprising: a payment information acquisition unit that acquires payment information pertaining to a product or service that a user has purchased, from a server of a credit card company; a fraud detection unit that detects the possibility of fraudulent use of a credit card if an email message addressed to the user and related to the purchase of the product or service has not arrived from the seller of the product or service; and a notification unit that notifies the user in the case where the possibility of fraudulent use has been detected.

Description

不正検知システム、不正検知方法及びプログラムFraud detection system, fraud detection method and program
 本発明は、不正検知システム、不正検知方法及びプログラムに関する。 The present invention relates to fraud detection systems, fraud detection methods, and programs.
 特許文献1ではクレジットカードの不正のおそれを判定している。 Patent Document 1 determines the possibility of credit card fraud.
特開2021-144346号公報Japanese Patent Application Laid-Open No. 2021-144346
 不正のおそれを検出する多様な方法が求められている。 A variety of methods are required to detect the possibility of fraud.
 本発明はこのような背景を鑑みてなされたものであり、クレジットカードの不正使用のおそれを検知することのできる技術を提供することを目的とする。 The present invention has been made in view of this background, and aims to provide a technology that can detect the possibility of unauthorized use of a credit card.
 上記課題を解決するための本発明の主たる発明は、不正検知システムであって、クレジットカード会社のサーバからユーザが購入した商品又はサービスに係る決済情報を取得する決済情報取得部と、前記商品又はサービスの販売者から前記ユーザに宛てた前記商品又はサービスの購入に係る電子メールが届かなかった場合に、クレジットカードの不正利用の可能性を検知する不正検知部と、前記不正利用の可能性が検知された場合に前記ユーザに通知する通知部と、を備えることを特徴とする。 The main invention of the present invention for solving the above problems is a fraud detection system, comprising a payment information acquisition unit that acquires payment information related to a product or service purchased by a user from a server of a credit card company; a fraud detection unit that detects the possibility of fraudulent use of a credit card when an e-mail regarding the purchase of the product or service addressed to the user from the service seller does not arrive; and a notification unit that notifies the user when detected.
 その他本願が開示する課題やその解決方法については、発明の実施形態の欄及び図面により明らかにされる。 Other problems disclosed by the present application and their solutions will be clarified in the section of the embodiment of the invention and the drawings.
 本発明によれば、クレジットカードの不正使用のおそれを検知することができる。 According to the present invention, it is possible to detect the risk of unauthorized use of credit cards.
本実施形態の不正検知システムの全体構成例を示す図である。It is a figure which shows the whole structural example of the fraud detection system of this embodiment. 管理サーバ2のハードウェア構成例を示す図である。3 is a diagram illustrating an example hardware configuration of a management server 2; FIG. 管理サーバ2のソフトウェア構成例を示す図である。3 is a diagram showing a software configuration example of a management server 2; FIG. 本実施形態の不正検知システムの動作について説明する図である。It is a figure explaining operation|movement of the fraud detection system of this embodiment.
<発明の概要>
 本発明の実施形態の内容を列記して説明する。本発明は、たとえば、以下のような構成を備える。
[項目1]
 クレジットカード会社のサーバからユーザが購入した商品又はサービスに係る決済情報を取得する決済情報取得部と、
 前記商品又はサービスの販売者から前記ユーザに宛てた前記商品又はサービスの購入に係る電子メールが届かなかった場合に、クレジットカードの不正利用の可能性を検知する不正検知部と、
 前記不正利用の可能性が検知された場合に前記ユーザに通知する通知部と、
 を備えることを特徴とする不正検知システム。
[項目2]
 項目1に記載の不正検知システムであって、
 前記ユーザに宛てた電子メールをメールサーバから取得する電子メール取得部と、
 前記電子メールを解析して、前記商品又はサービスの購入に係る取引データを前記電子メールから抽出する取引データ抽出部と、
 をさらに備え、
 前記不正検知部は、前記取引データ抽出部が前記取引データの抽出に成功し、かつ、抽出した前記取引データに含まれる決済日、決済金額及び前記販売者の名称と、前記決済情報に含まれる利用日、利用金額、及び利用先とを照合して、前記商品又はサービスの購入に係る電子メールの有無を判断すること、
 を特徴とする不正検知システム。
[項目3]
 項目1又は2に記載の不正検知システムであって、
 前記不正検知部は、前記決済情報を取得してから所定時間内に前記電子メールが届かなかった場合に、前記不正利用の可能性を検知すること、
 を特徴とする不正検知システム。
[項目4]
 項目1乃至3のいずれか1項に記載の不正検知システムであって、
 前記不正検知部が検知した前記不正利用に係る情報を記憶する検知履歴記憶部をさらに備えること、
 を特徴とする不正検知システム。
[項目5]
 項目1乃至4のいずれか1項に記載の不正検知システムであって、
 前記不正検知部が前記不正利用を検知した前記商品又はサービス及び前記提供者の少なくともいずれかに対応付けて、当該商品又はサービス及び前記提供者の少なくともいずれかについて前記不正利用が検知される度合である不正度合を記憶する不正度合記憶部と、
 前記商品又はサービス及び前記提供者の少なくともいずれかが指定されたリクエストに応じて、指定された前記商品又はサービス及び前記提供者の少なくともいずれかについての前記不正度合を応答する不正度合提供部と、
 をさらに備えることを特徴とする不正検知システム。
[項目6]
 クレジットカード会社のサーバからユーザが購入した商品又はサービスに係る決済情報を取得するステップと、
 前記商品又はサービスの販売者から前記ユーザに宛てた前記商品又はサービスの購入に係る電子メールが届かなかった場合に、クレジットカードの不正利用の可能性を検知するステップと、
 前記不正利用の可能性が検知された場合に前記ユーザに通知するステップと、
 をコンピュータが実行することを特徴とする不正検知方法。
[項目7]
 クレジットカード会社のサーバからユーザが購入した商品又はサービスに係る決済情報を取得するステップと、
 前記商品又はサービスの販売者から前記ユーザに宛てた前記商品又はサービスの購入に係る電子メールが届かなかった場合に、クレジットカードの不正利用の可能性を検知するステップと、
 前記不正利用の可能性が検知された場合に前記ユーザに通知するステップと、
 をコンピュータに実行させるためのプログラム。 <Overview of the invention>
The contents of the embodiments of the present invention are listed and explained. The present invention has, for example, the following configurations.
[Item 1]
a payment information acquisition unit that acquires payment information related to the product or service purchased by the user from the server of the credit card company;
a fraud detection unit that detects the possibility of fraudulent use of a credit card when an e-mail regarding the purchase of the product or service addressed to the user from the seller of the product or service does not arrive;
a notification unit that notifies the user when the possibility of unauthorized use is detected;
A fraud detection system comprising:
[Item 2]
The fraud detection system according to item 1,
an e-mail acquisition unit that acquires an e-mail addressed to the user from a mail server;
a transaction data extraction unit that analyzes the e-mail and extracts transaction data related to the purchase of the product or service from the e-mail;
further comprising
The fraud detection unit determines whether the transaction data extraction unit has succeeded in extracting the transaction data, and the settlement date, settlement amount, and name of the seller included in the extracted transaction data, and the name of the seller included in the settlement information. Determining whether or not there is an e-mail regarding the purchase of the product or service by comparing the date of use, the amount of money used, and the destination of use;
A fraud detection system characterized by:
[Item 3]
The fraud detection system according to item 1 or 2,
The fraud detection unit detects the possibility of fraudulent use when the e-mail does not arrive within a predetermined time after the payment information is acquired;
A fraud detection system characterized by:
[Item 4]
The fraud detection system according to any one of items 1 to 3,
further comprising a detection history storage unit that stores information related to the unauthorized use detected by the unauthorized detection unit;
A fraud detection system characterized by:
[Item 5]
The fraud detection system according to any one of items 1 to 4,
The degree to which the unauthorized use is detected for at least one of the product or service and the provider in association with at least one of the product or service and the provider for which the unauthorized use has been detected by the unauthorized detection unit a fraud degree storage unit that stores a certain fraud degree;
a degree-of-fraud providing unit that, in response to a request in which at least one of the goods or services and the provider is designated, responds with the degree of fraud with respect to at least one of the designated goods or services and the provider;
A fraud detection system, further comprising:
[Item 6]
a step of acquiring payment information related to the product or service purchased by the user from the server of the credit card company;
a step of detecting the possibility of fraudulent use of a credit card when an e-mail regarding the purchase of the product or service addressed to the user from the seller of the product or service does not arrive;
notifying the user when the potential abuse is detected;
A fraud detection method, characterized in that the computer executes
[Item 7]
a step of acquiring payment information related to the product or service purchased by the user from the server of the credit card company;
a step of detecting the possibility of fraudulent use of a credit card when an e-mail regarding the purchase of the product or service addressed to the user from the seller of the product or service does not arrive;
notifying the user when the potential abuse is detected;
A program that causes a computer to run
<システム概要>
 以下、本発明の一実施形態に係る不正検知システムについて説明する。本実施形態の不正検知システムは、クレジットカードの不正利用のおそれを検知しようとするものである。 <System Overview>
A fraud detection system according to an embodiment of the present invention will be described below. The fraud detection system of this embodiment attempts to detect the risk of fraudulent use of a credit card.
 本実施形態の不正検知システムでは、電子商取引(EC)に係るストア(商品を販売する主体となりうるものであればよく、例えば、ECサイトであってもよいし、オンラインショッピングモールに出店している店舗であってもよいし、物を販売する個人であってもよい。また、商品の販売に限らず、サービスを提供するものであってもよい。)からユーザが商品(サービスを含む。以下同じ。)を購入した場合にストアからユーザに宛てて送信される電子メールを利用する。電子メールで送信される取引履歴は実世界でのレシートと同様の意味をなしているものの、大量の電子メールに埋もれて有効活用されていないのが現状である。本実施形態では、このような取引内容を電子メールを利用してクレジットカードの不正利用のおそれを検知する。具体的には、ある取引に関してクレジットカードによる決済が承認されたときにその取引の内容を含む情報(以下、決済情報という。)を受け、決済情報に係る取引内容と同内容の電子メールをユーザが受信できなかった場合に、クレジットカードの不正使用のおそれがあるものと判断する。 In the fraud detection system of the present embodiment, a store related to electronic commerce (EC) (any store that can sell products, such as an EC site or an online shopping mall) It may be a store or an individual who sells goods.In addition, it may be a company that provides services as well as sales of goods. The same.) is used. Transaction histories sent by e-mail have the same meaning as receipts in the real world. In this embodiment, the risk of unauthorized use of the credit card is detected by using e-mails containing such transaction details. Specifically, when payment by credit card is approved for a certain transaction, information including the details of the transaction (hereinafter referred to as payment information) is received, and an e-mail with the same content as the transaction details related to the payment information is sent to the user. is not received, it is determined that there is a risk of unauthorized use of the credit card.
 図1は、本実施形態の不正検知システムの全体構成例を示す図である。本実施形態の不正検知システムは、管理サーバ2を含んで構成される。管理サーバ2は、クレジットカードサーバ1及びメールサーバ3のそれぞれと通信ネットワークを介して通信可能に接続される。通信ネットワークは、たとえばインターネットであり、公衆電話回線網や携帯電話回線網、無線通信路、イーサネット(登録商標)などにより構築される。 FIG. 1 is a diagram showing an example of the overall configuration of the fraud detection system of this embodiment. The fraud detection system of this embodiment includes a management server 2 . The management server 2 is communicably connected to each of the credit card server 1 and the mail server 3 via a communication network. The communication network is, for example, the Internet, and is constructed by a public telephone line network, a mobile telephone line network, a wireless communication path, Ethernet (registered trademark), and the like.
 クレジットカードサーバ1は、クレジットカード会社が運営するコンピュータである。クレジットカードサーバ1は、クレジットカード会社におけるクレジットカードの決済承認が行われた場合に、その結果を含めた決済情報を管理サーバ2に提供する。 The credit card server 1 is a computer operated by a credit card company. The credit card server 1 provides the management server 2 with settlement information including the result of credit card settlement approval at the credit card company.
 メールサーバ3は、クレジットカードのユーザの電子メールを管理するコンピュータである。電子メールサーバ30は、いわゆるMRA(Mail Retrieval Agent)であり、メールボックスを備え、例えば、IMAPやPOPなどのプロトコルによりメールボックスに配送されている電子メールを提供することができる。管理サーバ2は、事前にユーザからメールサーバ3が管理するメールボックスへのアクセス許可を得ているものとする。 The mail server 3 is a computer that manages e-mails of credit card users. The e-mail server 30 is a so-called MRA (Mail Retrieval Agent), has mailboxes, and can provide e-mails delivered to the mailboxes by protocols such as IMAP and POP, for example. It is assumed that the management server 2 has previously obtained permission from the user to access the mailbox managed by the mail server 3 .
 管理サーバ2は、クレジットカードの不正利用のおそれを検知するコンピュータである。管理サーバ2は、例えばワークステーションやパーソナルコンピュータのような汎用コンピュータとしてもよいし、あるいはクラウド・コンピューティングによって論理的に実現されてもよい。 The management server 2 is a computer that detects the risk of unauthorized use of credit cards. The management server 2 may be a general-purpose computer such as a workstation or personal computer, or may be logically implemented by cloud computing.
<ハードウェア構成例>
 図2は、管理サーバ2のハードウェア構成例を示す図である。なお、図示された構成は一例であり、これ以外の構成を有していてもよい。管理サーバ2は、CPU201、メモリ202、記憶装置203、通信インタフェース204、入力装置205、出力装置206を備える。記憶装置203は、各種のデータやプログラムを記憶する、例えばハードディスクドライブやソリッドステートドライブ、フラッシュメモリなどである。通信インタフェース204は、通信ネットワーク3に接続するためのインタフェースであり、例えばイーサネット(登録商標)に接続するためのアダプタ、公衆電話回線網に接続するためのモデム、無線通信を行うための無線通信機、シリアル通信のためのUSB(Universal Serial Bus)コネクタやRS232Cコネクタなどである。入力装置205は、データを入力する、例えばキーボードやマウス、タッチパネル、ボタン、マイクロフォンなどである。出力装置206は、データを出力する、例えばディスプレイやプリンタ、スピーカなどである。なお、後述する管理サーバ装置2の各機能部はCPU201が記憶装置203に記憶されているプログラムをメモリ202に読み出して実行することにより実現され、管理サーバ2の各記憶部はメモリ202及び記憶装置203が提供する記憶領域の一部として実現される。なお、クレジットカードサーバ1及びメールサーバ3についても、管理サーバ2と同様のハードウェア構成とすることができる。 <Hardware configuration example>
FIG. 2 is a diagram showing a hardware configuration example of the management server 2. As shown in FIG. Note that the illustrated configuration is an example, and other configurations may be employed. The management server 2 includes a CPU 201 , a memory 202 , a storage device 203 , a communication interface 204 , an input device 205 and an output device 206 . The storage device 203 is, for example, a hard disk drive, solid state drive, flash memory, etc., which stores various data and programs. The communication interface 204 is an interface for connecting to the communication network 3, and includes, for example, an adapter for connecting to Ethernet (registered trademark), a modem for connecting to a public telephone network, and a wireless communication device for performing wireless communication. , a USB (Universal Serial Bus) connector and an RS232C connector for serial communication. The input device 205 is, for example, a keyboard, mouse, touch panel, button, microphone, etc. for inputting data. The output device 206 is, for example, a display, printer, speaker, or the like that outputs data. Each functional unit of the management server device 2, which will be described later, is implemented by the CPU 201 reading a program stored in the storage device 203 into the memory 202 and executing it. It is implemented as part of the storage area provided by 203 . Note that the credit card server 1 and mail server 3 can also have the same hardware configuration as the management server 2 .
<ソフトウェア構成例>
 図3は、管理サーバ2のソフトウェア構成例を示す図である。管理サーバ2は、決済情報取得部211、電子メール取得部212、取引データ抽出部213、不正検知部214、通知部215、不正度合提供部216、決済情報記憶部231、取引データ記憶部232、ルール記憶部233、請求名義記憶部234、検知履歴記憶部235、不正度合情報記憶部236、を備える。 <Software configuration example>
FIG. 3 is a diagram showing a software configuration example of the management server 2. As shown in FIG. The management server 2 includes a payment information acquisition unit 211, an e-mail acquisition unit 212, a transaction data extraction unit 213, a fraud detection unit 214, a notification unit 215, a fraud level provision unit 216, a payment information storage unit 231, a transaction data storage unit 232, A rule storage unit 233 , a billing name storage unit 234 , a detection history storage unit 235 , and a fraud degree information storage unit 236 are provided.
<記憶部>
 決済情報記憶部231は、クレジットカード会社が承認した決済に関する決済情報を記憶する。決済情報には、クレジットカードのユーザを示す情報(以下、ユーザIDという。)と、利用日、利用先(ストアの名称)、利用金額、支払区分、今回支払額などが含まれる。 <Memory part>
The payment information storage unit 231 stores payment information related to payments approved by credit card companies. The payment information includes information indicating the user of the credit card (hereinafter referred to as user ID), date of use, destination (store name), amount used, payment type, current payment amount, and the like.
 取引データ記憶部232は、購入した商品に関する情報(以下、取引データという。)を記憶する。取引データには、商品を購入したユーザを示すユーザID、当該商品の購入に関する電子メールを受信した受信日時、ユーザが商品を購入した日(取引日)、商品を購入したストアを示すストア名、購入した商品を示す商品名、商品の金額、送料、決済金額、決済手段などを含めることができる。これらは、ECサイトなどの販売者(ストア)が購入者であるユーザに対して確認のための情報として送信した電子メールから取得することができる。1回の決済で複数の商品を購入した場合には、取引データには、複数の商品名及び商品の金額のペアが含まれ得る。また、複数回の送付が行われる場合には、送料が複数含まれる場合もあり得る。決済金額は、商品の購入金額の合計に送料を加算し、ポイントやクーポンの利用による割引を適用した後のクレジットカードによる決済を行う金額である。決済手段は、 The transaction data storage unit 232 stores information on purchased products (hereinafter referred to as transaction data). The transaction data includes the user ID indicating the user who purchased the product, the date and time when the e-mail regarding the purchase of the product was received, the date when the user purchased the product (transaction date), the store name indicating the store where the product was purchased, The product name indicating the purchased product, product price, shipping fee, payment amount, payment method, etc. can be included. These can be obtained from an e-mail sent by a seller (store) such as an EC site to a user who is a purchaser as information for confirmation. If multiple products are purchased with one payment, the transaction data may include multiple pairs of product names and product prices. In addition, when multiple deliveries are performed, multiple shipping charges may be included. The settlement amount is the sum of the purchase amount of the product plus the shipping fee, and the amount for settlement by credit card after applying the discount by using points or coupons. The means of payment are
 ルール記憶部233は、電子メールデータを解析するためのルールを記憶する。ルール記憶部233は、ストアごとにルールを記憶することができる。ルールは、例えば、電子メールデータを機械学習により学習した学習モデルであってもよい。ルール記憶部233は、電子メールの送信元となるアドレスのパターン(アドレスそのものであってもよいし、アドレスを正規表現等により表現したパターンであってもよい。)をさらに対応付けて記憶するようにすることもできる。 The rule storage unit 233 stores rules for analyzing email data. The rule storage unit 233 can store rules for each store. A rule may be, for example, a learning model learned by machine learning of e-mail data. The rule storage unit 233 further associates and stores the pattern of the address that is the transmission source of the e-mail (it may be the address itself, or it may be a pattern expressing the address using a regular expression or the like). can also be
 請求名義記憶部234は、商取引の主体である店舗名と、クレジットカードの加盟店として請求を行う請求人名(明細表記)とを対応付けて記憶する。クレジットカードサーバ1から取得する決済情報には、この請求人名が利用先として含まれることになる。 The billing name storage unit 234 associates and stores the name of the store, which is the subject of the commercial transaction, with the name of the billing person (description) who makes the billing as the member store of the credit card. The payment information obtained from the credit card server 1 will include this biller name as the billing party.
 検知履歴記憶部235は、不正が検知できたものをブラックリストとしてデータベース化したものである。検知履歴記憶部235は、後述する不正検知部214が検知した不正利用に係る情報(以下、検知情報という。)を記憶する。検知情報には、ユーザID、不正を検知した日時、当該不正利用に係るクレジットカードの利用日、ストア名、商品名などが含まれる。 The detection history storage unit 235 is a database of blacklists of fraudulent detections. The detection history storage unit 235 stores information (hereinafter referred to as detection information) related to fraudulent use detected by the fraud detection unit 214, which will be described later. The detection information includes the user ID, the date and time when fraud was detected, the date of use of the credit card related to the fraudulent use, the name of the store, the name of the product, and the like.
 不正度合情報記憶部236は、不正検知部が不正利用を検知した商品及びストアの少なくともいずれかに対応付けて、当該商品及びストアの少なくともいずれかについて不正利用が検知される度合である不正度合を記憶する。不正度合は、例えば、当該商品及びストアについて不正が検出された件数の、当該商品及びストアが含まれる取引データの数に対する割合として表すことができる。 The fraud level information storage unit 236 associates at least one of the product and the store for which the fraud detection unit has detected fraudulent use, and stores the fraud level, which is the degree to which fraudulent use is detected for at least one of the product and the store. Remember. The degree of fraud can be expressed, for example, as a ratio of the number of cases of fraud detected for the product and store to the number of transaction data including the product and store.
<機能部>
 決済情報取得部211は、クレジットカードサーバ1から決済情報を取得する。決済情報取得部211は、取得した決済情報を決済情報記憶部231に登録することができる。決済情報取得部211は、例えば、定期的にクレジットカードサーバ1にアクセスして追加された決済情報を取得するようにしてもよいし、クレジットカードサーバ1から決済が承認されたことを契機にして決済情報が送信され、これを受信するようにしてもよい。 <Function part>
The payment information acquisition unit 211 acquires payment information from the credit card server 1 . The payment information acquisition unit 211 can register the acquired payment information in the payment information storage unit 231 . The payment information acquisition unit 211 may, for example, periodically access the credit card server 1 to acquire additional payment information, or may be triggered by the payment being approved by the credit card server 1. Payment information may be sent and received.
 電子メール取得部212は、ユーザ宛ての電子メールデータを取得する。電子メール取得部212は、メールサーバ3にアクセスして、POP(Post Office Protocol)、IMAP(Internet Message Access Protocol)などのプロトコルに従って、ユーザのメールボックスから電子メールデータを取得することができる。管理サーバ2は、アクセスするメールサーバをユーザIDに対応付けて管理するメールサーバ記憶部を備えるようにし、電子メール取得部212は、メールサーバ記憶部に登録されている全てのメールサーバにアクセスして、電子メールデータを収集するようにすることもできる。 The e-mail acquisition unit 212 acquires e-mail data addressed to the user. The e-mail acquisition unit 212 can access the mail server 3 and acquire e-mail data from the user's mailbox according to protocols such as POP (Post Office Protocol) and IMAP (Internet Message Access Protocol). The management server 2 is provided with a mail server storage section for managing mail servers to be accessed in association with user IDs, and the e-mail acquisition section 212 accesses all mail servers registered in the mail server storage section. can also be configured to collect email data.
 取引データ抽出部213は、電子メールを解析して、商品の購入に係る取引データを電子メールから抽出する。電子メールデータのうち、商取引に関連するものには、取引に関連する情報(取引データ)が含まれている。取引データ抽出部213は、ルール記憶部233に登録されているルールに従って電子メールデータから取引データを抽出することができる。取引データ抽出部213は、電子メールデータに含まれている送信元のアドレスがマッチするアドレスパターンに対応するルールをルール記憶部233から読み出して、読み出したルールに基づいて電子メールデータから取引データを抽出することができる。また、取引データ抽出部213は、ルール記憶部233に記憶されている全てのルールを適用して、取引データの抽出に成功したものを使用するようにしてもよく、この場合には、成功したルールに対応するストア名を特定することができる。 The transaction data extraction unit 213 analyzes the e-mail and extracts transaction data related to product purchase from the e-mail. E-mail data related to commercial transactions includes information related to transactions (transaction data). Transaction data extraction unit 213 can extract transaction data from e-mail data according to rules registered in rule storage unit 233 . The transaction data extracting unit 213 reads from the rule storage unit 233 a rule corresponding to an address pattern matching the source address included in the e-mail data, and extracts the transaction data from the e-mail data based on the read rule. can be extracted. Further, the transaction data extraction unit 213 may apply all the rules stored in the rule storage unit 233 and use the rules that successfully extract transaction data. A store name corresponding to the rule can be specified.
 また、取引データ抽出部213は、ECサイトなどで管理されている取引履歴を特定するための情報(例えば、取引履歴を閲覧するためのURLなど)を電子メールデータから取得し、取得した情報に基づいてECサイトにアクセスして取引データを取得するようにすることができる。この場合、取引データ抽出部213は、リンク先のWebページから取引履歴として表示されている取引データを、スクレイピング等の手法により抽出するようにすることができる。また、取引データ抽出部213は、電子メールデータから抽出した取引履歴を特定するための情報を、ECサイトが提供するAPIに渡して取引データを取得するようにすることもできる。 In addition, the transaction data extraction unit 213 acquires from the e-mail data information (for example, a URL for viewing the transaction history) for specifying the transaction history managed by the EC site, etc. Based on this, it is possible to access the EC site and acquire the transaction data. In this case, the transaction data extraction unit 213 can extract the transaction data displayed as the transaction history from the linked web page by scraping or the like. Further, the transaction data extracting unit 213 can acquire transaction data by passing information for identifying the transaction history extracted from the e-mail data to an API provided by the EC site.
 不正検知部214は、決済後に、商品を販売するストア又はECサイトからユーザに宛てた商品の購入に係る電子メールが届かなかった場合に、クレジットカードの不正利用の可能性を検知することができる。不正検知部214は、取引データ抽出部213が取引データの抽出に成功し、かつ、抽出した取引データに含まれる決済日、決済金額及び販売者の名称と、決済情報に含まれる利用日、利用金額、及び利用先とを照合して、商品の購入に係る電子メールの有無を判断することができる。また、不正検知部214は、決済情報取得部211が決済情報を取得してから所定時間内に電子メールが届かなかった場合に、不正利用の可能性を検知するようにしてもよい。 The fraud detection unit 214 can detect the possibility of fraudulent use of the credit card when an e-mail regarding the purchase of the product addressed to the user from the store or EC site that sells the product does not arrive after payment. . The fraud detection unit 214 determines whether the transaction data extraction unit 213 has succeeded in extracting transaction data, and the payment date, payment amount, and seller name included in the extracted transaction data, and the usage date and usage date included in the payment information. By comparing the amount and the destination of use, it is possible to determine whether or not there is an e-mail regarding the purchase of the product. Further, the fraud detection unit 214 may detect the possibility of fraudulent use when no e-mail arrives within a predetermined time after the payment information acquisition unit 211 acquires the payment information.
 通知部215は、不正利用の可能性が検知された場合にユーザに通知する。通知部215は、電子メールにより不正利用の可能性を通知してもよいし、チャットサービスによるメッセージやプッシュ通知により通知を行うようにしてもよい。通知部215は、例えば、検出された不正に対応する決済情報をメッセージに含めることができる。 The notification unit 215 notifies the user when the possibility of unauthorized use is detected. The notification unit 215 may notify the possibility of unauthorized use by e-mail, or may notify by a message or push notification by a chat service. The notifier 215 can include, for example, payment information corresponding to the detected fraud in the message.
 不正度合提供部216は、外部からのリクエストに応じて不正度合を提供することができる。リクエストには、商品及びストアの少なくともいずれかが指定される。不正度合提供部216は、指定された商品及びストアの少なくともいずれかに対応する不正度合を不正度合情報記憶部236から読み出して、リクエストに応答することができる。 The fraud level providing unit 216 can provide the fraud level in response to an external request. At least one of a product and a store is specified in the request. The fraud level providing unit 216 can read out the fraud level corresponding to at least one of the specified product and store from the fraud level information storage unit 236 and respond to the request.
<動作>
 図4は、本実施形態の不正検知システムの動作について説明する図である。 <Action>
FIG. 4 is a diagram for explaining the operation of the fraud detection system of this embodiment.
 管理サーバ2は、クレジットカードサーバ1から決済情報を取得して決済情報記憶部231に登録する(S301)。管理サーバ2は、メールサーバ3から電子メールを取得し(S302)、取得した電子メールから取引データを抽出して取引データ記憶部232に登録する(S303)。管理サーバ2は、抽出した取引データに対応する決済情報が決済情報記憶部231に登録されていない場合に(S304)、ステップS301で決済情報を取得してからの時間が所定の閾値を超えたタイムアウトになっていなければ(S305:NO)、ステップS302からの処理を繰り返す。 The management server 2 acquires payment information from the credit card server 1 and registers it in the payment information storage unit 231 (S301). The management server 2 acquires the e-mail from the mail server 3 (S302), extracts transaction data from the acquired e-mail, and registers it in the transaction data storage unit 232 (S303). When the payment information corresponding to the extracted transaction data is not registered in the payment information storage unit 231 (S304), the management server 2 determines that the time from the acquisition of the payment information in step S301 exceeds a predetermined threshold. If the timeout has not occurred (S305: NO), the process from step S302 is repeated.
 管理サーバ2は、タイムアウトが発生した場合(S305:YES)、クレジットカードの不正利用のおそれをユーザに通知する(S306)。 When a timeout occurs (S305: YES), the management server 2 notifies the user of the possibility of unauthorized use of the credit card (S306).
 以上のようにして、本実施形態の不正検知システムによれば、クレジットカード会社が決済の承認を行ってから、所定時間以内に、当該決済に係る商品の提供者(ストア)から、商品の購入者(ユーザ)への当該商品に係る取引が行われたことを知らせる電子メールが到達しないことをもって、クレジットカードの不正利用のおそれを検知することができる。 As described above, according to the fraud detection system of the present embodiment, after the credit card company approves the payment, the purchase of the product from the product provider (store) related to the payment is made within a predetermined time. The possibility of unauthorized use of the credit card can be detected by not receiving an e-mail notifying that the transaction related to the product has been made to the person (user).
 以上、本実施形態について説明したが、上記実施形態は本発明の理解を容易にするためのものであり、本発明を限定して解釈するためのものではない。本発明は、その趣旨を逸脱することなく、変更、改良され得ると共に、本発明にはその等価物も含まれる。 Although the present embodiment has been described above, the above embodiment is intended to facilitate understanding of the present invention, and is not intended to limit and interpret the present invention. The present invention can be modified and improved without departing from its spirit, and the present invention also includes equivalents thereof.
  1 クレジットカードサーバ
  2 管理サーバ
  3 メールサーバ 1 credit card server 2 management server 3 mail server

Claims (6)

  1.  クレジットカード会社のサーバからユーザのクレジットカードの決済により購入された商品又はサービスに係る決済情報を取得する決済情報取得部と、
     前記ユーザに宛てた電子メールをメールサーバから取得する電子メール取得部と、
     前記電子メールを解析して、前記商品又はサービスの購入に係る取引データを前記電子メールから抽出する取引データ抽出部と、
     前記取引データ抽出部が前記取引データの抽出に成功し、かつ、抽出した前記取引データに含まれる決済日、決済金額及び販売者の名称と、前記決済情報に含まれる利用日、利用金額、及び利用先とを照合して、前記商品又はサービスの購入に係る電子メールの有無を判断し、前記商品又はサービスの購入に係る電子メールが届かなかった場合に、クレジットカードの不正利用の可能性を検知する不正検知部と、
     前記不正利用の可能性が検知された場合に前記ユーザに通知する通知部と、
     を備えることを特徴とする不正検知システム。     a payment information acquisition unit that acquires payment information related to the product or service purchased by the user's credit card payment from the server of the credit card company;
    an e-mail acquisition unit that acquires an e-mail addressed to the user from a mail server;
    a transaction data extraction unit that analyzes the e-mail and extracts transaction data related to the purchase of the product or service from the e-mail;
    The transaction data extraction unit succeeds in extracting the transaction data, and the payment date, payment amount, and seller name included in the extracted transaction data, and the usage date, usage amount, and usage date included in the payment information. Check with the destination to determine whether or not there is an e-mail related to the purchase of the goods or services, and if the e-mail related to the purchase of the goods or services does not arrive, the possibility of unauthorized use of the credit card a fraud detection unit that detects
    a notification unit that notifies the user when the possibility of unauthorized use is detected;
    A fraud detection system comprising:
  2.  請求項1に記載の不正検知システムであって、
     前記不正検知部は、前記決済情報を取得してから所定時間内に前記電子メールが届かなかった場合に、前記不正利用の可能性を検知すること、
     を特徴とする不正検知システム。     The fraud detection system according to claim 1,
    The fraud detection unit detects the possibility of fraudulent use when the e-mail does not arrive within a predetermined time after the payment information is acquired;
    A fraud detection system characterized by:
  3.  請求項1又は2に記載の不正検知システムであって、
     前記不正検知部が検知した前記不正利用に係る情報を記憶する検知履歴記憶部をさらに備えること、
     を特徴とする不正検知システム。     The fraud detection system according to claim 1 or 2,
    further comprising a detection history storage unit that stores information related to the unauthorized use detected by the unauthorized detection unit;
    A fraud detection system characterized by:
  4.  請求項1乃至3のいずれか1項に記載の不正検知システムであって、
     前記不正検知部が前記不正利用を検知した前記商品又はサービス及び前記販売者の少なくともいずれかに対応付けて、当該商品又はサービス及び前記販売者の少なくともいずれかについて前記不正利用が検知される度合である不正度合を記憶する不正度合記憶部と、
     前記商品又はサービス及び前記販売者の少なくともいずれかが指定されたリクエストに応じて、指定された前記商品又はサービス及び前記販売者の少なくともいずれかについての前記不正度合を応答する不正度合提供部と、
     をさらに備えることを特徴とする不正検知システム。     The fraud detection system according to any one of claims 1 to 3,
    The degree to which the unauthorized use is detected for at least one of the product or service and the seller in association with at least one of the product or service and the seller for which the unauthorized use has been detected by the fraud detection unit a fraud degree storage unit that stores a certain fraud degree;
    a degree-of-fraud providing unit that, in response to a request in which at least one of the goods or services and the seller is specified, responds with the degree of fraud with respect to at least one of the specified goods or services and the seller;
    A fraud detection system, further comprising:
  5.  クレジットカード会社のサーバからユーザのクレジットカードの決済により購入された商品又はサービスに係る決済情報を取得するステップと、
     前記ユーザに宛てた電子メールをメールサーバから取得するステップと、
     前記電子メールを解析して、前記商品又はサービスの購入に係る取引データを前記電子メールから抽出するステップと、
     前記取引データの抽出に成功し、かつ、抽出した前記取引データに含まれる決済日、決済金額及び販売者の名称と、前記決済情報に含まれる利用日、利用金額、及び利用先とを照合して、前記商品又はサービスの購入に係る電子メールの有無を判断するステップと、
     前記商品又はサービスの購入に係る電子メールが届かなかった場合に、クレジットカードの不正利用の可能性を検知するステップと、
     前記不正利用の可能性が検知された場合に前記ユーザに通知するステップと、
     をコンピュータが実行することを特徴とする不正検知方法。     a step of acquiring payment information related to the product or service purchased by the user's credit card payment from the server of the credit card company;
    obtaining an email addressed to the user from a mail server;
    parsing the e-mail to extract transaction data relating to the purchase of the goods or services from the e-mail;
    Succeeded in extracting the transaction data, and collating the settlement date, settlement amount, and seller name included in the extracted transaction data with the usage date, usage amount, and usage destination included in the settlement information. determining whether or not there is an e-mail regarding the purchase of the product or service;
    a step of detecting the possibility of fraudulent use of a credit card when an e-mail relating to the purchase of the goods or services has not been received;
    notifying the user when the potential abuse is detected;
    A fraud detection method, characterized in that the computer executes
  6.  クレジットカード会社のサーバからユーザのクレジットカードの決済により購入された商品又はサービスに係る決済情報を取得するステップと、
     前記ユーザに宛てた電子メールをメールサーバから取得する電子メール取得部と、
     前記電子メールを解析して、前記商品又はサービスの購入に係る取引データを前記電子メールから抽出する取引データ抽出部と、
     前記取引データの抽出に成功し、かつ、抽出した前記取引データに含まれる決済日、決済金額及び販売者の名称と、前記決済情報に含まれる利用日、利用金額、及び利用先とを照合して、前記商品又はサービスの購入に係る電子メールの有無を判断するステップと、
     前記商品又はサービスの購入に係る電子メールが届かなかった場合に、クレジットカードの不正利用の可能性を検知するステップと、
     前記不正利用の可能性が検知された場合に前記ユーザに通知するステップと、
     をコンピュータに実行させるためのプログラム。     a step of acquiring payment information related to the product or service purchased by the user's credit card payment from the server of the credit card company;
    an e-mail acquisition unit that acquires an e-mail addressed to the user from a mail server;
    a transaction data extraction unit that analyzes the e-mail and extracts transaction data related to the purchase of the product or service from the e-mail;
    Succeeded in extracting the transaction data, and collating the settlement date, settlement amount, and seller name included in the extracted transaction data with the usage date, usage amount, and usage destination included in the settlement information. determining whether or not there is an e-mail regarding the purchase of the product or service;
    a step of detecting the possibility of fraudulent use of a credit card when an e-mail relating to the purchase of the goods or services has not been received;
    notifying the user when the potential abuse is detected;
    A program that causes a computer to run
PCT/JP2022/016533 2021-09-30 2022-03-31 Fraud detection system, fraud detection method, and program WO2023053541A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2021-162041 2021-09-30
JP2021162041A JP7008381B1 (en) 2021-09-30 2021-09-30 Fraud detection system, fraud detection method and program

Publications (1)

Publication Number Publication Date
WO2023053541A1 true WO2023053541A1 (en) 2023-04-06

Family

ID=80629635

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/016533 WO2023053541A1 (en) 2021-09-30 2022-03-31 Fraud detection system, fraud detection method, and program

Country Status (2)

Country Link
JP (2) JP7008381B1 (en)
WO (1) WO2023053541A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003036406A (en) * 2001-07-23 2003-02-07 Ntt Docomo Inc Method and system for electronic settlement, communication terminal, settlement device and recording medium
JP2003115020A (en) * 2001-10-04 2003-04-18 Toshiba Tec Corp Personal identification method and settlement device
JP2005062957A (en) * 2003-08-15 2005-03-10 Ntt Docomo Hokkaido Inc Security system for credit card transactions
JP2011095870A (en) * 2009-10-28 2011-05-12 Hitachi Consumer Electronics Co Ltd Settlement system, and mobile terminal, management server and payment processing terminal used for the same
JP2019169033A (en) * 2018-03-26 2019-10-03 株式会社日本総合研究所 Card settlement system
JP2021105840A (en) * 2019-12-26 2021-07-26 楽天グループ株式会社 Credibility calculation system, credibility calculation method, and program

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003036406A (en) * 2001-07-23 2003-02-07 Ntt Docomo Inc Method and system for electronic settlement, communication terminal, settlement device and recording medium
JP2003115020A (en) * 2001-10-04 2003-04-18 Toshiba Tec Corp Personal identification method and settlement device
JP2005062957A (en) * 2003-08-15 2005-03-10 Ntt Docomo Hokkaido Inc Security system for credit card transactions
JP2011095870A (en) * 2009-10-28 2011-05-12 Hitachi Consumer Electronics Co Ltd Settlement system, and mobile terminal, management server and payment processing terminal used for the same
JP2019169033A (en) * 2018-03-26 2019-10-03 株式会社日本総合研究所 Card settlement system
JP2021105840A (en) * 2019-12-26 2021-07-26 楽天グループ株式会社 Credibility calculation system, credibility calculation method, and program

Also Published As

Publication number Publication date
JP2023051670A (en) 2023-04-11
JP2023051405A (en) 2023-04-11
JP7008381B1 (en) 2022-01-25

Similar Documents

Publication Publication Date Title
AU2009257960B9 (en) Processing receipt received in set of communications
WO2022270120A1 (en) Information processing system, information processing method, and program
KR20150061541A (en) Providing method and system for preventing fraud trading
WO2023053541A1 (en) Fraud detection system, fraud detection method, and program
JP7051179B1 (en) Information processing system, information processing method and program
JP6933870B1 (en) Information processing equipment, information processing methods and programs
JP2022180112A (en) Information processing system
JP6979249B1 (en) Information processing equipment, information processing methods and programs
JP7029211B1 (en) Information processing equipment, information processing methods and programs
JP7051176B1 (en) Information processing system, information processing method and program
JP7026427B1 (en) Information processing equipment, information processing methods and programs
EP1150234A1 (en) Sales promotion controlling system based on direct mail, server thereof, method thereof, and computer readable record medium thereof
JP7257081B1 (en) Information processing system, information processing method and program
JP7189390B1 (en) Information processing device, information processing method and information processing program
WO2012155087A1 (en) E-mail tracking
JP5779627B2 (en) Fraud detection system and fraud detection method
JP7359910B1 (en) Information processing device, information processing method, and program
TW480423B (en) Multi-website shopping cart system and its realization method
JP2023082641A (en) Advertisement evaluation system, advertisement evaluation method, and program
JP2022184680A (en) Information processing system, information processing method, and program
JP2023077213A (en) Advertisement evaluation system, advertisement evaluation method, and program
Messmer ClearCommerce aims to squelch international credit card fraud.
TW201705062A (en) Method for improving transaction correctness based on transaction period and region capable of improving correctness of a transaction between a buyer and a seller
Oberndorf Information highway robbery
JP2002183629A (en) Electronic account settlement system, electronic account settlement method, and recording medium recorded with electronic account settlement program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22875424

Country of ref document: EP

Kind code of ref document: A1