CN103714479A - Intelligent centralized monitor method and system for bank personal business fraudulent conducts - Google Patents
Intelligent centralized monitor method and system for bank personal business fraudulent conducts Download PDFInfo
- Publication number
- CN103714479A CN103714479A CN201210378876.0A CN201210378876A CN103714479A CN 103714479 A CN103714479 A CN 103714479A CN 201210378876 A CN201210378876 A CN 201210378876A CN 103714479 A CN103714479 A CN 103714479A
- Authority
- CN
- China
- Prior art keywords
- data
- business
- fraud
- transaction
- swindle
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
This invention discloses an intelligent centralized monitor method and a system for bank personal business fraudulent conducts. The method comprises steps of establishing an enterprise data integrated framework based on a lightweight class enterprise, acquiring personnel client transaction data from application systems of various business and transaction channels, for each transaction and a specific transaction record collection, matching the predetermined risk judgment elements in transaction data with regulations of fraud identification regulation database and determining whether the corresponding fraudulent event is triggered according to the matching result; and starting a processing flow corresponding to the fraudulent conduct according to a preset processing requirement and received fraudulent events. This invention also provides an intelligent centralized monitor system for the bank personal business fraudulent conducts, comprising a fraud monitor platform and a business executive system. This invention highly realizes the centralized monitor, analysis and processing for the personal business fraudulent conducts in manners of a whole bank level, cross-products and cross-channels, and is accurate in analysis and high in efficiency.
Description
Technical field
The present invention relates to method for supervising and the supervisory system of the fraud of a kind of bank individual business, relate in particular to a kind of method and system of the business of bank individual accurately and efficiently fraud real-time intelligent Centralized Monitoring.
Background technology
Fast development along with Now Domestic bank individual business, the product that bank provides for personal user is more and more, the channel that business is carried out is not limited only to traditional sales counter, and various emerging channels are as flourish in Possum (as ATM), electronic channel (as Web bank) and other pattern (as mobile payment) etc.These measures, when having promoted the professional ability of bank and having brought more convenience for user, also face larger security risk and hidden danger.Particularly in the implementation of business, there is a large amount of novel frauds that utilizes multiple bank product and multiple support channels combination to swindle, as phone swindle, be exactly typically (bank counter bull is opened an account, Net silver is transferred accounts in a large number and ATM withdraws the money) by all kinds of means, the swindle pattern that multi-product (savings and intermediary service) combines.Prevent these frauds, need to monitor in all directions individual client's trading activity, after noting abnormalities, need timely processing.How fast, collect all sidedly individual client's trading activity information, thereby accurately judge that its behavior pattern finds possible fraud in time, and according to circumstances with operation system interlock take measures, be the new challenge that banking industry faces.
Current bank individual business fraud monitoring solution, for the individual business fraud implementing monitoring occurring under specific products type or particular transaction channel mostly, the former is as credit card risk monitoring and control system, and the latter is as outlet's cabinet face monitoring system, monitoring electronic bank risks (CN 101706937 A) etc.Although these application or system have certain effect to its specific monitored object (as certain bank product or channel), but owing to not standing in the whole height of bank, the full view that there is no client trading behavior, is difficult to identification for novel fraud inter-product, that combine across channel.Meanwhile, due to not under procedure management mode with the joint-action mechanism of operation system, rapid not for the fraud reaction of finding, processing means are fairly simple and curing.
The shortcoming of current bank individual business fraud monitoring solution is: can only monitor the risk in the process of exchange of specific bank product (as credit card, savings etc.) or particular transaction channel (as bank's cabinet face, Web bank), for current a large amount of inter-product, helpless across the fraud of channel combination.Meanwhile, lack under procedure management the joint-action mechanism with operation system, cause processing problem not in time, to problems such as operation system rely on too much.
Cause the reason of above-mentioned shortcoming mainly to comprise:
(1) classic method/system is all for the real-time monitoring demand of specific products type or particular transaction channel and set up, technically be difficult to realize cross-system data acquisition, can only gather the monitoring business transaction channel of self correspondence or the personal user's transaction data in operation system.This makes client to be combined in the trading activity of different product, different channels, and the client trading data of obtaining are imperfect, only can reflect its part trading activity pattern;
(2) to the analytical approach of data, are the hard code realizations in dependence program, due to complicacy and the efficiency implemented, can only realize the judgement based on threshold value to a small amount of key element (as dealing money or transaction frequency), conditional combination that can not Analysis of Complex, can not process tandem type conditional combination.Data comprehensively and analytical approach too simply limit to, make existing method/system for " multi-product kind, many transaction channels combine " novel individual business fraud be difficult to identify;
(3), for the fraud identifying, the flow performing mechanism that does not have the various processing of a set of integration to need, cannot realize unified flow process by swindle recognition system and corresponding operation system, thereby may miss the best opportunity of handling problems.
Summary of the invention
Object of the present invention is just to provide in order to address the above problem a kind of method and system of the business of bank individual accurately and efficiently fraud real-time intelligent Centralized Monitoring, this method and system can allow bank in real time, concentrate, intelligently monitor and process in individual business transaction process, the fraud occurring on multiple product, multi-exchange channel, and the interlock of timely and corresponding operation system processes, thereby effectively reduce the operational risk of the individual business of bank.
In order to achieve the above object, the present invention has adopted following technical scheme:
The method of bank individual business fraud real-time intelligent Centralized Monitoring of the present invention, comprises the following steps:
(1) set up an enterprise data integration framework based on lightweight: realize while Real-time Obtaining individual client transaction data from the application system of bank's different kinds of business, different transaction channels; The data of described enterprise data integration framework collection specifically include but not limited to customer data data, client trading flowing water, stateful transaction and client trading environment, and the mode of image data comprises in real time, regularly and three kinds in batches; All convert all client trading data to XML form.
(2) uniform data conversion: by the individual client's transaction data obtaining the application system from different kinds of business, different transaction channels, the requirement of analyzing according to fraud, according to the customer behavior analysis data layout of prior setting, mode by data-switching, mapping is unified form by the data preparation of obtaining in different business systems, form a plurality of unified business conduct objects, become the data basis of collective analysis client behavior pattern; Each business conduct object includes but not limited to client's personal information, customer account information, transaction journal situation, specifically conclude the business statistical information and trading environment information.
(3) fraud analysis: for every transaction or specific transaction record set, the technology of employing based on Business Rule Engine, support the swindle recognition rule pattern of complex conditions combination and tandem type, risk judgment key element predetermined in its transaction data is mated with the rule in swindle recognition rule storehouse, according to matching result, determine whether to trigger corresponding fraud.
(4) fraud is processed: according to the fraud of receiving, according to predefined processing requirements, start corresponding fraud treatment scheme; Described flow process focuses on the fraud of identification, by measured pattern and other operation system, links, and guarantees promptness, dirigibility that fraud is processed; In the treatment scheme of fraud, include but not limited to log recording for risk case, for the modification of customer risk grade, start the business processing in corresponding operation system.
Further, in described step (1), client's transaction journal data and stateful transaction data acquisition Real-time Collection pattern, teller's duty adopts timing acquiring pattern, and customer data adopts batch capture pattern.
In described step (1), utilization is embedded into the probe in banking system, once get a new transaction data package, the agreement of just supporting according to operation system is communicated by letter with corresponding data integration adapter in Data integration framework, reception is from the transaction data package of probe, in real time/quasi real time obtain the information that client trading is relevant; According to corresponding cryptographic protocol, unpack, and according to corresponding data filtering table, judge whether this packet needs, if do not needed, abandon this packet, if passed through the inspection of data filtering, this packet is converted into the standardized data of XML form, then, sends new data and produce message.
In described step (3), all business conduct objects with data movement are written into operational data district, according to rete algorithm by predefined all swindle recognition rule create-rule networks, then according to the rete pattern matching algorithm of standard, business conduct object data and regular network are mated, the rule of every discovery coupling, just produce an executive plan, according to the priority of executive plan, all current executive plans are arranged as to one and carry out queue, carry out one by one the rule in queue, trigger corresponding business fraud; Meanwhile, executive plan is carried out to dynamic management, according to the implementation status of every plan and from the latest news of adaptation, the task in executive plan queue is dynamically increased, deleted.
In described step (3), the rule type in described swindle recognition rule storehouse comprises wall scroll record swindle recognition rule, historical record swindle recognition rule and tandem type swindle recognition rule.
Described swindle recognition rule has four kinds of generation patterns, i.e. rules/policy, expertise, data mining and blacklist.
In described step (4), according to predefined treatment scheme, at certain processing node, in the mode of Web Service, call the processing capacity in corresponding service system.
The system of bank individual business fraud real-time intelligent Centralized Monitoring of the present invention comprises swindle monitor supervision platform and business executive system, wherein: described swindle monitor supervision platform is from bank's different kinds of business, while in the application system of different transaction channels, Real-time Obtaining individual client trading activity data, then by the individual client's transaction data obtaining from different application systems, the requirement of analyzing according to fraud, be integrated into a plurality of unified business activity objects, become the data fact table of collective analysis client behavior pattern, for every transaction or specific transaction record set, the technology of employing based on Business Rule Engine, support the swindle recognition rule pattern of complex conditions combination and tandem type, risk judgment key element predetermined in its transaction data is mated with the rule in swindle Intelligent Recognition rule base, according to matching result, determine whether to start swindle early warning event, fixed fraud recognition result is defined as to specific fraud, and according to predefined processing requirements, start fraud treatment scheme, this flow process focuses on the behavior that may have swindle of identification, and link by measured pattern and other operation system, thereby set up the pattern of processing from the direct automatic linkage banking system of monitor supervision platform, guarantee that the individual business swindle recognition result very first time is that a plurality of products and channel are shared, the transaction that described business executive system produces passes to swindle monitor supervision platform by data probe, and part operation is opened to described swindle monitor supervision platform with the interface of standard.
Particularly, described swindle monitor supervision platform comprises data integration module, data standard module, venture analysis module, risk processing module, data management module, system management module and interactive maintenance module, described data integration module gathers respectively individual client's data by data probe from different banking systems, and the mode of image data comprises Real-time Collection, timing acquiring and batch capture; The behavioral pattern data that described data standard module is standard format by the data unified standard of collection is also carried out necessary data-switching; Described venture analysis module utilization swindle recognition rule engine is analyzed the behavioral pattern data changing, and whether judgement wherein exists fraud; Described risk processing module links by measured pattern and other operation system, guarantees promptness, dirigibility that fraud is processed; Data storage in described data management module management platform, mainly comprise: the raw data that (1) receives, as client trading data, customer profile data, trading environment data etc., (2) changing to and swapping out between the client's object of action data in internal memory and database, (3) system configuration data, includes but not limited to business rule data, rogue processes flow data, customer risk level data, blacklist data, fraud daily record data; Described system management module provides user management, the configuration management of operation system data source, the library management of swindle recognition rule, application server and the data base administration of system; Described interactive maintenance module provides the user based on browser access interface, realizes all background function in this interface.
Described business executive system comprises data probe and the external release module of service, described data probe is embedded in the transaction data oracle listener in business executive system, probe is intercepted and captured the transaction data that upload on business foreground, then the agreement and corresponding adapter communication by this operation system, supported, thus transaction data is delivered in bank individual business fraud monitor supervision platform; The external release module of described service will need to participate in the specific function of rogue processes flow process in operation system, according to standard format, to the issue of bank individual business fraud monitor supervision platform, described standard format is Web Service.
Beneficial effect of the present invention is:
1, make in full row level, inter-product, the Centralized Monitoring, analysis and the processing that have realized individual business fraud across the height of channel.
The art of this patent is when design, completely according to concentrating, unified, the theory of risk of fraud monitor supervision platform independently, cast aside the traditional design mode of being only concerned about specific bank product, specific channel risk of fraud monitoring demand, from whole old identification and the processing of considering swindle of individual business of the full row of bank.In order to guarantee to meet this target, adopted the data acquisition technology based on lightweight Data integration framework, can from the business executive system of bank's multiple product, multiple channel, gather individual client's transaction data simultaneously; Uniform data mapping and switch technology have been adopted, in the future at different business systems, there is the business conduct object that different data format and semantic client trading data unified integration become reflection individual client behavior pattern, formulate on this basis swindle recognition rule, and utilize the Business Rule Engine technology based on rete algorithm, realize the coupling of client's behavioral pattern data and the set of swindle recognition rule.The rule of every coupling, will produce corresponding fraud, thereby activate the fraud treatment scheme setting in advance.This flow process will record fraud, the information that gives a warning, and the Web Service externally providing in business executive system is provided where necessary, thus on risk of fraud monitor supervision platform, complete the processing overall process of whole personal customer of commercial bank fraud.
2, make individual business client's behavioral data more complete, thereby can reduce more truly client's behavioural characteristic.
In order to obtain individual business client trading data from a plurality of operation systems simultaneously, introduced an enterprise data integration framework.This framework comprises a plurality of data probes, data adapter unit and the data decode filtrator corresponding with data probe, and concentrated XML data converting function.Probe is a backstage oracle listener that resides in business host system content, can be the message listening port of a standard, can be also the Web Service that can issue to outside, or a socket access to netwoks program.It obtains every transaction data package with the form of resident system compatibility, directly bypass of its method (as message listening port), or read the transaction log database of resident operation system, this depends on which kind of mode this resident system can provide.
Once data probe gets a new transaction data package, the agreement of just supporting according to operation system is communicated by letter with corresponding data integration adapter.The application access agreement that this adapter adopts corresponding operation system to support, by receiving the transaction data package from probe, in real time/quasi real time obtain the information that client is relevant (in real time/quasi real time depend on configuration).For the data of obtaining, according to corresponding cryptographic protocol, unpack, and according to corresponding data filtering table, judge whether this packet needs, if do not needed, abandon this packet.If passed through the inspection of data filtering, this packet is converted into the standardized data of XML form.
In order to guarantee can be incorporated into analysis together in the client trading data of different business systems, need to carry out data-mapping and conversion, the data that different business systems is obtained, according to the customer behavior analysis data layout of prior setting, by modes such as data-switching, mappings, by the data preparation of obtaining in different business systems, be unified form, form business conduct object.According to the difference of analyzing theme, the data that gather from each operation system can be assigned in a plurality of business conduct objects simultaneously, and each business conduct object also can carry out the combination in a plurality of operation system data.This both can, so that swindle supervision department combines user behavior analysis data from multiple business system, can also allow and be concerned about that department's (as sales counter or credit card) of different user behavior pattern can be according to the requirements definition Standard User behavioral data form of self.
3, support more complicated individual business risk of fraud rule, can improve the discrimination of fraud, adjust neatly, expand swindle rule base, tolerable risk monitoring business personnel directly manage swindle recognition rule.
In order to realize the Business Rule Engine based on rete algorithm, designed four parts such as comprising work memory management, swindle recognition rule storehouse, pattern matcher and executive plan management.Work memory management processing is all receives that business conduct object has the message of new data, and corresponding business conduct contents of object is read in its buffer zone, and all business activity objects with data movement have all entered operational data district.The set of all predefined swindle recognition rules, can be according to rete algorithm compiling create-rule network, and this is a binary tree that contains various conditional combinations.After the operation that original rule is increased, deleted and revises, will recompilate this rule base, with what guarantee application, be up-to-date regular network.Pattern matcher, according to the rete pattern matching algorithm of standard, is mated data and the regular network of work internal memory, and the rule of every discovery coupling, just produces an executive plan.According to the priority of executive plan, all current executive plans are arranged as to one and carry out queue, carry out one by one the rule in queue, trigger corresponding business fraud.Meanwhile, executive plan is carried out to dynamic management, according to the implementation status of every plan and from the latest news of adaptation, the task in executive plan queue is dynamically increased, deleted.
The adjustment of rule base can directly be undertaken by the graphical interfaces based on browser providing, and its change result can deposit the xml file of an appointment in.Any new change all will generate rete regular network in internal memory through after rule base compiler processes, just can come into force.
4, can, with the fraud of the mode processing and identification of procedure, on the flow performing engine of process flow operation on monitor supervision platform, can call when needed the function that operation system provides in Web Service mode.Carrying out flow process can be according to service needed, and modification process allocation list just completes change, and the promptness of processing is so both provided, and has guaranteed again the dirigibility of processing procedure.
The whether risky event of port that the present invention monitors agreement all the time by risk case audiomonitor occurs, once occur that the risk case number just comprising by this event is carried out in engine and moved corresponding risk treatment scheme at risk case.Risk case is carried out engine can, according to the setting in pre-stored risk case treatment scheme table, start a business processing flow.In the implementation of this flow process, if need the specific function of access service system, in corresponding flow nodes, call the Web Service of this operation system issue.The practice condition of whole flow process can be accessed at any time, and obtains its statistical information.
Accompanying drawing explanation
Fig. 1 is the main flow chart of the method for bank individual business fraud real-time intelligent Centralized Monitoring of the present invention;
Fig. 2 is the workflow diagram of enterprise data integration framework in the method for the invention;
Fig. 3 is the workflow diagram of uniform data conversion in the method for the invention;
Fig. 4 is the workflow diagram that in the method for the invention, fraud is analyzed;
Fig. 5 is the workflow diagram that in the method for the invention, fraud is processed;
Fig. 6 is the structured flowchart of the system of bank individual business fraud real-time intelligent Centralized Monitoring of the present invention;
Fig. 7 swindles the structured flowchart of monitor supervision platform in system of the present invention;
Fig. 8 is the structured flowchart of business executive system in system of the present invention.
Embodiment
Below in conjunction with accompanying drawing, the present invention is further described in detail:
As shown in Figure 1, the method for bank individual business fraud real-time intelligent Centralized Monitoring of the present invention, comprises following four key steps:
(1) set up the enterprise data integration framework that the enterprise data integration framework based on lightweight a: M1 is a lightweight, can from a plurality of bank individual business application systems, gather client trading data and client properties data simultaneously, specifically comprise: customer data data, client trading flowing water, stateful transaction, client trading environment etc., and the frequency of image data can be as required, be set in real time, three kinds of patterns regularly and in batches.Generally speaking, client's transaction journal data, stateful transaction data acquisition Real-time Obtaining pattern, teller's duty adopts the mode of timing acquiring, and customer data adopts obtaining mode in batches.Meanwhile, also can adjust as required the acquisition mode of data.M1 can convert all client trading data to XML form.
(2) uniform data conversion: in order to guarantee from different business systems, there is different data format or semantic transaction data and can be incorporated into analysis together, the function of uniform data conversion layer M2 is to carry out data-mapping and conversion, the data that different business systems is obtained, according to the customer behavior analysis data layout of prior setting, by modes such as data-switching, mappings, by the data preparation of obtaining in different business systems, be unified form, form business conduct object.Each business conduct object may comprise client's personal information, customer account information, transaction journal situation, specifically conclude the business statistical information and trading environment information etc.According to the difference of analyzing theme, the data that gather in M1 can be assigned in a plurality of business conduct objects in M2, this both can, so that swindle supervision department combines user behavior analysis data from multiple business system, can also allow and be concerned about that department's (as sales counter or credit card) of different user behavior pattern can be according to the requirements definition Standard User behavioral data form of self.
(3) fraud analysis: if data variation has appearred in any business conduct object in M2, will send corresponding business activity event to M3, judge whether to exist fraud by M3.M3 is the fraud recognition subsystem of the Business Rule Engine technique construction based on rete algorithm.For each business activity event, corresponding business conduct object can mate with predefined swindle regular collection.If have at least one swindle rule match achievement, will activate corresponding rogue processes event.If one business activity event does not trigger swindle identification services rule any in M3, the processing that causes the transaction data of this business activity event just comes to an end, and represents not find any fraud.
(4) fraud is processed: if triggered at least one swindle identification services rule in M3,, in risk processing subsystem M4, according to the risk of this business rule appointment, process event, start corresponding risk of fraud treatment scheme.In this risk treatment scheme, comprised log recording for risk case, for the modification of customer risk grade, start business processing (as blocked this transaction) in corresponding operation system etc.
In order more clearly to understand the method, how to operate, each subsystem is carried out to further description below.
As shown in Figure 2, first for the enterprise data integration framework M1 of lightweight, how to work to do further and set forth:
Banking system is when receiving individual transaction request, the encrypted packets that the related content of this request can be broken into a specific format is uploaded, pattern by bypass receives this packet, just can grasp each implementation status of banking system, this task is completed by specific data probe M11.This probe is a backstage oracle listener that resides in business host system content, can be the message listening port of a standard, can be also the Web Service that can issue to outside, or a socket access to netwoks program.It obtains every transaction data package with the form of resident system compatibility, directly bypass of its method (as message listening port), or read the transaction log database of resident operation system, this depends on which kind of mode this resident system can provide.
Once M11 gets a new transaction data package, agreement and the M12 communication just according to operation system, supported.M12 is the data integration adapter for application-specific agreement, the application access agreement that this adapter adopts corresponding operation system to support, and by receiving the transaction data package from M11, in real time/quasi real time obtain the information that client is relevant.The operation system that need to gather client trading data for each at least needs the combination of a pair of data probe and data integration adapter.For the data of obtaining, M13 unpacks according to corresponding cryptographic protocol, and according to corresponding data filtering table, judges whether this packet needs, if do not needed, abandons this packet.Passed through the packet of the inspection of data filtering, XML data converter M14 is a concentrated level, the packet transmitting is converted into the standardized data of XML form from all M13.Then, to M2, send new data and produce message.
As shown in Figure 3, the work of data normalization mainly completes in uniform data conversion layer M2, and data variation is intercepted M21 and received that the new data from M14 produce message, read new data according to prior agreement immediately in the address caching of appointment.Data-mapping M22, according to the setting in data layout mapping table, is converted to unified data layout by this packet.Data layout mapping table is mainly that the data rows of raw data and the data rows of confession fraud analysis for M14, received are mated, and this process may filter out some unwanted row, or the title of some row is unified.A typical example is, if in different operation systems, customer ID is named as respectively " customer number " and " customer ID " in data rows, need to shine upon the row of " customer number ", makes the unification of fraud analysis data for " customer ID " this standard name.Data Format Transform M23 is according to Data Format Transform table, converts, or derives the new attribute that analysis needs, thereby be filled in the business conduct object of prior setting for the attribute of different row.In this conversion process, the translation function providing mainly comprises:
Format conversion: numerical value turns character, character revolution word;
Character manipulation: remove space, intercepting, searches;
Mathematical operation: add, subtract, take advantage of, remove, round, delivery, takes absolute value.
The data that each receives from M14, can corresponding a plurality of M22 and the process of M23, thereby are filled in a plurality of business conduct objects.Each business conduct object can have the data source of a plurality of M14 simultaneously.For example, client trading flowing water business conduct object has unified attribute column: customer ID, customer trading accounts, client trading serial number, client trading time, client trading channel ...Its Data Source hypothesis has the transaction from sales counter and Web bank.Whether its data of business conduct object monitoring occur changing, data variation each time, and this object all can send a corresponding message to fraud recognition subsystem.
As shown in Figure 4, the structure of fraud analysis layer M3 and mode of operation are specific as follows:
M3 comprises work memory management M31, swindle recognition rule storehouse M32, pattern matcher M33 and tetra-parts of executive plan management M34.M31 processes all message of receiving from M22, then corresponding business conduct contents of object is read in its buffer zone, and all business activity objects with data movement have all entered operational data district M31.M32 is the regular network that the set of all swindle recognition rules generates according to rete algorithm.After the operation that original rule is increased, deleted and revises, M32 will recompilate this rule base, with what guarantee application, be up-to-date rule.M33 is pattern matcher, and it,, according to the rete pattern matching algorithm of standard, mates the rule of the data of M31 and M32, and the rule of every discovery coupling just produces an executive plan in M34.M34, according to the priority of executive plan, is arranged as one by all current executive plans and carries out queue, carries out one by one the rule in queue, triggers corresponding business fraud.Meanwhile, M34 carries out dynamic management to executive plan, according to the implementation status of every plan and from the latest news of M33, the task in executive plan queue is dynamically increased, is deleted.
Swindle recognition rule comprises that the event of trading activity attribute data, threshold value, relation each other and triggering that attribute is corresponding forms.Wherein trading activity attribute data comprises customer information, accounts information, dealing money, exchange hour, transaction classification, transaction count, transaction channel etc., threshold value is for the judgment value of certain specific behavior attribute and the combination of Rule of judgment, and wherein judgment value comprises two types of numerical value and characters.Rule of judgment, for numeric type, comprises and is greater than, equals, is less than, is more than or equal to, is less than or equal to etc., as dealing money is greater than 50,000; For character type, comprise and equal, comprise etc., as customer ID comprises 1345 etc.Relation each other comprise with or and non-(and or and negate).The corresponding a kind of rogue processes flow process of event, triggers an event and will cause a kind of specific rogue processes flow process.
In the method, swindle identification services rule mainly contains three types, is respectively wall scroll record swindle recognition rule, historical record swindle recognition rule and tandem type swindle recognition rule.Wall scroll record swindle recognition rule just judges whether certain transaction record exists fraud, attribute, threshold value and the mutual relationship thereof of this rule in this transaction record forms, typical example is: transaction classification=outwards transfer accounts and dealing money are greater than 50,000 and transaction channel=Net silver and strange land transaction=true, produce a block trade risk case.After historical record swindle recognition rule is used for the account of the history of a plurality of attributes to add up, calculate, compare with specific threshold value.As for same customer ID, new account number of times is greater than 3 times within three days, just produces a transaction risk event that repeats to open an account.Tandem type swindle recognition rule will trigger another rule after referring to that some rule occurs, and the client that this rule is generally used for having for some potential threat carries out special processing.For example, for each client, first judge whether it belongs to potential risk client, if risk client, this client is further judged according to corresponding risk class, its Sample Rules is as follows: rule one: if client in telecommunications risk of fraud client table, setup rule two: if proceeded to transaction the same day and there is no over-the-counter trading and current transaction is (producing or enchashment), activate telecommunications fraudulent trading event.
Swindle identification services rule has four kinds of generation patterns, i.e. rules and policy, expertise, data mining and blacklist.Rules and policy are according to the law of the regulation of higher authority or country, the behavior that must identify, the behavior pattern of monitoring as necessary in regulation in < < financial institution's block trade and suspicious transaction reporting management method > >, the money-laundering law > > of the < < People's Republic of China (PRC) etc. and report.Expertise is conventional pattern, that the expert of banking risk management aspect is according to after the fraud analysis for having occurred, the recognition rule of formulating according to personal experience, these rules generally include comparatively simple wall scroll record swindle recognition rule and historical record swindle recognition rule.Data mining is to have utilized advanced data mining algorithm and computer technology, the fraud recognition rule going out from the historical data automatic deduction of magnanimity, that this method often can be found is very hidden, only according to people's experience, do not allow detectable fraud, can be used as the extraordinary of expertise and supplements.The algorithm of data mining has decision tree, neural network, logistic regression, rough set, support vector machine etc. conventionally, and the algorithm that its combination results can be mixed.Blacklist be banking system inside for the record with high-risk risk client, every for the client in blacklist, all can produce corresponding fraud.
Below by a simple example, further illustrate for fraud and know method for distinguishing.
Supposing has following rule in rule set:
1, R1: for single client, transaction classification=outwards transfer accounts and dealing money are greater than 50,000 and transaction channel=Net silver and strange land transaction=true, produce wall scroll Web bank block trade risk.This rule belongs to wall scroll record swindle recognition rule;
2, R2: single client is in 1 day, and transaction classification belongs to (outwards transferring accounts, enchashment, remittance, consumption) and accumulative total dealing money is greater than 200,000, produces accumulative total block trade on same day risk.This rule belongs to historical record swindle recognition rule.
The data of client trading object of action are shown: customer ID, type of transaction, transaction channel, dealing money, strange land transaction.
Suppose that client A is in 1 day, respectively in sales counter enchashment 40,000, Web bank outwards transfers accounts 80,000, and the consumption 50,000 of market POS machine and ATM outwards transfer accounts 40,000.So, in business conduct object, will produce 4 records, that is:
B1:(A, enchashment, cabinet face, 40000, false), B2:(A, outwards transfers accounts, Web bank, 80000, true), B3:(A, consumption, market POS, 50000, false), B4:(A, outwards transfer accounts, ATM, 40000, false), these records will enter in work memory field, in pattern matcher, mate with the rule in swindle recognition rule storehouse, and process is as follows:
1, B1, owing to not meeting regular R1 and R2, enters execution queue without any rule, can not produce any action;
2, B2 has met R1, will trigger a wall scroll Net silver block trade risk rule, generates an executive plan in executive plan manager, thereby triggers single block trade risk case in risk processing subsystem (M4).
3, B3 neither meets R1, does not also meet R2, without any new executive plan, produces;
4, B4 does not meet R1, but has met R2, will trigger and add up to conclude the business block trade rule a same day, thereby produce corresponding executive plan.Executive plan manager according to this plan, sends accumulative total block trade on a same day risk case to M4.
As shown in Figure 5, the running flow process of M4 risk of fraud processing subsystem is specific as follows:
M41 risk case is intercepted the whether risky event appearance of port of monitoring all the time agreement, once occur, the risk case number just comprising by this event moves corresponding risk treatment scheme in M42 risk treatment scheme engine.M42 can, according to the setting in pre-stored risk treatment scheme table in M43, start a business processing flow.The work that this flow process completes includes but not limited to following content:
First, in risk case daily record, record the corresponding explanations such as time that this risk case occurs, place, reason; Then, inquire about corresponding client's risk attributes table, revise corresponding client's risk attributes; Next, call and send risk warning (according to various ways such as can adopting screen prompt, mail transmission, short message is set), according to the difference of risk type, call the module of operation system, as hang up go forward side by side sector-style danger of current transaction and circulate, block current transaction etc.
As shown in Figure 6, the system of bank individual business fraud real-time intelligent Centralized Monitoring of the present invention comprises two parts, is respectively bank individual business swindle monitor supervision platform S1 and business executive system S2, wherein:
The function of bank individual business swindle monitor supervision platform S1 is: from bank's different kinds of business, while in the application system of different transaction channels, Real-time Obtaining individual client trading activity data, then by the individual client's transaction data obtaining from different application systems, the requirement of analyzing according to fraud, be integrated into a plurality of unified business activity objects, become the data fact table of collective analysis client behavior pattern, for every transaction (or specific transaction record set), the technology of employing based on Business Rule Engine, support the swindle recognition rule pattern of complex conditions combination and tandem type, risk judgment key element predetermined in its transaction data is mated with the rule in swindle Intelligent Recognition rule base, according to matching result, determine whether to start swindle early warning event.Fixed fraud recognition result is defined as to specific fraud, and according to predefined processing requirements, starts fraud treatment scheme.This flow process focuses on the behavior that may have swindle of identification, and link by measured pattern and other operation system, thereby set up the pattern of processing from the direct automatic linkage banking system of monitor supervision platform, guaranteed that the individual business swindle identifying information very first time is that a plurality of products and channel are shared.
The different business systems that business executive system S2Shi bank develops according to own service demand, comprise that different product systems are as savings, credit card, or different transaction channels is as cabinet face, Web bank, Possum etc.The transaction producing in these systems passes to swindle monitor supervision platform by data probe, and by certain operations (as hung up customer transaction, blocking-up customer transaction) etc. the interface with standard, to swindle monitor supervision platform, open.
As shown in Figure 7, bank individual business monitoring platform comprises data integration module S11, data standard module S12, venture analysis module S13, risk processing module S14, data management module S15, system management module S16, interactive maintenance module S17.Its function is respectively:
Data integration module S11 gathers respectively individual client's data by data probe S21 from different banking systems;
Data standard module S12, the behavioral pattern data that the data unified standard that S11 is upgraded is standard format is also carried out necessary data-switching;
Venture analysis module S13, utilizes swindle recognition rule engine to analyze the behavioral pattern data changing in S12, and whether judgement wherein exists fraud;
Risk processing module S14, receives the fraud event from S13, and starts corresponding fraud treatment scheme, except recording at this platform corresponding information, also may call the respective handling function S22 issuing in operation system.
Data management module S15, data storage in management S12, S13 and S14, mainly comprise: the raw data that (1) receives, as client trading data, customer profile data, trading environment data etc., (2) changing to and swapping out between the client's object of action data in internal memory and database, (3) system configuration data is as business rule data, rogue processes flow data, customer risk level data, blacklist data, fraud daily record data etc.
System management module S16, provides the functions such as user management, the configuration management of operation system data source, the library management of swindle recognition rule, application server and data base administration of system.
Interactive maintenance module S17, provides the user based on browser access interface, realizes all background function in this interface.
As shown in Figure 8, transaction processing system comprises data probe S21, and service is issue S22 externally, its function respectively:
Data probe S21, is embedded in the transaction data oracle listener in S2.This program may be the JMS message port of a standard, the database trigger that also may be associated with operation system transaction log and corresponding operation thereof.In a word, the transaction data that S21 uploads intercepting and capturing business foreground, the agreement of then supporting by this operation system and the corresponding adapter communication of S11, thus transaction data is delivered in S1.
Service is issue S22 externally, is by some specific functions that need to participate in rogue processes flow process in operation system (as hung up transaction, blocking-up transaction etc.), according to standard format, S1 is issued, and the standard format here specially refers to Web Service.
Claims (10)
1. a method for bank individual business fraud real-time intelligent Centralized Monitoring, is characterized in that: comprise the following steps:
(1) set up an enterprise data integration framework based on lightweight: realize while Real-time Obtaining individual client transaction data from the application system of bank's different kinds of business, different transaction channels; The data of described enterprise data integration framework collection specifically include but not limited to customer data data, client trading flowing water, stateful transaction and client trading environment, and the mode of image data comprises in real time, regularly and three kinds in batches; All convert all client trading data to XML form;
(2) uniform data conversion: by the individual client's transaction data obtaining the application system from different kinds of business, different transaction channels, the requirement of analyzing according to fraud, according to the customer behavior analysis data layout of prior setting, mode by data-switching, mapping is unified form by the data preparation of obtaining in different business systems, form a plurality of unified business conduct objects, become the data basis of collective analysis client behavior pattern; Each business conduct object includes but not limited to client's personal information, customer account information, transaction journal situation, specifically conclude the business statistical information and trading environment information;
(3) fraud analysis: for every transaction or specific transaction record set, the technology of employing based on Business Rule Engine, support the swindle recognition rule pattern of complex conditions combination and tandem type, risk judgment key element predetermined in its transaction data is mated with the rule in swindle recognition rule storehouse, according to matching result, determine whether to trigger corresponding fraud;
(4) fraud is processed: according to the fraud of receiving, according to predefined processing requirements, start corresponding fraud treatment scheme; Described flow process focuses on the fraud of identification, by measured pattern and other operation system, links, and guarantees promptness, dirigibility that fraud is processed; In the treatment scheme of fraud, include but not limited to log recording for risk case, for the modification of customer risk grade, start the business processing in corresponding operation system.
2. the method for bank individual business fraud real-time intelligent Centralized Monitoring according to claim 1, it is characterized in that: in described step (1), client's transaction journal data and stateful transaction data acquisition Real-time Collection pattern, teller's duty adopts timing acquiring pattern, and customer data adopts batch capture pattern.
3. the method for bank individual business fraud real-time intelligent Centralized Monitoring according to claim 1, it is characterized in that: in described step (1), utilization is embedded into the probe in banking system, once get a new transaction data package, the agreement of just supporting according to operation system is communicated by letter with corresponding data integration adapter in Data integration framework, reception is from the transaction data package of probe, in real time/quasi real time obtain the information that client trading is relevant; According to corresponding cryptographic protocol, unpack, and according to corresponding data filtering table, judge whether this packet needs, if do not needed, abandon this packet, if passed through the inspection of data filtering, this packet is converted into the standardized data of XML form, then, sends new data and produce message.
4. the method for bank individual business fraud real-time intelligent Centralized Monitoring according to claim 1, it is characterized in that: in described step (3), all business conduct objects with data movement are written into operational data district, according to rete algorithm by predefined all swindle recognition rule create-rule networks, then according to the rete pattern matching algorithm of standard, business conduct object data and regular network are mated, the rule of every discovery coupling, just produce an executive plan, according to the priority of executive plan, all current executive plans are arranged as to one and carry out queue, carry out one by one the rule in queue, trigger corresponding business fraud, meanwhile, executive plan is carried out to dynamic management, according to the implementation status of every plan and from the latest news of adaptation, the task in executive plan queue is dynamically increased, deleted.
5. according to the method for the bank individual business fraud real-time intelligent Centralized Monitoring described in claim 1 or 4, it is characterized in that: in described step (3), the rule type in described swindle recognition rule storehouse comprises wall scroll record swindle recognition rule, historical record swindle recognition rule and tandem type swindle recognition rule.
6. the method for bank individual business fraud real-time intelligent Centralized Monitoring according to claim 5, is characterized in that: described swindle recognition rule has four kinds of generation patterns, i.e. rules/policy, expertise, data mining and blacklist.
7. the method for bank individual business fraud real-time intelligent Centralized Monitoring according to claim 1, it is characterized in that: in described step (4), according to predefined treatment scheme, at certain processing node, in the mode of Web Service, call the processing capacity in corresponding service system.
8. the system of a bank individual business fraud real-time intelligent Centralized Monitoring, it is characterized in that: comprise swindle monitor supervision platform and business executive system, wherein: described swindle monitor supervision platform is from bank's different kinds of business, while in the application system of different transaction channels, Real-time Obtaining individual client trading activity data, then by the individual client's transaction data obtaining from different application systems, the requirement of analyzing according to fraud, be integrated into a plurality of unified business activity objects, become the data fact table of collective analysis client behavior pattern, for every transaction or specific transaction record set, the technology of employing based on Business Rule Engine, support the swindle recognition rule pattern of complex conditions combination and tandem type, risk judgment key element predetermined in its transaction data is mated with the rule in swindle Intelligent Recognition rule base, according to matching result, determine whether to start swindle early warning event, fixed fraud recognition result is defined as to specific fraud, and according to predefined processing requirements, start fraud treatment scheme, this flow process focuses on the behavior that may have swindle of identification, and link by measured pattern and other operation system, thereby set up the pattern of processing from the direct automatic linkage banking system of monitor supervision platform, guarantee that the individual business swindle recognition result very first time is that a plurality of products and channel are shared, the transaction that described business executive system produces passes to swindle monitor supervision platform by data probe, and part operation is opened to described swindle monitor supervision platform with the interface of standard.
9. the method for bank individual business fraud real-time intelligent Centralized Monitoring according to claim 8, it is characterized in that: described swindle monitor supervision platform comprises data integration module, data standard module, venture analysis module, risk processing module, data management module, system management module and interactive maintenance module, described data integration module gathers respectively individual client's data by data probe from different banking systems, and the mode of image data comprises Real-time Collection, timing acquiring and batch capture; The behavioral pattern data that described data standard module is standard format by the data unified standard of collection is also carried out necessary data-switching; Described venture analysis module utilization swindle recognition rule engine is analyzed the behavioral pattern data changing, and whether judgement wherein exists fraud; Described risk processing module links by measured pattern and other operation system, guarantees promptness, dirigibility that fraud is processed; Data storage in described data management module management platform, mainly comprise: the raw data that (1) receives, as client trading data, customer profile data, trading environment data etc., (2) changing to and swapping out between the client's object of action data in internal memory and database, (3) system configuration data, includes but not limited to business rule data, rogue processes flow data, customer risk level data, blacklist data, fraud daily record data; Described system management module provides user management, the configuration management of operation system data source, the library management of swindle recognition rule, application server and the data base administration of system; Described interactive maintenance module provides the user based on browser access interface, realizes all background function in this interface.
10. the method for bank individual business fraud real-time intelligent Centralized Monitoring according to claim 8, it is characterized in that: described business executive system comprises data probe and the external release module of service, described data probe is embedded in the transaction data oracle listener in business executive system, probe is intercepted and captured the transaction data that upload on business foreground, then the agreement and corresponding adapter communication by this operation system, supported, thus transaction data is delivered in bank individual business fraud monitor supervision platform; The external release module of described service will need to participate in the specific function of rogue processes flow process in operation system, according to standard format, to the issue of bank individual business fraud monitor supervision platform, described standard format is Web Service.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210378876.0A CN103714479A (en) | 2012-10-09 | 2012-10-09 | Intelligent centralized monitor method and system for bank personal business fraudulent conducts |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210378876.0A CN103714479A (en) | 2012-10-09 | 2012-10-09 | Intelligent centralized monitor method and system for bank personal business fraudulent conducts |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103714479A true CN103714479A (en) | 2014-04-09 |
Family
ID=50407427
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210378876.0A Pending CN103714479A (en) | 2012-10-09 | 2012-10-09 | Intelligent centralized monitor method and system for bank personal business fraudulent conducts |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103714479A (en) |
Cited By (66)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104268173A (en) * | 2014-09-15 | 2015-01-07 | 中国工商银行股份有限公司 | Centralized data monitoring method, device and system |
| CN105005901A (en) * | 2015-07-09 | 2015-10-28 | 厦门快商通信息技术有限公司 | Financial field oriented transaction fraud detection system and method |
| CN105678544A (en) * | 2015-12-31 | 2016-06-15 | 深圳前海微众银行股份有限公司 | Risk monitoring method of remote account opening and server |
| CN105931114A (en) * | 2016-04-18 | 2016-09-07 | 中国建设银行股份有限公司 | Centralized monitoring and analysis method and system for multi-application transaction information logic paths of bank |
| CN105976242A (en) * | 2016-04-21 | 2016-09-28 | 中国农业银行股份有限公司 | Transaction fraud detection method and system based on real-time streaming data analysis |
| CN105976244A (en) * | 2016-04-27 | 2016-09-28 | 中国农业银行股份有限公司 | Target object identification method, apparatus and system thereof |
| CN106033515A (en) * | 2015-03-16 | 2016-10-19 | 阿里巴巴集团控股有限公司 | Method and device for identifying fraud events |
| CN106506454A (en) * | 2016-10-10 | 2017-03-15 | 江苏通付盾科技有限公司 | Fraud business recognition method and device |
| CN106611316A (en) * | 2015-10-16 | 2017-05-03 | 阿里巴巴集团控股有限公司 | Method and device for providing unusual transaction |
| CN106656932A (en) * | 2015-11-02 | 2017-05-10 | 阿里巴巴集团控股有限公司 | Business processing method and device |
| CN107016544A (en) * | 2015-11-17 | 2017-08-04 | 国际商业机器公司 | Managed across the proof rule of entity |
| CN107103479A (en) * | 2017-04-25 | 2017-08-29 | 北京国舜科技股份有限公司 | The real-time anti-fake system of financial transaction |
| CN107153646A (en) * | 2016-03-02 | 2017-09-12 | 阿里巴巴集团控股有限公司 | A kind of data processing method and equipment |
| CN107169864A (en) * | 2017-05-31 | 2017-09-15 | 天云融创数据科技(北京)有限公司 | A kind of card holder's risk of fraud feature extracting method based on complex network |
| CN107424069A (en) * | 2017-08-17 | 2017-12-01 | 阿里巴巴集团控股有限公司 | A kind of generation method of air control feature, risk monitoring and control method and apparatus |
| CN107437179A (en) * | 2017-08-09 | 2017-12-05 | 中国银行股份有限公司 | A kind of banking channels system that risk monitoring and control and special service are provided |
| CN107566179A (en) * | 2017-09-07 | 2018-01-09 | 阿里巴巴集团控股有限公司 | A kind of Node Processing Method and device |
| CN107633343A (en) * | 2017-08-09 | 2018-01-26 | 杭州洋驼网络科技有限公司 | Transaction data changes risk recognition system and method |
| CN107665432A (en) * | 2016-07-29 | 2018-02-06 | 卡巴斯基实验室股份制公司 | The system and method that suspicious user behavior is identified in the interacting of user and various bank services |
| CN107679046A (en) * | 2016-08-01 | 2018-02-09 | 上海前隆信息科技有限公司 | A kind of detection method and device of fraudulent user |
| CN107730262A (en) * | 2017-10-23 | 2018-02-23 | 阿里巴巴集团控股有限公司 | One kind fraud recognition methods and device |
| CN107798529A (en) * | 2017-03-28 | 2018-03-13 | 平安壹钱包电子商务有限公司 | transaction data monitoring method and device |
| CN107871203A (en) * | 2017-09-30 | 2018-04-03 | 平安科技(深圳)有限公司 | Business personnel's behaviorist risk screens management method, application server and computer-readable recording medium |
| CN107993006A (en) * | 2017-11-30 | 2018-05-04 | 平安科技(深圳)有限公司 | Warning grade determines method, apparatus, equipment and readable storage medium storing program for executing |
| CN108305166A (en) * | 2018-04-04 | 2018-07-20 | 淮阴师范学院 | A kind of negative dealing fraud method towards financial field |
| CN108416506A (en) * | 2018-02-07 | 2018-08-17 | 平安科技(深圳)有限公司 | Customer risk level management approach, server and computer readable storage medium |
| CN108418703A (en) * | 2018-01-10 | 2018-08-17 | 北京思特奇信息技术股份有限公司 | A kind of method for early warning and system based on real-time event detecting |
| CN108492104A (en) * | 2018-02-12 | 2018-09-04 | 阿里巴巴集团控股有限公司 | A kind of resource transfer monitoring method and device |
| CN108520369A (en) * | 2018-07-06 | 2018-09-11 | 西安日间结算登记有限公司 | Medium-sized and small enterprises financial supervision system based on big data |
| CN108846737A (en) * | 2018-04-19 | 2018-11-20 | 长春市万易科技有限公司 | A kind of fraud measure and system |
| CN108876217A (en) * | 2018-08-30 | 2018-11-23 | 上海艾融软件股份有限公司 | A kind of risk control system and method towards O2O scene |
| CN109120428A (en) * | 2017-06-26 | 2019-01-01 | 苏宁云商集团股份有限公司 | A kind of method and system for air control analysis |
| CN109300028A (en) * | 2018-09-11 | 2019-02-01 | 上海天旦网络科技发展有限公司 | Real-time anti-fraud method and system and storage medium based on network data |
| CN109416684A (en) * | 2016-06-29 | 2019-03-01 | 伊姆西Ip控股有限责任公司 | The intake manager of analysis platform |
| CN109697567A (en) * | 2018-12-27 | 2019-04-30 | 上海农村商业银行股份有限公司 | A kind of real-time method for prewarning risk of big data and system |
| CN109711843A (en) * | 2018-12-29 | 2019-05-03 | 创发科技有限责任公司 | Payment process monitoring method and system |
| CN110036404A (en) * | 2016-10-07 | 2019-07-19 | 世界线公司 | System for the fraud in detection data stream |
| CN110119966A (en) * | 2019-05-20 | 2019-08-13 | 上海应用技术大学 | Bank client abnormal behaviour analysis method |
| CN110148001A (en) * | 2019-04-29 | 2019-08-20 | 上海欣方智能系统有限公司 | A kind of system and method for realizing fraudulent trading intelligent early-warning |
| WO2019165670A1 (en) * | 2018-02-27 | 2019-09-06 | 平安科技(深圳)有限公司 | Illegal pyramid scheme organization monitoring method and apparatus, computer device and storage medium |
| CN110378564A (en) * | 2019-06-18 | 2019-10-25 | 中国平安财产保险股份有限公司 | Monitoring model generation method, device, terminal device and storage medium |
| CN110457336A (en) * | 2019-08-15 | 2019-11-15 | 中国银行股份有限公司 | Transaction data processing method and device |
| WO2019232953A1 (en) * | 2018-06-05 | 2019-12-12 | 平安科技(深圳)有限公司 | Method and system for generating suspicious transaction report, computer apparatus, and storage medium |
| CN110580557A (en) * | 2018-06-08 | 2019-12-17 | 上海博泰悦臻网络技术服务有限公司 | Intelligent mobile terminal and fragment time management and utilization method thereof based on artificial intelligence |
| CN110675252A (en) * | 2019-09-29 | 2020-01-10 | 北京市商汤科技开发有限公司 | Risk assessment method and device, electronic equipment and storage medium |
| CN110704277A (en) * | 2019-09-27 | 2020-01-17 | 中电万维信息技术有限责任公司 | Method for monitoring application performance, related equipment and storage medium |
| CN110796379A (en) * | 2019-10-30 | 2020-02-14 | 北京明略软件系统有限公司 | Risk assessment method, device and equipment of business channel and storage medium |
| CN110955735A (en) * | 2018-09-26 | 2020-04-03 | 北京国双科技有限公司 | Enterprise financing trade analysis method and device |
| CN111353892A (en) * | 2020-03-31 | 2020-06-30 | 中国建设银行股份有限公司 | Transaction risk monitoring method and device |
| CN111429283A (en) * | 2020-03-27 | 2020-07-17 | 中国建设银行股份有限公司 | Noble metal transaction management platform, management method and storage medium |
| CN111881865A (en) * | 2020-08-03 | 2020-11-03 | 南京奥拓电子科技有限公司 | Self-adaptive dangerous behavior monitoring method and system and intelligent equipment |
| CN112214557A (en) * | 2020-10-21 | 2021-01-12 | 中国银行股份有限公司 | Data matching classification method and device |
| WO2021009558A1 (en) * | 2019-07-18 | 2021-01-21 | Awadhesh Pratap Singh | System and method for detecting a financial fraud |
| CN112819611A (en) * | 2021-03-02 | 2021-05-18 | 成都新希望金融信息有限公司 | Fraud identification method, device, electronic equipment and computer-readable storage medium |
| CN112926992A (en) * | 2021-04-08 | 2021-06-08 | 交通银行股份有限公司北京市分行 | Risk control method and device for order receiving service |
| CN113344576A (en) * | 2021-05-31 | 2021-09-03 | 中国工商银行股份有限公司 | Service fraud monitoring method and system |
| CN113434523A (en) * | 2021-06-22 | 2021-09-24 | 康键信息技术(深圳)有限公司 | Service data updating method, device, equipment and storage medium based on big data |
| CN113556251A (en) * | 2021-07-22 | 2021-10-26 | 浙江百应科技有限公司 | Anti-fraud decision engine business service registration method and system |
| CN113626447A (en) * | 2021-10-12 | 2021-11-09 | 民航成都信息技术有限公司 | Civil aviation data management platform and method |
| CN113743923A (en) * | 2021-09-08 | 2021-12-03 | 北京快来文化传播集团有限公司 | Merchant cash withdrawal method based on e-commerce platform |
| US20220012744A1 (en) * | 2019-12-13 | 2022-01-13 | Visa International Service Association | Method, System, and Computer Program Product for Processing a Potentially Fraudulent Transaction |
| CN114020784A (en) * | 2021-09-26 | 2022-02-08 | 天翼爱音乐文化科技有限公司 | Data risk identification method, system, device and storage medium |
| CN114529366A (en) * | 2022-02-17 | 2022-05-24 | 携程旅游信息技术(上海)有限公司 | Configuration method, system, electronic equipment and medium of order rule |
| CN115860751A (en) * | 2023-02-27 | 2023-03-28 | 天津金城银行股份有限公司 | Anti-fraud analysis processing method and device and electronic equipment |
| CN116959184A (en) * | 2023-07-05 | 2023-10-27 | 杭州易景数通科技有限公司 | Correlation analysis method and system based on multi-mode data |
| CN118070141A (en) * | 2024-04-25 | 2024-05-24 | 成都乐超人科技有限公司 | Artificial intelligence-based anti-fraud transaction identification method and system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090106151A1 (en) * | 2007-10-17 | 2009-04-23 | Mark Allen Nelsen | Fraud prevention based on risk assessment rule |
| CN101714273A (en) * | 2009-05-26 | 2010-05-26 | 北京银丰新融科技开发有限公司 | Rule engine-based method and system for monitoring exceptional service of bank |
-
2012
- 2012-10-09 CN CN201210378876.0A patent/CN103714479A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090106151A1 (en) * | 2007-10-17 | 2009-04-23 | Mark Allen Nelsen | Fraud prevention based on risk assessment rule |
| CN101714273A (en) * | 2009-05-26 | 2010-05-26 | 北京银丰新融科技开发有限公司 | Rule engine-based method and system for monitoring exceptional service of bank |
Non-Patent Citations (1)
| Title |
|---|
| 李治宇: "商业银行操作风险监控系统的研究及应用", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (91)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104268173B (en) * | 2014-09-15 | 2018-06-15 | 中国工商银行股份有限公司 | Centralized data monitoring method, apparatus and system |
| CN104268173A (en) * | 2014-09-15 | 2015-01-07 | 中国工商银行股份有限公司 | Centralized data monitoring method, device and system |
| CN106033515B (en) * | 2015-03-16 | 2018-08-31 | 阿里巴巴集团控股有限公司 | The recognition methods of fraud and device |
| CN106033515A (en) * | 2015-03-16 | 2016-10-19 | 阿里巴巴集团控股有限公司 | Method and device for identifying fraud events |
| CN105005901A (en) * | 2015-07-09 | 2015-10-28 | 厦门快商通信息技术有限公司 | Financial field oriented transaction fraud detection system and method |
| CN106611316A (en) * | 2015-10-16 | 2017-05-03 | 阿里巴巴集团控股有限公司 | Method and device for providing unusual transaction |
| US11252197B2 (en) | 2015-11-02 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Service processing method and apparatus |
| US11095689B2 (en) | 2015-11-02 | 2021-08-17 | Advanced New Technologies Co., Ltd. | Service processing method and apparatus |
| CN106656932A (en) * | 2015-11-02 | 2017-05-10 | 阿里巴巴集团控股有限公司 | Business processing method and device |
| CN107016544A (en) * | 2015-11-17 | 2017-08-04 | 国际商业机器公司 | Managed across the proof rule of entity |
| CN107016544B (en) * | 2015-11-17 | 2021-01-15 | 国际商业机器公司 | Cross-entity authentication rule management |
| CN105678544A (en) * | 2015-12-31 | 2016-06-15 | 深圳前海微众银行股份有限公司 | Risk monitoring method of remote account opening and server |
| CN107153646A (en) * | 2016-03-02 | 2017-09-12 | 阿里巴巴集团控股有限公司 | A kind of data processing method and equipment |
| CN107153646B (en) * | 2016-03-02 | 2020-10-09 | 阿里巴巴集团控股有限公司 | Data processing method and equipment |
| CN105931114A (en) * | 2016-04-18 | 2016-09-07 | 中国建设银行股份有限公司 | Centralized monitoring and analysis method and system for multi-application transaction information logic paths of bank |
| CN105976242A (en) * | 2016-04-21 | 2016-09-28 | 中国农业银行股份有限公司 | Transaction fraud detection method and system based on real-time streaming data analysis |
| CN105976244A (en) * | 2016-04-27 | 2016-09-28 | 中国农业银行股份有限公司 | Target object identification method, apparatus and system thereof |
| CN109416684A (en) * | 2016-06-29 | 2019-03-01 | 伊姆西Ip控股有限责任公司 | The intake manager of analysis platform |
| CN109416684B (en) * | 2016-06-29 | 2023-10-17 | 伊姆西Ip控股有限责任公司 | Ingest manager of analysis platform |
| CN107665432A (en) * | 2016-07-29 | 2018-02-06 | 卡巴斯基实验室股份制公司 | The system and method that suspicious user behavior is identified in the interacting of user and various bank services |
| CN107679046A (en) * | 2016-08-01 | 2018-02-09 | 上海前隆信息科技有限公司 | A kind of detection method and device of fraudulent user |
| CN110036404A (en) * | 2016-10-07 | 2019-07-19 | 世界线公司 | System for the fraud in detection data stream |
| CN106506454B (en) * | 2016-10-10 | 2019-11-12 | 江苏通付盾科技有限公司 | fraud service identification method and device |
| CN106506454A (en) * | 2016-10-10 | 2017-03-15 | 江苏通付盾科技有限公司 | Fraud business recognition method and device |
| CN107798529A (en) * | 2017-03-28 | 2018-03-13 | 平安壹钱包电子商务有限公司 | transaction data monitoring method and device |
| CN107103479A (en) * | 2017-04-25 | 2017-08-29 | 北京国舜科技股份有限公司 | The real-time anti-fake system of financial transaction |
| CN107169864A (en) * | 2017-05-31 | 2017-09-15 | 天云融创数据科技(北京)有限公司 | A kind of card holder's risk of fraud feature extracting method based on complex network |
| CN109120428A (en) * | 2017-06-26 | 2019-01-01 | 苏宁云商集团股份有限公司 | A kind of method and system for air control analysis |
| CN107437179A (en) * | 2017-08-09 | 2017-12-05 | 中国银行股份有限公司 | A kind of banking channels system that risk monitoring and control and special service are provided |
| CN107633343A (en) * | 2017-08-09 | 2018-01-26 | 杭州洋驼网络科技有限公司 | Transaction data changes risk recognition system and method |
| CN107424069A (en) * | 2017-08-17 | 2017-12-01 | 阿里巴巴集团控股有限公司 | A kind of generation method of air control feature, risk monitoring and control method and apparatus |
| CN107424069B (en) * | 2017-08-17 | 2020-11-17 | 创新先进技术有限公司 | Wind control feature generation method, risk monitoring method and equipment |
| CN107566179A (en) * | 2017-09-07 | 2018-01-09 | 阿里巴巴集团控股有限公司 | A kind of Node Processing Method and device |
| CN107566179B (en) * | 2017-09-07 | 2021-01-26 | 创新先进技术有限公司 | Node processing method and device |
| CN107871203A (en) * | 2017-09-30 | 2018-04-03 | 平安科技(深圳)有限公司 | Business personnel's behaviorist risk screens management method, application server and computer-readable recording medium |
| CN107730262B (en) * | 2017-10-23 | 2021-09-24 | 创新先进技术有限公司 | Fraud identification method and device |
| CN107730262A (en) * | 2017-10-23 | 2018-02-23 | 阿里巴巴集团控股有限公司 | One kind fraud recognition methods and device |
| CN107993006A (en) * | 2017-11-30 | 2018-05-04 | 平安科技(深圳)有限公司 | Warning grade determines method, apparatus, equipment and readable storage medium storing program for executing |
| WO2019104867A1 (en) * | 2017-11-30 | 2019-06-06 | 平安科技(深圳)有限公司 | Early warning level determining method, apparatus, and device, and readable storage medium |
| CN108418703B (en) * | 2018-01-10 | 2021-06-25 | 北京思特奇信息技术股份有限公司 | Early warning method and system based on real-time event detection |
| CN108418703A (en) * | 2018-01-10 | 2018-08-17 | 北京思特奇信息技术股份有限公司 | A kind of method for early warning and system based on real-time event detecting |
| CN108416506A (en) * | 2018-02-07 | 2018-08-17 | 平安科技(深圳)有限公司 | Customer risk level management approach, server and computer readable storage medium |
| CN108416506B (en) * | 2018-02-07 | 2022-08-02 | 平安科技(深圳)有限公司 | Client risk level management method, server and computer readable storage medium |
| CN108492104B (en) * | 2018-02-12 | 2020-10-02 | 阿里巴巴集团控股有限公司 | Resource transfer monitoring method and device |
| US11526889B2 (en) | 2018-02-12 | 2022-12-13 | Advanced New Technologies Co., Ltd. | Resource transferring monitoring method and device |
| WO2019154115A1 (en) * | 2018-02-12 | 2019-08-15 | 阿里巴巴集团控股有限公司 | Resource transferring monitoring method and device |
| CN108492104A (en) * | 2018-02-12 | 2018-09-04 | 阿里巴巴集团控股有限公司 | A kind of resource transfer monitoring method and device |
| WO2019165670A1 (en) * | 2018-02-27 | 2019-09-06 | 平安科技(深圳)有限公司 | Illegal pyramid scheme organization monitoring method and apparatus, computer device and storage medium |
| CN108305166A (en) * | 2018-04-04 | 2018-07-20 | 淮阴师范学院 | A kind of negative dealing fraud method towards financial field |
| CN108846737B (en) * | 2018-04-19 | 2021-03-23 | 长春市万易科技有限公司 | Fraud measurement method |
| CN108846737A (en) * | 2018-04-19 | 2018-11-20 | 长春市万易科技有限公司 | A kind of fraud measure and system |
| WO2019232953A1 (en) * | 2018-06-05 | 2019-12-12 | 平安科技(深圳)有限公司 | Method and system for generating suspicious transaction report, computer apparatus, and storage medium |
| CN110580557A (en) * | 2018-06-08 | 2019-12-17 | 上海博泰悦臻网络技术服务有限公司 | Intelligent mobile terminal and fragment time management and utilization method thereof based on artificial intelligence |
| CN108520369A (en) * | 2018-07-06 | 2018-09-11 | 西安日间结算登记有限公司 | Medium-sized and small enterprises financial supervision system based on big data |
| CN108876217A (en) * | 2018-08-30 | 2018-11-23 | 上海艾融软件股份有限公司 | A kind of risk control system and method towards O2O scene |
| CN109300028A (en) * | 2018-09-11 | 2019-02-01 | 上海天旦网络科技发展有限公司 | Real-time anti-fraud method and system and storage medium based on network data |
| CN110955735A (en) * | 2018-09-26 | 2020-04-03 | 北京国双科技有限公司 | Enterprise financing trade analysis method and device |
| CN109697567A (en) * | 2018-12-27 | 2019-04-30 | 上海农村商业银行股份有限公司 | A kind of real-time method for prewarning risk of big data and system |
| CN109711843A (en) * | 2018-12-29 | 2019-05-03 | 创发科技有限责任公司 | Payment process monitoring method and system |
| CN110148001A (en) * | 2019-04-29 | 2019-08-20 | 上海欣方智能系统有限公司 | A kind of system and method for realizing fraudulent trading intelligent early-warning |
| CN110119966A (en) * | 2019-05-20 | 2019-08-13 | 上海应用技术大学 | Bank client abnormal behaviour analysis method |
| CN110378564A (en) * | 2019-06-18 | 2019-10-25 | 中国平安财产保险股份有限公司 | Monitoring model generation method, device, terminal device and storage medium |
| WO2021009558A1 (en) * | 2019-07-18 | 2021-01-21 | Awadhesh Pratap Singh | System and method for detecting a financial fraud |
| CN110457336B (en) * | 2019-08-15 | 2022-03-11 | 中国银行股份有限公司 | Transaction data processing method and device |
| CN110457336A (en) * | 2019-08-15 | 2019-11-15 | 中国银行股份有限公司 | Transaction data processing method and device |
| CN110704277B (en) * | 2019-09-27 | 2023-04-18 | 中电万维信息技术有限责任公司 | Method for monitoring application performance, related equipment and storage medium |
| CN110704277A (en) * | 2019-09-27 | 2020-01-17 | 中电万维信息技术有限责任公司 | Method for monitoring application performance, related equipment and storage medium |
| CN110675252A (en) * | 2019-09-29 | 2020-01-10 | 北京市商汤科技开发有限公司 | Risk assessment method and device, electronic equipment and storage medium |
| CN110796379A (en) * | 2019-10-30 | 2020-02-14 | 北京明略软件系统有限公司 | Risk assessment method, device and equipment of business channel and storage medium |
| CN110796379B (en) * | 2019-10-30 | 2022-11-11 | 北京明略软件系统有限公司 | Risk assessment method, device and equipment of business channel and storage medium |
| US11893586B2 (en) * | 2019-12-13 | 2024-02-06 | Visa International Service Association | Method, system, and computer program product for processing a potentially fraudulent transaction |
| US20220012744A1 (en) * | 2019-12-13 | 2022-01-13 | Visa International Service Association | Method, System, and Computer Program Product for Processing a Potentially Fraudulent Transaction |
| CN111429283A (en) * | 2020-03-27 | 2020-07-17 | 中国建设银行股份有限公司 | Noble metal transaction management platform, management method and storage medium |
| CN111353892A (en) * | 2020-03-31 | 2020-06-30 | 中国建设银行股份有限公司 | Transaction risk monitoring method and device |
| CN111881865A (en) * | 2020-08-03 | 2020-11-03 | 南京奥拓电子科技有限公司 | Self-adaptive dangerous behavior monitoring method and system and intelligent equipment |
| CN112214557A (en) * | 2020-10-21 | 2021-01-12 | 中国银行股份有限公司 | Data matching classification method and device |
| CN112214557B (en) * | 2020-10-21 | 2023-08-22 | 中国银行股份有限公司 | Data matching classification method and device |
| CN112819611A (en) * | 2021-03-02 | 2021-05-18 | 成都新希望金融信息有限公司 | Fraud identification method, device, electronic equipment and computer-readable storage medium |
| CN112926992A (en) * | 2021-04-08 | 2021-06-08 | 交通银行股份有限公司北京市分行 | Risk control method and device for order receiving service |
| CN113344576A (en) * | 2021-05-31 | 2021-09-03 | 中国工商银行股份有限公司 | Service fraud monitoring method and system |
| CN113434523A (en) * | 2021-06-22 | 2021-09-24 | 康键信息技术(深圳)有限公司 | Service data updating method, device, equipment and storage medium based on big data |
| CN113434523B (en) * | 2021-06-22 | 2023-10-20 | 康键信息技术(深圳)有限公司 | Service data updating method, device, equipment and storage medium based on big data |
| CN113556251A (en) * | 2021-07-22 | 2021-10-26 | 浙江百应科技有限公司 | Anti-fraud decision engine business service registration method and system |
| CN113743923A (en) * | 2021-09-08 | 2021-12-03 | 北京快来文化传播集团有限公司 | Merchant cash withdrawal method based on e-commerce platform |
| CN114020784A (en) * | 2021-09-26 | 2022-02-08 | 天翼爱音乐文化科技有限公司 | Data risk identification method, system, device and storage medium |
| CN113626447A (en) * | 2021-10-12 | 2021-11-09 | 民航成都信息技术有限公司 | Civil aviation data management platform and method |
| CN114529366A (en) * | 2022-02-17 | 2022-05-24 | 携程旅游信息技术(上海)有限公司 | Configuration method, system, electronic equipment and medium of order rule |
| CN115860751A (en) * | 2023-02-27 | 2023-03-28 | 天津金城银行股份有限公司 | Anti-fraud analysis processing method and device and electronic equipment |
| CN116959184A (en) * | 2023-07-05 | 2023-10-27 | 杭州易景数通科技有限公司 | Correlation analysis method and system based on multi-mode data |
| CN116959184B (en) * | 2023-07-05 | 2024-05-03 | 杭州易景数通科技有限公司 | Correlation analysis method and system based on multi-mode data |
| CN118070141A (en) * | 2024-04-25 | 2024-05-24 | 成都乐超人科技有限公司 | Artificial intelligence-based anti-fraud transaction identification method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103714479A (en) | Intelligent centralized monitor method and system for bank personal business fraudulent conducts | |
| CN110866820A (en) | Real-time monitoring system, method, equipment and storage medium for banking business | |
| CN100568193C (en) | The system and method that is used for performance management in the multilayer computing environment | |
| CN110223146B (en) | System and method for monitoring whole process of electricity purchasing service of customer | |
| KR102058697B1 (en) | Financial fraud detection system by deeplearning neural-network | |
| CN106656627A (en) | Performance monitoring and fault positioning method based on service | |
| CN109120428B (en) | Method and system for wind control analysis | |
| CN109784759A (en) | A kind of Internal Audit system based on block chain technology | |
| CN103246735A (en) | Abnormal data processing method and abnormal data processing system | |
| CN101908194A (en) | Method for monitoring corporate bank loan | |
| CN103247001A (en) | Cash flow management system | |
| CN105279614A (en) | Business auditing system based on process and method thereof | |
| CN101246619A (en) | Monitoring system | |
| CN111275391A (en) | Online asset intelligent distribution system and method | |
| CN114238414A (en) | Monitoring method and device for suspicious transaction data of money laundering prevention | |
| KR102028342B1 (en) | System and method for supporting real-time financial business provision and decision making using data process solution | |
| CN117709901A (en) | Whole-flow control method and system for technological achievements based on blockchain | |
| CN117391440A (en) | Enterprise information reconnaissance platform and method | |
| CN115730909A (en) | Enterprise client information management system | |
| CN107016528A (en) | A kind of internet collection big data intelligent service system and its operation method | |
| CN107257289A (en) | A kind of risk analysis equipment, monitoring system and monitoring method | |
| CN115858489A (en) | Transaction processing method and device based on data migration, computer equipment and medium | |
| CN114723548A (en) | Data processing method, apparatus, device, medium, and program product | |
| WO2022193415A1 (en) | Data generation method and apparatus, computer device, and storage medium | |
| CN114596162A (en) | Intelligent carbon transaction service management system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140409 |