CN105844475A - Risk control method and risk control apparatus - Google Patents

Risk control method and risk control apparatus Download PDF

Info

Publication number
CN105844475A
CN105844475A CN201610152288.3A CN201610152288A CN105844475A CN 105844475 A CN105844475 A CN 105844475A CN 201610152288 A CN201610152288 A CN 201610152288A CN 105844475 A CN105844475 A CN 105844475A
Authority
CN
China
Prior art keywords
risk
communication data
data
communication
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610152288.3A
Other languages
Chinese (zh)
Inventor
郑明忠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Liulianghai Technology Chengdu Co Ltd
Original Assignee
Liulianghai Technology Chengdu Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Liulianghai Technology Chengdu Co Ltd filed Critical Liulianghai Technology Chengdu Co Ltd
Priority to CN201610152288.3A priority Critical patent/CN105844475A/en
Publication of CN105844475A publication Critical patent/CN105844475A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • G06Q30/0185Product, service or business identity fraud

Landscapes

  • Business, Economics & Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Accounting & Taxation (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Finance (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Embodiments of the invention provide a risk control method and a risk control apparatus. The risk control method comprises the following steps of receiving communication data transmitted by a communication platform; decomposing the communication data transmitted by the communication platform according to a plurality of preset different data attributes to acquire a communication data component corresponding to each data attribute, and accumulating the communication data component corresponding to each data attribute respectively to acquire an accumulation amount of the communication data component corresponding to each data attribute; using a preset screening strategy to screen the accumulation amount of the communication data component corresponding to each data attribute so as to acquire risk communication data with a risk; calculating a risk value of the risk communication data, comparing the risk value to a preset risk threshold, and when the risk value is greater than the preset risk threshold, sending a risk message to a communication platform. In the prior art, entire knife cutting is used so that a risk monitoring effect is poor and risk monitoring is not comprehensive. By using the method and the apparatus of the invention, the above problems are solved, and the effect and comprehensiveness of the risk monitoring are increased.

Description

Risk control method and risk control device
Technical field
The present invention relates to the relevant technical field of risk management and control, in particular to one It is applied to telecom operators and risk is carried out risk control method and the risk control of management and control Device.
Background technology
In prior art, in order to control the fraud loss of (such as telecommunications industry operator), The method generally used is to formulate risk supervision rule, and by risk supervision rule Online communication data is monitored.The existing method setting up risk supervision is the most logical Cross risk supervision rule to the risk subjects finding out in business, such as, advise when risk supervision Then it is defined as " if the odd-numbered day added up the duration of call more than 10 hours, then generate risk Record ", then meet above-mentioned condition once user's communication behavior, then will feed back at once To telecom operators and generate risk record.Therefore can effectively find in real time business Risk, control the risk that is spoofed of telecom operators.
But, it is overall that the thresholding set in above-mentioned risk supervision rule is in accordance with business Average level sets.Such as, the door restrictor of certain portfolio is set to the equal of all data Value and 3 times of variance sums, consequently, it is possible to exceed this door by the user of only 0.13% Limit, and only have these certain customers can be identified as abnormal user.And need exception User be analyzed examining, but the actual user finding these exceptions is no lack of operation The big customer of business, even some corporate clients, because this type of client traffic is very big, The most there is not risk, easily produce mistake.Meanwhile, the use of remaining 99.87% In family, though it is little but there is individual example persistently swindled to there is portfolio too, need Now undiscovered, the most existing hit rate finding that user is abnormal is the highest, exists serious The problem of missing inspection.
Meanwhile, existing most risk monitoring and controls can only find known risk, accomplishes afterwards Then the rule analyzing risk formulates risk supervision rule.But along with pushing away of business comprehensively OK, various leak may be there is and be spoofed molecule utilization, produce novel Fraudulent mean, passive prevention and control can not really be retrieved a loss simply.
Summary of the invention
In view of the foregoing, the present invention the first preferred embodiment provides a kind of risk control Method, is applied to and the server of communications platform communication connection.Described method includes:
Receive the communication data that described communications platform sends;
The communication data sent by described communications platform is according to default multiple different number Carry out decomposing according to attribute and obtain the communication data component that each data attribute is corresponding, to often The communication data component that individual data attribute is corresponding carries out being accumulated by each data respectively and belongs to The cumulative amount of the communication data component that property is corresponding;
The cumulative amount of communication data component corresponding for described each data attribute is used pre- The screening strategy first set screens, and obtains existing the risk communication data of risk; And
Calculate the value-at-risk of described risk communication data, by described value-at-risk and default wind Danger threshold value compares, and when described value-at-risk is more than described default risk threshold value, sends out Air-supply danger message gives described communications platform.
The present invention the second preferred embodiment provides a kind of risk control method, is applied to phase Communications platform, user terminal and the server of communication connection, described method bag between Hu Include:
Described server receives the communication data that described communications platform sends;
The communication data that described communications platform is sent by described server is according to default many Individual different data attribute carries out decomposing and obtains the communication data that each data attribute is corresponding Component, is accumulated by respectively to the communication data component that each data attribute is corresponding The cumulative amount of the communication data component that each data attribute is corresponding;
Described server tiring out communication data component corresponding for described each data attribute Metering uses screening strategy set in advance to screen, and obtains existing the risk of risk Communication data;
Described server calculates the value-at-risk of described risk communication data, by described risk Value compares with default risk threshold value, when described value-at-risk is more than described default risk During threshold value, send risk message to described communications platform;
Described communications platform controls the communication of described user terminal according to described risk message State.
The present invention the 3rd preferred embodiment provides a kind of risk control device, be applied to The server of communications platform communication connection.Described device includes:
Receiver module, for receiving the communication data that described communications platform sends;
Data are decomposed and accumulation module, for the communication number sent by described communications platform Each data attribute is obtained according to carrying out decomposition according to default multiple different data attribute Corresponding communication data component, divides the communication data component that each data attribute is corresponding Do not carry out being accumulated by the cumulative amount of communication data component corresponding to each data attribute;
Screening module, for by communication data component corresponding for described each data attribute Cumulative amount use screening strategy set in advance screen, obtain there is risk Risk communication data;And
Calculate and sending module, for calculating the value-at-risk of described risk communication data, Described value-at-risk is compared with default risk threshold value, when described value-at-risk is more than institute When stating default risk threshold value, send risk message to described communications platform.
Compared with prior art, the risk control method that present pre-ferred embodiments provides And risk control device.By the division that the communication data of reception is carried out is obtained each The cumulative amount of single communication data component, adding up above-mentioned each communication data component Amount is brought in default screening strategy the value-at-risk obtaining correspondence, and by this wind The judgement of danger value judges whether real risk.Meanwhile, detection user is used The abrupt climatic change of custom vestige makes up the control unknown risks that default screening strategy can't detect. Thus it is poor to solve the monitoring effect that in prior art, whole cutter incisal guide causes, and monitors incomplete Problem, improves the effect of monitoring with comprehensive.
For making the above-mentioned purpose of the present invention, feature and advantage to become apparent, Preferred embodiment cited below particularly, and coordinate appended accompanying drawing, it is described in detail below.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, below will be to reality Execute the required accompanying drawing used in example to be briefly described, it will be appreciated that the following drawings Illustrate only certain embodiments of the present invention, be therefore not construed as the limit to scope Fixed, for those of ordinary skill in the art, before not paying creative work
Put, it is also possible to obtain other relevant accompanying drawings according to these accompanying drawings.
Fig. 1 is user terminal, communications platform and the clothes that present pre-ferred embodiments provides The mutual schematic diagram of business device.
Fig. 2 is the block diagram of the server shown in Fig. 1.
Fig. 3 be first embodiment of the invention provide be applied to server shown in Fig. 1 The flow chart of risk control method.
Fig. 4 be second embodiment of the invention provide be applied to user terminal shown in Fig. 1, The flow chart of the risk control method of communications platform and server.
Fig. 5 is the structural representation of the risk control device that third embodiment of the invention provides Block diagram.
Main element symbol description
Detailed description of the invention
Below in conjunction with accompanying drawing in the embodiment of the present invention, to the skill in the embodiment of the present invention Art scheme is clearly and completely described, it is clear that described embodiment is only The a part of embodiment of the present invention rather than whole embodiments.Generally at accompanying drawing herein Described in and the assembly of the embodiment of the present invention that illustrates can come with various different configurations Arrange and design.Therefore, below to the embodiments of the invention provided in the accompanying drawings Describe the scope of claimed invention of being not intended to limit in detail, but only table Show the selected embodiment of the present invention.Based on embodiments of the invention, people in the art The every other embodiment that member is obtained on the premise of not making creative work, Broadly fall into the scope of protection of the invention.
It should also be noted that similar label and letter represent similar terms in following accompanying drawing, Therefore, the most a certain Xiang Yi accompanying drawing is defined, then in accompanying drawing subsequently not Need it to be defined further and explains.Meanwhile, in describing the invention, Term " first ", " second " etc. be only used for distinguish describe, and it is not intended that instruction or Hint relative importance.
As it is shown in figure 1, be that the user terminal 100 that present pre-ferred embodiments provides leads to Cross the mutual schematic diagram that communications platform 200 communicates with server 300.Described communication is put down Platform 200 can set up described user terminal 100 and described server 300 by network Between communication, to realize between described user terminal 100 and described server 300 Data communication and mutual.
In the present embodiment, communications platform 200 and server 300 be not it may be that but limit In, computer installation or server.As in figure 2 it is shown, be the server shown in Fig. 1 The block diagram of 300.Described server 300 can include risk control device 310, First memory 311, first processor 312 and the first communication unit 313.
Described first memory 311, first processor 312 and the first communication unit 313 each elements are electrically connected with the most directly or indirectly, to realize the biography of data Defeated or mutual.Such as, these elements each other can be total by one or more communication Line or holding wire realize being electrically connected with.Described risk control is pretended 310 and is included at least one Individual can be stored in described first memory with the form of software or firmware (firmware) In 311 or be solidificated in described server 300 operating system (operating system, OS) software function module in.Described first processor 312 is used for performing described The executable module of storage, the most described risk control device 310 in one memorizer 311 Included software function module and computer program etc..
Wherein, described first memory 311 may be, but not limited to, random access memory Memorizer (Random Access Memory, RAM), read only memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory, EPROM), electric erasable is read-only Memorizer (Electric Erasable Programmable Read-Only Memory, EEPROM) etc..Wherein, first memory 311 is used for storing program, and described One processor 312, after receiving execution instruction, performs described program.Described first Communication unit 313 is for setting up described communications platform 200 and user by described network Communication connection between terminal 100 and server 300, and for by described network Transceiving data.
First embodiment
Refer to Fig. 3, be first embodiment of the invention provide be applied to communicate flat The flow chart of the risk control method of the server 300 that platform 200 connects.Below by right Idiographic flow and the step of Fig. 3 are described in detail.
Step S401, receives the communication data that described communications platform 200 sends.
In this specific embodiment, described server 300 receives described communications platform 200 The user that (such as: telecom operators, mobile operator and operator of UNICOM etc.) sends Communication data.Wherein, described communication data may include that communication serial number, user Mark, calling number, called number, initial time, the end time, the duration of call, Call character (long-distance or short distance), rate, expense and discount etc..
Step S402, the communication data sent by described communications platform 200 is according to presetting Multiple different data attributes carry out decomposing and obtain the communication that each data attribute is corresponding Data component, adds up respectively to the communication data component that each data attribute is corresponding Obtain the cumulative amount of communication data component corresponding to each data attribute.
In this specific embodiment, the communication data that described server 300 will receive Decompose according to different pieces of information attribute.Described data attribute can include but not limited to The content that above-mentioned communication data includes, such as: the duration of call, air time, call Place, call character (long-distance or short distance), the pass between cost of the phone call and calling user System etc..
Specifically, when described server 300 receives a communication data, described clothes This communication data is carried out decomposition according to different data attributes and obtains different pieces of information by business device The corresponding communication data component of attribute, by different user or user group (individual User group or enterprise customer colony) the communication data component of different pieces of information attribute enter Row is accumulative to be added, and obtains the tired of communication data component corresponding to corresponding each data attribute Metering.
Illustrate, when for individual consumer (such as: user Zhang San), from logical Letter data obtains the communication data that each data attribute relevant to user Zhang San is corresponding Component (such as: the air time), by being somebody's turn to do before this communication data component and Zhang San Communication data component carries out being accumulated by Zhang San within a period of time (such as one month) The cumulative amount (cumulative amount of air time) of communication data component.When for user group Time, it is thus achieved that the mode of the cumulative amount of each communication data component and the mode of above-mentioned individual Identical.
Step S403, tiring out communication data component corresponding for described each data attribute Metering uses screening strategy set in advance to screen, and obtains existing the risk of risk Communication data.
In this specific embodiment, described screening strategy set in advance is according to user class The difference of type can include but not limited to, for the strategy that different user is corresponding, for The strategy that the user that differs of custom is corresponding, for the plan that user in zones of different is corresponding Slightly, for the relative strategy of all ages and classes user and for dissimilar (individual or enterprise Industry) strategy corresponding to user.By relative for different user strategy association so that Screening strategy has more specific aim.Specific algorithm according to screening strategy is different, described Screening strategy can include three classes, i.e. fixed class strategy, increment class strategy and score class Strategy.Wherein, fixed class strategy can include the requirement of single attribute data or multiple The requirement of attribute data, such as, user's amount of money of conversing the same day more than 1000 yuan, or User's odd-numbered day converses more than 500 yuan and talk times is more than 50 times.Described increment class plan Slightly can also include increment or the increment of multiple attribute data of single attribute data, If user's amount of money of conversing the same day is beyond history a period of time call 3 times of the amount of money, or use The family amount of money of conversing the same day exceedes 2 times of history a period of time call amount of money and user same day Air time exceedes 2 times of air time history a period of time.Described meter classification policy The all properties data of user are carried out incremental detection, and obtains value-at-risk, concrete wind The computational methods of danger value refer to the content that step S404 is relevant.
In a kind of better embodiment of this specific embodiment, step S403 is all right Control unknown risks is identified, according to the communication data that described each data attribute is corresponding Whether the cumulative amount of component judges the use habit of the user corresponding to described communication data Change, when described user's use habit changes, calculate described every number According to the value-at-risk corresponding to the communication data that attribute is corresponding.
Specifically, such as, lead to conventional in Shenzhen and user of the number attribution of user The call caller ground of words custom display user is all in Shenzhen, when leading to of this user some day When being changed to Shanghai to words caller, the call caller of this user is become by described server The event changed carries out record, and described server detects this user by described communications platform Follow-up paying behaviors, if user completes normally to pay the fees, described server should by adjustment The strategy of consumer's risk detection reduces the significance level of strange land communicating data attribute (i.e. to be weighed Weight), user occurs that number of times that above-mentioned strange land is called is the most and follow-up just all completes Often payment, then the significance level of strange land communicating data attribute is the least, such that it is able to subtract Few misinformation probability.If user occurs that arrearage is broken a contract, described server is by this user of adjustment The strategy of risk supervision increases the significance level of strange land communicating data attribute, when user goes out After the call of existing strange land, the number of times of telephone expenses promise breaking is the most, and corresponding this client that do not allows is carried out The probability that strange land is called is the biggest.Meanwhile, server can also be by individual Colony carries out above-mentioned behavior monitoring, when individual colony in more than a predetermined number people (as 1%) occur in that when use habit changes arrearage is broken a contract, then server should Use habit changes and adds described default screening strategy to as new risk supervision strategy In for individual colony carry out risk supervision.
Step S404, calculates the value-at-risk of described risk communication data, by described risk Value compares with default risk threshold value, when described value-at-risk is more than described default risk During threshold value, send risk message to described communications platform 200.
When for fixed class strategy, the requirement of individual data or multiple data demand meet During strategy, the value-at-risk of corresponding risk communication data is judged as exceeding predetermined threshold value. When multiple data demands exist a situation being unsatisfactory for strategy, corresponding risk communication The value-at-risk of data is judged as being not above predetermined threshold value.
When for increment class strategy and meter classification policy, the computational algorithm of described value-at-risk Below equation can be used: Y=k1a1+k2a2+k3a3+……+knan, wherein k1、k2、 k3... knIt is respectively the coefficient preset, for representing each data attribute above-mentioned Significance level, a1、a2、a3... anRepresent the variable of each data attribute respectively. When for increment class strategy, each data attribute not contained in risk communication data is corresponding Coefficient k be 0.When for meter classification policy, because this strategy is to own user Data attribute carries out incremental detection, wherein k1、k2、k3... knAccording to each number Relative set is carried out according to the significance level of attribute.
In this specific embodiment, when by the value-at-risk obtained calculated above with preset Risk threshold value is compared, when calculated value-at-risk is more than described default risk During threshold value, send risk information to described communications platform 200.
In a kind of better embodiment of this specific embodiment, described server 300 The described risk communication data also described value-at-risk exceeding described default risk threshold value are entered Row storage.And be trained obtaining new screening to the described risk communication data of storage Strategy, adds to described new screening strategy in described screening strategy set in advance. Described server 300 is follow-up according to the user that the described risk communication data of storage are corresponding Payment situation judge the credit of this user, when there is payment promise breaking in this user, will The described risk communication data of this storage are as the reference data of new screening strategy and use In new screening strategy is trained.
Specifically, described server is to corresponding follow-up of described storage risk communication data Situation is tracked, and changes described predetermined threshold value according to following the tracks of result.Hereinafter lift Example illustrates.Such as, in set risk policy, when user Dan Tian calls Duration constantly risk information will be sent to communications platform 200 little more than 10, but use There is repeatedly Dan Tian and call duration more than 10 hours in family, but this user does not occur The behavior of arrearage promise breaking, described server 300 can be automatically by sieve corresponding for this user Choosing strategy threshold settings be this repeatedly call the time in clock the longest once time Between or the set of time get Geng Gao that will call.
Second embodiment
Refer to Fig. 4, be being applied to each other of second embodiment of the invention offer Communications platform 200, user terminal 100 and the risk of server 300 of communication connection The flow chart of control method.Idiographic flow and the step of Fig. 4 will be carried out in detail below Illustrate.
Step S501, described server 300 receives what described communications platform 200 sent Communication data.
Step S502, it is logical that described communications platform 200 is sent by described server 300 Letter data carries out decomposition according to default multiple different data attribute and obtains each data The communication data component that attribute is corresponding, divides the communication data that each data attribute is corresponding Amount carries out being accumulated by the accumulative of communication data component corresponding to each data attribute respectively Amount.
Step S503, corresponding for described each data attribute is led to by described server 300 The cumulative amount of letter data component uses screening strategy set in advance to screen, and obtains There are the risk communication data of risk.
Step S504, described server 300 calculates the risk of described risk communication data Value, compares described value-at-risk with default risk threshold value, when described value-at-risk is big When described default risk threshold value, send risk message to described communications platform 200.
In this specific embodiment, step S501~the specific implementation of step S504 Identical with step S401 in first embodiment~step S404, detailed content sees first Embodiment just repeats no more at this.
Step S505, described communications platform 200 controls described according to described risk message The communications status of user terminal 100.
In a kind of better embodiment of this specific embodiment, step S505 is specially Described communications platform 200 sends communication data indicating risk information to described user terminal 100, described user terminal 100 shows described communication data indicating risk information;Receive The confirmation of described communication data indicating risk information is operated by user;Behaviour is confirmed when described When being triggered, described communications platform 200 is by the communication of described user terminal 100 Disconnected.
Specifically, as a example by user behavior custom changes.The number attribution of user exists Shenzhen and user conventional call custom display user call caller ground all in Shenzhen, When some day this user call caller be changed to Shanghai time, described communications platform will Can using user habit trail change as an indicating risk information (such as: PLSCONFM this Strange land (Shanghai) call is effectively) it is sent on user terminal, it should be appreciated that Indicating risk information can be sent to the user terminal 100 of this user correspondence customer manager On (such as: mobile phone, computer), it is also possible to be sent to and abnormal communication behavior occurs User terminal 100 corresponding to the telephone number that telephone number is associated.When risk carries When showing the user terminal 100 that information can be sent to this user correspondence customer manager, visitor Family manager confirm above-mentioned indicating risk information, when customer manager selects to ignore this During indicating risk information, this user can be normally carried out call.When customer manager selects When confirming indicating risk information, communications platform 200 can assert that this call is for abnormal logical Words can be pointed out user to hang up or directly cut off the call of user.Work as indicating risk Information is sent to and the telephone number institute occurring that abnormal communication behavior telephone number is associated During corresponding user terminal 100, by the user of the user terminal holding this associated numbers Perform the operation of above-mentioned customer manager.In actual life, increasing user uses Multiple mobile phones, can run into the situation that mobile phone is lost or card number is replicated by people unavoidably, Occur, during abnormal communication behavior, indicating risk information is sent to mobile phone associated there User or the loss of communications platform 200 can be reduced.
3rd embodiment
The structure of the risk control device 310 that Fig. 5 provides for third embodiment of the invention Schematic block diagram, refer to Fig. 5, and the risk control device 310 that the present embodiment provides can For realizing the risk control method that first embodiment proposes, described in the present embodiment Risk control device may include that receiver module 3101, data are decomposed and accumulation module 3102, screen module 3103 and calculate and sending module 3104, described risk control Device 310 is applied to server 300.
Described receiver module 3101, for receiving the logical of described communications platform 200 transmission Letter data.
Described data are decomposed and accumulation module 3102, for by described communications platform 200 The communication data sent carries out decomposition according to default multiple different data attribute and obtains The communication data component that each data attribute is corresponding, to corresponding the leading to of each data attribute The communication data that letter data component carries out being accumulated by each data attribute corresponding respectively divides The cumulative amount of amount.
Described screening module 3103, for by communication corresponding for described each data attribute The cumulative amount of data component uses screening strategy set in advance to screen, and is deposited Risk communication data in risk.
In the present embodiment, described screening module 3103 is additionally operable to according to described every number Judge corresponding to described communication data according to the cumulative amount of communication data component corresponding to attribute The use habit of user whether change, become in described user's use habit During change, calculate the value-at-risk corresponding to communication data that described each data attribute is corresponding.
Described calculating and sending module 3104, for calculating described risk communication data Value-at-risk, compares described value-at-risk with default risk threshold value, when described risk When value is more than described default risk threshold value, send risk message to described communications platform.
In the present embodiment, described risk control device 310 can also include: storage Module 3105 and training module 3106.Wherein, described memory module 3105 is for inciting somebody to action Described value-at-risk exceedes the described risk communication data of described default risk threshold value and deposits Storage.Described training module 3106, for carrying out the described risk communication data of storage Training obtain new screening strategy, described new screening strategy is added to described in advance In the screening strategy set.
In several embodiments provided herein, it should be understood that disclosed Apparatus and method, it is also possible to realize by another way.Device described above Embodiment is only that schematically such as, flow chart and block diagram in accompanying drawing show The device of multiple embodiments according to the present invention, method and computer program product can Architectural framework, function and the operation that can realize.In this, in flow chart or block diagram Each square frame can represent a module, program segment or a part for code, described A part for module, program segment or code comprises one or more for realizing regulation The executable instruction of logic function.It should also be noted that at some as the realization replaced In mode, the function that marked in square frame can also be marked in accompanying drawing to be different from Order occurs.Such as, two continuous print square frames can essentially perform substantially in parallel, They can also perform sometimes in the opposite order, and this is depending on involved function. It is also noted that each square frame in block diagram and/or flow chart and block diagram and/ Or the combination of the square frame in flow chart, can be with performing the function of regulation or the special of action Hardware based system realize, or can refer to computer with specialized hardware The combination of order realizes.
It addition, each functional module in each embodiment of the present invention can be integrated in one Rise and form an independent part, it is also possible to be modules individualism, it is also possible to Two or more modules are integrated to form an independent part.
If described function realizes and as independent product using the form of software function module When product are sold or use, can be stored in a computer read/write memory medium. Based on such understanding, technical scheme is the most in other words to prior art The part of the part contributed or this technical scheme can be with the form of software product Embodying, this computer software product is stored in a storage medium, if including Dry instruction with so that computer equipment (can be personal computer, server, Or the network equipment etc.) perform the whole or portion of method described in each embodiment of the present invention Step by step.And aforesaid storage medium includes: USB flash disk, portable hard drive, read-only storage Device (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc. are various can store program The medium of code.It should be noted that in this article, such as the first and second grades it The relational terms of class is used merely to an entity or operates and another entity or behaviour Make a distinction, and not necessarily require or imply existence between these entities or operation The relation of any this reality or order.And, term " includes ", " comprising " or Its any other variant of person is intended to comprising of nonexcludability, so that include one The process of list of elements, method, article or equipment not only include those key elements, and And also include other key elements being not expressly set out, or also include for this process, The key element that method, article or equipment are intrinsic.In the case of there is no more restriction, The key element limited by statement " including ... ", it is not excluded that including described key element Process, method, article or equipment in there is also other identical element.
The foregoing is only the preferred embodiments of the present invention, be not limited to this Invention, for a person skilled in the art, the present invention can have various change and Change.All within the spirit and principles in the present invention, any amendment of being made, equivalent Replacement, improvement etc., should be included within the scope of the present invention.It should also be noted that Similar label and letter in following accompanying drawing represent similar terms, therefore, once certain One is defined in an accompanying drawing, then need not carry out it in accompanying drawing subsequently Definition and explanation further.
The above, the only detailed description of the invention of the present invention, but the protection of the present invention Scope is not limited thereto, and any those familiar with the art is in the present invention In the technical scope disclosed, change can be readily occurred in or replace, all should contain at this Within bright protection domain.Therefore, protection scope of the present invention should described be wanted with right The protection domain asked is as the criterion.

Claims (10)

1. a risk control method, is applied to and the service of communications platform communication connection Device, it is characterised in that described method includes:
Receive the communication data that described communications platform sends;
The communication data sent by described communications platform is according to default multiple different number Carry out decomposing according to attribute and obtain the communication data component that each data attribute is corresponding, to often The communication data component that individual data attribute is corresponding carries out being accumulated by each data respectively and belongs to The cumulative amount of the communication data component that property is corresponding;
The cumulative amount of communication data component corresponding for described each data attribute is used pre- The screening strategy first set screens, and obtains existing the risk communication data of risk; And
Calculate the value-at-risk of described risk communication data, by described value-at-risk and default wind Danger threshold value compares, and when described value-at-risk is more than described default risk threshold value, sends out Air-supply danger message gives described communications platform.
2. risk control method as claimed in claim 1, it is characterised in that described Method also includes:
Described value-at-risk is exceeded the described risk communication data of described default risk threshold value Store;
It is trained obtaining new screening strategy to the described risk communication data of storage, Described new screening strategy is added in described screening strategy set in advance.
3. risk control method as claimed in claim 2, it is characterised in that described The described risk communication data of storage are trained obtaining the step of new screening strategy Including:
According to the payment situation that the user that the described risk communication data stored are corresponding is follow-up Judge the credit of this user, when payment promise breaking occurs in this user, by the institute of this storage State risk communication data as the reference data of new screening strategy and for new sieve Strategy is selected to be trained.
4. risk control method as claimed in claim 1 or 2, it is characterised in that Described by pre-for the cumulative amount use of communication data component corresponding for described each data attribute The step that the screening strategy first set carries out screening includes:
Cumulative amount according to communication data component corresponding to described each data attribute judges Whether the use habit of the user corresponding to described communication data changes, described When user's use habit changes, calculate the communication that described each data attribute is corresponding Value-at-risk corresponding to data.
5. risk control method as claimed in claim 1, it is characterised in that described The step of the value-at-risk calculating described risk communication data includes:
According to formula Y=k1a1+k2a2+k3a3+……+knanCalculate described risk communication The value-at-risk of data, wherein k1、k2、k3... knIt is respectively the coefficient preset, For representing the significance level of each data attribute above-mentioned, a1、a2、a3... anPoint Not representing the variable of each data attribute, Y represents value-at-risk.
6. a risk control method, the communication being applied to communicate to connect each other is put down Platform, user terminal and server, it is characterised in that described method includes:
Described server receives the communication data that described communications platform sends;
The communication data that described communications platform is sent by described server is according to default many Individual different data attribute carries out decomposing and obtains the communication data that each data attribute is corresponding Component, is accumulated by respectively to the communication data component that each data attribute is corresponding The cumulative amount of the communication data component that each data attribute is corresponding;
Described server tiring out communication data component corresponding for described each data attribute Metering uses screening strategy set in advance to screen, and obtains existing the risk of risk Communication data;
Described server calculates the value-at-risk of described risk communication data, by described risk Value compares with default risk threshold value, when described value-at-risk is more than described default risk During threshold value, send risk message to described communications platform;And
Described communications platform controls the communication of described user terminal according to described risk message State.
7. risk control method as claimed in claim 6, it is characterised in that: described Communications platform controls the step of the communications status of described user terminal according to described risk message In Zhou,
Described communications platform sends communication data indicating risk information to described user terminal;
Communication data indicating risk information described in described user terminal displays, receives institute State the confirmation operation of communication data indicating risk information;
When described confirmation operation is triggered, described communications platform is by described user terminal Communication disruption.
8. a risk control device, is applied to and the service of communications platform communication connection Device, it is characterised in that described device includes:
Receiver module, for receiving the communication data that described communications platform sends;
Data are decomposed and accumulation module, for the communication number sent by described communications platform Each data attribute is obtained according to carrying out decomposition according to default multiple different data attribute Corresponding communication data component, divides the communication data component that each data attribute is corresponding Do not carry out being accumulated by the cumulative amount of communication data component corresponding to each data attribute;
Screening module, for by communication data component corresponding for described each data attribute Cumulative amount use screening strategy set in advance screen, obtain there is risk Risk communication data;And
Calculate and sending module, for calculating the value-at-risk of described risk communication data, Described value-at-risk is compared with default risk threshold value, when described value-at-risk is more than institute When stating default risk threshold value, send risk message to described communications platform.
9. risk control device as claimed in claim 8, it is characterised in that described Device also includes:
Memory module, for exceeding the institute of described default risk threshold value by described value-at-risk State risk communication data to store;And
Training module, for being trained obtaining to the described risk communication data of storage New screening strategy, adds described new screening strategy to described sieve set in advance Select in strategy.
10. risk control device as claimed in claim 8 or 9, it is characterised in that: The communication data that described screening module is additionally operable to according to described each data attribute is corresponding divides The cumulative amount of amount judges whether the use habit of the user corresponding to described communication data is sent out Changing, when described user's use habit changes, calculates described each data The value-at-risk corresponding to communication data that attribute is corresponding.
CN201610152288.3A 2016-03-17 2016-03-17 Risk control method and risk control apparatus Pending CN105844475A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610152288.3A CN105844475A (en) 2016-03-17 2016-03-17 Risk control method and risk control apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610152288.3A CN105844475A (en) 2016-03-17 2016-03-17 Risk control method and risk control apparatus

Publications (1)

Publication Number Publication Date
CN105844475A true CN105844475A (en) 2016-08-10

Family

ID=56587228

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610152288.3A Pending CN105844475A (en) 2016-03-17 2016-03-17 Risk control method and risk control apparatus

Country Status (1)

Country Link
CN (1) CN105844475A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106790560A (en) * 2016-12-26 2017-05-31 北京五八信息技术有限公司 A kind of risk control method and device of electronics notice information
CN108805725A (en) * 2018-05-28 2018-11-13 平安科技(深圳)有限公司 Risk case confirmation method, server and computer readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102722814A (en) * 2012-06-01 2012-10-10 汪德嘉 Self-adaption controllable management system for cheat risk of online transaction
CN104113626A (en) * 2014-06-26 2014-10-22 北京奇虎科技有限公司 Communication processing method and system
CN104469025A (en) * 2014-11-26 2015-03-25 杭州东信北邮信息技术有限公司 Clustering-algorithm-based method and system for intercepting fraud phone in real time
CN104965844A (en) * 2014-12-29 2015-10-07 腾讯科技(深圳)有限公司 Information processing method and apparatus
CN105243566A (en) * 2015-10-28 2016-01-13 联动优势科技有限公司 Method and apparatus for evaluating credit of users through different mobile phone number information from operators

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102722814A (en) * 2012-06-01 2012-10-10 汪德嘉 Self-adaption controllable management system for cheat risk of online transaction
CN104113626A (en) * 2014-06-26 2014-10-22 北京奇虎科技有限公司 Communication processing method and system
CN104469025A (en) * 2014-11-26 2015-03-25 杭州东信北邮信息技术有限公司 Clustering-algorithm-based method and system for intercepting fraud phone in real time
CN104965844A (en) * 2014-12-29 2015-10-07 腾讯科技(深圳)有限公司 Information processing method and apparatus
CN105243566A (en) * 2015-10-28 2016-01-13 联动优势科技有限公司 Method and apparatus for evaluating credit of users through different mobile phone number information from operators

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106790560A (en) * 2016-12-26 2017-05-31 北京五八信息技术有限公司 A kind of risk control method and device of electronics notice information
CN106790560B (en) * 2016-12-26 2020-12-15 北京五八信息技术有限公司 Risk control method and device for electronic notice information
CN108805725A (en) * 2018-05-28 2018-11-13 平安科技(深圳)有限公司 Risk case confirmation method, server and computer readable storage medium
CN108805725B (en) * 2018-05-28 2023-04-07 平安科技(深圳)有限公司 Risk event confirmation method, server, and computer-readable storage medium

Similar Documents

Publication Publication Date Title
Becker et al. Fraud detection in telecommunications: History and lessons learned
US9774460B2 (en) Determining usage predictions and detecting anomalous user activity through traffic patterns
US10021251B2 (en) Methods, systems, and products for monitoring service usage
US10686681B2 (en) Systems and methods for measuring effective customer impact of network problems in real-time using streaming analytics
Kou et al. Survey of fraud detection techniques
CN102802133B (en) Junk information identification method, device and system
EP1629617B1 (en) Method and system for providing fraud detection for remote access services
US20120054136A1 (en) System And Method For An Auto-Configurable Architecture For Managing Business Operations Favoring Optimizing Hardware Resources
EP2648145A1 (en) System and method for filtering spam messages based on user reputation
CN104704524A (en) Information disclosure system, information disclosure server, communication terminal, information disclosure method, and non-temporary computer-readable medium
US20110106579A1 (en) System and Method of Management and Reduction of Subscriber Churn in Telecommunications Networks
US20060269050A1 (en) Adaptive fraud management systems and methods for telecommunications
CN111917574A (en) Social network topology model and construction method thereof, user confidence degree and intimacy degree calculation method and telecommunication fraud intelligent interception system
KR102200253B1 (en) System and method for detecting fraud usage of message
CN105844475A (en) Risk control method and risk control apparatus
CN101198091A (en) Method for control user arrearages
KR20130083286A (en) System for processing spam for mobile phone
CN111752932B (en) Client data processing system and method based on knowledge management
CN115037836A (en) Terminal shutdown processing method and device and electronic equipment
Bisogni et al. The European perspective of telecommunications as a critical infrastructure
Human et al. Surprise fraudsters before they surprise you: A South African telecommunications case study
Rosas et al. Telecommunications fraud: problem analysis-an agent-based KDD perspective
CA2625757A1 (en) An intelligence system for the processing of electronic billing data
Mamčenko et al. Data mining process for fraud detection in mobile communication
CN116342178A (en) Method and device for identifying competitive hand-digging robbing behaviors

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160810