CN109272404B - Service authorization method and device - Google Patents

Service authorization method and device Download PDF

Info

Publication number
CN109272404B
CN109272404B CN201811030018.0A CN201811030018A CN109272404B CN 109272404 B CN109272404 B CN 109272404B CN 201811030018 A CN201811030018 A CN 201811030018A CN 109272404 B CN109272404 B CN 109272404B
Authority
CN
China
Prior art keywords
authorization
transaction information
transaction
static
dynamic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811030018.0A
Other languages
Chinese (zh)
Other versions
CN109272404A (en
Inventor
郑建
彭慧琴
高原
张琳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
Original Assignee
China Construction Bank Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp filed Critical China Construction Bank Corp
Priority to CN201811030018.0A priority Critical patent/CN109272404B/en
Publication of CN109272404A publication Critical patent/CN109272404A/en
Application granted granted Critical
Publication of CN109272404B publication Critical patent/CN109272404B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Abstract

The invention provides a business authorization method and a business authorization device, which relate to the technical field of computers and can receive transaction information sent by a front-end platform; when the transaction information triggers a preset authorization mechanism, integrating authorization rules corresponding to the transaction information, generating integrated authorization information and sending the integrated authorization information to a front-end platform so as to check the transaction information; the message field of the checking and integrating authorization information returned by the front-end platform is received, and the financial processing is carried out according to the message field, so that the problems of long transaction processing and client waiting time and large authorization workload of authorized personnel of a website or a background business processing center are effectively solved, and the user experience and the client experience are improved.

Description

Service authorization method and device
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method and an apparatus for service authorization.
Background
With the continuous increase of the number of clients and the business volume, the business handling efficiency of the network nodes becomes a key factor for measuring the quality of service, and the teller of the network nodes can carry out authorization operation in the process of providing service transaction for the clients, which is an authority control means adopted for enhancing risk control, and the authorization focuses on the control and verification of business background, business risk and business handling compliance, and has the characteristic of high real-time performance.
Under the condition that the existing static authorization and dynamic authorization coexist, one transaction needs two authorization interaction processes at most, the static authorization belongs to business logic which can be judged and processed by a front end, the dynamic authorization belongs to business logic which can only be judged and processed by a back end, when the transaction has both static authorization and dynamic authorization rules, two authorization interactions are possibly generated at most, after the static authorization is triggered, the front end authorization is returned, the transaction is submitted to a background accounting system again after the front end authorization passes, the background accounting system returns the dynamic authorization needed, the transaction is submitted to the background accounting system again after the front end authorization passes, and after the accounting processing is successful, the business handling is finished. The two-time authorization requires the authorized teller to check the two-time authorization information, input two-time password or fingerprint information, and perform two-time authority judgment at the back end, so that the transaction processing time and the client waiting time are increased, and the authorization workload of authorized personnel of a website or a background service processing center is increased, thereby influencing the experience degree of users and clients.
Disclosure of Invention
In view of the above, the present invention provides a method and an apparatus for service authorization to alleviate the above technical problem.
In a first aspect, an embodiment of the present invention provides a service authorization method, where the method includes: receiving transaction information sent by a front-end platform; judging whether the transaction information triggers a preset authorization mechanism or not, wherein the authorization mechanism comprises a plurality of authorization rules; if so, integrating authorization rules corresponding to the transaction information to generate integrated authorization information; sending the integration authorization information to the front-end platform so that the front-end platform checks the transaction information; and receiving a message field returned by the front-end platform for checking and integrating the authorization information, and performing accounting processing according to the message field.
With reference to the first aspect, an embodiment of the present invention provides a first possible implementation manner of the first aspect, where before determining whether the transaction information triggers a preset authorization mechanism, the method further includes: and screening a plurality of authorization rules included by the authorization mechanism according to the transaction information.
With reference to the first possible implementation manner of the first aspect, an embodiment of the present invention provides a second possible implementation manner of the first aspect, where the multiple authorization rules include a static authorization rule corresponding to a static authorization mechanism and a dynamic authorization rule corresponding to a dynamic authorization mechanism; the step of judging whether the transaction information triggers a preset authorization mechanism comprises the following steps: judging whether the transaction elements contained in the transaction information meet the static authorization rules or not, and judging whether the transaction elements contained in the transaction information meet the dynamic authorization rules or not; wherein, the static authorization rule and the dynamic authorization rule are both the filtered authorization rules.
With reference to the second possible implementation manner of the first aspect, an embodiment of the present invention provides a third possible implementation manner of the first aspect, wherein the step of integrating the authorization rule corresponding to the transaction information includes: if the transaction elements contained in the transaction information only meet the static authorization rules, integrating the static authorization rules corresponding to the transaction information; if the transaction elements contained in the transaction information only meet the dynamic authorization rules, integrating the dynamic authorization rules corresponding to the transaction information; and if the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule, integrating the static authorization rule and the dynamic authorization rule corresponding to the transaction information.
With reference to the second possible implementation manner of the first aspect, an embodiment of the present invention provides a fourth possible implementation manner of the first aspect, where the method further includes: and when the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule, calling the dynamic authorization to prejudge the transaction.
In a second aspect, an embodiment of the present invention further provides a service authorization apparatus, where the apparatus includes: the first receiving module is used for receiving the transaction information sent by the front-end platform; the judging module is used for judging whether the transaction information triggers a preset authorization mechanism or not, wherein the authorization mechanism comprises a plurality of authorization rules; the integration module is used for integrating the authorization rule corresponding to the transaction information to generate integrated authorization information when the judgment result of the judgment module is yes; the sending module is used for sending the integrated authorization information to the front-end platform so that the front-end platform checks the transaction information; and the second receiving module is used for receiving the message field of the checking and integrating authorization information returned by the front-end platform and carrying out financial processing according to the message field.
With reference to the second aspect, an embodiment of the present invention provides a first possible implementation manner of the second aspect, where the apparatus further includes: and the screening module is used for screening a plurality of authorization rules included by the authorization mechanism according to the transaction information before judging whether the transaction information triggers the preset authorization mechanism.
With reference to the first possible implementation manner of the second aspect, an embodiment of the present invention provides a second possible implementation manner of the second aspect, where the multiple authorization rules include a static authorization rule corresponding to a static authorization mechanism and a dynamic authorization rule corresponding to a dynamic authorization mechanism; the judging module is also used for: judging whether the transaction elements contained in the transaction information meet the static authorization rules or not, and judging whether the transaction elements contained in the transaction information meet the dynamic authorization rules or not; wherein, the static authorization rule and the dynamic authorization rule are both the filtered authorization rules.
With reference to the second possible implementation manner of the second aspect, an embodiment of the present invention provides a third possible implementation manner of the second aspect, where the integration module is further configured to: if the transaction elements contained in the transaction information only meet the static authorization rules, integrating the static authorization rules corresponding to the transaction information; if the transaction elements contained in the transaction information only meet the dynamic authorization rules, integrating the dynamic authorization rules corresponding to the transaction information; and if the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule, integrating the static authorization rule and the dynamic authorization rule corresponding to the transaction information.
With reference to the second possible implementation manner of the second aspect, an embodiment of the present invention provides a fourth possible implementation manner of the second aspect, where the apparatus further includes: and the prejudgment module is used for calling the dynamic authorization prejudgment transaction when the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule.
The embodiment of the invention has the following beneficial effects: the embodiment of the invention provides a business authorization method and a business authorization device, which can receive transaction information sent by a front-end platform; when the transaction information triggers a preset authorization mechanism, integrating authorization rules corresponding to the transaction information, generating integrated authorization information and sending the integrated authorization information to a front-end platform so as to check the transaction information; the message field of the checking and integrating authorization information returned by the front-end platform is received, and the financial processing is carried out according to the message field, so that the problems of long transaction processing and client waiting time and large authorization workload of authorized personnel of a website or a background business processing center are effectively solved, and the user experience and the client experience are improved.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a service authorization method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a service authorization apparatus according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of another service authorization apparatus according to an embodiment of the present invention;
fig. 4 is a block diagram of a service authorization platform according to an embodiment of the present invention.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The business authorization is that the bank plays a secondary supervision role for some large-amount depositing, withdrawing and transferring money or special business, and is also a force-exerting means for strengthening the prevention and control risk of commercial banks, the authorization can not change the original operation and operation mode of the business, the submitter of the transaction is still the authorized person, and the authorized person only grants the processing authority of a certain operator to a certain transaction at one time. Common business authorization is divided into static authorization and dynamic authorization according to an authorization mode, wherein the static authorization refers to static authorization which is set in advance only according to transaction elements and transactions sent by a front-end teller. The condition that whether the transaction needs to be authorized or not can be judged, and if the transaction reaches the authority risk control threshold value, the authorization is static authorization; the dynamic authorization refers to a situation that whether the authorization is triggered or not cannot be directly judged according to transaction elements sent by a front-end teller, and a back-end component is required to perform calculation, or a service is called again to judge whether the authorization is triggered or not, such as the situation of accumulated withdrawal limit of the RMB on the same day, foreign exchange purchase limit and the like.
With the increasing of the bank business volume, the efficiency of the business authorization system directly determines the business handling efficiency. If the teller submits the authorization application and cannot respond in time, the teller and the client are in a waiting state, so that subsequent business cannot be handled, and the service quality of the whole website is seriously influenced. Under the system architecture system with separated front and back ends, if one transaction has both static authorization and dynamic authorization, the longest transaction path may have three sections, the first time is that the front end submits to the server to trigger static authorization and feed back the reason of the front end static authorization. And secondly, the front-end authorization submits the static authorization information and the transaction data to the server through the back transaction, the server submits the transaction to the back-end business accounting system, and the back-end business accounting system triggers the dynamic authorization and feeds back the reason of the back-end dynamic authorization. And thirdly, after the front-end dynamic authorization passes, the transaction data and the dynamic and static authorization information are submitted to the server again, and the server submits the back-end business system for accounting. At present, certain difficulty exists in integrating static authorization and dynamic authorization, and based on this, the service authorization method and device provided by the embodiment of the present invention can integrate dynamic and static authorization into one-time authorization, reduce the number of interactions between the front end and the back end of a system of the system once, reduce one-time service authorization, save service handling and customer waiting time, reduce the authorization workload of authorization personnel of a website or a background service processing center, and improve the experience of users and customers.
To facilitate understanding of the embodiment, a detailed description is first given of a service authorization method disclosed in the embodiment of the present invention.
An embodiment of the present invention provides a service authorization method, such as a flowchart of a service authorization method shown in fig. 1, where the method includes the following steps:
and step S102, receiving the transaction information sent by the front-end platform.
During specific implementation, the authorization interceptor receives transaction information sent by the front-end platform and acquires an authorization rule of the transaction according to the transaction information of the access request, wherein the authorization rule comprises a static authorization rule and a dynamic authorization rule, the static authorization rule is a risk control threshold value or an expression composed of multi-dimensional and multi-level front-end transaction elements set according to the transaction, the dynamic authorization rule is a multi-dimensional and multi-level risk control parameter or a parameter expression set by a back-end service system according to the transaction, and the transaction elements specifically refer to transaction data contained in the transaction information; the authorization interceptor performs core processing such as association, combination, operation, authorization reason and technology intelligent assembly and the like on the obtained authorization rule, performs auxiliary business logic such as currency equivalence conversion, authorization recheck log trace processing and the like, and sends the processed authorization rule to an authorization processing core service for subsequent processes.
Step S104, judging whether the transaction information triggers a preset authorization mechanism or not, wherein the authorization mechanism comprises a plurality of authorization rules.
Specifically, the preset authorization mechanism comprises a static authorization mechanism and a dynamic authorization mechanism, and the judgment of whether the transaction information triggers the static authorization mechanism means that the static authorization mechanism is triggered when the transaction elements contained in the transaction information meet a static authorization rule, otherwise, the static authorization mechanism is not triggered; judging whether the transaction information triggers the dynamic authorization mechanism means that when the transaction elements contained in the transaction information meet the dynamic authorization rule, the dynamic authorization mechanism is triggered, otherwise, the dynamic authorization mechanism is not triggered. Because there may be multiple situations for risk factors and transaction compliance conditions that a transaction needs to be controlled, it is common for multiple static authorization rules and multiple dynamic authorization rules to exist for a single authorization mechanism at the same time.
And step S106, if so, integrating the authorization rules corresponding to the transaction information to generate integrated authorization information.
Specifically, if the transaction triggers both a static authorization mechanism and a dynamic authorization mechanism, the authorization core processing service integrates a static authorization rule and a dynamic authorization rule, the main integration logic comprises the intersection of authorization posts or roles, the union of examination and approval prompts and the union of authorization reasons, and the authorization mode carries out the union processing according to the priority. If the transaction only triggers a static authorization mechanism, the authorization core processing service integrates the static authorization rules, the integration principle is that a plurality of rules are merged according to the intersection of trigger positions, authorization positions or roles of the plurality of rules are merged according to the intersection, audit approval prompts of the plurality of rules are merged according to the union, authorization reasons of the plurality of rules are merged according to the union, and authorization modes of the plurality of rules are merged according to the priority. If the transaction only triggers a dynamic authorization mechanism, the authorization core processing service integrates dynamic authorization rules, and the integration principle is that a plurality of rule authorization posts or roles are combined according to intersection, a plurality of rule audit approval prompts are combined according to union, a plurality of rule authorization reasons are combined according to union, key concerns are combined according to union when a plurality of rules are authorized, and authorization modes of a plurality of rules are combined according to priority.
And step S108, sending the integrated authorization information to the front-end platform so that the front-end platform checks the transaction information.
Further, there are two ways for the front-end platform to receive the integrated authorization information, one is authorization with the terminal, and the other is remote authorization. The same-terminal authorization is that the authorized teller directly grants the authority at the terminal of the operated teller in a fingerprint or user name plus password mode, and directly submits transaction data after the transaction information is checked and passed; the remote authorization is realized in a networked remote authorization mode through an informatization means, an authorized teller authorizes the transaction information not directly through a terminal of an operation teller but through the terminal of the authorized teller, and submits image certificates or certificates, information scanning information and the like required by the transaction to a background centralized authorization service processing center after the transaction information is checked and passed.
And step S110, receiving the message field of the checking and integrating authorization information returned by the front-end platform, and performing accounting processing according to the message field.
Specifically, after receiving the message field of the integrated authorization information, the back end analyzes the message field to perform accounting processing and data storage.
The business authorization method provided by the embodiment of the invention can receive the transaction information sent by the front-end platform; when the transaction information triggers a preset authorization mechanism, integrating authorization rules corresponding to the transaction information, generating integrated authorization information and sending the integrated authorization information to a front-end platform so as to check the transaction information; the message field of the checking and integrating authorization information returned by the front-end platform is received, and the financial processing is carried out according to the message field, so that the problems of long transaction processing and client waiting time and large authorization workload of authorized personnel of a website or a background business processing center are effectively solved, and the user experience and the client experience are improved.
Generally, before the above-mentioned determining whether the transaction information triggers the preset authorization mechanism, the method further includes the following steps: and screening a plurality of authorization rules included by the authorization mechanism according to the transaction information.
In specific implementation, the authorization processing core service screens the authorization rules according to the mechanism filtering rules, the post or role filtering rules and the condition filtering rules, wherein the trigger rules closest to the mechanism level can be screened out by filtering the authorization rules according to the mechanism filtering rules. And the authorization rechecking interception rule aiming at different identity operators can be set according to the post or role filtering rule filtering authorization rule. Filtering out the true trigger rule according to whether the condition filtering rule is true or not; a transaction may set business control rules for multiple dimensions, such as amount, type of business, date of transaction, credentials, etc. if foreign currency is involved, then the transaction limit of whether to reach the equivalent dollar needs to be calculated based on the current currency exchange rate.
Further, the multiple authorization rules comprise static authorization rules corresponding to a static authorization mechanism and dynamic authorization rules corresponding to a dynamic authorization mechanism; the step of judging whether the transaction information triggers a preset authorization mechanism comprises the following steps: judging whether the transaction elements contained in the transaction information meet the static authorization rules or not, and judging whether the transaction elements contained in the transaction information meet the dynamic authorization rules or not; wherein, the static authorization rule and the dynamic authorization rule are both the filtered authorization rules.
The step of integrating the authorization rules corresponding to the transaction information comprises the following steps: if the transaction elements contained in the transaction information only meet the static authorization rules, integrating the static authorization rules corresponding to the transaction information; if the transaction elements contained in the transaction information only meet the dynamic authorization rules, integrating the dynamic authorization rules corresponding to the transaction information; and if the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule, integrating the static authorization rule and the dynamic authorization rule corresponding to the transaction information.
When the transaction information triggers a static authorization mechanism and a dynamic authorization rule exists, the dynamic authorization pre-judging transaction is sent to the back end, the back end distinguishes that the current transaction is the authorization pre-judging transaction according to the transaction type, actual accounting processing of accounting is not needed, the dynamic authorization rule is obtained, whether the currently submitted accounting information triggers the dynamic authorization mechanism or not is judged, if the dynamic authorization mechanism is triggered, the specified authorization code and the authorization reason are returned according to the authorization code rule agreed in advance in the message. And if the dynamic authorization is not triggered, returning a fixed return code of the prejudged transaction unauthorized scene. And if the back-end transaction is in error, returning error information according to a normal transaction error flow. And if the dynamic authorization rule does not exist, directly returning the authorization reason and the authorization audit prompt of the static authorization of the front-end platform.
And calling dynamic authorization to prejudge the transaction when the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule.
Corresponding to the service authorization method provided by the foregoing embodiment, an embodiment of the present invention further provides a service authorization apparatus, as shown in fig. 2, a schematic structural diagram of the service authorization apparatus, as shown in fig. 2, the apparatus includes:
the first receiving module 202 is configured to receive transaction information sent by a front-end platform;
the judging module 204 is configured to judge whether the transaction information triggers a preset authorization mechanism, where the authorization mechanism includes multiple authorization rules;
the integration module 206 is configured to integrate the authorization rule corresponding to the transaction information to generate integrated authorization information when the determination result of the determination module is yes;
the sending module 208 is configured to send the integrated authorization information to the front-end platform, so that the front-end platform checks the transaction information;
the second receiving module 210 is configured to receive a message field of the checking and integrating authorization information returned by the front-end platform, and perform accounting processing according to the message field.
Further, on the basis of fig. 2, fig. 3 shows a schematic structural diagram of another service authorization apparatus, and in addition to the structure shown in fig. 2, the apparatus further includes:
the screening module 302 is configured to screen a plurality of authorization rules included in the authorization mechanism according to the transaction information before determining whether the transaction information triggers a preset authorization mechanism.
Specifically, the multiple authorization rules include a static authorization rule corresponding to a static authorization mechanism and a dynamic authorization rule corresponding to a dynamic authorization mechanism; therefore, the determining module 204 is further configured to: judging whether the transaction elements contained in the transaction information meet the static authorization rules or not, and judging whether the transaction elements contained in the transaction information meet the dynamic authorization rules or not; wherein, the static authorization rule and the dynamic authorization rule are both the filtered authorization rules.
Further, the integration module 206 is further configured to: if the transaction elements contained in the transaction information only meet the static authorization rules, integrating the static authorization rules corresponding to the transaction information; if the transaction elements contained in the transaction information only meet the dynamic authorization rules, integrating the dynamic authorization rules corresponding to the transaction information; and if the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule, integrating the static authorization rule and the dynamic authorization rule corresponding to the transaction information.
Further, as shown in fig. 3, the apparatus further includes:
the prejudgment module 304 is configured to invoke dynamic authorization for prejudgment of the transaction when the transaction elements included in the transaction information satisfy the static authorization rule and the dynamic authorization rule at the same time.
The service authorization device provided by the embodiment of the invention has the same technical characteristics as the service authorization method provided by the embodiment, so that the same technical problems can be solved, and the same technical effects can be achieved.
The embodiment of the invention also provides a service authorization platform, which comprises a processor and a memory, wherein the memory stores machine executable instructions capable of being executed by the processor, and the processor executes the machine executable instructions to realize the service authorization method.
Referring to fig. 4, a block diagram of a service authorization platform is shown, which includes: a processor 400, a memory 401, a bus 402 and a communication interface 403, wherein the processor 400, the communication interface 403 and the memory 401 are connected through the bus 402; the processor 400 is used to execute executable modules, such as computer programs, stored in the memory 401.
The Memory 401 may include a high-speed Random Access Memory (RAM) and may also include a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The communication connection between the network element of the system and at least one other network element is realized through at least one communication interface 403 (which may be wired or wireless), and the internet, a wide area network, a local network, a metropolitan area network, and the like can be used.
Bus 402 can be an ISA bus, PCI bus, EISA bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 4, but that does not indicate only one bus or one type of bus.
The memory 401 is configured to store a program, and the processor 400 executes the program after receiving an execution instruction, where the service authorization method disclosed in any embodiment of the present invention may be applied to the processor 400, or implemented by the processor 400.
Processor 400 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 400. The Processor 400 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field-Programmable Gate Array (FPGA), or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the memory 401, and the processor 400 reads the information in the memory 401 and completes the steps of the method in combination with the hardware.
The computer program product of the service authorization method and the device provided by the embodiment of the present invention includes a computer readable storage medium storing a program code, where instructions included in the program code may be used to execute the method described in the foregoing method embodiment, and specific implementation may refer to the method embodiment, which is not described herein again.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the platform and the apparatus described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art will understand that the following embodiments are merely illustrative of the present invention, and not restrictive, and the scope of the present invention is not limited thereto: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. A method for service authorization, the method comprising:
receiving transaction information sent by a front-end platform;
judging whether the transaction information triggers a preset authorization mechanism or not, wherein the authorization mechanism comprises a plurality of authorization rules;
if so, integrating the authorization rule corresponding to the transaction information to generate integrated authorization information;
sending the integration authorization information to the front-end platform so that the front-end platform checks the transaction information;
and receiving a message field returned by the front-end platform for checking the integrated authorization information, and performing accounting processing according to the message field.
2. The method of claim 1, wherein before determining whether the transaction information triggers a preset authorization mechanism, the method further comprises:
and screening a plurality of authorization rules included by the authorization mechanism according to the transaction information.
3. The method of claim 2, wherein the plurality of authorization rules include static authorization rules corresponding to static authorization mechanisms and dynamic authorization rules corresponding to dynamic authorization mechanisms;
the step of judging whether the transaction information triggers a preset authorization mechanism comprises the following steps:
judging whether the transaction elements contained in the transaction information meet the static authorization rules or not, and judging whether the transaction elements contained in the transaction information meet the dynamic authorization rules or not;
wherein the static authorization rule and the dynamic authorization rule are both filtered authorization rules.
4. The method of claim 3, wherein the step of integrating the authorization rule corresponding to the transaction information comprises:
if the transaction elements contained in the transaction information only meet the static authorization rules, integrating the static authorization rules corresponding to the transaction information;
if the transaction elements contained in the transaction information only meet the dynamic authorization rules, integrating the dynamic authorization rules corresponding to the transaction information;
and if the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule, integrating the static authorization rule and the dynamic authorization rule corresponding to the transaction information.
5. The method of claim 3, further comprising:
and when the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule, calling the dynamic authorization prejudgment transaction.
6. A service authorization apparatus, characterized in that the apparatus comprises:
the first receiving module is used for receiving the transaction information sent by the front-end platform;
the judging module is used for judging whether the transaction information triggers a preset authorization mechanism or not, wherein the authorization mechanism comprises a plurality of authorization rules;
the integration module is used for integrating the authorization rule corresponding to the transaction information to generate integrated authorization information when the judgment result of the judgment module is yes;
the sending module is used for sending the integration authorization information to the front-end platform so as to enable the front-end platform to check the transaction information;
and the second receiving module is used for receiving the message field returned by the front-end platform and used for checking the integrated authorization information and performing accounting processing according to the message field.
7. The apparatus of claim 6, further comprising:
and the screening module is used for screening the authorization rules included by the authorization mechanism according to the transaction information before judging whether the transaction information triggers a preset authorization mechanism.
8. The apparatus according to claim 7, wherein the plurality of authorization rules include static authorization rules corresponding to static authorization mechanisms and dynamic authorization rules corresponding to dynamic authorization mechanisms;
the judging module is further configured to:
judging whether the transaction elements contained in the transaction information meet the static authorization rules or not, and judging whether the transaction elements contained in the transaction information meet the dynamic authorization rules or not;
wherein the static authorization rule and the dynamic authorization rule are both filtered authorization rules.
9. The apparatus of claim 8, wherein the integration module is further configured to:
if the transaction elements contained in the transaction information only meet the static authorization rules, integrating the static authorization rules corresponding to the transaction information;
if the transaction elements contained in the transaction information only meet the dynamic authorization rules, integrating the dynamic authorization rules corresponding to the transaction information;
and if the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule, integrating the static authorization rule and the dynamic authorization rule corresponding to the transaction information.
10. The apparatus of claim 8, further comprising:
and the prejudgment module is used for calling dynamic authorization to prejudge the transaction when the transaction elements contained in the transaction information simultaneously meet the static authorization rule and the dynamic authorization rule.
CN201811030018.0A 2018-09-04 2018-09-04 Service authorization method and device Active CN109272404B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811030018.0A CN109272404B (en) 2018-09-04 2018-09-04 Service authorization method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811030018.0A CN109272404B (en) 2018-09-04 2018-09-04 Service authorization method and device

Publications (2)

Publication Number Publication Date
CN109272404A CN109272404A (en) 2019-01-25
CN109272404B true CN109272404B (en) 2021-05-11

Family

ID=65188402

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811030018.0A Active CN109272404B (en) 2018-09-04 2018-09-04 Service authorization method and device

Country Status (1)

Country Link
CN (1) CN109272404B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110458705A (en) * 2019-08-15 2019-11-15 中国银行股份有限公司 A kind of processing system and method for authorization message
CN111178850B (en) * 2019-12-31 2023-07-21 中国银行股份有限公司 Transaction method, device and system
CN112396522A (en) * 2020-11-19 2021-02-23 中国建设银行股份有限公司 Transaction processing method and device
CN112633895A (en) * 2021-01-05 2021-04-09 交通银行股份有限公司 Risk control method and system for bank online website business digital currency transaction

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1755732A (en) * 2004-09-30 2006-04-05 中国民生银行股份有限公司 Data examination and approval method for personal credit business of bank
CN101655950A (en) * 2009-06-30 2010-02-24 阿里巴巴集团控股有限公司 Method, device and system for realizing merging payment
CN101770671A (en) * 2009-12-29 2010-07-07 中国工商银行股份有限公司 Banking business authorization method and device
CN104517184A (en) * 2014-12-18 2015-04-15 深圳市燃气集团股份有限公司 Process combined approval method applied to ERP (enterprise resource planning) system and approval management system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160063502A1 (en) * 2014-10-15 2016-03-03 Brighterion, Inc. Method for improving operating profits with better automated decision making with artificial intelligence

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1755732A (en) * 2004-09-30 2006-04-05 中国民生银行股份有限公司 Data examination and approval method for personal credit business of bank
CN101655950A (en) * 2009-06-30 2010-02-24 阿里巴巴集团控股有限公司 Method, device and system for realizing merging payment
CN101770671A (en) * 2009-12-29 2010-07-07 中国工商银行股份有限公司 Banking business authorization method and device
CN104517184A (en) * 2014-12-18 2015-04-15 深圳市燃气集团股份有限公司 Process combined approval method applied to ERP (enterprise resource planning) system and approval management system

Also Published As

Publication number Publication date
CN109272404A (en) 2019-01-25

Similar Documents

Publication Publication Date Title
CN109272404B (en) Service authorization method and device
US8666861B2 (en) Software and methods for risk and fraud mitigation
CN108053318B (en) Method and device for identifying abnormal transactions
CN110727922A (en) Anti-fraud decision model construction method based on multi-dimensional data flow
WO2013086048A1 (en) Dynamic network analytic system
WO2019047636A1 (en) Withdrawal request review method, apparatus, electronic device and storage medium
CN109993651B (en) Data accounting service instruction set checking method, device, computer equipment and medium
CN109936556B (en) Monitoring method and device for account stealing event
CN111899100A (en) Service control method, device and equipment and computer storage medium
CN110956539A (en) Information processing method, device and system
CN110766340A (en) Business auditing method, device and equipment
CN108229964B (en) Transaction behavior profile construction and authentication method, system, medium and equipment
CN111523902A (en) Electronic invoice issuing method, system, control equipment and storage medium
US20230012460A1 (en) Fraud Detection and Prevention System
CN107679865B (en) Identity verification method and device based on touch area
CN114782175A (en) Bank loan data request method and device and electronic equipment
CN110990810B (en) User operation data processing method, device, equipment and storage medium
CN111553788B (en) Capital business processing method and device based on big data, electronic equipment and medium
CA3208415A1 (en) Direct data share
CN114078049A (en) Data processing method and device for supply chain financial credit-information service
CN113724077A (en) Loan approval method, device and system
CN111951017A (en) Counter transaction authorization method, system, computer equipment and readable storage medium
CN115514548B (en) Method and device for guaranteeing Internet application safety
CN114862428B (en) Inline enterprise authentication method, terminal device and computer-readable storage medium
US20230394450A1 (en) System and method for storing automated teller machine session data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant