CN110992037A

CN110992037A - Risk prevention and control method, device and system based on multi-party security calculation

Info

Publication number: CN110992037A
Application number: CN202010140010.0A
Authority: CN
Inventors: 刘昕纯; 余幼民; 洪进锦; 李洁; 冯力国
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2020-03-03
Filing date: 2020-03-03
Publication date: 2020-04-10

Abstract

The invention discloses a risk prevention and control method, a device and a system based on multi-party security calculation, wherein the method comprises the following steps: the public service operator sends a local training result to a payment service provider based on a multi-party safety calculation protocol; the payment service provider determines a wind control model at least based on local training results of the public service operator and the payment service provider; thereafter, the public service operator may send an application request for the wind control model to a payment service provider; the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to a public service operator; and the public service operator performs risk prevention and control based on the processing result.

Description

Risk prevention and control method, device and system based on multi-party security calculation

Technical Field

The present application relates to the field of computer technologies, and in particular, to a risk prevention and control method, apparatus, and system based on multi-party security computation.

Background

In order to provide better and more convenient service for users, internet technology is widely applied to various industries, and the public service industry is no exception. For example, in order to facilitate the traveling of a user, in the public service industry of a subway, an advanced technology for scanning two-dimensional codes to pay riding fees is introduced, the user downloads and installs an APP specified by a subway operator through a mobile phone, and completes the binding of a registration account and a payment account in the APP, when the user enters and exits the station, the user only needs to scan the two-dimensional codes displayed in the APP interface by aiming at code scanning equipment on a subway gate, so that the purposes of entering the station, riding and exiting the station for payment can be achieved, the trouble that a value card needs to be purchased in advance in a traditional payment mode is avoided, and the technology is popularized and applied in a plurality of cities.

However, the internet technology is introduced in the public service industry, which brings convenience to users and brings corresponding risks to operators in the public service industry. Still take the subway as an example, the traditional stored value card payment mode belongs to 'pay before pay', no capital loss risk exists for subway operators, the payment mode of scanning the two-dimensional code belongs to 'pay before pay', if a gate machine fails when a user leaves the station or a mobile phone fails to scan the code to complete payment, the user can contact station staff to leave the station firstly, and then supplementary payment is carried out through an APP, but many users usually carry out supplementary payment at the lowest fare instead of the actual fare, and the capital loss risk can be brought to the subway operators.

Therefore, there is a need to propose a solution that can prevent and control the risks associated with the public services industry.

Disclosure of Invention

The embodiment of the application provides a risk prevention and control method, device and system based on multi-party security calculation, so as to prevent and control related risks in the public service industry.

In order to solve the above technical problem, the embodiment of the present application is implemented as follows:

in a first aspect, a risk prevention and control method based on multi-party security computation is provided, where the method includes:

the public service operator sends a local training result to a payment service provider based on a multi-party safety calculation protocol;

the payment service provider determines a wind control model based on at least local training results of the public service operator and the payment service provider;

the public service operator sends an application request for the wind control model to the payment service provider;

the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the public service operator;

and the public service operator performs risk prevention and control based on the processing result.

In a second aspect, a risk prevention and control method based on multi-party security computation is provided, where the method includes:

the method comprises the steps that a public service operator sends a local training result to a payment service provider based on a multi-party safety calculation protocol, so that the payment service provider at least determines a wind control model based on the local training results of the public service operator and the payment service provider;

the public service operator sends an application request aiming at the wind control model to the payment service provider so that the payment service provider processes the application request based on the wind control model and feeds back a processing result;

In a third aspect, a risk prevention and control apparatus based on multi-party security computation is provided, the apparatus including:

the payment service provider receives a local training result sent by a public service operator based on a multiparty security computing protocol;

the payment service provider receives an application request aiming at the wind control model and sent by the public service operator;

and the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the public service operator so as to enable the public service operator to perform risk prevention and control based on the processing result.

In a fourth aspect, a subway risk prevention and control method based on multi-party security computation is provided, which includes:

the subway operator sends a local training result to a payment service provider based on a multi-party safety calculation protocol;

the payment service provider determines a wind control model at least based on local training results of the subway operator and the payment service provider;

the subway operator sends an application request aiming at the wind control model to the payment service provider;

the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the subway operator;

and the subway operator performs risk prevention and control based on the processing result.

In a fifth aspect, a subway risk prevention and control method based on multi-party security computation is provided, which includes:

the subway operator sends a local training result to a payment service provider based on a multi-party safety calculation protocol, so that the payment service provider determines a wind control model at least based on the local training results of the subway operator and the payment service provider;

the subway operator sends an application request aiming at the wind control model to the payment service provider so that the payment service provider processes the application request based on the wind control model and feeds back a processing result;

In a sixth aspect, a subway risk prevention and control method based on multi-party security computation is provided, which includes:

a payment service provider receives a local training result sent by a subway operator based on a multi-party safety calculation protocol;

the payment service provider receives an application request aiming at the wind control model and sent by the subway operator;

and the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the subway operator so as to enable the subway operator to perform risk prevention and control based on the processing result.

In a seventh aspect, a risk prevention and control system based on multi-party security computation is provided, including: a payment service provider and a common service operator, wherein,

the payment service provider receives a local training result sent by the public service operator based on a multi-party safety calculation protocol, determines a wind control model at least based on the local training results of the public service operator and the payment service provider, receives an application request aiming at the wind control model sent by the public service operator, processes the application request based on the wind control model, obtains a processing result and feeds the processing result back to the public service operator;

the public service operator sends a local training result to a payment service provider based on a multiparty security calculation protocol, sends an application request aiming at a wind control model to the payment service provider, and carries out risk prevention and control based on a processing result returned by the payment service provider.

In an eighth aspect, a public service operator apparatus is provided, including:

the system comprises a first sending module, a second sending module and a third sending module, wherein the first sending module is used for sending a local training result to a payment service provider based on a multi-party safety calculation protocol so that the payment service provider at least determines a wind control model based on the local training results of the public service operator and the payment service provider;

the second sending module is used for sending an application request aiming at a wind control model to the payment service provider so that the payment service provider processes the application request based on the wind control model and feeds back a processing result;

and the risk prevention and control module is used for performing risk prevention and control based on the processing result.

In a ninth aspect, a payment service provider apparatus is presented, comprising:

the system comprises a first receiving module, a second receiving module and a third receiving module, wherein the first receiving module is used for receiving a local training result sent by a public service operator based on a multi-party safety computing protocol;

a model determination module for determining a wind control model based at least on local training results of the public service operator and the payment service provider;

the second receiving module is used for receiving an application request aiming at the wind control model and sent by the public service operator;

and the request processing module is used for processing the application request based on the wind control model to obtain a processing result and feeding the processing result back to the public service operator so as to enable the public service operator to perform risk prevention and control based on the processing result.

In a tenth aspect, an electronic device is provided, including:

a processor; and

a memory arranged to store computer executable instructions that, when executed, cause the processor to:

based on a multi-party security computing protocol, sending a local training result to a payment service provider so that the payment service provider determines a wind control model based on at least the local training results of the public service operator and the payment service provider;

sending an application request aiming at the wind control model to the payment service provider so that the payment service provider processes the application request based on the wind control model and feeds back a processing result;

and performing risk prevention and control based on the processing result.

In an eleventh aspect, a computer-readable storage medium is presented, storing one or more programs that, when executed by an electronic device that includes a plurality of application programs, cause the electronic device to:

and performing risk prevention and control based on the processing result.

In a twelfth aspect, an electronic device is provided, including:

a processor; and

receiving a local training result sent by a public service operator based on a multi-party security computing protocol;

determining a wind control model based on at least local training results of the public service operator and the payment service provider;

receiving an application request aiming at the wind control model sent by the public service operator;

and processing the application request based on the wind control model to obtain a processing result and feeding the processing result back to the public service operator so that the public service operator performs risk prevention and control based on the processing result.

In a thirteenth aspect, a computer-readable storage medium is presented, storing one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to:

According to the scheme provided by the embodiment of the specification, on one hand, a wind control model is established by combining data of a public service operator and data of a payment service provider, so that the public service operator can be helped to accurately prevent and control related risks encountered by the public service operator; on the other hand, the public service operator and the payment service provider share the local training result based on the multi-party security computing protocol, the respective local private data are not out of the domain, and the respective local private data are only visible to the public service operator and the payment service provider, so that the safety of the respective local private data can be ensured, the problem of unsmooth cooperation caused by data leakage and other concerns of previous ecological partners is really solved, and the data security and invisibility of the data are ensured while the data among the ecological partners are utilized to the maximum extent.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:

fig. 1 is a schematic flowchart of a risk prevention and control method based on multi-party security computation according to an embodiment of the present disclosure.

Fig. 2 is a second flowchart of a risk prevention and control method based on multi-party security computation according to an embodiment of the present disclosure.

Fig. 3 is a schematic flowchart of a subway risk prevention and control method based on multi-party security calculation according to an embodiment of the present specification.

Fig. 4 is a schematic diagram of a prediction scheme for a subsidized subway departure station provided in an embodiment of the present specification.

Fig. 5 is an exemplary subway thermodynamic diagram provided in an embodiment of the present specification.

Fig. 6 is a schematic structural diagram of a risk prevention and control system based on multi-party security computing according to an embodiment of the present specification.

Fig. 7 is a schematic structural diagram of an electronic device provided in an embodiment of the present specification.

Fig. 8 is a schematic structural diagram of a public service operator apparatus according to an embodiment of the present disclosure.

Fig. 9 is a schematic structural diagram of a payment service provider device provided in an embodiment of the present specification.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

In order to prevent and control related risks existing in a public service operator, embodiments of the present specification provide a risk prevention and control method, apparatus, and system based on multi-party security computation.

The risk prevention and control scheme based on multi-party security computing (MPC) provided in the present specification involves at least two participants, namely a common service operator and a payment service provider, and the payment service provider also takes on the role of a coordinator.

The above-mentioned public service operator refers to an organization or an enterprise that operates a specified public service. Wherein, the designated public service includes but is not limited to subway, medical insurance, public transportation and the like. Since one or more operators can be provided for one public service, in this specification, one or more operators of the public service can be provided, taking the beijing subway as an example, the operators of the public service include the easy-to-pass development company (the beijing rail transit one-way ticket internet ticketing official service platform) and the beijing municipal transportation one-card limited company. The subway is generally governed by the government, but the operation, finance and clearing are generally managed by one or more operators, and corresponding risk and investment are also borne by the operators.

The payment service provider may be a third party payment platform capable of providing a network payment function for the user, such as a payment treasure of an ant golden service.

In the solution provided in this specification, a public service operator, as a participant in multiparty security computation, sends a local training result obtained based on local data training to a payment service provider; the payment service provider is used as a participant and a coordinator in multi-party security calculation, and at least combines local training results of a public service operator and a payment service provider to determine a wind control model for controlling related risks of the public service operator; then, the public service operator initiates an application request aiming at the wind control model to a payment service provider; the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the public service operator; and the public service operator controls the risk possibly encountered by the public service operator based on the processing result. For example, for a subway operator, the risk of the loss caused by the fact that the user logs out of the station at a lower fare than the actual station is met, and for a medical insurance operator, the risk of the loss caused by the fact that the user cheats the station is met, and the risks need to be prevented and controlled.

In the solution provided in this specification, a payment service provider may be regarded as an operator of a wind control model, a public service operator may be regarded as an ecological partner of the payment service provider, and the payment service provider may provide a product or a service that applies the wind control model to perform related risk prevention and control to the public service operator, that is, the payment service provider may enable risk prevention and control of the public service industry, so that the public service operator may prevent and control risks that may be encountered by the public service operator. When the payment service provider is a payment treasure of ant golden service, a product for applying the wind control model to perform related risk control is provided to a public service operator, and the product can be an ARiskGo product of the payment treasure. The ARiskGo product is a set of perfect and mature industry wind control energized products outside a Payment treasure risk decision center.

The following describes a risk prevention and control method based on multi-party security computation, provided by an embodiment of the present specification, with reference to the accompanying drawings.

As shown in fig. 1, in one embodiment, the present specification provides a risk prevention and control method based on multi-party security computation, which may include the following steps:

step 102, the public service operator sends the local training result to the payment service provider based on the multi-party security computing protocol.

Multi-party secure computing protocols include, but are not limited to, secure computing and homomorphic encryption techniques performed based on software protection extensions (SGX), among others.

The local training results of the public service operator may be training results obtained by the public service operator training based on local data. The local data of the public service operator may include locally accumulated user data, taking the beijing subway as an example, the local data includes user data accumulated by at least one of an easy-to-pass APP and a beijing municipal transportation all-purpose card company, the user data accumulated by the easy-to-pass APP includes but is not limited to inbound information (specifically, inbound site, inbound time, etc.) and outbound information (specifically, outbound site, outbound time, etc.) of a user, and the user data accumulated by the beijing municipal transportation all-purpose card company includes but is not limited to at least one of data such as balance in a card, accumulated number of times of taking a bus, time of taking a bus, cumulative amount of taking a bus, and single fare for taking a bus, specifically, how many times of taking a subway within one month, time of taking a subway per day, whether time of taking a subway per day is fixed, and the like.

And 104, determining a wind control model by the payment service provider at least based on the local training results of the public service operator and the payment service provider.

The local training result of the payment service provider may be a training result of the payment service provider training based on local data. The local data of the payment service provider may include locally accumulated user data, for example, the local data of the payment service provider may include at least one of basic characteristic data and transaction characteristic data of the user, wherein the basic characteristic includes at least one of characteristics of age, sex, occupation, and the like of the user, and the transaction characteristic includes one or more of characteristics of balance, transaction times, transaction time, transaction amount, type of purchased article, type of payee, condition of morning transaction, whether it is a normal commuter, and the like of the user.

Optionally, before performing steps 102 and 104, the common service operator may obtain an initial model of the wind control model from the payment service provider and deploy it locally; after deployment is completed, the public service operator can initiate a training task for training an initial model to a payment service provider so as to obtain a wind control model; the payment service provider serves as a coordinator of multi-party safety calculation, decomposes the training task and issues the training task to the payment service provider and a public service operator; and then the payment service provider and the public service operator respectively carry out local training to obtain a local training result. In embodiments provided herein, the local training of the payment service provider and the public service operator may be supervised or unsupervised training.

In the process of respectively carrying out local training by the payment service provider and the public service operator, the payment service provider and the public service operator can not only rely on respective local data for training, but also complete the local training by interacting preset content. As an example, the preset content may include a significance evaluation index of a preset feature adopted in training on the target model, for example, the preset feature may be a basic feature of a user. It can be understood that different features adopted in training have different significance on model lifting, and whether one feature is significant on model lifting is often measured by an evaluation index, and one party participating in training may not have the index of one feature, and therefore needs to obtain the index from the other party participating in training. When the local training of the two is supervised training, the preset content can also be a label of the training sample, such as a risk label of the user. As another example, the preset content may include a label of the sample used in training, such as a risk label of the user.

The payment service provider determines the wind control model at least based on the local training results of the public service operator and the payment service provider, and can be understood as that the payment service provider at least fuses the local training results of the public service operator and the payment service provider to obtain the wind control model. For example, the wind control model may be a user risk scoring model.

And 106, the public service operator sends an application request aiming at the wind control model to a payment service provider.

When the public service operator needs to apply the risk model to perform prevention and control of the related risk, an application request aiming at the wind control model can be sent to the payment service provider. For example, assuming that the above-mentioned wind control model is a prediction model for predicting the user going out of a station, when a user makes a request for subsidizing the station to a subway operator, the subway operator may make a request for the payment service provider to apply the above-mentioned wind control model for predicting the user's true going out of the station.

And step 108, the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the public service operator.

As an example, the application request may be a wind control request for a target user of a public service operator, and in this case, the payment service provider processes the application request based on the wind control model to obtain a processing result, which may include: and the payment service provider inputs first characteristic data and second characteristic data into the wind control model to obtain a wind control processing result aiming at the target user, wherein the first characteristic data is the characteristic data of the target user accumulated by a public service operator, the first characteristic data is carried in the application request, and the second characteristic data is the characteristic data of the target user accumulated by the payment service provider. Optionally, the first feature data may be carried in the application request based on a multi-party secure computing protocol, so as to ensure that the first feature data of the target user accumulated by the public service operator is not leaked to the payment service provider.

Step 110, the public service operator carries out risk prevention and control based on the processing result

Specifically, the public service operator may perform risk prevention and control based on a wind control policy set by the public service operator and the processing result. The wind control policy may be freely set by a public service operator, and the embodiments of this specification are not specifically limited.

Continuing with the example in which the application request mentioned in step 108 is an application request that is a wind control request for a target user of the public service operator, the public service operator may perform risk prevention and control on the target user based on a result of the wind control processing. For example, if the wind control model is a user risk score model, the wind control processing result may be a risk score of the target user, and the corresponding public service operator may perform risk prevention and control on the target user according to the risk score of the target user, and take public service as medical insurance, for example, when the risk score of the target user is relatively high, the user may not be subjected to real-time medical insurance reimbursement.

In the risk prevention and control method based on multi-party security calculation provided by the embodiment of the specification, on one hand, the data of a public service operator and a payment service provider are combined to establish a wind control model, so that the public service operator can be helped to accurately prevent and control the related risks encountered by the public service operator; on the other hand, the public service operator and the payment service provider share the local training result based on the multi-party security computing protocol, the respective local private data are not out of the domain, and the respective local private data are only visible to the public service operator and the payment service provider, so that the safety of the respective local private data can be ensured, the problem of unsmooth cooperation caused by data leakage and other concerns of previous ecological partners is really solved, and the data security and invisibility of the ecological partners are ensured while the data are utilized to the maximum extent.

The risk prevention and control method based on multi-party security computation provided by the present specification is described in detail below with reference to fig. 2. In fig. 2, the parties to the multi-party secure computation comprise a public service operator 21 and a payment service provider 22, and the payment service provider 22 also assumes the role of a coordinator, wherein the public service operator 21 comprises a local database 211 and a server 212 acting as a computation node 1 for the secure multi-party secure computation; the payment service provider 22 includes a local database 221, a server 222 acting as a compute node 2 for multi-party secure computing, a server 223 acting as a coordinator in secure multi-party secure computing, and a model management platform 224.

As shown in fig. 2, the process of the risk prevention and control method based on multi-party security computation provided by the present specification includes:

the node 1 and the node 2 respectively obtain an initial model of the wind control model from a model management platform 224 and deploy the initial model locally, wherein the model management platform 224 is used for managing the related model and the authority of the other nodes for obtaining the related model;

the node 1 initiates a training task for training an initial model to the model management platform 224;

the model management platform 224 issues a training task to the coordinator 223;

coordinator 223 right trainingDecomposing the exercise task and sending the exercise task to the node 1 and the node 2;

respectively reading respective local data by the node 1 and the node 2 for training;

in the training process, the node 1 and the node 2 continuously interact to obtain an evaluation index of whether the preset characteristics are obvious to the lifting of the wind control model;

after the training of the node 1 and the node 2 is completed, the local training results of the node 1 and the node 2 are sent to the coordinator 223 based on the multi-party safety computing protocol;

the coordinator 223 determines a wind control model based on at least the local training results of the nodes 1 and 2, and sends the determined wind control model to the model management platform 224, so that the model management platform 224 performs operation and management of the wind control model, and if the payment service provider is a payment instrument, the model management platform 224 may be specifically an ARiskGo platform.

Optionally, on the basis of fig. 1 and fig. 2, the present specification further provides a risk prevention and control method based on multi-party security computation, the method being applicable to a device of a public service operator, and the method may include: the method comprises the steps that a public service operator sends a local training result to a payment service provider based on a multi-party safety calculation protocol, so that the payment service provider at least determines a wind control model based on the local training results of the public service operator and the payment service provider; the public service operator sends an application request aiming at the wind control model to the payment service provider so that the payment service provider processes the application request based on the wind control model and feeds back a processing result; and the public service operator performs risk prevention and control based on the processing result.

Optionally, on the basis of fig. 1 and fig. 2, the present specification further provides a risk prevention and control method based on multi-party security computation, the method being applicable to a device of a payment service provider, and the method may include: the payment service provider receives a local training result sent by a public service operator based on a multiparty security computing protocol; determining a wind control model by a payment service provider at least based on local training results of a public service operator and the payment service provider; the payment service provider receives an application request aiming at the wind control model and sent by a public service operator; and the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the public service operator so that the public service operator performs risk prevention and control based on the processing result.

The subway risk prevention and control method based on multi-party security calculation provided by the embodiment of the present specification is described below with reference to an actual application scenario. In this application scenario, it is assumed that a subway operator and a payment service provider develop a wind-control cooperation. The payment service provider serves as a transaction hub among users, banks, merchants and independent software developers, has strong data collection capacity and data analysis capacity, and therefore serves as a coordinator in multi-party security calculation to determine and operate a wind control model.

As shown in fig. 3, when the public service operator is a subway operator, the risk prevention and control method based on multi-party security computation provided in the embodiment of the present specification may include the following steps:

step 302, the subway operator sends the local training result to the payment service provider based on the multi-party security calculation protocol.

And step 304, the payment service provider determines a wind control model at least based on the local training results of the subway operator and the payment service provider.

Optionally, before step 302 and step 304, the subway operator may obtain an initial model of the wind control model from a payment service provider and deploy the model locally, then the subway operator initiates a training task for training the initial model to the payment service provider, the payment service provider serves as a coordinator of multiparty security calculation, decomposes the training task and issues the training task to the payment service provider and the subway operator, and finally the payment service provider and the subway operator perform local training respectively to obtain a local training result.

In the process of respectively carrying out local training on the payment service provider and the subway operator, the payment service provider and the subway operator can complete local training by interacting preset content besides relying on respective local data, wherein the preset content comprises but is not limited to at least one of a significance evaluation index and a training sample label of a preset feature adopted in training on the target model.

Step 306, the subway operator sends an application request aiming at the wind control model to a payment service provider.

And 308, the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the subway operator.

As an example, the application request may be a wind control request for a target user of a subway operator, and at this time, the payment service provider may input first feature data and second feature data into the wind control model to obtain a wind control processing result for the target user, where the first feature data is feature data of the target user accumulated by the subway operator, the first feature data may be carried in the application request, and the second feature data is feature data of the target user accumulated by the payment service provider.

As a more detailed example, the transmitting of the application request for the wind control model by the subway operator to the payment service provider may include: and the subway operator responds to an outbound point registration request of a target user for the current bus taking, and sends an application request for the wind control model to the payment service provider.

Accordingly, the wind control model may be a model for predicting an outbound site of the user when taking a car this time, the first feature data may include at least one of, but is not limited to, an inbound site of the target user when taking a car this time, a single-time riding time estimated based on a historical riding record of the target user, the number of riding times in a past month, a time of riding each day in a past month, whether the riding time in a past month and each day is fixed, and the second feature data may include, but is not limited to, at least one of a time and/or a location record of an action occurring in a payment application of the payment service provider after the target user gets the station this time, and what the target user bought in a past month, the number of strokes, a morning transaction situation, whether the target user is a normal commuter, and the like.

Further, the inputting, by the payment service provider, the first feature data and the second feature data into the wind control model to obtain a wind control processing result for the target user may include: and the payment service provider inputs the first characteristic data and the second characteristic data into the wind control model to predict the actual station leaving of the current bus taking of the target user.

Fig. 4 shows a schematic diagram of calculating an actual outbound site of a target user based on first characteristic data and second characteristic data. As shown in fig. 4, assuming that a target user enters the station in the seapearl square, and the single riding time of the target passenger is calculated to be about 30-40 minutes according to the historical riding record of the target user (first characteristic data), and within 30-40 minutes after the target user enters the station in the seapearl square, the behavior records (second characteristic data) of using payment treasures (payment service providers) exist in a plurality of areas marked by black squares, the data can be input into a wind control model, and the actual departure point of the target user is predicted to be the departure point closest to the position of the black flag.

And step 310, the subway operator performs risk prevention and control based on the processing result.

Specifically, the subway operator can perform risk prevention and control based on the wind control strategy set by the subway operator and the processing result. The wind control strategy can be freely set by a subway operator, and the embodiment of the specification is not particularly limited.

Continuing with the example in step 308, after the payment service provider predicts the actual website of the target user and feeds back the predicted website to the subway operator, the subway operator may push a prompt message to the target user through an APP (or a short message), where the prompt message is used to prompt the target user to perform a login compensation according to the actual website.

The subway risk prevention and control method based on multi-party safety calculation provided by the embodiment provides an intelligent wind control scheme for subway operators. In the scheme, on one hand, the payment service provider establishes a wind control model by combining data of the subway operator and data of the payment service provider, so that the subway operator can be helped to accurately prevent and control related risks encountered by the subway operator; on the other hand, as the subway operator and the payment service provider share the local training result based on the multi-party safety calculation protocol, the respective local private data is not out of the domain, and the respective local private data is only visible to the self, the safety of the respective local private data can be ensured, the information fault between the two parties is really solved, and the possibility of intercommunicating and applying data is brought to the two parties in a way of ensuring data privacy.

Optionally, after step 310, the subway operator may complete the site logout in response to the login request of the target user, and on this basis, the method shown in fig. 3 may further include: and if the target user performs subsidy according to the station with the fare lower than the actual station, the subway operator writes a preset risk label (such as a dishonest label) to the target user and feeds the preset risk label of the target user back to the payment service provider. It can be easily understood that through the scheme, the payment service provider can be helped to precipitate the risk tag of the user in the travel scene, so that the payment service provider can apply the preset risk tag to carry out wind control enabling on other scenes.

Optionally, after step 310, the subway operator may complete the site logout in response to the login request of the target user, and on this basis, the method shown in fig. 3 may further include: and the subway operator draws and displays the subway station thermodynamic diagrams of the target city governed by the subway operator based on the station-entering information, the riding track and the station-exiting information of the user. For example, a subway thermodynamic diagram as shown in fig. 5 is drawn. It should be noted that fig. 5 only schematically illustrates the effect of the subway thermodynamic diagram, where each city may be regarded as a subway station of a certain city, and not as a city.

Optionally, in the above subway thermodynamic diagram, at least one of the following information may be highlighted (e.g., highlighted in a different color): the system comprises the outbound sites with the subsidy behavior, the abnormal outbound sites with the number of subsidy times exceeding a preset threshold value, the inbound sites without the corresponding outbound sites, and information such as unconventional outbound information determined based on the average time of outbound from the farthest sites after inbound. Therefore, the purposes of real-time monitoring and displaying of abnormal sites, online real-time displaying of registration sites with or without incoming and outgoing lines, real-time displaying of possible outgoing sites of users, real-time displaying of online registration sites, offline attention of abnormal registration sites and the like are achieved.

It is easy to understand that the intelligent subway wind control scheme based on multi-party safety calculation provided by the specification takes the compensation risk as a starting point, a subway operator can sense the abnormity of each station in real time, and station workers can timely investigate whether the compensation risk is increased due to machine faults or the risk is increased due to the change of the flow direction of people according to the abnormity.

Optionally, this specification further provides a subway risk prevention and control method based on multi-party security computation, where the method may be applied to subway operator equipment, and the method may include: the subway operator sends a local training result to a payment service provider based on a multi-party safety calculation protocol, so that the payment service provider determines a wind control model at least based on the local training results of the subway operator and the payment service provider; the subway operator sends an application request aiming at the wind control model to the payment service provider so that the payment service provider processes the application request based on the wind control model and feeds back a processing result; and the subway operator performs risk prevention and control based on the processing result.

Optionally, the present specification further provides a subway risk prevention and control method based on multi-party security computation, where the method may be applied to a payment service provider device, and the method may include: a payment service provider receives a local training result sent by a subway operator based on a multi-party safety calculation protocol; the payment service provider determines a wind control model at least based on local training results of the subway operator and the payment service provider; a payment service provider receives an application request aiming at the wind control model sent by a subway operator; and the payment service provider processes the application request based on the wind control model to obtain a processing result and feeds the processing result back to the subway operator so that the subway operator performs risk prevention and control based on the processing result.

In summary, the risk prevention and control method based on multi-party secure computing provided by the specification implements shared learning by encrypting information of each party in an MPC mode and in a decentralized mode, data of both parties are computed in their own private domain, information of both parties can only be seen by themselves, but results are applied to each other, so that various cooperation problems caused by information leakage and other doubt among previous ecological partners are really solved, and security and invisibility are guaranteed while information is maximally utilized.

In addition, as shown in fig. 6, the present specification also provides a risk prevention and control system based on multi-party security computation, which includes a common service operator 601 and a payment service provider 602.

A payment service provider 602, configured to receive a local training result sent by the public service operator based on a multi-party security computing protocol, determine a wind control model based on at least the local training results of the public service operator and the payment service provider, receive an application request for the wind control model sent by the public service operator, process the application request based on the wind control model, obtain a processing result, and feed back the processing result to the public service operator;

the public service operator 601 is configured to send a local training result to a payment service provider based on a multi-party security computing protocol, send an application request for a wind control model to the payment service provider, and perform risk prevention and control based on a processing result returned by the payment service provider.

The system can implement the method shown in fig. 1 and achieve the same technical effect, and for details, reference is made to the above, which is not described herein again.

The above is a description of the risk prevention and control method and system based on multi-party security computing provided by the present specification, and the electronic device provided by the present specification is described below.

Fig. 7 is a schematic structural diagram of an electronic device provided in an embodiment of the present specification. Referring to fig. 7, at a hardware level, the electronic device includes a processor, and optionally further includes an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.

The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (peripheral component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 7, but this does not indicate only one bus or one type of bus.

And the memory is used for storing programs. In particular, the program may include program code comprising computer operating instructions. The memory may include both memory and non-volatile storage and provides instructions and data to the processor.

The processor reads the corresponding computer program from the non-volatile memory into the memory and then runs the computer program to form the public service operator device on a logic level. The processor is used for executing the program stored in the memory and is specifically used for executing the following operations:

and performing risk prevention and control based on the processing result.

Alternatively, the processor reads the corresponding computer program from the non-volatile memory into the memory and then runs, forming the payment service provider device on a logical level. The processor is used for executing the program stored in the memory and is specifically used for executing the following operations:

The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in one or more embodiments of the present specification may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with one or more embodiments of the present disclosure may be embodied directly in hardware, in a software module executed by a hardware decoding processor, or in a combination of the hardware and software modules executed by a hardware decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.

Of course, besides the software implementation, the electronic device in this specification does not exclude other implementations, such as logic devices or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.

The present specification also proposes a computer-readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a portable electronic device comprising a plurality of application programs, are capable of causing the portable electronic device to perform a risk prevention and control method based on multi-party security computing, and are specifically configured to:

and performing risk prevention and control based on the processing result.

The risk prevention and control device provided in the present specification will be described below.

As shown in fig. 8, an embodiment of the present specification provides a public service operator apparatus, which in one software implementation, may include: a first sending module 801, a second sending module 802 and a risk prevention and control module 803.

A first sending module 801, configured to send the local training result to a payment service provider based on a multi-party security computing protocol, so that the payment service provider determines a wind control model based on at least the local training results of the public service operator and the payment service provider.

A second sending module 802, configured to send an application request for a wind control model to the payment service provider, so that the payment service provider processes the application request based on the wind control model and feeds back a processing result.

And a risk prevention and control module 803, configured to perform risk prevention and control based on the processing result.

The device shown in fig. 8 can implement the risk prevention and control method applied to the public service operator, and can obtain the same technical effect, and the detailed content is referred to above and is not described herein again.

As shown in fig. 9, one embodiment of the present description provides a payment service provider apparatus, which in one software implementation, may include: a first receiving module 901, a model determining module 902, a second receiving module 903 and a request processing module 904.

A first receiving module 901, configured to receive a local training result sent by a public service operator based on a multi-party security computing protocol.

A model determination module 902 configured to determine a wind control model based on at least local training results of the public service operator and the payment service provider.

A second receiving module 903, configured to receive an application request for the wind control model sent by the public service operator.

And a request processing module 904, configured to process the application request based on the wind control model, obtain a processing result, and feed back the processing result to the public service operator, so that the public service operator performs risk prevention and control based on the processing result.

The device shown in fig. 9 can implement the risk prevention and control method applied to the payment service provider, and can obtain the same technical effect, for details, see the above, and no further description is given here.

While certain embodiments of the present disclosure have been described above, other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.

In short, the above description is only a preferred embodiment of the present disclosure, and is not intended to limit the scope of the present disclosure. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of one or more embodiments of the present disclosure should be included in the scope of protection of one or more embodiments of the present disclosure.

The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.

Claims

1. A risk prevention and control method based on multi-party security computation comprises the following steps:

2. The method of claim 1, before the common service operator sends local training results to a payment service provider based on a multiparty security computing agreement, the method further comprising:

the public service operator acquires an initial model of the wind control model from the payment service provider and deploys the initial model locally;

the public service operator initiates a training task for training the initial model to the payment service provider;

the payment service provider serves as a coordinator of multi-party safety calculation, decomposes the training task and issues the training task to the payment service provider and the public service operator;

and the payment service provider and the public service operator respectively carry out local training to obtain a local training result.

3. The method of claim 2, wherein the payment service provider and the public service operator each perform local training comprising:

and the payment service provider and the public service operator complete local training by interacting preset content, wherein the preset content comprises a significance evaluation index of preset characteristics adopted in training on the target model.

4. The method of claim 1, the application request being a wind-controlled request for a target user of the common service operator, wherein the payment service provider processes the application request based on the wind-controlled model to obtain a processing result, comprising:

and the payment service provider inputs first feature data and second feature data into the wind control model to obtain a wind control processing result for the target user, wherein the first feature data is feature data of the target user accumulated by the public service operator, the first feature data is carried in the application request, and the second feature data is feature data of the target user accumulated by the payment service provider.

5. The method of claim 4, wherein the common service operator performs risk prevention and control based on the processing result, comprising:

and the public service operator carries out risk prevention and control on the target user based on the wind control processing result.

6. A risk prevention and control method based on multi-party security computation comprises the following steps:

7. A risk prevention and control method based on multi-party security computation comprises the following steps:

8. A subway risk prevention and control method based on multi-party safety calculation comprises the following steps:

9. The method of claim 8, before the subway operator sends a local training result to a payment service provider based on a multiparty security computing protocol, the method further comprising:

the subway operator acquires an initial model of the wind control model from the payment service provider and deploys the initial model locally;

the subway operator initiates a training task for training the initial model to the payment service provider;

the payment service provider serves as a coordinator of multi-party safety calculation, decomposes the training task and issues the training task to the payment service provider and the subway operator;

and the payment service provider and the subway operator respectively carry out local training to obtain a local training result.

10. The method of claim 9, wherein the payment service provider and the subway operator each perform local training comprising:

the payment service provider and the subway operator complete local training through interaction of preset content, wherein the preset content comprises a significance evaluation index of preset characteristics adopted in training on the target model.

11. The method of claim 8, wherein the application request is a wind-controlled request for a target user of the subway operator, and wherein the payment service provider processes the application request based on the wind-controlled model to obtain a processing result, comprising:

and the payment service provider inputs first feature data and second feature data into the wind control model to obtain a wind control processing result aiming at the target user, wherein the first feature data are feature data of the target user accumulated by the subway operator, the first feature data are carried in the application request, and the second feature data are feature data of the target user accumulated by the payment service provider.

12. The method of claim 11, wherein the first and second light sources are selected from the group consisting of,

the wind control model is used for predicting an outbound station of a user when the user takes a bus this time, the first characteristic data comprise an inbound station of the target user when the user takes the bus this time and estimated single-time bus taking time based on historical bus taking records of the target user, and the second characteristic data comprise time and/or position records of behavior of the target user in payment application of the payment service provider after the target user enters the station this time;

wherein the subway operator sends an application request for the wind control model to the payment service provider, and the application request comprises: the subway operator responds to an outbound point registration request of a target user for the current bus taking, and sends an application request for the wind control model to the payment service provider;

the payment service provider inputs the first characteristic data and the second characteristic data into the wind control model to obtain a wind control processing result for the target user, and the method comprises the following steps: and the payment service provider inputs the first characteristic data and the second characteristic data into the wind control model to predict the actual station leaving of the current bus taking of the target user.

13. The method of claim 12, wherein the subway operator performs risk prevention and control based on the processing result, comprising:

and the subway operation direction pushes prompt information to the target user, wherein the prompt information is used for prompting the target user to perform login supplementing according to the actual exit.

14. The method of claim 13, further comprising:

and if the target user performs subsidy according to the station with the fare lower than the actual station, the subway operator prints a preset risk label for the target user and feeds the preset risk label of the target user back to the payment service provider.

15. The method according to any one of claims 12-14, further comprising:

and the subway operator draws and displays the subway station thermodynamic diagrams of the target city governed by the subway operator based on the station-entering information, the riding track and the station-exiting information of the user.

16. The method of claim 15, further comprising:

highlighting at least one of the following information in the subway station thermodynamic diagram:

the out-site where the subsidy action occurred,

if the number of the subsidies exceeds the preset threshold value, the abnormal outbound is processed,

there is no inbound site corresponding to an outbound site,

and determining unconventional outbound information based on the average time since the station is outbound from the farthest station.

17. A subway risk prevention and control method based on multi-party safety calculation comprises the following steps:

18. A subway risk prevention and control method based on multi-party safety calculation comprises the following steps:

19. A risk prevention and control system based on multi-party security computing, comprising: a payment service provider and a common service operator, wherein,

20. A public service operator apparatus, comprising:

21. A payment service provider apparatus comprising:

22. An electronic device, comprising:

a processor; and

and performing risk prevention and control based on the processing result.

23. A computer-readable storage medium having a computer program stored thereon, which when executed by a processor, performs the steps of:

and performing risk prevention and control based on the processing result.

24. An electronic device, comprising:

a processor; and

25. A computer-readable storage medium having a computer program stored thereon, which when executed by a processor, performs the steps of: