CN111798243A - Suspicious transaction online identification method and device - Google Patents
Suspicious transaction online identification method and device Download PDFInfo
- Publication number
- CN111798243A CN111798243A CN202010613169.XA CN202010613169A CN111798243A CN 111798243 A CN111798243 A CN 111798243A CN 202010613169 A CN202010613169 A CN 202010613169A CN 111798243 A CN111798243 A CN 111798243A
- Authority
- CN
- China
- Prior art keywords
- transaction
- suspicious
- credit rating
- weight
- opponent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/06—Asset management; Financial planning or analysis
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- General Physics & Mathematics (AREA)
- Development Economics (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Theoretical Computer Science (AREA)
- Entrepreneurship & Innovation (AREA)
- Computer Security & Cryptography (AREA)
- Game Theory and Decision Science (AREA)
- Human Resources & Organizations (AREA)
- Operations Research (AREA)
- Economics (AREA)
- Marketing (AREA)
- Technology Law (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a suspicious transaction online identification method and a suspicious transaction online identification device, wherein the suspicious transaction online identification method comprises the following steps: acquiring a transaction price of a transaction to be identified and a credit rating of a transaction opponent; and identifying suspicious transactions according to the pre-generated identification model, the transaction prices and the transaction counter-party credit rating. The suspicious transaction online identification method and the suspicious transaction online identification device can be embedded into a transaction management process, identify whether the current transaction opponent has suspicious conditions such as benefit delivery and the like, and reduce investment loss through real-time in-process monitoring and reminding control aiming at multi-stage approval in a transaction internal management process.
Description
Technical Field
The invention relates to the technical field of computer data processing, in particular to the technical field of monitoring capital investment transaction risks by using computer technology, and specifically relates to a suspicious transaction online identification method and device.
Background
In the prior art, in a scene of non-open market investment such as a financing project, suspicious transactions are mined through price deviation analysis after the transaction and transaction frequency statistics of the same transaction opponent in the transaction process, or after a warehouse burst situation such as financing chain interruption of the transaction opponent occurs, the previous transactions are found out to have benefits delivery and other transactions, and the risk discovery opportunity and the loss discovery time point are late, so that loss occurs and cannot be recovered. Aiming at the existing risk monitoring and identifying algorithm, risk identification basically focuses on a single link, combined risk identification for a transaction multi-stage approval process scene is lacked, and for example, a risk department requiring special risk identification in a process link needs to be reminded and required based on higher risk identification.
Disclosure of Invention
Aiming at the problems in the prior art, the suspicious transaction online identification method and the suspicious transaction online identification device provided by the invention can be embedded into a transaction management process, identify whether the suspicious conditions such as benefit delivery exist with a current transaction opponent, and reduce investment loss through real-time in-process monitoring and reminding control aiming at multi-stage approval in a transaction internal management flow.
In order to solve the technical problems, the invention provides the following technical scheme:
in a first aspect, the present invention provides a suspicious transaction online identification method, including:
acquiring a transaction price of a transaction to be identified and a credit rating of a transaction opponent;
and identifying suspicious transactions according to the pre-generated identification model, the transaction prices and the transaction counter-party credit rating.
In one embodiment, the step of generating the recognition model comprises:
and generating the recognition model according to the transaction frequency historical data, the transaction price deviation historical data and the transaction opponent credit rating historical data.
In one embodiment, generating the recognition model from transaction frequency history data, transaction price deviation history data, and transaction opponent credit rating history data comprises:
calculating transaction frequency weight, transaction price deviation weight and transaction opponent credit rating weight;
generating the recognition model according to the transaction frequency historical data, the transaction frequency weight, the transaction price deviation degree weight, the transaction counter-party credit rating and the transaction counter-party credit rating weight.
In one embodiment, the suspicious transaction online identification method further comprises: and updating the recognition model according to the transaction price and the transaction counter credit rating in the time interval at a preset time interval.
In a second aspect, the present invention provides an online suspicious transaction identification apparatus, including:
the data acquisition unit is used for acquiring the transaction price of the transaction to be identified and the credit rating of a transaction opponent;
and the suspicious transaction identification unit is used for identifying suspicious transactions according to the pre-generated identification model, the transaction price and the transaction opponent credit rating.
In one embodiment, the suspicious transaction online identification device further comprises: a recognition model generation unit;
the recognition model generation unit is used for generating the recognition model according to the transaction frequency historical data, the transaction price deviation historical data and the transaction opponent credit rating historical data.
In one embodiment, the recognition model generation unit includes:
the weight calculation module is used for calculating transaction frequency weight, transaction price deviation weight and transaction opponent credit rating weight;
and the recognition model generation module is used for generating the recognition model according to the transaction frequency historical data, the transaction frequency weight, the transaction price deviation degree weight, the transaction counter-party credit rating and the transaction counter-party credit rating weight.
In one embodiment, the suspicious transaction online identification device further comprises: and the model updating unit is used for updating the recognition model according to the transaction price and the transaction opponent credit rating in the time interval at a preset time interval.
In a third aspect, the present invention provides an electronic device, comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the computer program to implement the steps of the suspicious transaction online identification method.
In a fourth aspect, the present invention provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of a method for on-line identification of suspicious transactions.
As can be seen from the above description, the suspicious transaction online identification method and apparatus provided in the embodiments of the present invention first obtain the transaction price of the transaction to be identified and the transaction counter credit rating; next, suspicious transactions are identified based on the pre-generated identification model, the transaction price, and the transaction counter-party credit rating. According to the method, based on historical transaction information and information of transaction opponents, a suspicious transaction judgment standard is formed for suspicious transactions, key elements of current transaction information are extracted, a suspicious index value of the current transaction is formed, and the suspicious index value is compared with the suspicious transaction judgment standard to obtain single-node suspicious transaction judgment.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a first flowchart illustrating a suspicious transaction online identification method according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating step 300 according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating step 301 according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating a suspicious transaction online identification method according to an embodiment of the present invention;
FIG. 5 is a flow chart illustrating a suspicious transaction online identification method according to an embodiment of the present invention;
fig. 6 is an architecture diagram of a dynamic publishing system of a monitoring client in a cloud environment in an embodiment of the present invention;
FIG. 7 is a flowchart illustrating an updating method of an online transaction determination model according to an embodiment of the present invention;
FIG. 8 is a block diagram illustrating a first exemplary embodiment of a suspicious transaction online identification apparatus;
FIG. 9 is a block diagram of a suspicious transaction online identification apparatus according to an embodiment of the present invention;
FIG. 10 is a diagram illustrating a structure of a recognition model generation unit according to an embodiment of the present invention;
FIG. 11 is a block diagram of a suspicious transaction online identification apparatus according to an embodiment of the present invention;
fig. 12 is a schematic structural diagram of an electronic device in an embodiment of the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
It should be noted that the terms "comprises" and "comprising," and any variations thereof, in the description and claims of this application and the above-described drawings, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
The embodiment of the present invention provides a specific implementation manner of a suspicious transaction online identification method, referring to fig. 1, the method specifically includes the following contents:
step 100: the transaction price and the transaction opponent credit rating of the transaction to be identified are obtained.
Step 200: and identifying suspicious transactions according to the pre-generated identification model, the transaction prices and the transaction counter-party credit rating.
Specifically, the index value of the current transaction is calculated according to the set various weight parameters and the transaction elements of the current transaction. The current trading index value is the trading frequency multiplied by the trading frequency weight + the trading price deviation multiplied by the price deviation weight + the investment trading opponent credit rating multiplied by the trading opponent credit rating weight.
As can be seen from the above description, the suspicious transaction online identification method provided by the embodiment of the present invention first obtains the transaction price of the transaction to be identified and the transaction counter-party credit rating; next, suspicious transactions are identified based on the pre-generated identification model, the transaction price, and the transaction counter-party credit rating. According to the method, based on historical transaction information and information of transaction opponents, a suspicious transaction judgment standard is formed for suspicious transactions, key elements of current transaction information are extracted, a suspicious index value of the current transaction is formed, and the suspicious index value is compared with the suspicious transaction judgment standard to obtain single-node suspicious transaction judgment.
In one embodiment, referring to fig. 2, the step of generating the recognition model comprises:
step 301: and generating the recognition model according to the transaction frequency historical data, the transaction price deviation historical data and the transaction opponent credit rating historical data.
Wherein: the transaction frequency is the number of transaction strokes of the transaction opponent in a preset time period/the number of transaction strokes of all the transactions in the preset time period, and the transaction price deviation degree is the average price deviation degree of the transaction opponent in the preset time period plus the variance of the price deviation degree of the transaction opponent in the preset time period.
In one embodiment, referring to fig. 3, step 301 further comprises:
step 3011: calculating transaction frequency weight, transaction price deviation weight and transaction opponent credit rating weight;
step 3012: generating the recognition model according to the transaction frequency historical data, the transaction frequency weight, the transaction price deviation degree weight, the transaction counter-party credit rating and the transaction counter-party credit rating weight.
In steps 3011 to 3012, an index value of the standard suspicious transaction is calculated according to the following algorithm: standard suspicious transaction index calculation logic: the index is transaction frequency × transaction frequency weight + transaction price deviation × price item deviation weight + investment transaction opponent credit rating × transaction opponent credit rating weight. The price interval of the historical transaction takes the transaction information of three years of history.
In one embodiment, referring to fig. 4, the suspicious transaction online identification method further includes:
step 400: and updating the recognition model according to the transaction price and the transaction counter credit rating in the time interval at a preset time interval.
Specifically, the last calculation information is saved. The recorded information comprises parameter information, price deviation variance, historical total transaction number and calculated result value. And for the condition of updating at regular time/transaction inflow or the condition of appointing to update the contact suspicious index value during manual calculation, updating the calculation result into the suspicious transaction monitoring and identifying model result of online judgment.
As can be seen from the above description, the suspicious transaction online identification method provided in the embodiment of the present invention obtains the determination result through summary calculation based on the probability of timely refusal of the historical suspicious transaction in the multi-stage approval process.
The method has the following beneficial effects:
1. the judgment standard of the inspection is generated based on historical transaction information, and index characteristics can be continuously improved along with enrichment of transaction data to form a judgment standard with more reference significance.
2. The monitoring mechanism can be used for checking in the transaction process, can timely find that the transaction can be carried out, changes the mechanism for checking and monitoring at the present time, and advances the risk finding time point.
3. The monitoring mechanism realizes cascade judgment aiming at a multi-stage approval scene, identifies risk disposal weights in different process links according to the processing condition of historical suspicious transactions, and realizes more accurate risk identification and control on a scene of a multi-person process to a certain extent.
4. The monitoring mechanism supports the expansion of monitoring mechanisms of different models, realizes the real-time online of a new suspicious transaction model through non-invasive adjustment, and flexibly and rapidly adjusts and perfects.
To further illustrate the present solution, the present invention provides a specific application example of the suspicious transaction online identification method, which specifically includes the following contents, see fig. 5.
In this specific application example, a dynamic publishing system of a monitoring client in a cloud environment is provided, referring to fig. 6, the system includes: the method comprises the steps of calling an access layer (1), a service judgment processing layer (2), a model asynchronous updating layer (3) and an artificial correction layer (4), wherein the calling access layer (1) and the service judgment processing layer (2) are issued together, and the model asynchronous updating layer (3) and the artificial correction layer (4) can be issued along with the access layer and the service judgment processing layer independently. Wherein:
1. invoking access stratum (1): the system is used for receiving a request for suspicious transaction judgment, performing concurrency and current-limiting control, acquiring transaction key information, and transmitting the information to the service judgment processing layer for processing.
2. Service determination processing layer (2): and calculating a judgment index for the transmitted transaction key information, calculating an index value of the current transaction according to the monitoring model, judging by using the index value and a standard suspicious transaction index value, and returning a judgment result.
3. Model asynchronous update layer (3): the module can be triggered to update based on various modes, and index values of the monitoring model are calculated according to historical transactions and are issued to model data for online judgment.
4. Artificial correction layer (4): the user can set the parameters of the monitoring model and correct the suspicious judgment index result of the historical transaction. The parameters to be set comprise a period range of transaction frequency, a period range of transaction price deviation, transaction frequency weight, price deviation weight and transaction opponent credit rating weight, and monitoring indexes closer to actual scenes are formed through correction. And maintaining the deviation ratio of the suspicious transaction index of the current transaction and the standard suspicious transaction index.
The suspicious transaction online identification method provided by the embodiment is shown in fig. 5.
S1: and acquiring transaction elements.
And acquiring the transaction elements for judgment according to the inflowing transaction. Including transaction price and transaction partner credit rating.
S2: and selecting a monitoring model.
And acquiring the used monitoring model according to the configuration. Only one type of modulus test is currently supported, and the subsequent extension can be according to the definition.
S3: and calculating the suspicious transaction index value of the current transaction.
And according to a calculation formula, calculating the index value of the current transaction according to the set various weight parameters and the transaction elements of the current transaction.
Standard suspicious transaction index calculation logic: the index is transaction frequency × transaction frequency weight + transaction price deviation × price item deviation weight + investment transaction opponent credit rating × transaction opponent credit rating weight. The price interval of the historical transaction is transaction information of three years in history, wherein the transaction frequency is the number of transaction strokes of the counterparty in 3 months/the number of transaction strokes of all the transactions in 3 months, and the transaction price deviation is the variance of the price deviation of the counterparty in 3 months and the average price deviation of the counterparty in +3 months.
S4: and acquiring a suspicious transaction standard index value.
Specifically, a judgment index value of the suspicious transaction is obtained from the online transaction judgment model.
S5: and acquiring the deviation range of the suspicious transaction.
And obtaining the index value judgment range of the suspicious transaction from the parameter information.
S6: a suspicious transaction deviation value for the current transaction is calculated.
Specifically, based on a suspicious transaction index value calculated by the current transaction and a suspicious transaction index value in the contact transaction judgment model, the deviation degree of the suspicious transaction index value of the current transaction is calculated.
S7: and comparing the deviation degree of the calculation result with the set judgment range to obtain whether the transaction belongs to suspicious transaction.
S8: and according to the historical suspicious transaction judging validation scene (because the suspicious transaction rejects the transaction), acquiring the probability of the cumulative validity of the suspicious transaction of the current process node, and carrying out corresponding reminding according to the interval of the probability.
The cumulative suspicious transaction effectiveness probability of the current transaction node is obtained by accumulating the suspicious transaction effectiveness probabilities of the current node and the previous node, as shown in tables 1 and 2:
TABLE 1 suspicious transaction alert level Table
| Accumulating suspicious transaction validation probabilities | Alert level |
| [0-0.3) | Prompting |
| [0.3-0.5) | Reminding system |
| [0.5-0.8) | Warning |
| [0.8-1] | Severe warning |
Table 2 cumulative suspicious transaction effectiveness probability table
| Node point | Probability of suspicious transaction taking effect | Accumulating suspicious transaction validation probabilities |
| Node 1 | 0.3 | 0.3 |
| Node 2 | 0.2 | 0.5 |
| Node 3 | 0.4 | 0.9 |
| Node 4 | 0.1 | 1 |
S9: and updating the suspicious transaction model.
In particular, the triggering of suspicious transaction model updates supports multiple approaches. This may be triggered manually, periodically, or when new transactions are incoming. A scope of historical transactions needs to be defined. For manual triggering, a time range is specified by the user; the default historical transaction time range is 3 years for the then-current trigger and the transaction inflow trigger. And acquiring a weight parameter used for calculating the standard suspicious transaction index value. According to the time range of the historical transactions, inquiring the historical transactions, acquiring elements (transaction opponents, transaction prices and credit ratings of the transaction opponents) of the historical transactions, calculating the price deviation of each historical transaction, and then calculating the variance.
Calculating an index value of the standard suspicious transaction according to the following algorithm:
standard suspicious transaction index calculation logic: the index is transaction frequency × transaction frequency weight + transaction price deviation × price item deviation weight + investment transaction opponent credit rating × transaction opponent credit rating weight. The price interval of the historical transaction is transaction information of three years in history, wherein the transaction frequency is the number of transaction strokes of the counterparty in 3 months/the number of transaction strokes of all the transactions in 3 months, and the transaction price deviation is the variance of the price deviation of the counterparty in 3 months and the average price deviation of the counterparty in +3 months.
And then, storing the calculation information. The recorded information comprises parameter information, price deviation variance, historical total transaction number and calculated result value. And for the condition of updating at regular time/transaction inflow or the condition of appointing to update the contact suspicious index value during manual calculation, updating the calculation result into the suspicious transaction monitoring model result judged on line. Triggering probability statistics of each node of the suspicious transaction taking effect. And querying all suspicious transaction information in history. And counting each flow node passed by each suspicious transaction until the transaction is rejected or completely passed. Flags proceed according to 0-pass, 1-reject, as shown in table 3 and fig. 7. In particular, for suspicious but still all passing transactions, all nodes are identified by 1-reject flags. And calculating the weight of each process node according to the existing statistical result to obtain the probability of the rejection of the suspicious transaction. And finally, updating the calculated suspicious transaction probability to an online transaction judgment model.
Table 3 probability table for single node suspicious transaction taking effect
As can be seen from the above description, the suspicious transaction online identification method and system provided by the embodiment of the present invention first obtain the transaction price of the transaction to be identified and the transaction counter credit rating; next, suspicious transactions are identified based on the pre-generated identification model, the transaction price, and the transaction counter-party credit rating. According to the method, based on historical transaction information and information of transaction opponents, a suspicious transaction judgment standard is formed for suspicious transactions, key elements of current transaction information are extracted, a suspicious index value of the current transaction is formed, and the suspicious index value is compared with the suspicious transaction judgment standard to obtain single-node suspicious transaction judgment. The invention can be embedded into a transaction management process, identifies whether suspicious conditions such as benefit delivery exist with a current transaction opponent, and reduces investment loss by real-time in-process monitoring and reminding control aiming at multi-stage approval in a transaction internal management flow.
Specifically, the invention provides a suspicious transaction judgment standard for the transactions of non-open markets such as financing projects and the like through non-invasive design, realizes the targeted risk control of different process nodes by combining the processes of multi-stage approval, can be used in the multi-stage transaction management process, and mainly achieves the following effects:
1. the method realizes the detection in the non-public market investment transaction of the non-public financing project and finds out the suspicious transaction in advance.
2. The automatic calculation and updating can be carried out along with the continuous occurrence of the transaction, and the accuracy of suspicious transaction judgment is continuously improved along with the transaction.
3. And the wind control management requirements of different transaction levels of the multi-level process nodes are realized through the statistical analysis of the historical transactions.
Based on the same inventive concept, the embodiment of the present application further provides a suspicious transaction online identification apparatus, which can be used to implement the method described in the above embodiment, such as the following embodiments. Because the problem solving principle of the suspicious transaction online identification device is similar to that of the suspicious transaction online identification method, the implementation of the suspicious transaction online identification device can be implemented by the suspicious transaction online identification method, and repeated details are not repeated. As used hereinafter, the term "unit" or "module" may be a combination of software and/or hardware that implements a predetermined function. While the system described in the embodiments below is preferably implemented in software, implementations in hardware, or a combination of software and hardware are also possible and contemplated.
The embodiment of the present invention provides a specific implementation manner of a suspicious transaction online identification device capable of implementing a suspicious transaction online identification method, and referring to fig. 8, the suspicious transaction online identification device specifically includes the following contents:
the data acquisition unit 10 is used for acquiring the transaction price of the transaction to be identified and the credit rating of a transaction opponent;
and the suspicious transaction identification unit 20 is used for identifying suspicious transactions according to the pre-generated identification model, the transaction prices and the transaction counter credit rating.
In one embodiment, referring to fig. 9, the suspicious transaction online identification apparatus further comprises: a recognition model generation unit 30;
the recognition model generation unit 30 is configured to generate the recognition model according to the transaction frequency history data, the transaction price deviation history data, and the transaction counter credit rating history data.
In one embodiment, referring to fig. 10, the recognition model generating unit 30 includes:
the weight calculation module 301 is used for calculating transaction frequency weight, transaction price deviation weight and transaction opponent credit rating weight;
a recognition model generation module 302, configured to generate the recognition model according to the transaction frequency history data, the transaction frequency weight, the transaction price deviation degree weight, the transaction counter-party credit rating, and the transaction counter-party credit rating weight.
In one embodiment, referring to fig. 11, the suspicious transaction online identification apparatus further comprises: and the model updating unit 40 is used for updating the recognition model according to the transaction price and the transaction counter credit rating in the time interval at a preset time interval.
As can be seen from the above description, the suspicious transaction online identification apparatus provided in the embodiment of the present invention first obtains the transaction price of the transaction to be identified and the transaction counter-party credit rating; next, suspicious transactions are identified based on the pre-generated identification model, the transaction price, and the transaction counter-party credit rating. According to the method, based on historical transaction information and information of transaction opponents, a suspicious transaction judgment standard is formed for suspicious transactions, key elements of current transaction information are extracted, a suspicious index value of the current transaction is formed, and the suspicious index value is compared with the suspicious transaction judgment standard to obtain single-node suspicious transaction judgment.
The apparatuses, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or implemented by a product with certain functions. A typical implementation device is an electronic device, which may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
In a typical example, the electronic device specifically includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and the processor executes the computer program to implement the steps of the online suspicious transaction identification method, where the steps include:
step 100: acquiring a transaction price of a transaction to be identified and a credit rating of a transaction opponent;
step 200: and identifying suspicious transactions according to the pre-generated identification model, the transaction prices and the transaction counter-party credit rating.
Referring now to FIG. 12, shown is a schematic diagram of an electronic device 600 suitable for use in implementing embodiments of the present application.
As shown in fig. 12, the electronic apparatus 600 includes a Central Processing Unit (CPU)601 that can perform various appropriate works and processes according to a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage section 608 into a Random Access Memory (RAM)) 603. In the RAM603, various programs and data necessary for the operation of the system 600 are also stored. The CPU601, ROM602, and RAM603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The driver 610 is also connected to the I/O interface 605 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted as necessary on the storage section 608.
In particular, according to an embodiment of the present invention, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, an embodiment of the present invention includes a computer-readable storage medium, on which a computer program is stored, the computer program, when being executed by a processor, implementing the steps of the above-mentioned suspicious transaction online identification method, the steps including:
step 100: acquiring a transaction price of a transaction to be identified and a credit rating of a transaction opponent;
step 200: and identifying suspicious transactions according to the pre-generated identification model, the transaction prices and the transaction counter-party credit rating.
In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609, and/or installed from the removable medium 611.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A method for online identification of suspicious transactions, comprising:
acquiring a transaction price of a transaction to be identified and a credit rating of a transaction opponent;
and identifying suspicious transactions according to the pre-generated identification model, the transaction prices and the transaction counter-party credit rating.
2. The method of claim 1, wherein the step of generating the identification model comprises:
and generating the recognition model according to the transaction frequency historical data, the transaction price deviation historical data and the transaction opponent credit rating historical data.
3. The method of claim 2, wherein generating the recognition model based on transaction frequency history data, transaction price deviation history data, and transaction counter credit rating history data comprises:
calculating transaction frequency weight, transaction price deviation weight and transaction opponent credit rating weight;
generating the recognition model according to the transaction frequency historical data, the transaction frequency weight, the transaction price deviation degree weight, the transaction counter-party credit rating and the transaction counter-party credit rating weight.
4. The method of on-line identification of suspicious transactions according to claim 1 further comprising: and updating the recognition model according to the transaction price and the transaction counter credit rating in the time interval at a preset time interval.
5. An online suspicious transaction identification device, comprising:
the data acquisition unit is used for acquiring the transaction price of the transaction to be identified and the credit rating of a transaction opponent;
and the suspicious transaction identification unit is used for identifying suspicious transactions according to the pre-generated identification model, the transaction price and the transaction opponent credit rating.
6. The suspicious transaction online identification device of claim 5, further comprising: a recognition model generation unit;
the recognition model generation unit is used for generating the recognition model according to the transaction frequency historical data, the transaction price deviation historical data and the transaction opponent credit rating historical data.
7. The suspicious transaction online identification device according to claim 6, wherein said identification model generating unit comprises:
the weight calculation module is used for calculating transaction frequency weight, transaction price deviation weight and transaction opponent credit rating weight;
and the recognition model generation module is used for generating the recognition model according to the transaction frequency historical data, the transaction frequency weight, the transaction price deviation degree weight, the transaction counter-party credit rating and the transaction counter-party credit rating weight.
8. The suspicious transaction online identification device of claim 5, further comprising: and the model updating unit is used for updating the recognition model according to the transaction price and the transaction opponent credit rating in the time interval at a preset time interval.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the steps of the method for online identification of suspicious transactions according to any one of claims 1 to 4.
10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the steps of the method for online identification of suspicious transactions according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010613169.XA CN111798243A (en) | 2020-06-30 | 2020-06-30 | Suspicious transaction online identification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010613169.XA CN111798243A (en) | 2020-06-30 | 2020-06-30 | Suspicious transaction online identification method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111798243A true CN111798243A (en) | 2020-10-20 |
Family
ID=72810930
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010613169.XA Pending CN111798243A (en) | 2020-06-30 | 2020-06-30 | Suspicious transaction online identification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111798243A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108230151A (en) * | 2018-01-16 | 2018-06-29 | 平安科技(深圳)有限公司 | A kind of suspicious transaction detection method, apparatus, equipment and storage medium |
| CN109767322A (en) * | 2018-12-20 | 2019-05-17 | 平安科技(深圳)有限公司 | Suspicious transaction analysis method, apparatus and computer equipment based on big data |
| CN109767226A (en) * | 2018-12-20 | 2019-05-17 | 平安科技(深圳)有限公司 | Suspicious transaction statistical views generation method and device based on big data |
| CN110033372A (en) * | 2019-02-19 | 2019-07-19 | 阿里巴巴集团控股有限公司 | A kind of method, system and equipment optimizing transaction cost |
-
2020
- 2020-06-30 CN CN202010613169.XA patent/CN111798243A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108230151A (en) * | 2018-01-16 | 2018-06-29 | 平安科技(深圳)有限公司 | A kind of suspicious transaction detection method, apparatus, equipment and storage medium |
| CN109767322A (en) * | 2018-12-20 | 2019-05-17 | 平安科技(深圳)有限公司 | Suspicious transaction analysis method, apparatus and computer equipment based on big data |
| CN109767226A (en) * | 2018-12-20 | 2019-05-17 | 平安科技(深圳)有限公司 | Suspicious transaction statistical views generation method and device based on big data |
| CN110033372A (en) * | 2019-02-19 | 2019-07-19 | 阿里巴巴集团控股有限公司 | A kind of method, system and equipment optimizing transaction cost |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190355058A1 (en) | Method and apparatus for processing credit score real-time adjustment, and processing server | |
| CN107622432A (en) | Trade company's evaluation method and system | |
| CN112734559B (en) | Enterprise credit risk evaluation method and device and electronic equipment | |
| CN111539811B (en) | Risk account identification method and device | |
| CN106156151A (en) | The Risk Identification Method of internetwork operation event and device | |
| CN115145587A (en) | Product parameter checking method and device, electronic equipment and storage medium | |
| CN110942314A (en) | Abnormal account supervision method and device | |
| CN114723481A (en) | Data processing method and device, electronic equipment and storage medium | |
| CN113506113B (en) | Credit card cash-registering group-partner mining method and system based on associated network | |
| CN113869700A (en) | Performance index prediction method and device, electronic equipment and storage medium | |
| CN112885377A (en) | Voice quality evaluation method and device, computer equipment and storage medium | |
| CN111798243A (en) | Suspicious transaction online identification method and device | |
| CN113407827A (en) | Information recommendation method, device, equipment and medium based on user value classification | |
| CN111429257A (en) | Transaction monitoring method and device | |
| CN112465509A (en) | Signing contract early warning method and device | |
| CN117332212B (en) | Intelligent risk exploration method and system based on chaotic engineering fault experiment | |
| CN108122129B (en) | Data processing method and device and electronic equipment | |
| CN117036001A (en) | Risk identification processing method, device and equipment for transaction service and storage medium | |
| CN115239481A (en) | Credit card repayment reminding method and device | |
| CN117495315A (en) | Business management method and device based on pipeline flow | |
| CN116777609A (en) | Method and device for processing quota, server and readable storage medium | |
| CN116797350A (en) | Real-time transaction accident risk processing method and device | |
| CN116596651A (en) | Method, device, equipment and storage medium for managing overdue risk information of clients | |
| CN117934001A (en) | Transaction abnormality detection method and device, electronic equipment and storage medium | |
| CN116739751A (en) | Credit evaluation method and device for gas station |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |