CN112581271B - Merchant transaction risk monitoring method, device, equipment and storage medium - Google Patents
Merchant transaction risk monitoring method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN112581271B CN112581271B CN202011533757.9A CN202011533757A CN112581271B CN 112581271 B CN112581271 B CN 112581271B CN 202011533757 A CN202011533757 A CN 202011533757A CN 112581271 B CN112581271 B CN 112581271B
- Authority
- CN
- China
- Prior art keywords
- merchant
- analyzed
- risk
- transaction
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/067—Enterprise or organisation modelling
Abstract
The invention provides a method, a device, equipment and a storage medium for monitoring transaction risk of a merchant, wherein the method for monitoring the transaction risk of the merchant comprises the following steps: the merchant transaction risk monitoring method comprises the following steps: identifying the industry category of the merchant to be analyzed according to the registration information of the merchant to be analyzed; performing first-layer risk monitoring according to the industry category of the merchant to be analyzed and the transaction information of the merchant to be analyzed; and if the first-layer risk monitoring result of the merchant to be analyzed is a normal merchant, performing second-layer risk monitoring according to the transaction information of the merchant to be analyzed, the basic information of the merchant and a pre-established merchant transaction risk monitoring model. The method can establish the relation between the business category of the commercial tenant and the risk monitoring of the commercial tenant, can reduce the labor cost, improve the accuracy of the risk monitoring and avoid the condition of missing detection in a two-stage risk monitoring mode. And the cold start of the merchant transaction risk monitoring can be realized to a certain extent under the condition that label samples are not accumulated.
Description
Technical Field
The present disclosure relates to the field of merchant transaction data analysis, and in particular, to a method, an apparatus, a device and a storage medium for monitoring a merchant transaction risk.
Background
In the prior art, the classification of the merchant industry can be divided into manual classification and automatic classification. The manual classification is mainly classified after being judged by special personnel according to the information (namely, merchant industrial and commercial registration information) filled by merchant registration and merchant classification standards; the automatic classification mainly comprises the steps of collecting mass transaction data, merchant registration data and other data of merchants in various industries, forming features and labels according to the collected information, training to obtain a machine learning model, and accordingly classifying the merchants by using the machine learning model or constructing a merchant transaction map, and analyzing according to a network structure to obtain the industry to which the merchants belong.
Merchant transaction fraud detection can be divided into rule-based detection and model-based detection. The rule-based detection is that an expert formulates a rule according to historical transaction data and experience, and the rule is utilized to monitor the transaction of a merchant; model-based detection is the modeling analysis of transaction data using machine learning algorithms, such as random forests, anomaly detection, and the like.
The existing merchant industry classification and merchant transaction fraud detection have the following defects: 1) The merchant industry classification and the merchant risk monitoring are mutually independent, and the mutual relation is not established; 2) For manual merchant classification, the method mainly depends on knowledge of classification personnel, has strong subjectivity, different classification results are caused by different understanding of classification standards, and the workload of a manual mode is large, so that the efficiency is difficult to ensure; 3) For automatic merchant classification, depending on merchant transaction data, it is difficult to classify newly registered merchants who have not yet transacted, or the classification effect is not good; 4) For merchant transaction fraud detection based on rules, the method mainly depends on human experience and has the defect of low precision; 5) For model-based detection, there are problems that tag samples need to be accumulated, monitoring of merchants and their accounts cannot be done at cold start (i.e. without historical data and tags), and samples are not balanced, and in addition, existing models have a problem of poor interpretability.
Disclosure of Invention
The method is used for solving the problems that in the prior art, the risk monitoring of the merchants, the merchant industry classification and the merchant risk monitoring are mutually independent, the mutual relation is not established, label samples need to be accumulated, and the merchants cannot be monitored by cold starting.
In order to solve the above technical problem, a first aspect of the present disclosure provides a merchant transaction risk monitoring method, including:
identifying the industry category of the merchant to be analyzed according to the registration information of the merchant to be analyzed;
performing first-layer risk monitoring according to the industry category of the merchant to be analyzed and the transaction information of the merchant to be analyzed;
and for the merchant to be analyzed with the normal first-layer risk monitoring result, carrying out second-layer risk monitoring according to the normal merchant transaction information to be analyzed, the merchant basic information and a pre-established merchant transaction risk monitoring model.
In a further embodiment herein, identifying the business category of the merchant to be analyzed according to the merchant registration information to be analyzed includes:
determining the text type of the merchant registration information to be analyzed;
extracting a characteristic vector of the merchant registration information to be analyzed;
and inputting the feature vector of the to-be-analyzed merchant registration information into a merchant industry classification model corresponding to the text type of the to-be-analyzed merchant registration information, and calculating to obtain the category of the to-be-analyzed merchant industry.
In a further embodiment herein, the establishment of the merchant industry classification model comprises:
grouping a plurality of pre-collected merchant registration information;
and respectively establishing a business industry classification model corresponding to each group according to each group and the business industry classification identification of the business.
In a further embodiment of this document, the first-level risk monitoring is performed according to the business category of the merchant to be analyzed and the transaction information of the merchant to be analyzed, and includes:
retrieving an industry rule corresponding to a merchant to be analyzed from an industry rule database according to the industry category of the merchant to be analyzed, wherein the industry rule database stores the corresponding relation between the merchant industry category and a plurality of industry rules;
determining the number and the weight of the triggered industry rules according to the transaction information of the merchant to be analyzed and the industry rules corresponding to the merchant to be analyzed;
determining the risk level of the merchant to be analyzed according to the number and the weight of the triggering industry rules;
if the risk level of the merchant to be analyzed is greater than a preset level, determining that the merchant to be analyzed is a risk merchant;
and if the risk level of the merchant to be analyzed is less than or equal to a preset level, determining that the merchant to be analyzed is a normal merchant.
In a further embodiment of the present invention, the second-layer risk monitoring is performed according to the normal merchant transaction information to be analyzed, the merchant basic information, and the pre-established merchant transaction risk monitoring model, and includes:
acquiring entity feature vectors of nodes according to the normal to-be-analyzed merchant transaction information and the merchant basic information, wherein the nodes comprise merchants and accounts;
inputting the entity characteristic vector of the node into a pre-established merchant transaction risk monitoring model to obtain the risk probability of the node;
and judging whether the risk probability of the node is higher than a preset threshold value or not, and if the risk probability of the node is higher than the preset threshold value, determining that the node is a risk node.
In a further embodiment of this document, before obtaining the entity feature vector of the node according to the normal to-be-analyzed merchant transaction information and the merchant basic information, the method further includes:
extracting nodes, node relations and node attribute information according to the to-be-analyzed merchant transaction information, the merchant basic information and the first-layer risk monitoring result;
establishing a transaction association graph to be analyzed according to the extracted nodes, the node relation and the node attribute information;
mining generalized risk nodes in the transaction association graph to be analyzed by utilizing a path retrieval algorithm;
and for the other nodes except the generalization risk node, extracting entity feature vectors of the nodes.
In a further embodiment herein, the node attribute information of the merchant includes: business classification of the merchant, risk level of the merchant, and triggering business rules of the merchant.
In further embodiments herein, the process of establishing the merchant transaction risk monitoring model includes:
determining generalized risk nodes and normal nodes according to a plurality of merchant transaction data, existing risk merchant/account information and merchant basic information, and extracting an entity characteristic vector of each node, wherein the plurality of merchant transaction data comprise account information and transaction information, and the nodes comprise merchants and accounts;
and training a merchant transaction risk monitoring model according to the entity characteristic vector of the generalized risk node and the entity characteristic vector of the normal node.
In a further embodiment of this document, determining generalized risk nodes and normal nodes according to transaction data of multiple merchants, existing risk merchant/account information, and basic merchant information, and extracting an entity feature vector of each node includes:
extracting nodes, node relations and node attribute information according to the transaction data of the multiple merchants, the existing risk merchant/account blacklist samples and basic information of the merchants;
establishing a transaction association map according to the nodes, the node relation and the node attribute information;
the method comprises the steps that a generalized risk node in a transaction association graph is excavated by a path retrieval algorithm, and other nodes except the generalized risk node in the transaction association graph are normal nodes;
and extracting the entity characteristic vector of each node according to the merchant transaction data and the transaction association map.
In a further embodiment, the existing risk merchant/account information is derived from the merchant whose first risk monitoring result is risk and the merchant/account whose due diligence result is true risk.
A second aspect herein provides a merchant transaction risk monitoring device comprising:
the classification module is used for identifying the industry category of the merchant to be analyzed according to the registration information of the merchant to be analyzed;
the first monitoring module is used for carrying out first-layer risk monitoring according to the industry category of the merchant to be analyzed and the transaction information of the merchant to be analyzed;
a second monitoring module, configured to, if the first-layer risk monitoring result of the merchant to be analyzed is a normal merchant, determine that the merchant is a normal merchant
And performing second-layer risk monitoring according to the to-be-analyzed merchant transaction information and a pre-established merchant transaction risk monitoring model.
A third aspect herein provides a computer apparatus comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing a merchant transaction risk monitoring method when executing the computer program.
A fourth aspect herein provides a computer readable storage medium having stored thereon a computer program for execution by a processor to implement a merchant transaction risk monitoring method.
The merchant transaction risk monitoring method, device, equipment and storage medium provided by the invention firstly identify the category of the merchant industry to be analyzed; performing first-layer risk monitoring according to the industry category of the merchant to be analyzed and the transaction information of the merchant to be analyzed; if the first-layer risk monitoring result of the to-be-analyzed merchant is a normal merchant, second-layer risk monitoring is carried out according to the normal to-be-analyzed merchant transaction information and a pre-established merchant transaction risk monitoring model, the relationship between the merchant industry category and the merchant risk monitoring can be established, the labor cost can be reduced, the accuracy of the risk monitoring can be improved, and the condition of missed detection can be avoided. Furthermore, the business category of the merchant to be analyzed is identified according to the registration information of the merchant to be analyzed, and then the first-layer risk monitoring is carried out according to the business category of the merchant, so that the transaction risk monitoring cold start of the merchant can be realized to a certain extent under the condition that label samples are not accumulated.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art, the drawings used in the embodiments or technical solutions in the prior art are briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 shows a flow diagram of a merchant transaction risk monitoring method according to an embodiment herein;
FIG. 2 illustrates a flow diagram of a merchant industry classification model building process according to embodiments herein;
FIG. 3 shows a flow diagram of a merchant industry category identification process to be analyzed according to an embodiment herein;
fig. 4 illustrates a flow diagram of a first tier risk monitoring process of embodiments herein;
FIG. 5 shows a flow diagram of a merchant transaction risk monitoring model building process according to embodiments herein;
fig. 6 shows a first schematic diagram of a transaction association map of an embodiment herein;
fig. 7 shows a first flowchart of a second tier risk monitoring process of embodiments herein;
FIG. 8 shows a second flowchart of a second tier risk monitoring process of embodiments herein;
FIG. 9 is a block diagram of a merchant transaction risk monitoring device according to an embodiment of the disclosure;
FIG. 10 illustrates a second schematic diagram of a transaction association map of an embodiment herein;
fig. 11 shows a block diagram of a computer device according to an embodiment of the present disclosure.
Description of the symbols of the drawings:
1010. a classification module;
1020. a first monitoring module;
1030. a second monitoring module;
1102. a computer device;
1104. a processor;
1106. a memory;
1108. a drive mechanism;
1110. an input/output module;
1112. an input device;
1114. an output device;
1116. a presentation device;
1118. a graphical user interface;
1120. a network interface;
1122. a communication link;
1124. a communication bus.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the scope of protection given herein.
In consideration of risk monitoring of merchants in the prior art, merchant industry classification and merchant risk monitoring are independent of each other, a relationship between merchants is not established, and the problems that label samples need to be accumulated and monitoring of merchants by cold start cannot be achieved exist. In an embodiment of the present disclosure, as shown in fig. 1, a method for monitoring a transaction risk of a merchant is provided, where the method for monitoring a transaction risk of a merchant is capable of being executed in an intelligent terminal and a server, including a smart phone, a tablet computer, a desktop computer, and the like, and a specific implementation manner is not limited herein. Specifically, the merchant transaction risk monitoring method comprises the following steps:
and 110, identifying the industry classification of the merchant to be analyzed according to the merchant registration information to be analyzed.
In this step, risk prediction may be performed on multiple merchants to be analyzed at the same time, in a specific embodiment, about 60 ten thousand merchants to be analyzed are predicted at a time, and the merchants may include about 140 ten thousand accounts.
The merchant registration information to be analyzed at least includes a merchant name, and may also include industrial and commercial registration information (e.g., a business scope, etc.), merchant network access (account opening at a bank or a third party), registration information, etc., or further include information registered in other institutions. The merchant registration information to be analyzed can be actively reported when the merchant accesses the network or can be acquired from a business bureau or a business registration website, and the data source mode is not limited in the text.
The business category includes, but is not limited to, catering category, entertainment category, automobile category, etc., and the international existing classification standard can be specifically referred to, which is not specifically limited herein.
And 120, performing first-layer risk monitoring according to the industry category of the merchant to be analyzed and the transaction information of the merchant to be analyzed so as to preliminarily identify the risky merchant and the normal merchant.
In this step, the transaction information of the merchant to be analyzed includes account information and transaction information, the account information includes a payment account and a payment account, and the transaction information includes a transaction amount.
In specific implementation, for merchants to be analyzed with abnormal first-layer risk monitoring results, the risk merchants can be marked and put in storage so as to be used for updating or establishing a merchant transaction risk monitoring model. In order to ensure the confirmation precision of the risk merchant and avoid generating bad results, control measures such as due diligence or seller treatment can be started.
And step 130, for the merchants to be analyzed with the normal first-layer risk monitoring result, performing second-layer risk monitoring according to the transaction information of the normal merchants to be analyzed, the basic information of the merchants and a pre-established merchant transaction risk monitoring model so as to mine risk merchants or accounts which are not identified by the first-layer risk monitoring.
In this step, the basic information of the merchant includes: identity account number, gender, age and other characteristics of the merchant legal person or the contact person. The basic merchant information is not specifically limited herein.
The merchant transaction risk monitoring model can be established by adopting the existing artificial intelligence methods such as deep learning, and the specific establishing mode is not limited in the text.
This embodiment can reduce the cost of labor, improve risk monitoring's rate of accuracy through the mode of two-stage risk monitoring, avoids appearing the condition of hourglass detection. Furthermore, the business category of the merchant to be analyzed is identified according to the registration information of the merchant to be analyzed, and then the first-layer risk monitoring is carried out according to the business category of the merchant, so that the transaction risk monitoring cold start of the merchant can be realized to a certain extent under the condition that label samples are not accumulated. According to the risk merchant/account analyzed, merchant monitoring and control can be performed, loss caused by merchant fraud is reduced, and anti-fraud is further achieved.
The existing commercial tenant industry classification method has the following problems: for manual merchant classification, the method mainly depends on knowledge of classification personnel, has strong subjectivity, different classification results are caused by different understanding of classification standards, and the workload of a manual mode is large, so that the efficiency is difficult to ensure; for automatic merchant classification, depending on merchant transaction data, it may be difficult or inefficient to classify merchants that have not yet transacted with the new registration.
In view of the problems of the prior art merchant industry classes, in one embodiment herein, a novel merchant industry classification model is provided, and as shown in fig. 2, the establishment process of the merchant industry classification model includes:
The merchant samples can be randomly selected from the classified merchant database, the characteristics and the specific quantity of the merchant samples are not limited, and the registered information of the online merchants and the industry classification identifications of the merchants are recorded in the classified merchant database.
At step 220, the merchant samples are grouped.
In a specific embodiment, the obtained merchant samples are grouped into a first text type group and a second text type group.
In this step, the first text type group refers to a merchant sample including only the name of the merchant, and the second text type group refers to a merchant sample including information such as the business scope in addition to the name of the product. Or the first text type group refers to a business sample which comprises information such as a business range besides the commodity name, and the second text type group refers to a business sample which only comprises the business name.
In a specific implementation, other grouping manners may be adopted, for example, the merchants only including the name are divided into one group, the merchants including the merchant name and the operating range are divided into one group, and the merchants including the merchant name, the operating range and other information are divided into one group, which is not limited in this document.
in step 231, a feature vector of each merchant sample is obtained.
Specifically, the method for extracting the merchant sample feature vector includes: performing word segmentation processing on the merchant sample by adopting a word segmentation algorithm; removing stop words in the text after word segmentation; and identifying and removing the place name of the text without the stop word by adopting a place name identification algorithm, and converting the text into digital characteristics by adopting a word vector model for the text without the place name so as to obtain the characteristic vector of the merchant sample.
In this step, the word segmentation process may use the existing word segmentation algorithms commonly used for natural languages, and the specific word segmentation algorithms are not limited herein, such as Pudong corporation, beijing intellectual property agency, and Beijing/, after word segmentation.
The stop words include the useless words without practical meaning such as the tone help words, prepositions, conjunctions, adverbs and the like, and the place names also belong to the useless words without meaning. By removing stop words and place names, the accuracy of the business industry classification model can be improved.
In this step, the business classification identifier of the merchant may be manually pre-identified, which is not limited herein.
The machine learning algorithm may adopt a network model existing in the prior art, and may be designed according to the requirement, which is not limited herein.
Because the information content of the merchant samples in different groups is different, if a merchant industry classification model is uniformly established, the classification precision will be affected, in this embodiment, the merchant samples are grouped, and the merchant industry classification model is established for each group of merchant samples, so that the classification accuracy of two types of merchants with different information content can be greatly improved.
After the merchant industry classification model is established, the merchant industry classification model established above may be used to perform merchant industry classification prediction, taking two merchant industry classification models as an example, where the merchant industry classification of the merchant industry classification model is shown in fig. 3, where the merchant to be analyzed in step 110 includes a plurality of merchants, and for each merchant i to be analyzed, according to the registration information of the merchant i to be analyzed, the identifying of the merchant industry classification to be analyzed includes:
And step 320, extracting the feature vector of the registration information of the merchant i to be analyzed. The extraction process of the feature vector is referred to the foregoing embodiments, and will not be described in detail here.
And 340, continuously acquiring registration information of the next merchant i +1 to be analyzed, enabling i = i +1, and returning to 310 to continue execution.
In an embodiment of the present invention, as shown in fig. 4, the step 120 performs a first-level risk monitoring according to the business category of the merchant to be analyzed and the transaction information of the merchant to be analyzed, including:
In this step, the industry rule is for an existing industry, and the determination process includes: for the commercial tenants of the existing industry types, respectively counting the commercial tenant transaction characteristics of each industry according to the transaction data of the commercial tenants of each industry type; designing a transaction monitoring threshold according to the transaction characteristics of the merchant; and setting an industry rule according to the transaction monitoring threshold value.
Specifically, the merchant transaction characteristics of each industry include, but are not limited to, industry transaction time, transaction maximum value, transaction average value, transaction frequency, and the like. The transaction monitoring threshold is used for judging the condition that the transaction characteristics are obviously not met, for example, the monitoring threshold of one transaction amount industry rule of a convenience store as a transaction amount range is 1-500, and if a certain merchant a frequently transacts about ten thousand yuan, the transaction amount industry rule can be touched.
The business rules of each industry are different, for example, the monitoring threshold value of the trade amount business rule of the convenience store, which is the trade amount range, is 1 to 500, but for the electric appliance market, the monitoring threshold value of the trade amount business rule, which is the trade amount range, is about ten thousand yuan. In specific implementation, the industry rules of each industry can be set according to actual analysis conditions, which is not limited herein.
When the industry rules are determined, the weights of the industry rules can be set according to the importance degree of the industry rules.
And 430, determining the risk level of the merchant to be analyzed according to the number and the weight of the triggering industry rules. The risk level has a corresponding relation with the number and the weight of the industry rules, generally speaking, the more the number of the industry rules is triggered, the larger the weight is, and the higher the risk level of the merchant is.
In one embodiment, the risk level of the merchant is divided into: high risk merchants, medium risk merchants, low risk merchants, and no risk merchants. In other embodiments, the merchant risk level may be further divided, which is not limited herein. Each risk grade can correspond to a corresponding score, the specific score can be calculated according to the number of the industry rules and the weight, and the higher the score is, the larger the corresponding risk is.
And the determined risk merchants can be used as black samples when the merchant transaction risk monitoring model is modeled.
Further, in order to ensure the accuracy of the first-tier risk monitoring, the risk merchants determined in step 440 may also be started with due diligence programs, and it is manually determined whether the risk merchants really are real and have risks. And if the due diligence result is a risk account, performing a customer selling operation on the merchant.
Partial risk merchants can be screened out through the first-layer risk monitoring, and in order to guarantee that more risk merchants/accounts are excavated, second-layer risk monitoring is started on the basis of the first-layer risk monitoring. The second layer of risk monitoring is based on establishing a merchant transaction risk monitoring model in advance, and the merchant transaction risk model used herein may be a model established by adopting the prior art. In an embodiment of the present disclosure, in order to solve the problems of unbalanced samples and poor interpretability existing in the existing merchant transaction risk model establishing method, a new merchant transaction risk monitoring model establishing method is provided, as shown in fig. 5, including:
In some embodiments of this step 510, the generalized risk nodes are determined based on the associated graph knowledge, and specifically, the step 510 includes:
In this step, the merchant transaction data includes: transaction amount, transaction frequency.
Information for at-risk merchants/accounts is recorded in the existing merchant/account blacklist sample.
The basic information of the merchant comprises: identity card number, merchant number, whether the identifier is a blacklist.
The node refers to a merchant or an account, the node relationship indicates that there is an attribution relationship and a transaction relationship between the merchant and the account, each merchant includes at least one account, and the same account may belong to one merchant or a plurality of merchants. The node attribute information of the merchant includes whether the node belongs to a risk node, and may further include: business classification of the merchant, risk level of the merchant, and triggering business rules of the merchant.
Before this step is carried out, still include: the merchant transaction data is subjected to data preprocessing, wherein the data preprocessing process comprises but is not limited to deduplication data, completion data and the like.
And step 512, establishing a transaction association graph according to the nodes, the node relation and the node attribute information.
In this step, the established transaction association map is shown in fig. 6, where circles in fig. 6 represent nodes, white circles represent accounts, black circles represent merchants, and arrows represent node relationships.
In specific implementation, the implementation process of the association map can be referred to in the prior art, and is not detailed herein.
And 513, excavating generalized risk nodes from the transaction association graph by using a path retrieval algorithm, wherein other nodes except the generalized risk nodes in the transaction association graph are normal nodes.
In this step, the path search algorithm is used to find the optimal path with the minimum cost, and the specific implementation process thereof may refer to the prior art, which is not limited herein.
In detail, the implementation process of step 513 includes: firstly, labeling risk merchants/accounts in a transaction association map; for the merchants/accounts marked as risk, the transaction tracks are mined by utilizing a path retrieval algorithm; and analyzing the excavated transaction track so as to excavate the information of the generalized risk commercial tenant or the account, namely excavating the generalized risk node.
After the generalized risk nodes are determined, whether the generalized risk nodes really have risks can be further judged in a manual due diligence mode.
In this step, the entity feature vector of each node is extracted according to the transaction data of the multiple merchants and the transaction association map.
Specifically, the entity feature vector of the node includes: the characteristics of the node itself and the structural characteristics of the node. The self characteristics of the nodes reflect the independent characteristics of the nodes and are not influenced by other nodes, for example, for a merchant node, the self characteristics comprise information such as identity numbers, sexes and the like of merchant legal persons or contact persons, and the structural characteristics comprise the number of accounts directly associated with merchants. For another example, for an account node, its own characteristics include the name of the account, its structural characteristics include the number of accounts with which transactions directly take place, and so on. The node itself and the structural features are not specifically limited herein.
And 530, training a merchant transaction risk monitoring model according to the entity characteristic vector of the generalized risk node and the entity characteristic vector of the normal node.
In this step, a deep learning algorithm may be adopted to pre-establish a merchant transaction risk monitoring model, and the entity feature vector is used as data, and the merchant/account risk probability is used as output. The specific training process can refer to the prior art, and the specific training process is not limited herein.
The merchant transaction risk monitoring can be performed based on the merchant transaction risk monitoring model established in the previous embodiment, specifically, as shown in fig. 7, the step 130 performs the second-layer risk monitoring according to the normal transaction information of the merchant to be analyzed, the merchant basic information, and the merchant transaction risk monitoring model established in advance, where the second-layer risk monitoring includes:
Specifically, the entity feature vector of the node includes: the characteristics of the node itself and the structural characteristics of the node. The self characteristics of the nodes reflect the independent characteristics of the nodes and are not influenced by other nodes, for example, for a merchant node, the self characteristics comprise information such as identity numbers, sexes and the like of merchant legal persons or contact persons, and the structural characteristics comprise the number of accounts directly associated with merchants. For another example, for an account node, its own characteristics include the name of the account, its structural characteristics include the number of accounts with which transactions directly take place, etc. The node itself and the structural features are not specifically limited herein.
And 720, inputting the entity characteristic vector of the node into a pre-established merchant transaction risk monitoring model to obtain the risk probability of the node.
In one embodiment of this document, before the step 710 is executed, to alleviate the pressure predicted by the merchant transaction risk monitoring model, the method further includes: screening generalized risk merchants or accounts on the basis of the first-step risk monitoring by using a correlation map, specifically, as shown in fig. 8, the method includes:
In this step, the node refers to a merchant or an account, the node relationship indicates that there is an attribution relationship between the merchant and the account, each merchant includes at least one account, and the same account may belong to one merchant or a plurality of merchants. The node attribute information of the merchant at least comprises a monitoring result, and may further comprise: business classification of the merchant, risk level of the merchant, and triggering business rules of the merchant.
Before this step is carried out, still include: and performing data preprocessing on the merchant transaction information to be analyzed, wherein the data preprocessing process comprises but is not limited to duplicate data removal, completion data and the like.
And step 820, constructing a transaction association graph to be analyzed according to the extracted nodes, the node relation and the node attribute information.
In this step, the established transaction association graph is shown in fig. 6, where circles in fig. 6 represent nodes, white circles represent accounts, black circles represent merchants, and arrows represent node relationships.
In specific implementation, the implementation process of the association map can be referred to in the prior art, and is not detailed herein.
And 830, mining generalized risk nodes in the transaction association graph to be analyzed by using a path retrieval algorithm.
In this step, the path search algorithm is used to find the optimal path with the minimum cost, and the specific implementation process thereof may refer to the prior art, which is not limited herein.
In detail, the specific implementation process of step 830 includes: firstly, labeling risk merchants (first-layer risk monitoring results) in a transaction association map; for the merchants marked as risk, the transaction tracks are mined by utilizing a path retrieval algorithm; and analyzing the excavated transaction track so as to excavate the information of the generalized risk commercial tenant or the account, namely excavating the generalized risk node.
After the generalized risk nodes are determined, whether the generalized risk nodes really have risks can be further judged in a manual due diligence mode.
In one embodiment of this document, in order to facilitate the monitoring personnel to intuitively know the risk nodes, after determining the potential risk nodes in step 730, the method further includes: the risk nodes determined in step 730 are identified in the transaction association map established in step 820 and the transaction association map is visualized to visually demonstrate transaction trajectories of the risk merchants/accounts. The display results are shown in FIG. 9.
In order to more clearly describe the technical solution herein, a specific embodiment is described in detail below, before the embodiment is implemented, a merchant industry classification model is established by using the method shown in fig. 2, and a merchant transaction risk monitoring model is established by using the method shown in fig. 5, specifically, the merchant transaction risk monitoring method includes:
1) And identifying the industry category of the merchant to be analyzed according to the registered information of the merchant to be analyzed.
(1) Determining a group to which the registration information of the merchant i to be analyzed belongs;
(2) Extracting a feature vector of registration information of a merchant i to be analyzed;
(3) Inputting the feature vector of the registration information of the merchant i to be analyzed into a merchant industry classification model corresponding to the group to obtain the industry classification of the merchant i to be analyzed;
(4) And (4) obtaining the next merchant i +1 to be analyzed, enabling i = i +1, returning to the step (1) to continue to be executed until the industry classifications of all merchants to be analyzed are analyzed.
And supplementing the merchant industry category serving as merchant characteristics into merchant attribute data required by modeling of the merchant transaction risk monitoring model.
2) And (3) realizing the first-layer merchant transaction risk monitoring by applying the merchant industry category to be analyzed determined in the step 1).
(1) Retrieving an industry rule corresponding to a merchant to be analyzed from an industry rule database according to the industry category of the merchant to be analyzed;
(2) Determining the number and the weight of the triggered industry rules according to the transaction information of the merchant to be analyzed and the industry rules corresponding to the merchant to be analyzed;
(3) Determining the risk level of the merchant to be analyzed according to the number and the weight of the triggered industry rules, wherein the risk level has a corresponding relation with the number and the weight of the industry rules;
(4) Judging whether the risk level of the merchant to be analyzed is greater than a preset level (such as low risk), and if so, determining that the merchant to be analyzed is a risk merchant;
(5) And storing the risk merchants determined by the layer into a database so as to update a merchant transaction risk monitoring model subsequently, and starting due diligence investigation on the risk merchants to accurately determine whether the merchants have risks in a manual mode.
3) And the second layer is merchant transaction risk monitoring based on a semi-supervised technology.
(1) Extracting nodes, node relations and node attribute information according to the to-be-analyzed merchant transaction information and a first-layer risk monitoring result;
(2) Establishing a transaction association map to be analyzed according to the extracted nodes, the node relation and the node attribute information;
(3) Mining generalized risk nodes in the transaction association graph to be analyzed by utilizing a path retrieval algorithm;
(4) For non-generalized risk nodes, namely normal nodes, acquiring entity feature vectors of the nodes, wherein the nodes comprise merchants and accounts, an attribution relationship exists between the merchants and the accounts, each merchant comprises at least one account, and the same account can belong to one merchant or a plurality of merchants;
(5) Inputting the entity characteristic vector of the node into a pre-established merchant transaction risk monitoring model to obtain the risk probability of the node;
(6) Judging whether the risk probability of the node is higher than a preset threshold value or not, and if the risk probability of the node is higher than the preset threshold value, determining the node as a risk node;
(7) Marking risk nodes in the transaction association graph, and visualizing the risk nodes, wherein the visualization graph is shown in FIG. 9, and the transaction tracks of the merchants/accounts with risks are visually shown;
in fig. 9, white circles represent accounts, black circles represent merchants, black thin sides represent the affiliated relationship between merchants and accounts, and black thick sides represent the transaction relationship between accounts. The generalized risk merchants/accounts are circled by dotted lines, and in other embodiments, the generalized risk merchants/accounts can be divided by flashing and increasing background colors, and meanwhile, the related transaction tracks of the accounts are displayed.
(8) And storing the risk nodes determined by the layer into a database so as to update a merchant transaction risk monitoring model subsequently, and starting due diligence investigation on the risk nodes to accurately determine whether the nodes have risks in a manual mode.
Based on the same inventive concept, a merchant transaction risk monitoring device is also provided, as shown in the following embodiments. The principle of solving the problems of the merchant transaction risk monitoring device is similar to that of the merchant transaction risk monitoring method, so the merchant transaction risk monitoring device can be implemented by the merchant transaction risk monitoring method, and repeated parts are not described again. The merchant transaction risk monitoring system provided in this embodiment includes a plurality of functional modules, which may be implemented by dedicated or general chips, and may also be implemented by software programs, which are not limited herein.
Specifically, as shown in fig. 10, the merchant transaction risk monitoring device includes:
a classification module 1010 for identifying the business category of the merchant to be analyzed;
a first monitoring module 1020, configured to perform first-layer risk monitoring according to the industry category of the merchant to be analyzed and the transaction information of the merchant to be analyzed;
and a second monitoring module 1030, configured to perform second-tier risk monitoring on the merchant to be analyzed whose first-tier risk monitoring result is normal, according to the normal merchant transaction information to be analyzed and a merchant transaction risk monitoring model established in advance.
This embodiment can reduce the cost of labor, improve risk monitoring's rate of accuracy through two-stage risk monitoring's mode, avoids appearing the condition of missed measure. Furthermore, the business category of the merchant to be analyzed is identified according to the registration information of the merchant to be analyzed, and then the first-layer risk monitoring is carried out according to the business category of the merchant, so that the transaction risk monitoring cold start of the merchant can be realized to a certain extent under the condition that label samples are not accumulated.
Specifically, before the merchant transaction risk monitoring device is used, a merchant industry classification model and a merchant transaction risk detection model need to be established in advance. The specific building process of these two models is described in detail below.
(1) The merchant industry classification model establishing process comprises the following steps:
dividing a plurality of pre-collected merchant registration information into a first text type group and a second text type group;
for each text type group, the following steps are respectively executed: acquiring a feature vector of each merchant sample; and training a business industry classification model of the merchant through a machine learning algorithm according to the feature vector of each merchant sample and the industry classification identification of the merchant.
(2) The establishment process of the merchant transaction risk detection model comprises the following steps:
extracting nodes, node relations and node attribute information according to the transaction data of the multiple merchants, the existing risk merchant/account information and the basic information of the merchants;
establishing a transaction association graph according to the nodes, the node relation and the node attribute information;
excavating generalized risk nodes from the transaction association graph by using a path retrieval algorithm, wherein other nodes except the generalized risk nodes in the transaction association graph are normal nodes;
extracting entity feature vectors of each node according to the transaction data of the multiple merchants and the transaction association map;
and training a merchant transaction risk monitoring model according to the entity characteristic vector of the generalized risk node and the entity characteristic vector of the normal node.
In an embodiment of the present invention, the first monitoring module 1020 performs a first-layer risk monitoring according to the business category of the merchant to be analyzed and the transaction information of the merchant to be analyzed, including:
retrieving an industry rule corresponding to a merchant to be analyzed from an industry rule database according to the industry category of the merchant to be analyzed, wherein the industry rule database stores the corresponding relation between industry classification and a plurality of industry rules;
determining the number and weight of triggered industry rules according to the transaction information of the merchant to be analyzed and the industry rules corresponding to the merchant to be analyzed;
determining the risk level of the merchant to be analyzed according to the number and the weight of the trigger industry rules;
if the risk level of the merchant to be analyzed is greater than a preset level, determining that the merchant to be analyzed is a risk merchant;
and if the risk level of the merchant to be analyzed is less than or equal to a preset level, determining that the merchant to be analyzed is a normal merchant.
In an embodiment of this document, the second monitoring module 1030 performs a second-layer risk monitoring according to the normal to-be-analyzed merchant transaction information, the merchant basic information, and a pre-established merchant transaction risk monitoring model, where the second-layer risk monitoring includes:
acquiring entity characteristic vectors of nodes according to the normal transaction information of the merchant to be analyzed and the basic information of the merchant, wherein the nodes comprise the merchant and an account;
inputting the entity characteristic vector of the node into a pre-established merchant transaction risk monitoring model to obtain the risk probability of the node;
and judging whether the risk probability of the node is higher than a preset threshold value or not, and if the risk probability of the node is higher than the preset threshold value, determining that the node is a risk node.
In specific implementation, the method for obtaining the entity feature vector of the node according to the normal transaction information of the merchant to be analyzed and the basic information of the merchant further comprises the following steps:
extracting nodes, node relations and node attribute information according to the to-be-analyzed merchant transaction information, the merchant basic information and the first-layer risk monitoring result;
establishing a transaction association map to be analyzed according to the extracted nodes, the node relation and the node attribute information;
utilizing a path retrieval algorithm to mine generalized risk nodes in the transaction correlation graph to be analyzed;
and for the other nodes except the generalization risk node, extracting entity feature vectors of the nodes.
The merchant transaction risk monitoring method, device, equipment and storage medium provided by the invention can achieve the following technical effects:
1) The problem of cold start of merchant transaction monitoring is solved, and the transaction monitoring of the newly added merchant can be realized only by merchant registration information and existing transaction information under the condition of not needing historical transaction data of the merchant.
2) A secondary monitoring mode combining merchant industry category risk prediction and merchant transaction risk monitoring model prediction is adopted, and the accuracy of merchant risk monitoring can be improved.
3) When the merchant transaction risk monitoring model is established, a generalized risk merchant/account (black sample) is excavated by using a semi-supervised technology of a knowledge map, and the merchant transaction risk monitoring model with high accuracy can be trained and obtained under the condition of only needing a small amount of black samples; by utilizing the merchant industry category and the transaction monitoring result of the merchant transaction risk monitoring model, the label sample and the data characteristics of the merchant transaction risk monitoring model can be enriched, and the transaction monitoring accuracy is further improved.
4) The business enterprise registration information of the merchants is grouped, and a business industry classification model is established for each group, so that the business industry classification efficiency and accuracy can be improved.
5) And the problem transaction track with risks or accounts is visually displayed through knowledge graph visualization.
In an embodiment herein, as shown in fig. 11, there is also provided a computer device, and the computer device 1102 may include one or more processors 1104, such as one or more Central Processing Units (CPUs), each of which may implement one or more hardware threads. The computer device 1102 may also include any memory 1106 for storing any kind of information such as code, settings, data etc. For example, and without limitation, memory 1106 may include any one or combination of the following: any type of RAM, any type of ROM, flash memory devices, hard disks, optical disks, etc. More generally, any memory may use any technology to store information. Further, any memory may provide volatile or non-volatile retention of information. Further, any memories may represent fixed or removable components of computer device 1102. In one case, when the processor 1104 executes the associated instructions, which are stored in any memory or combination of memories, the computer device 1102 can perform any of the operations of the associated instructions. The computer device 1102 also includes one or more drive mechanisms 1108, such as a hard disk drive mechanism, an optical disk drive mechanism, etc., for interacting with any memory.
In an embodiment of the present disclosure, a computer-readable storage medium is further provided, where the computer-readable storage medium stores a computer program, and the computer program is executed by a processor to perform the steps of the merchant transaction risk monitoring method according to any one of the above embodiments.
In an embodiment of this document, there is also provided computer readable instructions, wherein when the instructions are executed by a processor, the program causes the processor to perform the steps of the merchant transaction risk monitoring method according to any one of the embodiments described above.
It should be understood that, in various embodiments herein, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments herein.
It should also be understood that, in the embodiments herein, the term "and/or" is only one kind of association relation describing an associated object, meaning that three kinds of relations may exist. For example, a and/or B, may represent: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
Those of ordinary skill in the art will appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the components and steps of the various examples have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
It can be clearly understood by those skilled in the art that, for convenience and simplicity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided herein, it should be understood that the disclosed system, apparatus, and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electrical, mechanical or other form of connection.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purposes of the embodiments herein.
In addition, functional units in the embodiments herein may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit may be implemented in the form of hardware, or may also be implemented in the form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions in the present invention substantially or partially contribute to the prior art, or all or part of the technical solutions may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the methods described in the embodiments herein. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The principles and embodiments of the present disclosure are explained in detail by using specific embodiments, and the above description of the embodiments is only used to help understanding the method and its core idea; meanwhile, for the general technical personnel in the field, according to the idea of this document, there may be changes in the concrete implementation and the application scope, in summary, this description should not be understood as the limitation of this document.
Claims (11)
1. A merchant transaction risk monitoring method is characterized by comprising the following steps:
identifying the industry category of the merchant to be analyzed according to the registered information of the merchant to be analyzed;
performing first-layer risk monitoring according to the industry category of the merchant to be analyzed and the transaction information of the merchant to be analyzed;
for the merchants to be analyzed with normal first-layer risk monitoring results, performing second-layer risk monitoring according to the transaction information of the normal merchants to be analyzed, the basic information of the merchants and a pre-established merchant transaction risk monitoring model;
and performing second-layer risk monitoring according to the normal transaction information of the merchant to be analyzed, the basic information of the merchant and a pre-established merchant transaction risk monitoring model, wherein the second-layer risk monitoring comprises the following steps:
acquiring entity feature vectors of nodes according to the normal to-be-analyzed merchant transaction information and the merchant basic information, wherein the nodes comprise merchants and accounts;
inputting the entity characteristic vector of the node into a pre-established merchant transaction risk monitoring model to obtain the risk probability of the node;
and judging whether the risk probability of the node is higher than a preset threshold value or not, and if the risk probability of the node is higher than the preset threshold value, determining that the node is a risk node.
2. The method of claim 1, wherein identifying the business category of the merchant to be analyzed based on the merchant registration information to be analyzed comprises:
determining a group to which the merchant registration information to be analyzed belongs;
extracting a characteristic vector of the merchant registration information to be analyzed;
and inputting the feature vector of the merchant registration information to be analyzed into a merchant industry classification model corresponding to the group to which the merchant registration information to be analyzed belongs, and calculating to obtain the category of the merchant industry to be analyzed.
3. The method of claim 2, wherein the building process of the merchant industry classification model comprises:
grouping a plurality of pre-collected merchant registration information;
and respectively establishing a business industry classification model corresponding to each group according to each group and the business classification identification of the business.
4. The method of claim 1, wherein performing a first level of risk monitoring based on the merchant industry category to be analyzed and the merchant transaction information to be analyzed comprises:
retrieving an industry rule corresponding to a merchant to be analyzed from an industry rule database according to the industry category of the merchant to be analyzed, wherein the industry rule database stores the corresponding relation between the merchant industry category and a plurality of industry rules;
determining the number and the weight of the triggered industry rules according to the transaction information of the merchant to be analyzed and the industry rules corresponding to the merchant to be analyzed;
determining the risk level of the merchant to be analyzed according to the number and the weight of the trigger industry rules;
if the risk level of the merchant to be analyzed is greater than a preset level, determining the merchant to be analyzed as a risk merchant;
and if the risk level of the merchant to be analyzed is less than or equal to a preset level, determining that the merchant to be analyzed is a normal merchant.
5. The method as claimed in claim 1, wherein before obtaining the entity feature vector of the node according to the normal transaction information of the merchant to be analyzed and the basic information of the merchant, the method further comprises:
extracting nodes, node relations and node attribute information according to the to-be-analyzed merchant transaction information, the merchant basic information and the first-layer risk monitoring result;
establishing a transaction association map to be analyzed according to the extracted nodes, the node relation and the node attribute information;
utilizing a path retrieval algorithm to mine generalized risk nodes in the transaction correlation graph to be analyzed;
and for the other nodes except the generalization risk node, extracting entity feature vectors of the nodes.
6. The method of claim 5, wherein the node attribute information of the merchant comprises: business classification of the merchant, risk level of the merchant, and triggering business rules of the merchant.
7. The method of claim 1, wherein the merchant transaction risk monitoring modeling process comprises:
determining generalized risk nodes and normal nodes according to a plurality of merchant transaction data, existing risk merchant/account blacklist samples and merchant basic information, and constructing an entity feature vector of each node, wherein the plurality of merchant transaction data comprise account information and transaction information, and the nodes comprise merchants and accounts;
and training a merchant transaction risk monitoring model according to the entity characteristic vector of the generalized risk node and the entity characteristic vector of the normal node.
8. The method of claim 7, wherein determining generalized risk nodes and normal nodes and constructing entity feature vectors for each node according to the transaction data of multiple merchants, existing risk merchant/account information and merchant basic information comprises:
extracting nodes, node relations and node attribute information according to the transaction data of the multiple merchants, the existing risk merchant/account blacklist samples and the basic information of the merchants;
establishing a transaction association map according to the nodes, the node relation and the node attribute information;
utilizing a path retrieval algorithm to dig out generalized risk nodes in a transaction association graph, wherein other nodes except the generalized risk nodes in the transaction association graph are normal nodes;
and constructing an entity feature vector of each node according to the merchant transaction data and the transaction association map.
9. A merchant transaction risk monitoring device, comprising:
the classification module is used for identifying the industry category of the merchant to be analyzed according to the registration information of the merchant to be analyzed;
the first monitoring module is used for carrying out first-layer risk monitoring according to the industry category of the merchant to be analyzed and the transaction information of the merchant to be analyzed;
the second monitoring module is used for carrying out second-layer risk monitoring on the merchants to be analyzed, of which the first-layer risk monitoring results are normal, according to the normal merchant transaction information to be analyzed and a pre-established merchant transaction risk monitoring model;
the second monitoring module carries out second-layer risk monitoring according to the normal transaction information of the merchant to be analyzed, the basic merchant information and a pre-established merchant transaction risk monitoring model, and comprises the following steps:
acquiring entity feature vectors of nodes according to the normal to-be-analyzed merchant transaction information and the merchant basic information, wherein the nodes comprise merchants and accounts;
inputting the entity characteristic vector of the node into a pre-established merchant transaction risk monitoring model to obtain the risk probability of the node;
and judging whether the risk probability of the node is higher than a preset threshold value or not, and if the risk probability of the node is higher than the preset threshold value, determining that the node is a risk node.
10. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method for merchant transaction risk monitoring as defined in any one of claims 1 to 8 when executing the computer program.
11. A computer-readable storage medium, wherein the computer-readable storage medium stores a computer program for execution, and when executed by a processor, the computer program implements the method for monitoring risk of merchant transaction as recited in any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011533757.9A CN112581271B (en) | 2020-12-21 | 2020-12-21 | Merchant transaction risk monitoring method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011533757.9A CN112581271B (en) | 2020-12-21 | 2020-12-21 | Merchant transaction risk monitoring method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112581271A CN112581271A (en) | 2021-03-30 |
| CN112581271B true CN112581271B (en) | 2022-11-15 |
Family
ID=75139165
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011533757.9A Active CN112581271B (en) | 2020-12-21 | 2020-12-21 | Merchant transaction risk monitoring method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112581271B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116029808B (en) * | 2023-03-23 | 2023-06-30 | 北京芯盾时代科技有限公司 | Risk identification model training method and device and electronic equipment |
| CN117575796A (en) * | 2024-01-15 | 2024-02-20 | 快捷通支付服务有限公司 | Method, equipment and medium for determining merchant risk information |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109829776A (en) * | 2018-12-14 | 2019-05-31 | 平安科技(深圳)有限公司 | Trade company's methods of risk assessment, device, computer equipment and storage medium |
| CN109961296A (en) * | 2017-12-25 | 2019-07-02 | 腾讯科技(深圳)有限公司 | Merchant type recognition methods and device |
| CN111612606A (en) * | 2020-04-11 | 2020-09-01 | 交通银行股份有限公司上海市分行 | Merchant fraud risk monitoring system and data mining method |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106656932B (en) * | 2015-11-02 | 2020-03-20 | 阿里巴巴集团控股有限公司 | Service processing method and device |
| CN107316134A (en) * | 2017-06-16 | 2017-11-03 | 深圳乐信软件技术有限公司 | A kind of risk control method, device, server and storage medium |
| CN109948704A (en) * | 2019-03-20 | 2019-06-28 | 中国银联股份有限公司 | A kind of transaction detection method and apparatus |
| CN110111110A (en) * | 2019-04-01 | 2019-08-09 | 北京三快在线科技有限公司 | The method and apparatus of knowledge based map detection fraud, storage medium |
| CN110348850A (en) * | 2019-05-28 | 2019-10-18 | 深圳壹账通智能科技有限公司 | The arbitrage risk checking method and device, electronic equipment of polymerization payment trade company |
| CN111062770B (en) * | 2019-10-31 | 2023-07-18 | 支付宝(杭州)信息技术有限公司 | Merchant identification method, device and computer readable medium |
| CN111311316B (en) * | 2020-02-03 | 2023-05-23 | 支付宝(杭州)信息技术有限公司 | Method and device for depicting merchant portrait, electronic equipment, verification method and system |
-
2020
- 2020-12-21 CN CN202011533757.9A patent/CN112581271B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109961296A (en) * | 2017-12-25 | 2019-07-02 | 腾讯科技(深圳)有限公司 | Merchant type recognition methods and device |
| CN109829776A (en) * | 2018-12-14 | 2019-05-31 | 平安科技(深圳)有限公司 | Trade company's methods of risk assessment, device, computer equipment and storage medium |
| CN111612606A (en) * | 2020-04-11 | 2020-09-01 | 交通银行股份有限公司上海市分行 | Merchant fraud risk monitoring system and data mining method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112581271A (en) | 2021-03-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20180081787A1 (en) | Virtual Payments Environment | |
| US20230050193A1 (en) | Probabilistic feature engineering technique for anomaly detection | |
| CN112581271B (en) | Merchant transaction risk monitoring method, device, equipment and storage medium | |
| CN113095927B (en) | Method and equipment for identifying suspected transactions of backwashing money | |
| CN111932130A (en) | Service type identification method and device | |
| CN112016855B (en) | User industry identification method and device based on relational network matching and electronic equipment | |
| CN111861487A (en) | Financial transaction data processing method, and fraud monitoring method and device | |
| CN112559771A (en) | Intelligent capital transaction monitoring method and system based on knowledge graph | |
| CN115545886A (en) | Overdue risk identification method, overdue risk identification device, overdue risk identification equipment and storage medium | |
| CN116307671A (en) | Risk early warning method, risk early warning device, computer equipment and storage medium | |
| CN110991650A (en) | Method and device for training card maintenance identification model and identifying card maintenance behavior | |
| Min et al. | Behavior language processing with graph based feature generation for fraud detection in online lending | |
| CN113450215A (en) | Transaction data risk detection method and device and server | |
| CN115439928A (en) | Operation behavior identification method and device | |
| CN115619245A (en) | Portrait construction and classification method and system based on data dimension reduction method | |
| WO2022136692A1 (en) | Method for calculating at least one score representative of a probable activity breakage of a merchant, system, apparatus and corresponding computer program | |
| CN114997975A (en) | Abnormal enterprise identification method, device, equipment, medium and product | |
| CN114140241A (en) | Abnormity identification method and device for transaction monitoring index | |
| CN113052604A (en) | Object detection method, device, equipment and storage medium | |
| CN113987351A (en) | Artificial intelligence based intelligent recommendation method and device, electronic equipment and medium | |
| Lawrencia et al. | Fraud detection decision support system for Indonesian financial institution | |
| CN111932131A (en) | Service data processing method and device | |
| CN112116358A (en) | Transaction fraud prediction method and device and electronic equipment | |
| CN110570301A (en) | Risk identification method, device, equipment and medium | |
| Kang | Fraud Detection in Mobile Money Transactions Using Machine Learning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |