CN114020795B - Business processing method and device, electronic equipment and storage medium - Google Patents
Business processing method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114020795B CN114020795B CN202111198320.9A CN202111198320A CN114020795B CN 114020795 B CN114020795 B CN 114020795B CN 202111198320 A CN202111198320 A CN 202111198320A CN 114020795 B CN114020795 B CN 114020795B
- Authority
- CN
- China
- Prior art keywords
- user
- preset
- related data
- intention
- service processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2457—Query processing with adaptation to user needs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
- G06F16/24552—Database cache management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/03—Credit; Loans; Processing thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Abstract
The invention relates to a service processing method, a device, an electronic device and a storage medium, wherein the service processing method comprises the following steps: receiving a service processing request from a client logged in by a target user; inquiring user related data matched with the service processing request in the cache, wherein the user related data are inquired in advance by predicting the service application intention of the target user, and the service application intention is determined according to the historical access record of the target user; determining whether the user related data meets a preset fraud condition; if the user related data meet the preset fraud condition, adding the related information of the target user into a user blacklist; and if the user related data does not meet the preset fraud condition, executing a service processing flow corresponding to the service processing request. The embodiment of the invention can shorten the time of the user-related data required by the data acquisition service processing flow and improve the data acquisition efficiency; moreover, online real-time anti-fraud is achieved.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for processing a service, an electronic device, and a storage medium.
Background
Fraudulent transactions are difficult to capture because the decision to intercept a transaction needs to be made in seconds. Also, the rejection of a good user's normal transactions would directly negatively impact the user's trust in the company and company products.
Although corresponding wind-control systems have been deployed and protected against many attacks, they are fatigued to cope with the increasingly complex and varied attack skills of fraudsters. Some attackers use different IP addresses, credit cards and device IDs to create multiple accounts to extend the impact of the attack and confuse the view by sending further remittances of different amounts to circumvent the traditional rule system and machine learning model. Under such an attack, a considerable number of fraudulent transactions evade the checks of existing systems, making the attacker profitable.
There are three common types of financial fraud scenarios: one is material counterfeiting. This is a common fraud that occurs during the early years when paper material needs to be submitted; second, number maintenance, which is commonly found in intermediary institutions, maintains the health status of a large number by collecting service fees, and sells the number to users with cheating intentions for loan application; third, the threat from professional hackers, they attack account security by finding system, process loopholes, etc.
However, the analysis and processing of large amounts of data takes a very long time, and online real-time anti-fraud is difficult to meet the low latency requirement.
Disclosure of Invention
In order to solve the technical problem or at least partially solve the technical problem, the present application provides a service processing method, an apparatus, an electronic device, and a storage medium.
In a first aspect, the present application provides a service processing method, including:
receiving a service processing request from a client logged in by a target user;
querying user related data matched with the service processing request in a cache, wherein the user related data are queried in advance by predicting a service application intention of the target user, and the service application intention is determined according to a historical access record of the target user;
determining whether the user-related data meets a preset fraud condition;
if the user related data meet a preset fraud condition, adding the related information of the target user into a user blacklist;
and if the user related data does not meet the preset fraud condition, executing a service processing flow corresponding to the service processing request.
Optionally, before receiving a service processing request from a client to which the target user logs in, the method further includes:
acquiring a historical access record uploaded by the client within a preset time period;
inputting the historical access records into a preset intention prediction model so that the intention prediction model outputs the service application intention of the target user;
inquiring user related data corresponding to the service application intention from a memory;
and storing the user related data into a cache.
Optionally, the method for training the preset intention prediction model includes:
acquiring historical access records of a plurality of training users for historical access to the client and service application intents corresponding to the training users;
inputting historical visit records of a plurality of training users into the preset intention prediction model so that the intention prediction model outputs prediction intentions;
constructing a loss function based on the prediction intention and the business application intention corresponding to the training user, and calculating a loss value;
if the loss value is larger than a preset loss threshold value, adjusting model parameters of the preset intention prediction model, and executing a step of inputting historical access records of a plurality of training users into the preset intention prediction model;
and if the loss value is smaller than a preset loss threshold value, determining that the preset intention prediction model is completely trained.
Optionally, the obtaining the historical access record uploaded by the client within the preset time period includes:
acquiring an original historical access record uploaded by the client within a preset time period;
and filtering fields matched with the filtering rules in the original historical access records according to preset filtering rules to obtain the historical access records.
Optionally, the querying, in the cache, user-related data matched with the service processing request includes:
extracting user information and a service function identifier requested by the service processing request from the service processing request;
inquiring user data matched with the user information in a cache, wherein the user data is pre-stored in the cache, and a first-level index matched with the user information in the cache has a corresponding relation with the user data;
and querying user related data matched with the service function identifier in the user data, wherein the user related data is pre-stored in the user data, and a corresponding relation exists between a second-level index matched with the service function identifier in the user data and the user related data.
Optionally, the determining whether the user-related data meets a preset fraud condition includes:
extracting field data of a preset number of preset detection fields from the user related data;
inputting the field data into a preset abnormal point detection model aiming at each preset detection field, so that the preset abnormal point detection model outputs a deviation value of each field data relative to average field data;
if any deviation value is smaller than a preset deviation threshold value, determining that the user related data does not meet a preset fraud condition;
and if any deviation value is larger than or equal to a preset deviation threshold value, determining that the user related data meets a preset fraud condition.
Optionally, the determining whether the user-related data meets a preset fraud condition includes:
extracting field data of a preset associated user field from the user related data;
judging whether the field data contains associated users in the user blacklist or not;
if the field data contains the associated users in the user blacklist, acquiring user related data of a plurality of associated users of the target user;
clustering a plurality of associated users according to the service related data of the associated users to obtain a clustering image;
carrying out image segmentation on the clustering image, and determining the risk coefficient of each associated user according to a segmentation ratio;
and determining the associated users with the risk coefficients larger than a preset threshold value as blacklist users.
In a second aspect, the present application provides a service processing apparatus, including:
the receiving module is used for receiving a service processing request from a client logged in by a target user;
the query module is used for querying user related data matched with the service processing request in a cache, wherein the user related data are queried in advance by predicting the service application intention of the target user, and the service application intention is determined according to the historical access record of the target user;
the determining module is used for determining whether the user related data meets a preset fraud condition;
the adding module is used for adding the relevant information of the target user into a user blacklist if the relevant user data meets a preset fraud condition;
and the execution module is used for executing the service processing flow corresponding to the service processing request if the user related data does not meet the preset fraud condition.
In a third aspect, the present application provides an electronic device, including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete mutual communication through the communication bus;
a memory for storing a computer program;
a processor, configured to implement the service processing method according to any one of the first aspect when executing the program stored in the memory.
In a fourth aspect, the present application provides a computer-readable storage medium having a program of a business processing method stored thereon, where the program of the business processing method realizes the steps of the business processing method according to any one of the first aspect when executed by a processor.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages:
the method comprises the steps of firstly receiving a service processing request from a client terminal logged by a target user, then inquiring user related data matched with the service processing request in a cache, wherein the user related data are inquired in advance by predicting service application intentions of the target user, the service application intentions are determined according to historical access records of the target user, then determining whether the user related data meet preset fraud conditions, and if the user related data meet the preset fraud conditions, adding related information of the target user into a user blacklist; and if the user-related data does not meet the preset fraud condition, executing a service processing flow corresponding to the service processing request.
The embodiment of the invention can predict the service application intention of the target user according to the historical access record of the target user in advance, further inquire the corresponding user related data according to the service application intention, and store the user related data in the cache, so that when the service processing request of the target user is received, the corresponding user related data can be directly obtained in the cache, the corresponding processing is carried out on the user related data, the time for obtaining the user related data required by the service processing flow of the data is shortened, and the efficiency for obtaining the data is improved; and whether preset fraud conditions are met or not is judged based on the user related data, so that whether a target user has fraud suspicion or not can be obtained, and online real-time anti-fraud is realized.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
Fig. 1 is a flowchart of a service processing method according to an embodiment of the present application;
fig. 2 is a structural diagram of a service processing apparatus according to an embodiment of the present application;
fig. 3 is a structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Because the analysis and processing of a large amount of data at present takes a very long time, online real-time anti-fraud is difficult to meet the low-latency requirement. Therefore, the embodiment of the application provides a service processing method, a service processing device, an electronic device and a storage medium, wherein the service processing method can be applied to a server.
As shown in fig. 1, the service processing method may include the following steps:
step S101, receiving a service processing request from a client logged in by a target user;
in the embodiment of the invention, a target user can log in a client, fills in information related to authorization according to the instruction of the client so as to be used for evaluating the credit line of the user, finally, the client sends a service processing request to a server based on the information filled in by the target user, the service processing request is used for requesting the server to execute a corresponding service processing flow, and the server receives the service processing request sent by the client.
Step S102, inquiring the relevant data of the user matched with the service processing request in the cache.
In this embodiment of the present invention, the user-related data is obtained by predicting a service application intention of the target user in advance, where the service application intention is determined according to a historical access record of the target user, and the user-related data may refer to data related to the service processing request in the historical access record of the target user, that is: the server executes the data required by the business processing flow requested by the business processing request, the business application is intended to be the business processing flow which the target user wants to apply for execution, and the historical access record is the data record sent to and received from the server when the user accesses the server through the client.
In this step, the matching user-related data may be queried in the cache according to the information in the service processing request.
Step S103, determining whether the user related data meets a preset fraud condition;
in this step, the data content of the user-related data may be compared with a rule in the preset fraud condition, and if the rule in the preset fraud condition is satisfied, it is determined that the user-related data satisfies the preset fraud condition, and if the rule in the preset fraud condition is not satisfied, it is determined that the user-related data does not satisfy the preset fraud condition.
Step S104, if the user related data meets a preset fraud condition, adding the related information of the target user into a user blacklist;
in the embodiment of the invention, the user blacklist can be preset, and the user blacklist is used for storing the users meeting the preset fraud conditions, namely the users implementing fraud and having larger fraud suspicion are determined. The relevant information of the target user may include: user information, device information for devices used by the user, information for friends associated with the user, and so forth.
Step S105, if the user-related data does not meet the preset fraud condition, executing a service processing flow corresponding to the service processing request.
The embodiment of the invention adopts the Flink technology, the Flink is a pure stream type design, the calculation of the stream type big data technology is logic advance, namely, the calculation logic is defined firstly, and when data flow, the calculation result is calculated in real time and is reserved; when data needs to be used, the calculation result is directly called without calculation again.
In the embodiment of the invention, when the data is transmitted from the front end to the back end most quickly, the Flink technology is adopted to widen the data path, so that more information is allowed to flow into the data processing at the same time, and the data transmission speed is further improved.
In the embodiment of the present invention, different service processing flows may be preset, such as: and different business processing flows can correspond to different preset business fields, so that the corresponding preset business fields can be matched according to the information in the business processing request, and the business processing flow corresponding to the business processing request can be found.
The method comprises the steps of firstly receiving a service processing request from a client terminal logged by a target user, then inquiring user related data matched with the service processing request in a cache, wherein the user related data are inquired in advance by predicting service application intentions of the target user, the service application intentions are determined according to historical access records of the target user, then determining whether the user related data meet preset fraud conditions, and if the user related data meet the preset fraud conditions, adding related information of the target user into a user blacklist; and if the user-related data does not meet the preset fraud condition, executing a service processing flow corresponding to the service processing request.
The embodiment of the invention can predict the service application intention of the target user according to the historical access record of the target user in advance, further inquire the corresponding user related data according to the service application intention, and store the user related data in the cache, so that when the service processing request of the target user is received, the corresponding user related data can be directly obtained in the cache, the corresponding processing is carried out on the user related data, the time for obtaining the user related data required by the service processing flow is shortened, and the data obtaining efficiency is improved; and whether preset fraud conditions are met or not is judged based on the user related data, so that whether a target user has fraud suspicion or not can be obtained, and online real-time fraud prevention is realized.
In another embodiment of the present invention, before receiving the service processing request from the client logged in by the target user in step S101, the method further includes:
step 201, obtaining a historical access record uploaded by the client within a preset time period;
in the embodiment of the present invention, the preset time period may be determined according to the duration of the service processing flow, and for example, the preset time period may be set to 1 week, 3 months, 1 year, or 3 years, and the like. The historical access record may include data sent by the target user to the server and data obtained from the server within a preset time period, where the data sent by the target user to the server is, for example: file name, content and notification information identifier of the request to obtain, etc., and the data obtained by the target user from the server is, for example: template form data and the content of the notification information, etc.
Step 202, inputting the historical access record into a preset intention prediction model so that the intention prediction model outputs the service application intention of the target user;
in the embodiment of the invention, the preset intention prediction model is a neural network model which is trained by using historical access records and real business application intents in advance, and is used for predicting the business application intents of a target user according to the historical access records of the target user.
Step 203, inquiring user related data corresponding to the service application intention from a memory;
in order to facilitate the subsequent quick acquisition of user-related data when a service processing request is received, the server may automatically query, from the memory, user-related data of which the preset identification field matches the service application intention when the service application intention of the target user is predicted, and the queried user-related data may be one or multiple.
Step 204, storing the user related data in a cache.
The embodiment of the invention can predict the service application intention of the target user in advance according to the historical access record of the target user, further acquire the corresponding user related data from the memory based on the service application intention and store the user related data into the cache, so that when a follow-up server receives a service processing request, the user related data can be acquired directly and quickly by adopting a short time-consuming mode, namely, the mode of accessing the cache, without adopting a long time-consuming mode, thereby being convenient for shortening the time for acquiring the user related data and further being convenient for realizing online real-time fraud prevention.
In another embodiment of the present invention, the method for training the preset intention prediction model includes:
301, obtaining historical access records of a plurality of training users accessing the client historically and service application intents corresponding to the training users;
in this step, a plurality of training users may be selected first, and the historical access records of the plurality of training users on the historical access clients are obtained, and the business application intents of the plurality of training users are obtained.
It should be noted that any training user may have a plurality of business application intentions, and when any training user has a plurality of business application intentions, the related historical access records may be classified according to the business application intentions, so that each business application intention has a corresponding historical access record, so as to train the preset intention prediction model more accurately.
Step 302, inputting historical visit records of a plurality of training users into the preset intention prediction model, so that the intention prediction model outputs prediction intentions;
in the initial stage of training of the preset intention prediction model, when a historical access record is input every time, the prediction intention output by the preset intention prediction model may be inaccurate, and the prediction intention can be closer to a real service application intention along with continuous adjustment of model parameters.
Step 303, constructing a loss function based on the prediction intention and the business application intention corresponding to the training user, and calculating a loss value;
in this step, the deviation of the prediction intention from the actual business application intention can be calculated by a loss function, and a loss value is obtained.
Step 304, if the loss value is greater than a preset loss threshold value, adjusting model parameters of the preset intention prediction model, and executing a step of inputting historical access records of a plurality of training users into the preset intention prediction model;
step 305, determining that the preset intention prediction model is trained completely if the loss value is smaller than a preset loss threshold value.
The embodiment of the invention can train the preset intention prediction model, and the trained preset intention prediction model can input the historical access record and output the service application intention.
In another embodiment of the present invention, the obtaining the historical access record uploaded by the client within the preset time period includes:
step 401, acquiring an original historical access record uploaded by the client within a preset time period;
in the embodiment of the invention, besides the valid information in the historical access record, a large amount of invalid data may exist in the original access record, so that the invalid data needs to be filtered out to reduce the magnitude of data processing of the system.
And 402, filtering out fields matched with the filtering rules in the original historical access records according to preset filtering rules to obtain the historical access records.
In the embodiment of the invention, a plurality of preset filtering fields can be preset in the preset filtering rule, and the fields matched with the preset filtering fields in the original historical access record can be filtered to obtain the historical access record.
The filtering engine in the Flink is mainly used for performing customized filtering of different dimensions on user information in large-scale and high-concurrency data streams, and aims to reduce the magnitude of whole data calculation.
According to the embodiment of the invention, the invalid data in the original historical access record is filtered out through the preset filtering rule, so that the invalid data processed by the server is reduced, the system resource of the server is saved, and the data processing efficiency of the server is improved conveniently.
In another embodiment of the present invention, the querying the cache for the user related data matching the service processing request includes:
step 501, extracting user information and a service function identifier requested by the service processing request from the service processing request;
in the embodiment of the present invention, the user information may refer to personal information such as a user identifier, a user IP, a user age, an occupation, an address, and an identification number, and the service function identifier may refer to an identifier of a service processing procedure that a user wants to apply for execution.
Step 502, querying the user data matched with the user information in the cache.
In this embodiment of the present invention, the user data is pre-stored in the cache, and a corresponding relationship exists between the first-level index matched with the user information in the cache and the user data, that is,: the first-level index in the cache has a corresponding relation with the user data, and the first-level index is matched with the user information;
step 503, querying the user data for the user related data matching with the service function identifier.
In this embodiment of the present invention, the user-related data is pre-stored in the user data, and a corresponding relationship exists between a second-level index in the user data, which is matched with the service function identifier, and the user-related data, that is,: the second-level index in the user data has a corresponding relation with the user related data, and the second-level index is matched with the service function identification.
The cache in the embodiment of the invention can be a read-write cache in the HBase, a large number of indexes such as a first-level index, a second-level index and the like are arranged in the read-write cache of the HBase, the read-write cache of the HBase is customized and modified, and the realization of a pre-checking function is ensured. The behavior data information of the user is acquired through the App or other channels, the intention of the user is further presumed, then the system starts to carry out pre-query, and the related information of the user is put into the cache, so that when the user triggers operation at the front end, the back end directly calls data from the cache to carry out calculation, and the data processing speed is greatly improved. In the HBase cache, 99% of data information can be hit basically, and the system depends on strong user perception capability.
In the big data era, the quality of data directly influences the effect of a big data analysis processing method and also influences the decision making process. By analyzing mass data, implicit modes and rules in the data set can be found. But anomalous data can cause significant interference with the analysis process. In another embodiment of the present invention, the determining whether the user-related data meets a preset fraud condition includes:
step 601, extracting field data of a preset number of preset detection fields from the user related data;
in the embodiment of the present invention, a preset number of preset detection fields may be preset, and each preset detection field may correspond to a preset outlier detection model. These objects are called outliers or outliers. Abnormal data in big data has the following characteristics: the performance of the data is obviously different from that of normal data; the generation mechanism is different from normal data and may be an unknown mode; the data dimension is high.
Step 602, inputting the field data into a preset abnormal point detection model for each preset detection field, so that the preset abnormal point detection model outputs a deviation value of each field data relative to an average field data;
step 603, if any deviation value is smaller than a preset deviation threshold value, determining that the user related data does not meet a preset fraud condition;
in step 604, if any deviation value is greater than or equal to a preset deviation threshold, it is determined that the user-related data meets a preset fraud condition.
In the scene of credit card fraud detection, when the number of users is very large, some users with low credit values need to be identified, abnormal value detection is carried out by machine learning, users with low credit values are screened out, and manual confirmation is carried out.
In another embodiment of the present invention, the determining whether the user-related data meets a preset fraud condition includes:
step 701, extracting field data of a preset associated user field from the user related data;
in the embodiment of the present invention, the field data of the preset associated user field may refer to user information associated with the target user, and the association with the target user may refer to a relationship that the target user is a relative or a friend.
Step 702, determining whether the field data contains a relevant user in the user blacklist;
step 703, if the field data includes the associated users in the user blacklist, obtaining user related data of a plurality of associated users of the target user;
in this step, if there is a blacklist user in the target user's relationship network, all associated users in the target user's relationship network may be acquired.
Step 704, clustering a plurality of associated users according to the service related data of each associated user to obtain a cluster image;
in this step, clustering can be performed according to the user related data of each associated user, and clustering can enable the user related data of a plurality of similar associated users to be gathered together, thereby generating a clustering image according to a clustering result.
Step 705, performing image segmentation on the clustering image, and determining a risk coefficient of each associated user according to a segmentation ratio;
in this step, image segmentation may be performed based on the proportion of each category in the cluster image, and the proportion of the risk coefficient may be calculated according to the segmentation proportion at the time of image segmentation (for example, the segmentation proportion may be directly used as the proportion of the risk coefficient), so that the risk coefficient of each associated user may be obtained.
Step 706, determining the associated user with the risk coefficient larger than the preset threshold value as a blacklist user.
AI knowledge graph techniques are also applied in embodiments of the invention. The society is composed of large and small groups, users in the same way also have the group characteristics, the relationship of the groups is constructed by data, and the data value is deeply mined by two major algorithms of graph segmentation and retrieval. In practical applications, if a user has a very poor credit and is already blacklisted, the users who have a relationship with him need to be intensively checked. The users are classified, i.e. clustered, according to their behavior. Various clustering algorithms are abundant, then the graph is divided according to the information of the user, the risk coefficient of each person is determined, and a path of a high-quality circle layer can be opened through some means to guide the high-quality circle layer to carry out information interaction.
In another embodiment of the present invention, there is further provided a service processing apparatus, as shown in fig. 2, including:
a receiving module 11, configured to receive a service processing request from a client logged in by a target user;
the query module 12 is configured to query, in the cache, user-related data that is matched with the service processing request, where the user-related data is queried in advance by predicting a service application intention of the target user;
a determining module 13, configured to determine whether the user-related data meets a preset fraud condition;
an adding module 14, configured to add, if the user-related data meets a preset fraud condition, the relevant information of the target user to a user blacklist;
and the execution module 15 is configured to execute a service processing flow corresponding to the service processing request if the user-related data does not satisfy a preset fraud condition.
In another embodiment of the present invention, an electronic device is further provided, which includes a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete communication with each other through the communication bus;
a memory for storing a computer program;
and the processor is used for realizing the service processing method in the embodiment of the method when executing the program stored in the memory.
In the electronic device provided by the embodiment of the present invention, the processor implements, by executing a program stored in the memory, that a service processing request from a client that a target user logs in is received first, and then, user-related data matched with the service processing request is queried in a cache, where the user-related data is previously queried by predicting a service application intention of the target user, the service application intention is determined according to a historical access record of the target user, and then, it is determined whether the user-related data satisfies a preset fraud condition, and if the user-related data satisfies the preset fraud condition, the user-related information of the target user may be added to a user blacklist; and if the user-related data does not meet the preset fraud condition, executing a service processing flow corresponding to the service processing request.
The embodiment of the invention can predict the service application intention of the target user according to the historical access record of the target user in advance, further inquire the corresponding user related data according to the service application intention, and store the user related data in the cache, so that when the service processing request of the target user is received, the corresponding user related data can be directly obtained in the cache, the corresponding processing is carried out on the user related data, the time for obtaining the user related data required by the service processing flow is shortened, and the data obtaining efficiency is improved; and whether preset fraud conditions are met or not is judged based on the user related data, so that whether a target user has fraud suspicion or not can be obtained, and online real-time anti-fraud is realized.
The communication bus 1140 mentioned in the above electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus 1140 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 3, but this does not mean only one bus or one type of bus.
The communication interface 1120 is used for communication between the electronic device and other devices.
The memory 1130 may include a Random Access Memory (RAM), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory. Alternatively, the memory may be at least one memory device located remotely from the processor.
The processor 1110 may be a general-purpose processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the integrated circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, or discrete hardware components.
In a further embodiment of the present invention, a computer-readable storage medium is further provided, on which a program of a business processing method is stored, which when executed by a processor implements the steps of the business processing method described in any of the preceding method embodiments.
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The foregoing are merely exemplary embodiments of the present invention, which enable those skilled in the art to understand or practice the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (8)
1. A method for processing a service, comprising:
receiving a service processing request from a client logged in by a target user;
before receiving a service processing request from a client logged in by a target user, the method further comprises:
acquiring a historical access record uploaded by the client within a preset time period;
inputting the historical access record into a preset intention prediction model so that the intention prediction model outputs the service application intention of the target user;
inquiring user related data corresponding to the service application intention from a memory;
storing the user-related data in a cache;
the training method of the preset intention prediction model comprises the following steps:
acquiring historical access records of a plurality of training users for historical access to the client and service application intents corresponding to the training users;
inputting historical visit records of a plurality of training users into the preset intention prediction model so that the intention prediction model outputs prediction intentions;
constructing a loss function based on the prediction intention and the business application intention corresponding to the training user, and calculating a loss value;
if the loss value is larger than a preset loss threshold value, adjusting model parameters of the preset intention prediction model, and executing a step of inputting historical access records of a plurality of training users into the preset intention prediction model;
if the loss value is smaller than a preset loss threshold value, determining that the preset intention prediction model is completely trained;
querying user related data matched with the service processing request in a cache, wherein the user related data are queried in advance by predicting the service application intention of the target user, and the service application intention is determined according to the historical access record of the target user;
determining whether the user-related data meets a preset fraud condition;
if the user related data meet a preset fraud condition, adding the related information of the target user into a user blacklist;
and if the user related data does not meet the preset fraud condition, executing a service processing flow corresponding to the service processing request.
2. The service processing method according to claim 1, wherein the obtaining of the historical access record uploaded by the client within the preset time period comprises:
acquiring an original historical access record uploaded by the client within a preset time period;
and filtering out fields matched with the filtering rules in the original historical access records according to preset filtering rules to obtain the historical access records.
3. The service processing method according to claim 1, wherein said querying the cache for the user-related data matching the service processing request comprises:
extracting user information and a service function identifier requested by the service processing request from the service processing request;
inquiring user data matched with the user information in a cache, wherein the user data is pre-stored in the cache, and a first-level index matched with the user information in the cache has a corresponding relation with the user data;
and querying user related data matched with the service function identifier in the user data, wherein the user related data is pre-stored in the user data, and a corresponding relation exists between a second-level index matched with the service function identifier in the user data and the user related data.
4. The traffic processing method according to claim 1, wherein said determining whether the user-related data meets a preset fraud condition comprises:
extracting field data of a preset number of preset detection fields from the user related data;
inputting the field data into a preset abnormal point detection model aiming at each preset detection field, so that the preset abnormal point detection model outputs a deviation value of each field data relative to average field data;
if any deviation value is smaller than a preset deviation threshold value, determining that the user related data does not meet a preset fraud condition;
and if any deviation value is larger than or equal to a preset deviation threshold value, determining that the user related data meets a preset fraud condition.
5. The traffic processing method according to claim 1, wherein said determining whether the user-related data meets a preset fraud condition comprises:
extracting field data of a preset associated user field from the user related data;
judging whether the field data contains associated users in the user blacklist or not;
if the field data contains the associated users in the user blacklist, acquiring user related data of a plurality of associated users of the target user;
clustering a plurality of associated users according to the service related data of the associated users to obtain a clustering image;
carrying out image segmentation on the clustering image, and determining the risk coefficient of each associated user according to a segmentation ratio;
and determining the associated users with the risk coefficients larger than a preset threshold value as blacklist users.
6. A traffic processing apparatus, comprising:
the receiving module is used for receiving a service processing request from a client logged in by a target user;
the query module is used for querying user related data matched with the service processing request in a cache, wherein the user related data are queried in advance by predicting the service application intention of the target user, and the service application intention is determined according to the historical access record of the target user;
the determining module is used for determining whether the user related data meets a preset fraud condition;
the adding module is used for adding the relevant information of the target user into a user blacklist if the relevant user data meets a preset fraud condition;
the execution module is used for executing a service processing flow corresponding to the service processing request if the user related data does not meet a preset fraud condition;
the device further comprises:
the user related data acquisition module is used for acquiring historical access records uploaded by the client in a preset time period; inputting the historical access records into a preset intention prediction model so that the intention prediction model outputs the service application intention of the target user; inquiring user related data corresponding to the service application intention from a memory; storing the user-related data in a cache;
the training device of the preset intention prediction model is used for acquiring historical access records of a plurality of training users for accessing the client historically and business application intents corresponding to the training users; inputting historical visit records of a plurality of training users into the preset intention prediction model so that the intention prediction model outputs prediction intentions; constructing a loss function based on the prediction intention and the business application intention corresponding to the training user, and calculating a loss value; if the loss value is larger than a preset loss threshold value, adjusting model parameters of the preset intention prediction model, and executing a step of inputting historical access records of a plurality of training users into the preset intention prediction model; and if the loss value is smaller than a preset loss threshold value, determining that the preset intention prediction model is completely trained.
7. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus;
a memory for storing a computer program;
a processor for implementing the service processing method according to any one of claims 1 to 5 when executing the program stored in the memory.
8. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a program of a service processing method, which when executed by a processor implements the steps of the service processing method of any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111198320.9A CN114020795B (en) | 2021-10-14 | 2021-10-14 | Business processing method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111198320.9A CN114020795B (en) | 2021-10-14 | 2021-10-14 | Business processing method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114020795A CN114020795A (en) | 2022-02-08 |
| CN114020795B true CN114020795B (en) | 2022-06-24 |
Family
ID=80056051
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111198320.9A Active CN114020795B (en) | 2021-10-14 | 2021-10-14 | Business processing method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114020795B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117240925B (en) * | 2023-11-13 | 2024-03-19 | 广州品唯软件有限公司 | Flow recording method and device, storage medium and computer equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107644098A (en) * | 2017-09-29 | 2018-01-30 | 马上消费金融股份有限公司 | A kind of fraud recognition methods, device, equipment and storage medium |
| CN109410036A (en) * | 2018-10-09 | 2019-03-01 | 北京芯盾时代科技有限公司 | A kind of fraud detection model training method and device and fraud detection method and device |
| CN111552680A (en) * | 2020-04-27 | 2020-08-18 | 深圳壹账通智能科技有限公司 | Construction method and device of business fraud identification database and computer equipment |
| CN113191565A (en) * | 2021-05-18 | 2021-07-30 | 同盾科技有限公司 | Security prediction method, security prediction device, security prediction medium, and security prediction apparatus |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7788147B2 (en) * | 2004-10-29 | 2010-08-31 | American Express Travel Related Services Company, Inc. | Method and apparatus for estimating the spend capacity of consumers |
| CN110619564B (en) * | 2018-06-20 | 2021-01-05 | 天云融创数据科技(北京)有限公司 | Anti-fraud feature generation method and device |
| CN109063985B (en) * | 2018-07-18 | 2022-04-29 | 创新先进技术有限公司 | Business risk decision method and device |
| CN109214856A (en) * | 2018-07-27 | 2019-01-15 | 百度在线网络技术(北京)有限公司 | The method for digging and device, computer equipment and readable medium that user is intended to |
| CN111931494B (en) * | 2020-08-10 | 2022-06-28 | 北京字节跳动网络技术有限公司 | Method, apparatus, electronic device, and medium for generating prediction information |
| CN112819472A (en) * | 2021-01-30 | 2021-05-18 | 北京奇保信安科技有限公司 | Fraud prediction method and device for resource raising project and electronic equipment |
-
2021
- 2021-10-14 CN CN202111198320.9A patent/CN114020795B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107644098A (en) * | 2017-09-29 | 2018-01-30 | 马上消费金融股份有限公司 | A kind of fraud recognition methods, device, equipment and storage medium |
| CN109410036A (en) * | 2018-10-09 | 2019-03-01 | 北京芯盾时代科技有限公司 | A kind of fraud detection model training method and device and fraud detection method and device |
| CN111552680A (en) * | 2020-04-27 | 2020-08-18 | 深圳壹账通智能科技有限公司 | Construction method and device of business fraud identification database and computer equipment |
| CN113191565A (en) * | 2021-05-18 | 2021-07-30 | 同盾科技有限公司 | Security prediction method, security prediction device, security prediction medium, and security prediction apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114020795A (en) | 2022-02-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220038446A1 (en) | Identity Proofing and Portability on Blockchain | |
| US8438386B2 (en) | System and method for developing a risk profile for an internet service | |
| US8359632B2 (en) | Centralized account reputation | |
| US11743245B2 (en) | Identity access management using access attempts and profile updates | |
| US20230040895A1 (en) | System and method for developing a risk profile for an internet service | |
| JP2021508889A (en) | Identity verification method and equipment | |
| US11488177B2 (en) | Detecting fraud using machine-learning | |
| TWI459232B (en) | Phishing site processing method, system and computer readable storage medium storing the method | |
| CN113347205A (en) | Method and device for detecting service access request | |
| CN110830445B (en) | Method and device for identifying abnormal access object | |
| CN109831459B (en) | Method, device, storage medium and terminal equipment for secure access | |
| CN106470204A (en) | User identification method based on request behavior characteristicss, device, equipment and system | |
| CN108416665B (en) | Data interaction method and device, computer equipment and storage medium | |
| CN111681091A (en) | Financial risk prediction method and device based on time domain information and storage medium | |
| WO2020257991A1 (en) | User identification method and related product | |
| CN114020795B (en) | Business processing method and device, electronic equipment and storage medium | |
| Kolomeets et al. | Analysis of the malicious bots market | |
| CN109729054B (en) | Access data monitoring method and related equipment | |
| CN112702349B (en) | Network attack defense method and device and electronic bidding transaction platform | |
| Szurdi et al. | Domain registration policy strategies and the fight against online crime | |
| Xi et al. | Quantitative threat situation assessment based on alert verification | |
| Bales et al. | Internet web site jurisdiction | |
| GB2512753A (en) | System and method for developing a risk profile for an internet resource | |
| Almahmoud et al. | Exploring non-human traffic in online digital advertisements: analysis and prediction | |
| KR102567355B1 (en) | System for providing data portability based personal information sharing platform service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 9th Floor, Block A, Shenzhen National Engineering Laboratory Building, No. 20, Gaoxin South 7th Road, High-tech Zone Community, Yuehai Street, Nanshan District, Shenzhen, Guangdong 518000 Patentee after: Shenzhen Huayun Information System Technology Co.,Ltd. Address before: No. 904, block a, national engineering laboratory building, Gaoxin South 7th road digital technology park, Yuehai street, Nanshan District, Shenzhen, Guangdong 518000 Patentee before: Shenzhen Huayun Information System Co.,Ltd. |