CN114331674A - Loan fraud mode identification method and device - Google Patents
Loan fraud mode identification method and device Download PDFInfo
- Publication number
- CN114331674A CN114331674A CN202111594027.4A CN202111594027A CN114331674A CN 114331674 A CN114331674 A CN 114331674A CN 202111594027 A CN202111594027 A CN 202111594027A CN 114331674 A CN114331674 A CN 114331674A
- Authority
- CN
- China
- Prior art keywords
- fraud
- target object
- loan
- node
- related information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The embodiment of the application provides a loan fraud mode identification method and a loan fraud mode identification device, wherein the method comprises the following steps: the method comprises the steps of obtaining application information of user equipment, wherein the application information is used for a target object to apply for obtaining a loan guarantee, conducting loan guarantee audit on the target object, obtaining risk related information of the target object when the target object is determined to be a potential risk object according to the loan guarantee audit, inputting the risk related information into a fraud evaluation model, obtaining a fraud type of the risk related information, and determining fraud identities of the target object according to the fraud type, wherein the fraud identities comprise a non-fraud user, a suspected fraud user and a fraud user. By adopting the method, the reliability of fraud identification is improved through double fraud identification, so that fraud behaviors can be prevented in the loan application stage, the loss caused by the fraud behaviors is reduced, and the economic order of the market is further maintained.
Description
Technical Field
The application belongs to the technical field of big data processing, and particularly relates to a loan fraud mode identification method and device.
Background
At present, fraud behaviors are frequent at one's side, financial industry fraud is poor, along with the continuous development of internet finance, a plurality of financial behaviors are performed on the internet, financial loan also belongs to one of the financial loan, and more fraud behaviors are not required to be developed, so that the prevention and control of fraud risks become important while the user experience of the financial loan obtained by a user on the internet is ensured to be extremely high, the existing fraud behavior identification method is not particularly suitable for loan behaviors, and the fraud identification for loan behaviors is a technical problem which needs to be solved urgently.
Disclosure of Invention
The embodiment of the application provides a loan fraud mode identification method and device, which are used for auditing loan application in a double fraud identification mode so as to prevent loan fraud in advance.
In a first aspect, an embodiment of the present application provides a loan fraud pattern recognition method, including:
acquiring application information of user equipment, wherein the application information is used for a target object to apply for obtaining a loan guarantee;
performing loan guarantee audit on the target object;
when the target object is determined to be a potential risk object according to loan guarantee audit, acquiring risk related information of the target object;
inputting the risk related information into a fraud assessment model to obtain a fraud type of the risk related information;
and determining the fraud identity of the target object according to the fraud type, wherein the fraud identity comprises a non-fraud user, a suspected fraud user and a fraud user.
It can be seen that, in the embodiment of the present application, first, application information of user equipment is obtained, where the application information is used for a target object to apply for obtaining a loan guarantee, then, the loan guarantee is performed on the target object, when the target object is determined to be a potential risk object according to the loan guarantee review, risk-related information of the target object is obtained, then, the risk-related information is input into a fraud evaluation model, a fraud type of the risk-related information is obtained, and finally, a fraud identity of the target object is determined according to the fraud type, where the fraud identity includes a non-fraud user, a suspected fraud user, and a fraud user. By adopting the method, the reliability of fraud identification is improved through double fraud identification, so that fraud behaviors can be prevented in the loan application stage, the loss caused by the fraud behaviors is reduced, and the economic order of the market is further maintained.
In a second aspect, embodiments of the present application provide a loan fraud pattern recognition, including:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring application information of user equipment, and the application information is used for a target object to apply for obtaining a loan guarantee;
the auditing unit is used for carrying out loan guarantee auditing on the target object and acquiring risk related information of the target object when the target object is determined to be a potential risk object according to the loan guarantee auditing;
the evaluation unit is used for inputting the risk related information into the fraud evaluation model and acquiring the fraud type of the risk related information;
and the determining unit is used for determining the fraud identity of the target object according to the fraud type, wherein the fraud identity comprises a non-fraud user, a suspected fraud user and a fraud user.
In a third aspect, an embodiment of the present application provides an electronic device, where the electronic device includes a processor, a memory, and a communication interface, where the processor, the memory, and the communication interface are connected to each other and perform communication between them, the memory stores executable program codes, the communication interface is used for performing wireless communication, and the processor is used to retrieve the executable program codes stored in the memory and perform, for example, some or all of the steps described in any of the methods in the first aspect.
In a fourth aspect, the present application provides a computer program product, where the computer program product includes a computer program operable to cause a computer to perform some or all of the steps as described in any one of the methods of the first aspect of the embodiments of the present application. The computer program product may be a software installation package.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic diagram of a loan approval system according to an embodiment of the application;
fig. 2 is a schematic flow chart illustrating a loan fraud pattern recognition method according to an embodiment of the present disclosure;
FIG. 3 is a schematic structural diagram of a fraud assessment tree according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a loan fraud pattern recognition apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first," "second," and the like in the description and claims of the present application and in the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps is not limited to only those steps recited, but may alternatively include other steps not recited, or may alternatively include other steps inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
First, please refer to fig. 1, fig. 1 is a schematic structural diagram of a loan approval system provided in an embodiment of the present application, as shown in fig. 1, the system includes a user device, a loan warranty auditing server, and a fraud assessment server, where the user device and the loan warranty server may be connected through a loan auditing Application (APP) installed on an enterprise user device, that is, the loan auditing APP is installed on the user device and provides an interface (API) for user operation, and the loan auditing APP is in communication connection with the loan warranty server, and the loan warranty auditing server and the fraud assessment server are also in communication connection.
The operation process of the loan auditing system is specifically as follows: the user submits the loan guarantee application to the loan guarantee auditing server after filling in the application information through the user equipment, the loan guarantee auditing server conducts preliminary auditing on the application information, and the application information is submitted to the fraud assessment server for further fraud risk assessment after the approval is passed.
Specifically, referring to fig. 2, fig. 2 is a schematic flowchart illustrating a loan fraud pattern recognition method according to an embodiment of the present disclosure.
In step S11, application information of the user device is obtained, and the application information is used for the target object to apply for obtaining a loan guarantee.
The user can apply for loan through the application program, and the application information includes but is not limited to identity information, contact information, famous property certificate of natural people, business license of an enterprise, production operation license, qualification verification report, annual statement provided to the present after being audited and qualified, famous property certificate, tax information, identity certificate of an enterprise representative and a main stockholder, marital relation certificate, property certificate of a stockholder and a spouse, and credit limit and loan term. The form of filling out the application information can be a form of words and pictures.
In step S12, a loan guarantee audit is performed on the target object.
The loan guaranty is mainly divided into a mortgage guaranty and a guarantee guaranty, wherein the guarantee guaranty means the behavior that a guarantor makes an agreement with a borrower, and when the borrower defaults or fails to return the loan, the guarantor performs debt or undertakes liability according to the agreement. Legal persons and other organizations or citizens (natural persons) with the ability to compensate for debts can be used as guarantors, the mortgage guarantee means that the debtor or a third person does not transfer the occupation of a specific object but uses the property as the guarantee of the debt, and when the debtor does not fulfill the debt, the debt has the right to be compensated by the price of the property according to the rules of the guaranty law or by the priority of the price of the property through auction and change. If the guarantee is carried out, the credit record, the operation condition, the fund condition, the repayment capacity, the voluntary guarantee and the like of the guarantor are mainly checked; if the mortgage is guaranteed, the mortgage is mainly used for checking whether the mortgage is sufficient in authenticity, legality and value, whether the mortgage is voluntary or not and the like.
In one possible embodiment, the loan guarantee review for the target object may include: acquiring basic information of a target object, and checking and determining the authenticity of the basic information; if the basic information has non-authenticity, determining that the target object is a potential risk object; and/or if the basic information has authenticity, acquiring tax information of the target object, and determining the repayment amount of the target object according to the tax information; obtaining a loan amount applied by a target user, and determining a difference value between the applied loan amount and a payable amount; if the difference value between the applied loan amount and the payable amount is smaller than a first preset threshold value, determining that the target object is a non-potential risk object; and if the difference value between the applied loan amount and the payable amount is larger than or equal to a first preset threshold value, determining that the target object is a potential risk object.
The basic information of the target object is mainly identification information of some identities and properties, the authenticity of the target object is detected through a system specific to an enterprise or third-party software, if the basic information is not authentic, the target object can be directly determined to be a potential risk object, and if the basic information is authentic, whether the target object is a potential risk object or not can be further checked and determined. Then, tax information of the target object is acquired, the fund flow size of the target object is determined through the tax information of the target object, the payable amount of the target object is further determined, whether the target object has repayment capacity or not is determined according to comparison between the payable amount and the loan amount, and if the difference value between the loan amount and the payable amount is smaller than a first preset threshold value, the target object is determined to be a non-potential risk object according to the repayment capacity of the target object and the loan amount; if the difference value between the loan amount and the repayment amount is larger than a first preset threshold value, the loan amount and the repayment amount are not provided with repayment capacity aiming at the loan amount, the target object can be determined as a potential risk object, and the preset threshold value can be set according to the actual situation of the target object. If the mortgage exists, after the mortgage is checked for validity, authenticity and validity, professional evaluation value can be carried out on the mortgage, the value of the mortgage after professional evaluation and the repayment amount are compared with the loan amount to obtain the conclusion whether the mortgage has repayment capacity aiming at the loan amount, and further obtain whether the target object is a potential risk object or a non-potential risk object. In addition, it may also be determined whether the target object is a potential risk object by determining whether the fund flow of the target object is abnormal, and the fund flow abnormality includes but is not limited to: whether the situation that the fund can only be entered and not be discharged exists; or whether a large amount of funds are flowing out compared with the historical funds flow out of the target object; or whether the amount of funds flowing out or in by the target object is obviously unequal to the value amount of the goods or services flowing in or out exists in the trading transaction of the target object, which can be reflected in that the obvious amount of funds and the value amount of goods are unequal at the beginning of the trading contract between the target object and the trading object, or in the process of trading between the target object and the trading object, the outflow of the amount of funds of the target object is asynchronous with the inflow or outflow of the goods or services flowing in or out of the trading object in time.
In the embodiment of the application, whether the target object is a potential risk object is preliminarily determined according to the authenticity of the information of the target object checked according to the basic information of the target object, and whether the target object checked according to the basic information has repayment capability is checked according to the tax information.
In step S13, when the target object is determined to be a potential risk object based on the loan guarantee review, risk-related information of the target object is acquired.
After the target object is determined to be a potential risk through the previous step, the target object has a possibility of being a fraudulent user, but the specific situation needs to be further verified, so that the risk related information of the target object needs to be obtained to perform fraud risk assessment on the target object, and whether the target object belongs to a fraudulent user or not is judged. The risk related information refers to some information which can prove that the target object has a certain fraud risk, and may include information that the target object is a blacklist or a grey list object, has tax control, information that an enterprise is nominal, frequent change of business registration information, information that financial crisis exists, information that related nature people and enterprises have fraud behaviors recorded on the case, and the like. For example, when it is detected that the replacement amount of the business registration information of the user exceeds the preset amount in a time period, it is determined that the business registration information of the user is frequently changed, and then "the business registration information is frequently changed" into the risk related information is recorded.
And step S14, inputting the risk related information into a fraud assessment model to obtain the fraud type of the risk related information.
The fraud assessment model is used for fraud risk assessment and mainly comprises a behavior set and a weight set, wherein the behavior set refers to a set of fraud risk behaviors, the weight set refers to a set of fraud possibility sizes corresponding to the fraud risk behaviors, and the fraud assessment model is specifically explained by adopting a fraud assessment tree:
referring to fig. 3, fig. 3 is a schematic structural diagram of a fraud assessment tree according to an embodiment of the present application.
As shown in fig. 3, the fraud assessment tree behavior set includes a plurality of fraud nodes and leaf nodes corresponding to each fraud node. The fraud node refers to some large classes classified by some fraud behaviors, refers to some fraud behaviors which can be subdivided, or also refers to a fraud node which is formed by uniformly associating some specific fraud behaviors, wherein the specific fraud behaviors have certain associations; the leaf nodes refer to some subclasses in the large class of the cheating node, refer to subclasses subdivided by the cheating behavior of the cheating node and cannot be subdivided. Here, the fraud node includes but is not limited to black and white grey list, loan overdue, associated fraud, and other fraud.
The reason why the black-white-grey list is used as a fraud node is that the black-white-grey node is a mechanism used by many enterprises, the black-white-grey list is set by a loan institution aiming at the integrity of a user and is divided into a black list, a grey list and a white list, the black list is used for identifying a user with dishonest integrity, the grey list is used for identifying an uncertain user, the white list is used for identifying a user with integrity, and the white list is not used as a leaf node in the black-white-grey list, so that the leaf node of the black-white-grey list in a fraud assessment tree is only used for applying the black list and the grey list.
The reason why the loan overdue is independently used as a fraud node is that the loan overdue behavior is a behavior which is easy to judge, and the repayment capability of the loan overdue behavior can be easily judged to be problematic. Loan overdue refers to the user having loaned in historical behavior and not making payments at a specified time, which may be loans made in different institutions. The leaf nodes of the loan which are overdue can be set according to the overdue repayment time, so that the leaf nodes of the loan which are overdue in the fraud assessment tree include but are not limited to more than one month and more than one year, and can be preset according to actual conditions.
The reason why the associated fraud behavior is separately used as a fraud node is that a subject related to the associated fraud behavior is changed and is taken out to be separately used as a fraud node for facilitating subsequent evaluation, the associated fraud behavior refers to that a fraud behavior exists for a natural person or an enterprise associated with the associated fraud behavior, and the fraud behavior is still recorded in a file of a business office or a public security office. While associated fraud includes mainly fraud by other associated subjects, therefore, in the fraud assessment tree, leaf nodes of associated fraud include, but are not limited to, associated natural persons and associated businesses.
After counting the above individual fraud behaviors, all the remaining fraud behaviors are regarded as an individual fraud behavior fraud node, and according to some summaries, other fraud behaviors may include tax manipulation, false enterprise, frequent change and financial crisis, so that leaf nodes of other fraud behaviors are set as tax manipulation, false enterprise, frequent change and financial crisis. The tax operation refers to the existence of certain tax problems such as tax evasion and the like, false enterprises refer to the fact that the registered industries of enterprises are inconsistent with the major engaged industries, frequent change refers to the fact that the change times of the industrial and commercial information of the enterprises within a certain period exceed the preset times, and the financial crisis refers to the fact that the external debt amount minus the external debt amount of the enterprises exceed A% of the registered real payment amount of the enterprises, wherein A can be preset according to actual conditions.
The fraud node and the leaf node in the fraud assessment tree are just some fraud nodes and leaf nodes listed for convenience of explanation, and may further include other non-listed fraud behaviors, if there are other more ambiguous fraud behaviors, and the fraud behaviors can be subdivided into many individual fraud behaviors, or if there are many specific fraud behaviors with an association that can be collectively referred to as a large-scale fraud behavior, the fraud node may be regarded as an individual fraud node, and if the fraud behaviors are more specific and cannot be subdivided, the node is placed in the leaf node of the fraud node "other fraud behaviors".
Wherein, the weight set of the fraud evaluation tree is represented as: each fraud node is preset with a corresponding node weight, and a leaf node corresponding to each fraud node also has a corresponding edge weight, the weight refers to the fraud probability of the fraud node or the fraud behavior corresponding to the leaf node, because the fraud node is a large-scale fraud behavior, and the leaf node is a specific unsegmentable fraud behavior in the fraud node, the probability that a fraud behavior falls into the fraud node is greater than the probability that the fraud behavior falls into the leaf node, then the weight distribution here will refer to the size of the probability, that is, the size of the node weight of the fraud node will be less than the size of the edge weight of the leaf node in the fraud node. For example: for the fraud node "loan overdue", if the node weight is set to 3, the edge weights of the leaf nodes "more than one month" and "more than one year" of the fraud node "loan overdue" should be higher than 3, and the fraud probability of the leaf nodes "more than one year" is higher than that of the leaf nodes "more than one month", so the edge weight of the leaf nodes "more than one year" should be higher than that of the leaf nodes "more than one month", and here, the edge weight of the leaf nodes "more than one year" can be set to 5, and the edge weight of the leaf nodes "more than one month" is set to 4.
Next, explanation is made by using a fraud assessment tree as a fraud assessment model:
in a feasible embodiment, keywords in the risk related information are obtained, and the keywords are introduced into a fraud evaluation tree and are matched with a plurality of fraud nodes; and determining a fraud type corresponding to the risk related information according to the matching degree of the keyword and the fraud node, wherein the fraud type corresponds to a leaf node in a fraud evaluation tree.
The method includes the steps that risk related information needs to be input into a fraud evaluation tree to obtain a fraud type of the related information, the risk related information is content in a relatively large range, but a relatively specific phrase is in the fraud evaluation tree, so that keywords in the risk related information need to be obtained, the keywords are phrases contained in fraud nodes and leaf nodes in the fraud evaluation tree, the fraud evaluation tree is conveniently led in to match the fraud nodes, after the keywords are led into the fraud evaluation tree, the keywords are matched with a plurality of fraud nodes and corresponding leaf nodes, the fraud type corresponding to the risk related information is determined according to the matching degree of the keywords with the fraud nodes and the leaf nodes, and the fraud type corresponds to the leaf nodes of the fraud evaluation tree. For example, if the risk-related information records that the enterprise is a blacklist user of the loan institution, a keyword, namely a "blacklist", included in a fraud node and a leaf node in the fraud evaluation tree is obtained, and then the blacklist is matched with the leaf node "blacklist" in the fraud node "blacklist and whitelist" in the fraud evaluation tree, and the fraud type is also determined as a "blacklist user" here.
In the embodiment of the application, the keywords of the risk related information are extracted and are introduced into the fraud evaluation tree for matching, so that the difficulty in matching when the risk related information is directly input for matching can be avoided, and meanwhile, the extracted keywords correspond to the fraud nodes and the leaf nodes in the fraud evaluation tree, so that the fraud nodes and the leaf nodes in the fraud evaluation tree can be quickly matched.
In a feasible embodiment, when the fraud type corresponding to the risk related information is determined according to the matching degree of the keyword and the fraud node, if the risk related information cannot be matched with the leaf node in the fraud evaluation tree, the fraud node matched with the risk related information is determined, and the fraud type corresponding to the leaf node with the minimum node weight in the leaf nodes of the fraud node is obtained and used as the fraud type corresponding to the risk related information.
According to the method, the situation that keyword matching is unsuccessful may exist, one is that not only leaf nodes are not matched but also fraudulent nodes are not matched, and the other is that fraudulent nodes are successfully matched but not leaf nodes are matched, the first situation can be considered as having no fraud risk behaviors due to the fact that the fraudulent nodes are not matched, and the second situation is that the fraudulent nodes are a set with a larger range and the leaf nodes in the fraudulent nodes are behaviors which cannot be subdivided specifically. Therefore, two situations can be considered, one is that the fraud probability of the fraud is high, the leaf node with the highest fraud probability in the fraud node cannot be completely included, the other is that the fraud probability of the fraud is low, and the leaf node with the lowest fraud probability in the fraud node cannot be met, but since the fraud is a specific behavior, the fraud can be generalized only by meeting the condition, and the fraud is not required to be completely corresponded, so that the behavior which cannot be matched due to the high fraud probability of the fraud does not exist, and only the leaf node which is possibly because the lowest fraud probability in the fraud node is too high and cannot be matched is considered here. After the conclusion is drawn, since the entry of the fraud node can be matched, the entry of the fraud node can be determined to have certain fraud behaviors, so that the leaf node with the smallest fraud possibility is determined as the leaf node matched with the risk related information, that is, the matched fraud node is determined first, and then the fraud type corresponding to the leaf node with the smallest node weight value in the fraud nodes is determined as the fraud type corresponding to the risk related information. For example, if it can be determined that the fraud node in the fraud evaluation tree of the target user is "loan overdue" according to the risk-related information, but the loan overdue of the target user is only 20 days, and the leaf nodes in the fraud node "loan overdue" are only "more than one month" and "more than one year", and at this time, the leaf nodes cannot be matched with the fraud node, the fraud node is determined to be "loan overdue", and then the leaf node with the smallest node weight value in the fraud node is determined, and if the weight value of the leaf node "more than one month" is 4 and the weight value of the leaf node "more than one year" is 5, the leaf node "more than one month" in the fraud node "loan overdue" is determined to be the leaf node of the target user, and then the fraud type is determined to be more than one month of the loan.
In the embodiment of the application, the keyword is extracted from the risk related information and introduced into the fraud evaluation tree to be matched with the plurality of fraud nodes and the corresponding leaf nodes, the fraud types corresponding to the risk related information are determined according to the matching degree, when the matching of the leaf nodes is unsuccessful, the matched fraud nodes are determined, and then the fraud type corresponding to the leaf node with the minimum node weight in the fraud nodes is determined as the fraud type corresponding to the risk related information. Therefore, the fraud evaluation tree is convenient to match the fraud node and the leaf node, the type of unsuccessful matching is processed, and the success rate of risk related information evaluation is increased.
Step S15, determining the fraud identity of the target object according to the fraud type, where the fraud identity includes a non-fraud user, a suspected fraud user, and a fraud user.
The fraud identity of the target object is determined according to the fraud type, and the fraud value of the fraud can be obtained in a calculation mode so as to locate the fraud identity.
In a feasible embodiment, a node path corresponding to a fraud type is obtained, and a fraud value corresponding to the fraud type is obtained through calculation according to the node path; and determining the fraud identity of the target object according to the fraud value. The step of obtaining a fraud value corresponding to the fraud type according to the node path calculation comprises the following steps: acquiring a plurality of node weights corresponding to a plurality of fraudulent nodes in a node path; acquiring a plurality of edge weights corresponding to a plurality of directed edges connecting a plurality of fraudulent nodes; and calculating to obtain a fraud value corresponding to the fraud type according to the plurality of node weight values and the plurality of edge weight values.
Wherein, first, a node path corresponding to a fraud type is obtained, and the node path refers to a path from a fraud evaluation tree to a fraud node, for example, in the fraud evaluation tree shown in fig. 3, a path from the fraud evaluation tree to a fraud node "black and white and grey list" is called a node path, then, a node weight is obtained according to the node path, that is, a weight corresponding to the fraud node, an edge weight of a corresponding leaf node is obtained through a plurality of directed edges of the fraud node, and the calculation of the fraud value is an upward summarizing process of the weight, that is, the edge weights of the leaf nodes of each fraud node matched by the fraud type are summarized upward to the fraud node, and are added with the node weight of the fraud node, and then, the fraud value is obtained through summarizing upward continuously, and finally, a fraud identity is located according to the fraud value, wherein the fraud identity refers to a definition of whether a target object exists fraud behavior or not, in order to conveniently locate the fraud identity according to the fraud value, the fraud identity may be distributed from small to large according to the size of the fraud value as a non-fraud user, a suspected fraud user and a fraud user, a specific interval is preset according to an actual situation, that is, only the fraud value obtained by the last calculation needs to be judged to fall into a certain interval, and the fraud identity corresponding to the interval is the fraud identity corresponding to the fraud value.
In the embodiment of the application, a node path of a fraud type is obtained, a corresponding node weight is obtained, an edge weight of a corresponding leaf node is obtained through a directed edge of the fraud node, the fraud node is gathered upwards layer by layer through the edge weight, a fraud value is obtained through continuous upward gathering after the node weight is added, and finally a fraud identity in a preset interval is positioned through the fraud value.
In a possible embodiment, if it is determined that the fraud types corresponding to the risk-related information are more than 3 fraud types, the fraud identity of the target object is determined to be a fraudulent user.
In general, if a user simultaneously satisfies more than 3 fraud types, it indicates that the user has a fraud behavior with a high probability, and therefore, for simplicity and convenience of operation, when the fraud type corresponding to the risk-related information is determined to be more than 3 fraud types for a certain target object, the fraud identity of the target object is directly determined to be a fraudulent user. In addition, more than several fraud types can be set according to the actual fraud type situation.
It can be seen that, in the embodiment of the present application, first, application information of user equipment is obtained, where the application information is used for a target object to apply for obtaining a loan guarantee, then, the loan guarantee is performed on the target object, when the target object is determined to be a potential risk object according to the loan guarantee audit, risk-related information of the target object is obtained, then, the risk-related information is input into a fraud evaluation model, a fraud type of the risk-related information is obtained, and finally, a fraud identity of the target object is determined according to the fraud type, where the fraud identity includes a non-fraud user, a suspected fraud user, and a fraud user. By adopting the method, the accuracy of fraud identification is ensured through double-layer fraud identification, so that fraud behaviors can be prevented in the loan application stage, the loss caused by the fraud behaviors is reduced, and the economic order of the market is further maintained.
Referring to fig. 4, in accordance with the embodiments corresponding to fig. 1 to fig. 3, fig. 4 is a schematic structural diagram of a loan fraud pattern recognition apparatus 300 according to an embodiment of the present application, as shown in fig. 4, including:
an obtaining unit 301, configured to obtain application information of a user equipment, where the application information is used for a target object to apply for obtaining a loan guarantee;
an auditing unit 302, configured to perform loan guarantee auditing on the target object, and obtain risk-related information of the target object when the target object is determined to be a potential risk object according to the loan guarantee auditing;
the evaluation unit 303 is configured to input the risk related information into a fraud evaluation model, and obtain a fraud type of the risk related information;
the determining unit 304 determines the fraud identity of the target object according to the fraud type, wherein the fraud identity includes a non-fraud user, a suspected fraud user and a fraud user.
It can be seen that, the device described in the embodiment of the present application obtains the application information of the user equipment, performs loan guarantee audit on the application information, obtains the risk related information of the user and performs fraud assessment on the risk related information when the user is determined to be a potential risk object through the audit, thereby obtaining the fraud type of the user and further determining the fraud identity of the user.
In a possible embodiment, the auditing unit 302 is specifically configured to:
acquiring basic information of a target object, and checking and determining the authenticity of the basic information; if the basic information has non-authenticity, determining that the target object is a potential risk object; and/or if the basic information has authenticity, acquiring tax information of the target object, and determining the repayment amount of the target object according to the tax information; obtaining a loan amount applied by a target user, and determining a difference value between the applied loan amount and a payable amount; if the difference value between the applied loan amount and the payable amount is smaller than a first preset threshold value, determining that the target object is a non-potential risk object; and if the difference value between the applied loan amount and the payable amount is larger than or equal to a first preset threshold value, determining that the target object is a potential risk object.
In a possible embodiment, the fraud evaluation model is a fraud evaluation tree, the fraud evaluation tree includes a plurality of fraud nodes, and the evaluation unit 303 is specifically configured to:
acquiring keywords in the risk related information, importing the keywords into a fraud evaluation tree, and matching the keywords with a plurality of fraud nodes; and determining a fraud type corresponding to the risk related information according to the matching degree of the keyword and the fraud node, wherein the fraud type corresponds to a leaf node in a fraud evaluation tree.
In a possible embodiment, the determination unit 304 is specifically adapted to,
acquiring a node path corresponding to a fraud type, and calculating according to the node path to acquire a fraud value corresponding to the fraud type; and determining the fraud identity of the target object according to the fraud value.
In a possible embodiment, the determination unit 304 is further adapted to,
acquiring a plurality of node weights corresponding to a plurality of fraudulent nodes in a node path; acquiring a plurality of edge weights corresponding to a plurality of directed edges connecting a plurality of fraudulent nodes; and calculating to obtain a fraud value corresponding to the fraud type according to the plurality of node weight values and the plurality of edge weight values.
In a feasible embodiment, when the fraud type corresponding to the risk related information is determined according to the matching degree of the keyword and the fraud node, if the risk related information cannot be matched with the leaf node in the fraud evaluation tree, the fraud node matched with the risk related information is determined, and the fraud type corresponding to the leaf node with the minimum node weight in the leaf nodes of the fraud node is obtained and used as the fraud type corresponding to the risk related information.
In a possible embodiment, if it is determined that the fraud types corresponding to the risk-related information are more than 3 fraud types, the fraud identity of the target object is determined to be a fraudulent user.
Specifically, the data acquisition device according to the embodiment of the present application may perform functional unit division according to the above method example, for example, each functional unit may be divided corresponding to each function, or two or more functions may be integrated into one processing unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit. It should be noted that the division of the unit in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
Referring to fig. 5, in accordance with the embodiments corresponding to fig. 1 to fig. 3, fig. 5 is a schematic structural diagram of an electronic device 400 according to an embodiment of the present disclosure, as shown in fig. 5: the device comprises a processor, a memory and a communication interface, wherein the processor, the memory and the communication interface are mutually connected and finish mutual communication work;
the memory has stored thereon executable program code, the communication interface for wireless communication;
the processor is used for calling the executable program codes stored in the memory and executing part or all of the steps of any data acquisition method in the embodiment of the method, and the computer comprises the electronic terminal equipment.
The memory may be a volatile memory such as a dynamic random access memory DRAM, or a non-volatile memory such as a mechanical hard disk. The memory is used for storing a set of executable program codes, and the processor is used for calling the executable program codes stored in the memory, and can execute the following operations:
acquiring application information of user equipment, wherein the application information is used for a target object to apply for obtaining a loan guarantee; performing loan guarantee audit on the target object; when the target object is determined to be a potential risk object according to loan guarantee audit, acquiring risk related information of the target object; inputting the risk related information into a fraud assessment model to obtain a fraud type of the risk related information; and determining the fraud identity of the target object according to the fraud type, wherein the fraud identity comprises a non-fraud user, a suspected fraud user and a fraud user.
In one possible embodiment, the memory is configured to store a set of executable program code, and the processor is configured to call the executable program code stored in the memory to: acquiring basic information of a target object, and checking and determining the authenticity of the basic information; if the basic information has non-authenticity, determining that the target object is a potential risk object; and/or if the basic information has authenticity, acquiring tax information of the target object, and determining the repayment amount of the target object according to the tax information; obtaining a loan amount applied by a target user, and determining a difference value between the applied loan amount and a payable amount; if the difference value between the applied loan amount and the payable amount is smaller than a first preset threshold value, determining that the target object is a non-potential risk object; and if the difference value between the applied loan amount and the payable amount is larger than or equal to a first preset threshold value, determining that the target object is a potential risk object.
In one possible embodiment, the fraud assessment model is a fraud assessment tree comprising a plurality of fraud nodes, the memory is configured to store a set of executable program code, and the processor is configured to call the executable program code stored in the memory to: acquiring keywords in the risk related information, importing the keywords into a fraud evaluation tree, and matching the keywords with a plurality of fraud nodes; and determining a fraud type corresponding to the risk related information according to the matching degree of the keyword and the fraud node, wherein the fraud type corresponds to a leaf node in a fraud evaluation tree.
In one possible embodiment, the memory is configured to store a set of executable program code, and the processor is configured to call the executable program code stored in the memory to: acquiring a node path corresponding to a fraud type, and calculating according to the node path to acquire a fraud value corresponding to the fraud type; and determining the fraud identity of the target object according to the fraud value.
In one possible embodiment, the memory is configured to store a set of executable program code, and the processor is configured to call the executable program code stored in the memory to: acquiring a plurality of node weights corresponding to a plurality of fraudulent nodes in a node path; acquiring a plurality of edge weights corresponding to a plurality of directed edges connecting a plurality of fraudulent nodes; and calculating to obtain a fraud value corresponding to the fraud type according to the plurality of node weight values and the plurality of edge weight values.
In one possible embodiment, the memory is configured to store a set of executable program code, and the processor is configured to call the executable program code stored in the memory to: when the fraud type corresponding to the risk related information is determined according to the matching degree of the keyword and the fraud node, if the risk related information cannot be matched with the leaf node in the fraud evaluation tree, the fraud node matched with the risk related information is determined, and the fraud type corresponding to the leaf node with the minimum node weight in the leaf node of the fraud node is obtained and serves as the fraud type corresponding to the risk related information.
In one possible embodiment, the memory is configured to store a set of executable program code, and the processor is configured to call the executable program code stored in the memory to: and if the fraud types corresponding to the risk related information are more than 3 fraud types, determining that the fraud identity of the target object is a fraud user.
Embodiments of the present application provide a computer program product, wherein the computer program product comprises a computer program operable to cause a computer to perform some or all of the steps of any one of the device information based loan audit methods as described in the above method embodiments, and the computer program product may be a software installation package.
It should be noted that, for the sake of simplicity, any of the above embodiments of the loan fraud pattern recognition method are described as a series of actions, but those skilled in the art should understand that the present application is not limited by the described action sequence, because some steps may be performed in other sequences or simultaneously according to the present application. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
While the present application has been described in connection with various embodiments, other variations to the disclosed embodiments can be understood and effected by those skilled in the art in practicing the claimed application, from a review of the drawings, the disclosure, and the appended claims. In the claims, the word "comprising" does not exclude other elements or steps, and the word "a" or "an" does not exclude a plurality. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.
Those skilled in the art will appreciate that all or part of the steps in the various methods of the method embodiments of any of the data acquisition methods described above may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable memory, which may include: flash Memory disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.
The above embodiments of the present application are introduced in detail, and specific embodiments are applied in this text to explain the principles and embodiments of a data acquisition method and apparatus of the present application, and the descriptions of the above embodiments are only used to help understand the method and core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the data acquisition method and apparatus of the present application, there may be changes in the specific implementation and application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, hardware products and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be appreciated that all products, such as the terminals and computer program products of the above-described flowcharts, that are controlled or configured to perform the method of processing of the flowcharts described in the method embodiments of a data acquisition method of the present application fall within the scope of the related products described herein.
It is apparent that those skilled in the art can make various changes and modifications to a data acquisition method and apparatus provided in the present application without departing from the spirit and scope of the present application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. A loan fraud pattern recognition method, the method comprising:
acquiring application information of user equipment, wherein the application information is used for a target object to apply for obtaining a loan guarantee;
performing loan guarantee audit on the target object;
when the target object is determined to be a potential risk object according to the loan guarantee audit, acquiring risk related information of the target object;
inputting the risk related information into a fraud assessment model to obtain a fraud type of the risk related information;
and determining the fraud identity of the target object according to the fraud type, wherein the fraud identity comprises a non-fraud user, a suspected fraud user and a fraud user.
2. The method of claim 1, wherein the fraud assessment model is a fraud assessment tree, wherein the fraud assessment tree comprises a plurality of fraud nodes, and wherein entering the risk related information into a fraud assessment model to obtain a fraud type for the risk related information comprises:
acquiring keywords in the risk related information, importing the keywords into the fraud evaluation tree, and matching the keywords with the plurality of fraud nodes;
and determining a fraud type corresponding to the risk related information according to the matching degree of the keyword and the fraud node, wherein the fraud type corresponds to a leaf node in the fraud evaluation tree.
3. The method of claim 2, wherein the determining the identity of the target object as a function of the fraud type comprises:
acquiring a node path corresponding to the fraud type, and calculating and acquiring a fraud value corresponding to the fraud type according to the node path;
and determining the fraud identity of the target object according to the fraud value.
4. The method according to claim 3, wherein the obtaining a fraud value corresponding to the fraud type according to the node path calculation includes:
obtaining a plurality of node weights corresponding to a plurality of cheating nodes in the node path;
obtaining a plurality of edge weights corresponding to a plurality of directed edges connecting the plurality of cheating nodes;
and calculating to obtain a fraud value corresponding to the fraud type according to the plurality of node weight values and the plurality of edge weight values.
5. The method according to any one of claims 2-4, further comprising: when the fraud type corresponding to the risk related information is determined according to the matching degree of the keyword and the fraud node, if the risk related information cannot be matched with the leaf node in the fraud evaluation tree, the fraud node matched with the risk related information is determined, and the fraud type corresponding to the leaf node with the minimum node weight in the leaf node of the fraud node is obtained and serves as the fraud type corresponding to the risk related information.
6. The method according to any one of claims 2-5, further comprising: and if the fraud types corresponding to the risk related information are more than 3 fraud types, determining that the fraud identity of the target object is a fraud user.
7. The method of claim 1, wherein the determining the target object as a potential risk object from the loan assurance review comprises:
acquiring basic information of the target object, and checking and determining the authenticity of the basic information;
if the basic information has non-authenticity, determining that the target object is a potential risk object; and/or if the basic information has authenticity, acquiring tax information of the target object, and determining a repayment amount of the target object according to the tax information;
obtaining a loan amount applied by the target user, and determining a difference value between the applied loan amount and the payable amount;
if the difference value between the applied loan amount and the payable amount is smaller than a first preset threshold value, determining that the target object is a non-potential risk object;
and if the difference value between the applied loan amount and the payable amount is larger than or equal to a first preset threshold value, determining that the target object is a potential risk object.
8. A loan fraud pattern recognition apparatus, the apparatus comprising:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring application information of user equipment, and the application information is used for a target object to apply for obtaining a loan guarantee;
the auditing unit is used for carrying out loan guarantee auditing on the target object and acquiring risk related information of the target object when the target object is determined to be a potential risk object according to the loan guarantee auditing;
the evaluation unit is used for inputting the risk related information into a fraud evaluation model and acquiring the fraud type of the risk related information;
and the determining unit is used for determining the fraud identity of the target object according to the fraud type, wherein the fraud identity comprises a non-fraud user, a suspected fraud user and a fraud user.
9. An electronic device, the device comprising:
the system comprises a processor, a memory and a communication interface, wherein the processor, the memory and the communication interface are connected with each other and complete the communication work among the processors;
the memory having stored thereon executable program code, the communication interface for wireless communication;
the processor is configured to retrieve the executable program code stored on the memory and execute the method of any of claims 1-7.
10. A computer-readable storage medium, characterized in that it stores a computer program for electronic data exchange, wherein the computer program causes a computer to perform the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111594027.4A CN114331674A (en) | 2021-12-23 | 2021-12-23 | Loan fraud mode identification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111594027.4A CN114331674A (en) | 2021-12-23 | 2021-12-23 | Loan fraud mode identification method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114331674A true CN114331674A (en) | 2022-04-12 |
Family
ID=81012860
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111594027.4A Pending CN114331674A (en) | 2021-12-23 | 2021-12-23 | Loan fraud mode identification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114331674A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117422546A (en) * | 2023-12-18 | 2024-01-19 | 四川享宇科技有限公司 | Processing method for preventing illegal money deposit behavior |
-
2021
- 2021-12-23 CN CN202111594027.4A patent/CN114331674A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117422546A (en) * | 2023-12-18 | 2024-01-19 | 四川享宇科技有限公司 | Processing method for preventing illegal money deposit behavior |
| CN117422546B (en) * | 2023-12-18 | 2024-03-08 | 四川享宇科技有限公司 | Processing method for preventing illegal loan behaviors |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11244386B1 (en) | Systems and methods for generating a model for income scoring | |
| US7451095B1 (en) | Systems and methods for income scoring | |
| US7546271B1 (en) | Mortgage fraud detection systems and methods | |
| US8732084B2 (en) | Identification and risk evaluation | |
| US20150339769A1 (en) | System and method for enforcing data integrity and loan approval automation by means of data aggregation and analysis | |
| US7987124B1 (en) | Method of and system for evaluating an appraisal value associated with a loan | |
| US20090222308A1 (en) | Detecting first party fraud abuse | |
| US20190295085A1 (en) | Identifying fraudulent transactions | |
| US20120109802A1 (en) | Verifying identity through use of an integrated risk assessment and management system | |
| WO2020177478A1 (en) | Credit-based qualification information auditing method, apparatus and device | |
| CN112184239A (en) | Secure payment method, device, equipment and readable medium | |
| CN111260189B (en) | Risk control method, risk control device, computer system and readable storage medium | |
| CN114331191A (en) | Credit risk assessment method and device based on enterprise scale and association | |
| CN110570188A (en) | Method and system for processing transaction requests | |
| CN110766340A (en) | Business auditing method, device and equipment | |
| US7693764B1 (en) | Systems and methods for assessing property value fraud | |
| US20220172214A1 (en) | Method for generating transferable tranches | |
| Phillips | Pricing credit products | |
| CN114331674A (en) | Loan fraud mode identification method and device | |
| Robertson | Managing operational risk: Practical strategies to identify and mitigate operational risk within financial institutions | |
| Allen et al. | Bank delays in the resolution of delinquent mortgages: the problem of limbo loans | |
| Islam et al. | Application of artificial intelligence (artificial neural network) to assess credit risk: a predictive model for credit card scoring | |
| US20140279395A1 (en) | System and methods for providing least cost data acquisition for financial decisions | |
| Ofori et al. | Predicting credit default among micro borrowers in Ghana | |
| CN114119195A (en) | Cross-border e-commerce data asset management method and device, computer equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |