CN115564447A - Credit card transaction risk detection method and device - Google Patents
Credit card transaction risk detection method and device Download PDFInfo
- Publication number
- CN115564447A CN115564447A CN202211216824.3A CN202211216824A CN115564447A CN 115564447 A CN115564447 A CN 115564447A CN 202211216824 A CN202211216824 A CN 202211216824A CN 115564447 A CN115564447 A CN 115564447A
- Authority
- CN
- China
- Prior art keywords
- credit card
- transaction risk
- service provider
- card transaction
- model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/049—Temporal neural networks, e.g. delay elements, oscillating neurons or pulsed inputs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/46—Secure multiparty computation, e.g. millionaire problem
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Abstract
The application provides a credit card transaction risk detection method and device, which relate to the field of artificial intelligence and can also be used in the financial field, and comprise the following steps: acquiring a credit card data sharing value in a secret sharing mode; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking server; sending credit card transaction risk detection model parameters to the banking server in a secret sharing mode to perform safe multiparty calculation in cooperation with the banking server to obtain an encryption detection result of a service provider side; and sending the encryption detection result of the service provider side to the banking server so that the banking server decrypts the encryption detection result of the service provider side to obtain a credit card transaction risk detection result. According to the method and the device, the credit card transaction risk detection can be carried out on the premise of protecting the privacy of the user.
Description
Technical Field
The application relates to the field of artificial intelligence, can be used in the field of finance, and particularly relates to a credit card transaction risk detection method and device.
Background
The popularization and application of credit cards greatly facilitate the transaction process between merchants and customers, but also cause various credit card transaction risks, such as counterfeiting, falsifying and malicious overdraft. In the prior art, credit card transaction risk detection is a two-classification problem that whether each transaction has a transaction risk is often analyzed according to past transaction data. Therefore, the problem of transaction risk detection is often solved in the prior art by constructing a machine learning classifier.
Although machine learning techniques are widely used for detecting the risk of credit card transactions and achieve a good detection effect, the training process is too complicated. More importantly, the method is very unfavorable for privacy protection of the client on the premise of acquiring the total amount of past transaction data of the client when the credit card transaction risk detection is carried out. Once the service provider who performs the transaction risk detection reveals the credit card data and the transaction risk prediction result of the customer, it will pose a potential threat to the privacy information and property security of the customer. Therefore, a method for detecting the risk of credit card transactions under the premise of protecting the privacy of users is needed.
Disclosure of Invention
Aiming at the problems in the prior art, the application provides a credit card transaction risk detection method and device, which can detect the credit card transaction risk on the premise of protecting the privacy of a user.
In order to solve the technical problem, the application provides the following technical scheme:
in a first aspect, the present application provides a credit card transaction risk detection method, including:
acquiring a credit card data sharing value in a secret sharing mode; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking service server;
sending credit card transaction risk detection model parameters to the banking server in a secret sharing mode to perform safe multiparty calculation in cooperation with the banking server to obtain an encryption detection result of a service provider side;
and sending the encryption detection result of the service provider side to the banking server so that the banking server decrypts the encryption detection result of the service provider side to obtain a credit card transaction risk detection result.
Further, the sending credit card transaction risk detection model parameters to the banking server in a secret sharing manner to perform secure multiparty computation in cooperation with the banking server includes:
splitting the credit card transaction risk detection model parameters in a finite field to obtain a shared value of the model parameters;
and sending the shared value of the model parameter to the banking server, and inputting the credit card data shared value and the shared value of the model parameter into a pre-constructed credit card transaction risk detection model so as to cooperate with the banking server to perform safe multiparty calculation.
Further, the step of constructing a credit card transaction risk detection model comprises the following steps:
constructing a safety activation function by utilizing a time cycle neural network computing unit;
constructing a secure gate function using the secure activation function;
and constructing the credit card transaction risk detection model according to the credit card transaction risk detection model parameters and the safe gate function.
Further, the inputting the credit card data sharing value and the sharing value of the model parameter into a pre-constructed credit card transaction risk detection model to perform secure multiparty computation in cooperation with the banking server includes:
inputting the credit card data sharing value and the sharing value of the model parameter into each safe gate function in the credit card transaction risk detection model according to preset logic to perform safe multi-party calculation to obtain an arithmetic sharing output value and a Boolean sharing output value;
and calculating the encryption detection result of the service provider side according to the arithmetic sharing output value and the Boolean sharing output value.
In a second aspect, the present application provides a credit card transaction risk detection method, including:
discretizing the credit card data of the client to obtain discretized credit card data of the client;
splitting the discretized customer credit card data in a finite field to obtain a credit card data sharing value;
sending the credit card data sharing value to a model service provider to cooperate with the model service provider to perform secure multiparty calculation to obtain an encryption detection result of the bank side;
generating a credit card transaction risk detection result according to an encryption detection result of the service provider side and an encryption detection result of the bank side; and the encryption detection result of the service provider side is obtained by performing safe multiparty calculation by the model service provider.
Further, the performing secure multiparty computation in cooperation with the model service provider to obtain the encryption detection result of the bank side includes:
obtaining shared values of model parameters from the model service provider in a secret sharing manner; the shared value of the model parameter is obtained by splitting the credit card transaction risk detection model parameter by the model service provider over a finite field;
inputting the credit card data sharing value and the sharing value of the model parameter into a credit card transaction risk detection model so as to cooperate with the model service provider to perform secure multiparty calculation; wherein the credit card transaction risk detection model is pre-constructed by the model service provider.
Further, the credit card transaction risk detection method further comprises the following steps:
and comparing a preset transaction risk detection threshold value with the credit card transaction risk detection result to obtain a transaction risk judgment result.
In a third aspect, the present application provides a credit card transaction risk detection apparatus, comprising:
a credit card shared value acquisition unit for acquiring a credit card data shared value in a secret sharing manner; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking server;
the service provider side detection result generation unit is used for sending credit card transaction risk detection model parameters to the banking service server in a secret sharing mode so as to cooperate with the banking service server to perform safe multiparty calculation to obtain an encryption detection result of the service provider side;
and the service provider side detection result sending unit is used for sending the encryption detection result of the service provider side to the banking service server so as to enable the banking service server to decrypt the encryption detection result of the service provider side to obtain a credit card transaction risk detection result.
Further, the service provider side detection result generation unit includes:
the parameter sharing value generating module is used for splitting the credit card transaction risk detection model parameters in a finite field to obtain the sharing values of the model parameters;
and the service provider side detection result generation module is used for sending the shared value of the model parameter to the banking business server, inputting the credit card data shared value and the shared value of the model parameter into a pre-constructed credit card transaction risk detection model, and performing safe multiparty calculation in cooperation with the banking business server.
Further, the credit card transaction risk detection device further comprises:
the activation function generation unit is used for constructing a safety activation function by utilizing the time cycle neural network calculation unit;
a gate function generating unit, configured to construct a secure gate function using the security activation function;
and the risk detection model establishing unit is used for establishing the credit card transaction risk detection model according to the credit card transaction risk detection model parameters and the safe gate function.
Further, the service provider side detection result generation module includes:
the shared output value operator module is used for inputting the credit card data shared value and the shared value of the model parameter into each safe gate function in the credit card transaction risk detection model according to preset logic to carry out safe multiparty calculation so as to obtain an arithmetic shared output value and a Boolean shared output value;
and the service provider side detection result generation submodule is used for calculating the encryption detection result of the service provider side according to the arithmetic sharing output value and the Boolean sharing output value.
In a fourth aspect, the present application provides a credit card transaction risk detection apparatus, comprising:
the discretization processing unit is used for discretizing the credit card data of the client to obtain discretized credit card data of the client;
the credit card sharing value generating unit is used for splitting the discretized client credit card data in a finite field to obtain a credit card data sharing value;
the bank detection result generation unit is used for sending the credit card data sharing value to a model service provider so as to perform secure multiparty calculation in cooperation with the model service provider to obtain an encryption detection result of a bank side;
the detection result synthesis unit is used for generating a credit card transaction risk detection result according to an encryption detection result of the service provider side and an encryption detection result of the bank side; and the encryption detection result of the service provider side is obtained by performing safe multiparty calculation by the model service provider.
Further, the bank detection result generating unit includes:
a parameter shared value obtaining module, configured to obtain a shared value of a model parameter from the model service provider in a secret sharing manner; the shared value of the model parameter is obtained by splitting the credit card transaction risk detection model parameter by the model service provider over a finite field;
the bank detection result generation module is used for inputting the credit card data sharing value and the sharing value of the model parameter into a credit card transaction risk detection model so as to cooperate with the model service provider to perform safe multiparty calculation; wherein the credit card transaction risk detection model is pre-constructed by the model service provider.
Further, the credit card transaction risk detection device further comprises:
and the transaction risk judging unit is used for comparing a preset transaction risk detection threshold value with the credit card transaction risk detection result to obtain a transaction risk judging result.
In a third aspect, the present application provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the credit card transaction risk detection method when executing the program.
In a fourth aspect, the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the credit card transaction risk detection method.
In a fifth aspect, the present application provides a computer program product comprising computer program/instructions which, when executed by a processor, implement the steps of the credit card transaction risk detection method.
Aiming at the problems in the prior art, the method and the device for detecting the transaction risk of the credit card can utilize a secret sharing technology, enable a bank and a neural network model service provider to participate in calculation together in a safe multi-party calculation mode on the premise of not revealing input parameters of all parties, ensure that prediction is finished on the premise of not exporting private data of all parties, namely protect the privacy of the input data of all parties, and are suitable for a scene of detecting the transaction risk of the credit card.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flow chart of a method for detecting risk of credit card transactions according to an embodiment of the present application;
fig. 2 is one of the flow charts for obtaining the encryption detection result of the service provider side in the embodiment of the present application;
FIG. 3 is a flowchart illustrating steps of constructing a credit card transaction risk detection model according to an embodiment of the present application;
FIG. 4 is a second flowchart illustrating a second method for obtaining the encryption detection result of the service provider in the embodiment of the present application;
FIG. 5 is a second flowchart of a method for detecting risk of credit card transactions according to an embodiment of the present application;
fig. 6 is a flowchart of obtaining an encryption detection result at the bank side in the embodiment of the present application;
FIG. 7 is a diagram illustrating one of the structures of a risk detection device for credit card transactions according to an embodiment of the present application;
fig. 8 is a structural diagram of a service provider side detection result generation unit in the embodiment of the present application;
FIG. 9 is a second block diagram of the credit card transaction risk detection apparatus according to the embodiment of the present application;
fig. 10 is a structural diagram of a service provider side detection result generation module in the embodiment of the present application;
FIG. 11 is a second block diagram of the credit card transaction risk detection apparatus according to the embodiment of the present application;
fig. 12 is a structural diagram of a bank detection result generation unit in the embodiment of the present application;
fig. 13 is a schematic structural diagram of an electronic device in an embodiment of the present application;
fig. 14 is a diagram of an application scenario structure in the embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the method and apparatus for detecting transaction risk of credit card provided by the present application can be used in the financial field, and can also be used in any field other than the financial field.
According to the technical scheme, the data acquisition, storage, use, processing and the like meet relevant regulations of national laws and regulations.
In one embodiment, referring to fig. 1, in order to perform credit card transaction risk detection on the premise of protecting user privacy, the present application provides a credit card transaction risk detection method, including:
s101: acquiring a credit card data sharing value in a secret sharing mode; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking server;
s102: sending credit card transaction risk detection model parameters to the banking server in a secret sharing mode to perform safe multiparty calculation in cooperation with the banking server to obtain an encryption detection result of a service provider side;
s103: and sending the encryption detection result of the service provider side to the banking server so that the banking server decrypts the encryption detection result of the service provider side to obtain a credit card transaction risk detection result.
It can be understood that the widespread use of credit cards greatly facilitates the transaction process between the merchant and the customer, but also raises various risks of credit card transactions, including counterfeiting, fraud, and malicious overdraft. In the prior art, credit card transaction risk detection is a two-classification problem that whether each transaction has a transaction risk is often analyzed according to past transaction data. Therefore, the problem of transaction risk detection is often solved in the prior art by constructing a machine learning classifier.
Although machine learning techniques are widely used for detecting the risk of credit card transactions and achieve a good detection effect, the training process is too complicated. More importantly, the method is very not beneficial to the privacy protection of the client on the premise of detecting the credit card transaction risk by acquiring the total amount of past transaction data of the client. Once the service provider who performs the transaction risk detection reveals the credit card data and the transaction risk prediction result of the customer, it will pose a potential threat to the privacy information and property security of the customer. Therefore, a method for detecting the risk of credit card transaction under the premise of protecting the privacy of the user is needed.
Referring to fig. 14, the embodiment of the present application adopts a secure multiparty computing method, which solves the problem of cooperative computing between a bank and a neural network model service provider (hereinafter referred to as a service provider) under the premise of protecting privacy of each party.
The service provider and the bank adopt a secret sharing technology to split the credit card transaction risk detection model parameters and the credit card data of the client on a finite field respectively, and each split part is called a sharing value. According to the characteristic of secret sharing, only when two participated parties provide respective shared values together, the initial secret can be reconstructed, and a single participator cannot recover the original secret based on the own shared value. Therefore, the secret sharing technology can ensure that the private data can be calculated on the premise of not being exported.
In the whole process of executing the calculation protocol, only the calculation logic is disclosed, namely, a credit card transaction risk detection algorithm is disclosed, and parameters are mastered by a service provider and are not disclosed. Since any function can be expressed in the form of a boolean circuit, the credit card transaction risk detection algorithm can be expressed in the form of a boolean circuit. Considering that linear operations (addition, multiplication) in the credit card transaction risk detection algorithm are more efficiently performed in an arithmetic circuit than in a boolean circuit, the embodiments of the present application use the arithmetic circuit to process linear operations, use the boolean circuit to process non-linear operations (such as a compare magnitude operation and a select operation), and perform conversion between the two when necessary. After representing the credit card transaction risk detection algorithm as a circuit, the bank and the service provider take the shared value of the secret sharing as input, and then only need to participate in a calculation protocol, so that the prediction calculation of the credit risk of the client can be completed. After the calculation is finished, the two parties obtain the ciphertext sharing value, the service provider sends the sharing value to the bank, and the bank collects the ciphertext sharing value and decrypts the ciphertext sharing value to obtain the detection result.
In conclusion, the secure multi-party calculation can enable the bank and the service provider to participate in the calculation together, and on the premise that respective input is not disclosed, the correct calculation result is finally obtained, so that the security is higher, the accuracy is higher, and the efficiency is higher than that of homomorphic encryption and other common privacy data processing methods.
The execution subject of step S101 to step S103 is a model service provider.
The embodiments of the present application relate to the following two structures.
First, a safety configuration.
The protocol of the embodiment of the application is designed based on the semi-honest safety structure, and compared with a malicious model, the semi-honest model can reduce the complexity of protocol design and improve the execution efficiency of the protocol. To secure the secret sharing process, it is assumed that a secure trusted channel exists between all participants.
Second, the system architecture.
The system structure of the embodiment of the application is composed of two parts: a bank P0 and a service provider P1. The bank is responsible for providing credit card data of the customer, the service provider is responsible for providing a trained credit card transaction risk detection model, and the service provider jointly execute a security computing protocol to complete detection. After the detection is finished, the service provider sends the encrypted detection result of the service provider side to the bank, and the bank decrypts the encrypted detection result to obtain a plaintext detection result.
It should be noted that, since the credit card data relates to the privacy of the client, the credit card transaction risk detection model belongs to the data assets of the service provider, which cannot be sent in the clear, and needs to be protected in the privacy.
The specific execution steps of the embodiment of the application are as follows:
<1> the bank sends the customer credit card data to the service provider through a trusted channel in a secret sharing manner; the service provider sends the credit card transaction risk detection model parameters to the bank through a trusted channel in a secret sharing mode;
<2> the bank and the service provider execute a secure two-party calculation protocol after obtaining the client credit card data and the shared value of the credit card transaction risk detection model parameter;
after the calculation is finished, the service provider sends the shared value of the ciphertext (the encrypted detection result of the service provider side) to the bank, and the bank decrypts the shared value to obtain the detection result of the plaintext; and combining the detection result of the bank side to obtain a final detection result.
The privacy-preserving credit card transaction risk detection protocol comprises the following steps:
(1) Extracting a basic computing unit according to an LSTM algorithm, comprising: adding, multiplying, comparing sizes, selecting, vector connecting, exponenting, dividing, hadamard product and matrix multiplying by vectors;
(2) Designing a plaintext basic computing unit as a ciphertext basic computing unit and regarding the plaintext as a security component underlying security computation, namely a secure (arithmetic and Boolean) addition, a secure (arithmetic and Boolean) multiplication, a secure comparison size, a secure selection, a secure vector concatenation, a secure exponent, a secure division, a secure Hadamard sum and a secure matrix multiplication vector component;
(3) Constructing a secure sigmoid and tanh activation function in the LSTM network by combining the security components;
(4) Establishing functions of a forgetting gate, an input gate and an output gate of LSTM network security through the combination of the security component and the security activation function;
(5) The safe LSTM network is combined through the safe gate function of the LSTM network, so that the credit card transaction risk detection method with privacy protection is realized.
According to the above system structure, the embodiment of the present application can be illustrated by the following five aspects:
first, secret sharing.
This section relates to Arithmetic sharing (arithmetric sharing) and Boolean sharing (Boolean sharing) and Arithmetic sharing-to-Boolean sharing A2B and Boolean sharing-to-Arithmetic sharing B2A. The four components are the basis for the second, third and fourth sections.
Second, a security component.
This section relates to secure (arithmetic and boolean) addition, secure (arithmetic and boolean) multiplication, secure comparison magnitude, secure selection, secure vector concatenation, secure exponents, secure division, secure hadamard product and secure matrix-by-vector components, which form the basis of the third, fourth and fifth sections.
Third, a secure activation function.
And combining the safe sigmoid and tanh activation functions in the LSTM network according to the results of the first part and the second part.
Fourth, a gate function for LSTM network security.
Combining the functions of a forgetting gate, an input gate and an output gate in the LSTM network according to the results of the first part, the second part and the third part;
fifth, a secure LSTM network (equivalent to the credit risk analysis model in the examples of the present application) is constructed
The circuit calls the safe forgetting gate, the input gate and the output gate functions in sequence to combine the safe LSTM network.
It should be noted that the embodiments of the present application may refer to the following terms:
(1) secure multi-party computing: the method mainly aims at solving the problem of how to safely calculate an agreed function by each participant when no trusted third party exists. The mathematical definition is expressed as: in secure multiparty computation, N participants P 0 ,P 1 ,...,P N-1 Respectively have their own input data d 0 ,d 1 ,...,d N-1 The N parametersThe ANDed wants to safely calculate a common function F (d) without revealing respective inputs 0 ,d 1 ,...,d N-1 ) And finally, a correct calculation result can be obtained.
(2) Oblivious Transfer (OT): communication between a sender and a receiver is described, the sender transmitting a plurality of pieces of information to the receiver, the receiver selecting one of the plurality of pieces of information in a private manner: the sender ensures that the receiver does not obtain any more information than the selected piece of information, and the sender has no knowledge of which piece of information the receiver has obtained. Inadvertent transfers are the basis for building garbled circuits and secret sharing in secure multi-party computing. 1-out-of-2OT is an alternative, oblivious transport protocol.
(3) Secret sharing: secret sharing is a cryptographic technique in which a secret is stored in a partitioned set of participants, a secret being divided into n shares, each of which becomes a shared value, the shared values being distributed to the n participants, the initial secret being reconstructed only if certain subsets of the participants collectively provide the respective shared value, the secret sharing being the basis for the secure computation.
From the above description, the credit card transaction risk detection method and device provided by the application can utilize the secret sharing technology, enable the bank and the neural network model service provider to participate in the calculation together in a safe multi-party calculation mode on the premise of not revealing input parameters of all parties, and ensure that the prediction is completed on the premise of not exporting private data of all parties, namely, the privacy of the input data of all parties is protected, and the method and device are suitable for the scene of credit card transaction risk detection.
In one embodiment, referring to fig. 2, the sending credit card transaction risk detection model parameters to the banking server in a secret sharing manner to perform secure multiparty computation in cooperation with the banking server includes:
s201: splitting the credit card transaction risk detection model parameters on a finite field to obtain a shared value of the model parameters;
it is understood that there are many algorithms for implementing secret sharing based on the principles of secret sharing technology, including but not limited to Shamir's algorithm. The algorithm is realized based on a Lagrange interpolation formula.
In the embodiment of the present application, a specific implementation manner is as follows:
the protocol herein is implemented based on a hybrid protocol framework, ABY, which represents three different sharing approaches: arithmetic sharing (arithmetric sharing), boolean sharing (Boolean sharing) based on additive secret sharing implementations, and Yao sharing (Yao's garbled circuits) based on obfuscated circuit implementations. Interconversion between boolean sharing and arithmetic sharing may be achieved.
The Boolean sharing to arithmetic sharing (B2A) can be directly carried out; the direct conversion cost of the arithmetic sharing to the Boolean sharing (A2B) is large, and the conversion can be carried out by means of Yao sharing.
(the above process is complex and not expanded here, reference may be made to the explanation of secret sharing in step S502.)
S202: and sending the shared value of the model parameter to the banking server, and inputting the credit card data shared value and the shared value of the model parameter into a pre-constructed credit card transaction risk detection model so as to cooperate with the banking server to perform safe multiparty calculation.
1. The bank sends the credit card data of the client to the service provider through a trusted channel in a secret sharing mode; the service provider sends the credit risk assessment model parameters of the client to a bank through a trusted channel in a secret sharing mode;
2. the bank and the service provider execute a secure two-party computing protocol after receiving the client credit card data and the shared value of the model parameter;
3. after the calculation is finished, the service provider sends the shared value of the ciphertext to the bank, the bank decrypts the shared value to obtain a plaintext result, and whether the credit card of the user has risks is judged by comparing the plaintext result with a threshold value.
As can be seen from the above description, the credit card transaction risk detection method provided by the present application can send the credit card transaction risk detection model parameters to the banking server in a secret sharing manner, so as to perform secure multiparty computation in cooperation with the banking server.
In one embodiment, referring to FIG. 3, the step of constructing a credit card transaction risk detection model includes:
s301: constructing a safety activation function by utilizing a time cycle neural network computing unit;
s302: constructing a secure gate function using the secure activation function;
s303: and constructing the credit card transaction risk detection model according to the credit card transaction risk detection model parameters and the safe gate function.
It is to be understood that the term also referred to as a time-cycled neural network computing unit relates to the following:
first, safe (arithmetic and Boolean) addition
The circuit directly calls the addition component in the arithmetic circuit and the boolean circuit.
Second, secure (arithmetic and Boolean) multiplication
The circuit directly calls multiplication components in the arithmetic circuit and the Boolean circuit.
Third, safe comparison of sizes
The circuit directly calls the larger size component in the boolean circuit.
Fourth, safe selection
P 0 Having input x, P 1 Having an input y, with a selection bit of z ∈ {0,1}, selecting according to z, if z =1, then selecting x, otherwise selecting y, which selection process can be expressed in z · x + (1-z) · y. Therefore, the circuit firstly calls Boolean sharing to split the input x and y, and then calls safe Boolean multiplication and Boolean addition components twice to obtain the safe selection component.
Fifth, secure vector join
P 0 Having an input vector x = (x) 0 ,x 1 ,...),P 1 Having an input vector y = (y) 0 ,y 1 ,..), a concatenation of vectors x and y [ x, y ]]=[(x 0 ,x 1 ,...),(y 0 ,y 1 ,...)]=(x 0 ,x 1 ,...,y 0 ,y 1 ,...). So the circuit first calls arithmetic sharing to split the input vectors x and y, then P 0 And P 1 And carrying out vector connection locally, and calling a safe arithmetic addition component to obtain a safe vector connection component.
Sixth, index of safety
The circuit directly calls the exponent component in the boolean circuit.
Seventh, safe division
The circuit directly calls a division component in the boolean circuit.
Eighth, safe hadamard product
For two matrices of the same order a = (a) ij ) And B = (B) ij ) If c is ij =a ij ·b ij Then the matrix C = (C) ij ) The Hadamard product is a linear operation, which is the Hadamard product of A and B, and thus the Hadamard-product security component is based on an arithmetic circuit. In this patent, the hadamard product of the vector is to be calculated, and thus the hadamard product security component is designed by taking the vector as an example. P 0 Vector x = (x) having n × 1 0 ,x 1 ,...,x n-1 ),P 1 Having a vector y = (y) of n × 1 0 ,y 1 ,...,y n-1 ) Need to calculate
It can be seen that the hadamard product simply calls for multiple multiplication components. Therefore, the circuit firstly calls arithmetic sharing to split the input vectors x and y, and then calls multiplication and addition components in a plurality of arithmetic circuits to obtain the safe Hadamard product component.
Ninth, the secure matrix is multiplied by the vector
The matrix multiplied by the vector is a linear operation and is therefore based on arithmetic circuit design. P 0 Having an m X n matrix X, P 1 Having a vector y of n x 1, multiplying the matrix by the vector Xy to obtain a vector z of m x 1 after the calculation is finished, and calling arithmetic sharing by the circuit to input the vector y and the matrix xEach element is split.
Firstly, a matrix triplet c = Ab is generated in the pre-calculation stage, wherein A is an m × n matrix, b is an n × 1 vector, and c is an m × 1 vector, and the two parts respectively calculate locally
Where i e {0,1}, then the circuit invokes a secure arithmetic addition component to compute
Restoring matrix E and vector f, and respectively locally calculating
Wherein i is the same as (0,1), and then calling the safe arithmetic addition component
And recovering the vector z, namely completing the multiplication of the safe matrix by the vector component.
Further, a secure activation function is constructed.
First, construct a secure sigmoid activation function
For sigmoid (x) = 1/(1+e (-x)), the circuit calls a safe arithmetic addition component, a safe exponent and a safe arithmetic addition component in sequence, then calls an A2B protocol to convert the intermediate state from arithmetic sharing to Boolean sharing, and finally calls a safe division component to obtain a safe sigmoid function.
Second, construct a secure tanh activation function
For tanh (x) =2sigmoid (2 x) -1, the safe sigmoid activation function is designed and finished and can be directly called, so that the safe boolean multiplication, the safe sigmoid activation function, the safe boolean multiplication and the safe boolean addition component are sequentially called by the circuit, and the safe tanh activation function can be obtained.
Further, a gate function for LSTM network security is constructed.
First, construct the forgetting gate function of LSTM network security
For forgetting door f t =sigmoid(W f ·[C t-1 ,h t-1 ,x t ]+b f ) For example, the circuit calls the safe vector connection, the safe matrix multiplication vector and the safe arithmetic addition component in sequence, then the called A2B protocol converts the intermediate state from the arithmetic sharing to the Boolean sharing, and finally calls the safe sigmoid activation function, so that the output ft of the Boolean sharing can be obtained.
Second, construct the import Gate function for LSTM network Security
Step 1: for input gate i t =sigmoid(W i ·[C t-1 ,h t-1 ,x t ]+b i ) For example, the circuit calls a safe vector connection, a safe matrix multiplication vector and a safe arithmetic addition component in sequence, then calls an A2B protocol to convert the intermediate state from arithmetic sharing to Boolean sharing, and finally calls a safe sigmoid activation function to obtain output it of Boolean sharing;
step 2: for the currently input cell state
For example, the circuit first calls a safe vector connection, a safe matrix multiplication vector and a safe arithmetic addition component in sequence, then calls an A2B protocol to convert the intermediate state from arithmetic sharing to Boolean sharing, and finally calls a safe tanh activation function to obtain the output-Ct of the Boolean sharing;
and step 3: for the
For example, the B2A protocol is called to convert the output ft, it, and Ct obtained in the previous step from boolean sharing to arithmetic sharing, and then the secure hadamard product and secure arithmetic addition component is called to obtain the output Ct of arithmetic sharing.
Third, an output gate function of the LSTM network security is constructed.
Step 1: for output gate O t =sigmoid(W o ·[C t-1 ,h t-1 ,x t ]+b o ) For example, the circuit calls a safe vector connection, a safe matrix multiplication vector and a safe arithmetic addition component in sequence, then calls an A2B protocol to convert the intermediate state from arithmetic sharing to Boolean sharing, and finally calls a safe sigmoid activation function to obtain output Ot of Boolean sharing;
step 2: for the final cell state
In other words, the B2A protocol is first called to convert the output Ct and Ot obtained in the previous step from boolean sharing to arithmetic sharing, and then the safe tanh activation function and the safe hadamard product component are called to obtain the output ht of arithmetic sharing.
Finally, a secure LSTM network is constructed.
The circuit calls the safe forgetting gate, the input gate and the output gate functions in sequence to construct a safe LSTM network.
The given time sequence is x = (x) 0 ,x 1 ,...x t ,...x m ) The user credit card data and LSTM parameters, the security calculation details for the three doors are as follows.
From the above description, the credit card transaction risk detection method provided by the application can construct a credit card transaction risk detection model.
In an embodiment, referring to fig. 4, the inputting the credit card data sharing value and the sharing value of the model parameter into a pre-constructed credit card transaction risk detection model to perform secure multiparty computation in cooperation with the banking server includes:
s401: inputting the credit card data sharing value and the sharing value of the model parameter according to preset logic as the input of a safe LSTM network, and carrying out safe multiparty calculation on each safe gate function in the credit card transaction risk detection model to obtain an arithmetic sharing output value and a Boolean sharing output value;
s402: and calculating the encryption detection result of the service provider side according to the arithmetic sharing output value and the Boolean sharing output value.
It will be appreciated that the system comprises two parties: bank P 0 And service provider P 1 。
Step 1: bank P 0 Sending the credit card data of the user to the service provider P in a secret sharing mode through a trusted channel 1 Service provider P 1 Sending the model parameters to the bank P in a secret sharing mode through a trusted channel 0 ;
And 2, step: after both parties acquire the client credit card data and the shared value of the credit card transaction risk detection model parameter, a safe both-party calculation protocol is executed;
and step 3: after the calculation is finished, the service provider sends the shared value of the ciphertext (the encrypted detection result of the service provider side) to the bank, and the bank decrypts the shared value to obtain the detection result of the plaintext; and combining the detection result of the bank side to obtain a final detection result.
It should be noted that, from the perspective of the overall scheme, the inputs are [ user credit card data ] of the bank P0 and [ model parameters ] of the service provider P1. After the two participating parties acquire the shared values of the data and the model parameters, the safe LSTM network is called, and then the safe calculation of the two parties can be carried out. The calculation of the whole LSTM network can be regarded as the calculation of a large circuit, the network has multiple layers, the initial inputs (circuit bottom layer) are [ shared value of user credit card data ] and [ shared value of model parameter ] respectively input by the bank P0 and the service provider P1, and then each layer input of the circuit comes from the output of the previous layer until the top layer outputs the final calculation result of the whole circuit.
Considering that after secret sharing, both participating parties take the share value of the other party, for a secure LSTM network, the inputs are: the bank P0 inputs [ shared value of user credit card data ] and [ shared value of model parameter ], and the service provider P1 also inputs [ shared value of user credit card data ] and [ shared value of model parameter ].
As can be seen from the above description, the credit card transaction risk detection method provided in the present application can input the credit card data sharing value and the sharing value of the model parameter into a pre-constructed credit card transaction risk detection model, so as to perform secure multiparty computation in cooperation with the banking server.
In one embodiment, referring to fig. 5, a method for detecting risk of credit card transactions includes:
s501: discretizing the credit card data of the client to obtain discretized credit card data of the client; the original data set is credit card transaction information of a user, desensitization processing is firstly carried out on the original data set, PCA processing is then carried out, and the desensitization processing and the PCA processing are used for extracting principal component characteristics of the data set, namely dimension reduction is carried out on the data set. Removing two characteristic variables of Time and Amount, wherein the Time is the interval between each transaction and the first transaction in the data set and the unit is second; the Amount is the transaction Amount, and the obtained anonymous variables V1, V1, V28 are the principal component characteristics obtained through PCA processing and are used as LSTM network input data.
S502: splitting the discretized client credit card data in a finite field to obtain a credit card data sharing value;
s503: sending the credit card data sharing value to a model service provider to cooperate with the model service provider to perform secure multiparty calculation to obtain an encryption detection result of the bank side;
in an embodiment, referring to fig. 6, the performing secure multiparty computation in cooperation with the model service provider to obtain an encryption detection result at the bank side includes: obtaining a shared value of a model parameter from the model service provider in a secret sharing manner (S601); the shared value of the model parameter is obtained by splitting the credit card transaction risk detection model parameter by the model service provider over a finite field; inputting the credit card data sharing value and the sharing value of the model parameter into a credit card transaction risk detection model to cooperate with the model service provider to perform secure multiparty computation (S602); wherein the credit card transaction risk detection model is pre-constructed by the model service provider.
S504: generating a credit card transaction risk detection result according to an encryption detection result of the service provider side and an encryption detection result of the bank side; and the encryption detection result of the service provider side is obtained by performing safe multiparty calculation by the model service provider.
It is understood that the execution subject of steps S501 to S504 is the banking server.
In step S501, considering that the credit card data of the customer at least includes continuous data such as xxxx, xxxx and xxxx, including credit card transaction data continuous for one month or one week, in the subsequent data processing process, the credit card data of the customer needs to be split over a finite field to obtain a credit card data sharing value, and the split data should be discretized customer credit card data, such as corresponding vector representation. The method for completing data discretization is various, such as performing characteristic binning, and the like, and the application is not limited thereto.
With respect to step S502, it should be noted that the following protocols are both two-party settings (2 PC), bank P 0 And service provider P 1 Secrets are held by different parties and of different types, so the shared value of x may be expressed as
Wherein i belongs to {0,1}, T belongs to { A, B, Y }, and represents P i The party holds a share value of type T.
(1) Arithmetic sharing (Arithmetric sharing)
With P 0 Sharing x is an example. P 0 Selecting
Setting sharingValue of
And sends r to P 1 ,P 1 Setting a shared value
(2) Boolean sharing (Boolean sharing)
With P 0 Sharing x is an example. P 0 Selecting r ∈ Z 2 Setting a shared value
And sends r to P 1 ,P 1 Setting a shared value
(3) Yao sharing (Yao sharing)
P 0 Random selection
And will be
Is sent to P 1 Both parties execute a 1-out-of-2OT protocol, where P 0 Input device
Then P is 0 Obtain two values
P 1 Obtained by a selection bit x
(4) Boolean to arithmetic sharing B2A
Specifically, in the 1-out-of-2OT protocol, P 0 Is the sender, P 1 Is the receiving party. In the ith OT, P 0 Random selection
And input(s) i,0 ,s i,1 ) In which
P 1 Input device
As a selection bit, both parties execute the OT protocol, then P 1 The obtained sharing value is
(5) Arithmetic sharing to Boolean sharing A2B
For arithmetic shared value < x > A The value can be converted into a Boolean shared value < x > "by calling A2Y first and then calling Y2B B Expressed as: < x > B =A2B(<x> A )=Y2B(A2Y(<x> A ))。
From the above description, the credit card transaction risk detection method provided by the application can utilize the secret sharing technology, and enable a bank and a neural network model service provider to participate in the calculation together in a safe multi-party calculation mode on the premise of not revealing input parameters of all parties, so that the prediction is completed on the premise of not exporting privacy data of all parties, namely, the privacy of the input data of all parties is protected, and the method is suitable for a credit card transaction risk detection scene.
In one embodiment, the credit card transaction risk detection method further includes:
and comparing a preset transaction risk detection threshold value with the credit card transaction risk detection result to obtain a transaction risk judgment result.
It can be understood that, after receiving the encryption detection result of the service side, the banking server performs decryption by combining with the encryption detection result of the bank side calculated by the banking server, and performs operation on a finite field to recover a plaintext result and finally obtain a credit card transaction risk detection result (i.e. a final value). Considering that the credit card transaction risk detection in the embodiment of the application is a binarization problem, namely that the transaction is "risky" or "riskless" and the latter is "risk-free", the banking party can set a transaction risk detection threshold value according to the actual business scene needs, and when the transaction risk detection threshold value is exceeded, the current credit card transaction is considered to have risk, otherwise, the transaction is judged to be "risk-free".
Based on the same inventive concept, the embodiment of the present application further provides a credit card transaction risk detection apparatus, which can be used to implement the method described in the above embodiment, as described in the following embodiments. Because the principle of solving the problems of the credit card transaction risk detection device is similar to that of the credit card transaction risk detection method, the implementation of the credit card transaction risk detection device can refer to the implementation of the software performance benchmark-based determination method, and repeated parts are not described again. As used hereinafter, the term "unit" or "module" may be a combination of software and/or hardware that implements a predetermined function. While the system described in the embodiments below is preferably implemented in software, implementations in hardware, or a combination of software and hardware are also possible and contemplated.
In one embodiment, referring to fig. 7, in order to enable the credit card transaction risk detection under the premise of protecting the privacy of the user, the present application provides a credit card transaction risk detection apparatus, including:
a credit card shared value acquisition unit 701 for acquiring a credit card data shared value in a secret sharing manner; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking server;
a service provider side detection result generation unit 702, configured to send a credit card transaction risk detection model parameter to the banking server in a secret sharing manner, so as to perform secure multiparty computation in cooperation with the banking server, to obtain an encryption detection result of the service provider side;
the service provider side detection result sending unit 703 is configured to send the encryption detection result of the service provider side to the banking server, so that the banking server decrypts the encryption detection result of the service provider side to obtain a credit card transaction risk detection result.
In an embodiment, referring to fig. 8, the service provider side detection result generating unit 702 includes:
a parameter shared value generating module 801, configured to split the credit card transaction risk detection model parameter over a finite field to obtain a shared value of the model parameter;
and the service provider side detection result generation module 802 is configured to send the shared value of the model parameter to the banking server, and input the credit card data shared value and the shared value of the model parameter into a pre-constructed credit card transaction risk detection model, so as to perform secure multiparty computation in cooperation with the banking server.
In one embodiment, referring to fig. 9, the credit card transaction risk detection apparatus further includes:
an activation function generating unit 901, configured to construct a security activation function by using a time-cyclic neural network computing unit;
a gate function generating unit 902, configured to construct a secure gate function using the security activation function;
and a risk detection model construction unit 903, configured to construct the credit card transaction risk detection model according to the credit card transaction risk detection model parameters and the secure gate function.
In an embodiment, referring to fig. 10, the service provider side detection result generating module includes:
a shared output value operator module 1001, configured to input the credit card data shared value and the shared value of the model parameter into each secure gate function in the credit card transaction risk detection model according to a preset logic to perform secure multiparty calculation, so as to obtain an arithmetic shared output value and a boolean shared output value;
the service provider side detection result generation sub-module 1002 is configured to calculate an encryption detection result of the service provider side according to the arithmetic sharing output value and the boolean sharing output value.
In one embodiment, referring to fig. 11, in order to enable the credit card transaction risk detection under the premise of protecting the privacy of the user, the present application provides a credit card transaction risk detection apparatus, including:
a discretization processing unit 1101 for performing discretization processing on the credit card data of the customer to obtain discretized customer credit card data;
a credit card shared value generating unit 1102, configured to split the discretized customer credit card data over a finite field to obtain a credit card data shared value;
a bank detection result generating unit 1103, configured to send the credit card data sharing value to a model service provider, so as to perform secure multiparty computation in cooperation with the model service provider, to obtain an encryption detection result at a bank side;
a detection result synthesis unit 1104, configured to generate a credit card transaction risk detection result according to an encryption detection result of the facilitator side and an encryption detection result of the bank side; and the encryption detection result of the service provider side is obtained by performing secure multiparty calculation by the model service provider.
In an embodiment, referring to fig. 12, the bank detection result generating unit 1103 includes:
a parameter shared value obtaining module 1201, configured to obtain a shared value of a model parameter from the model service provider in a secret sharing manner; the shared value of the model parameter is obtained by splitting the credit card transaction risk detection model parameter by the model service provider over a finite field;
a bank detection result generation module 1202, configured to input the credit card data sharing value and the sharing value of the model parameter into a credit card transaction risk detection model, so as to perform secure multiparty computation in cooperation with the model service provider; wherein the credit card transaction risk detection model is pre-constructed by the model service provider.
In one embodiment, the credit card transaction risk detection apparatus further includes:
and the transaction risk judging unit is used for comparing a preset transaction risk detection threshold value with the credit card transaction risk detection result to obtain a transaction risk judging result.
In order to detect the risk of credit card transactions on the hardware level under the premise of protecting the privacy of the user, the present application provides an embodiment of an electronic device for implementing all or part of the contents of the method for detecting the risk of credit card transactions, where the electronic device specifically includes the following contents:
a Processor (Processor), a Memory (Memory), a communication Interface (Communications Interface) and a bus; the processor, the memory and the communication interface complete mutual communication through the bus; the communication interface is used for realizing information transmission between the credit card transaction risk detection device and relevant equipment such as a core service system, a user terminal, a relevant database and the like; the logic controller may be a desktop computer, a tablet computer, a mobile terminal, and the like, but the embodiment is not limited thereto. In this embodiment, the logic controller may be implemented with reference to the embodiments of the credit card transaction risk detection method and the credit card transaction risk detection apparatus in the embodiments, and the contents thereof are incorporated herein, and repeated details are not repeated.
It is understood that the user terminal may include a smart phone, a tablet electronic device, a network set-top box, a portable computer, a desktop computer, a Personal Digital Assistant (PDA), a vehicle-mounted device, a smart wearable device, and the like. Wherein, intelligence wearing equipment can include intelligent glasses, intelligent wrist-watch, intelligent bracelet etc..
In practical applications, part of the credit card transaction risk detection method may be performed on the electronic device side as described above, or all operations may be performed in the client device. The selection may be specifically performed according to the processing capability of the client device, the limitation of the user usage scenario, and the like. This is not a limitation of the present application. The client device may further include a processor if all operations are performed in the client device.
The client device may have a communication module (i.e., a communication unit), and may be in communication connection with a remote server to implement data transmission with the server. The server may include a server on the side of the task scheduling center, and in other implementation scenarios, the server may also include a server on an intermediate platform, for example, a server on a third-party server platform that is communicatively linked to the task scheduling center server. The server may include a single computer device, or may include a server cluster formed by a plurality of servers, or a server structure of a distributed apparatus.
Fig. 13 is a schematic block diagram of a system configuration of an electronic device 9600 according to the embodiment of the present application. As shown in fig. 13, the electronic device 9600 can include a central processor 9100 and a memory 9140; the memory 9140 is coupled to the central processor 9100. Notably, this FIG. 13 is exemplary; other types of structures may also be used in addition to or in place of the structure to implement telecommunications or other functions.
In one embodiment, the credit card transaction risk detection method function may be integrated into the central processor 9100. The central processor 9100 may be configured to control as follows:
s101: acquiring a credit card data sharing value in a secret sharing mode; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking server;
s102: sending credit card transaction risk detection model parameters to the banking server in a secret sharing mode to perform safe multiparty calculation in cooperation with the banking server to obtain an encryption detection result of a service provider side;
s103: and sending the encryption detection result of the service provider side to the banking server so that the banking server decrypts the encryption detection result of the service provider side to obtain a credit card transaction risk detection result.
From the above description, the credit card transaction risk detection method and device provided by the application can utilize the secret sharing technology, enable the bank and the neural network model service provider to participate in the calculation together in a safe multi-party calculation mode on the premise of not revealing input parameters of all parties, and ensure that the prediction is completed on the premise of not exporting private data of all parties, namely, the privacy of the input data of all parties is protected, and the method and device are suitable for the scene of credit card transaction risk detection.
In another embodiment, the credit card transaction risk detection device may be configured separately from the central processor 9100, for example, the credit card transaction risk detection device may be configured as a chip connected to the central processor 9100, and the function of the credit card transaction risk detection method may be implemented by the control of the central processor.
As shown in fig. 13, the electronic device 9600 may further include: a communication module 9110, an input unit 9120, an audio processor 9130, a display 9160, and a power supply 9170. It is noted that the electronic device 9600 also does not necessarily include all of the components shown in fig. 13; in addition, the electronic device 9600 may further include components not shown in fig. 13, which can be referred to in the prior art.
As shown in fig. 13, a central processor 9100, sometimes referred to as a controller or operational control, can include a microprocessor or other processor device and/or logic device, which central processor 9100 receives input and controls the operation of the various components of the electronic device 9600.
The memory 9140 can be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information relating to the failure may be stored, and a program for executing the information may be stored. And the central processing unit 9100 can execute the program stored in the memory 9140 to realize information storage or processing, or the like.
The input unit 9120 provides input to the central processor 9100. The input unit 9120 is, for example, a key or a touch input device. The power supply 9170 is used to provide power to the electronic device 9600. The display 9160 is used for displaying display objects such as images and characters. The display may be, for example, an LCD display, but is not limited thereto.
The memory 9140 can be a solid state memory, e.g., read Only Memory (ROM), random Access Memory (RAM), a SIM card, or the like. There may also be a memory that holds information even when power is off, can be selectively erased, and is provided with more data, an example of which is sometimes called an EPROM or the like. The memory 9140 could also be some other type of device. Memory 9140 includes a buffer memory 9141 (sometimes referred to as a buffer). The memory 9140 may include an application/function storage portion 9142, the application/function storage portion 9142 being used for storing application programs and function programs or for executing a flow of operations of the electronic device 9600 by the central processor 9100.
The memory 9140 can also include a data store 9143, the data store 9143 for storing data, such as contacts, digital data, pictures, sounds, and/or any other data used by the electronic device. The driver storage portion 9144 of the memory 9140 may include various drivers for the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, contact book applications, etc.).
The communication module 9110 is a transmitter/receiver 9110 that transmits and receives signals via an antenna 9111. The communication module (transmitter/receiver) 9110 is coupled to the central processor 9100 to provide input signals and receive output signals, which may be the same as in the case of a conventional mobile communication terminal.
Based on different communication technologies, a plurality of communication modules 9110, such as a cellular network module, a bluetooth module, and/or a wireless lan module, may be disposed in the same electronic device. The communication module (transmitter/receiver) 9110 is also coupled to a speaker 9131 and a microphone 9132 via an audio processor 9130 to provide audio output via the speaker 9131 and receive audio input from the microphone 9132, thereby implementing ordinary telecommunication functions. The audio processor 9130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 9130 is also coupled to the central processor 9100, thereby enabling recording locally through the microphone 9132 and enabling locally stored sounds to be played through the speaker 9131.
The embodiment of the present application further provides a computer-readable storage medium capable of implementing all the steps of the credit card transaction risk detection method with the server or the client as an execution subject in the above embodiment, where the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the computer program implements all the steps of the credit card transaction risk detection method with the server or the client as an execution subject, for example, when the processor executes the computer program, the processor implements the following steps:
s101: acquiring a credit card data sharing value in a secret sharing mode; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking service server;
s102: sending credit card transaction risk detection model parameters to the banking server in a secret sharing mode to perform safe multiparty calculation in cooperation with the banking server to obtain an encryption detection result of a service provider side;
s103: and sending the encryption detection result of the service provider side to the banking server so that the banking server decrypts the encryption detection result of the service provider side to obtain a credit card transaction risk detection result.
From the above description, the credit card transaction risk detection method and device provided by the application can utilize the secret sharing technology, enable the bank and the neural network model service provider to participate in the calculation together in a safe multi-party calculation mode on the premise of not revealing input parameters of all parties, and ensure that the prediction is completed on the premise of not exporting private data of all parties, namely, the privacy of the input data of all parties is protected, and the method and device are suitable for the scene of credit card transaction risk detection.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (17)
1. A credit card transaction risk detection method, comprising:
acquiring a credit card data sharing value in a secret sharing mode; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking service server;
sending credit card transaction risk detection model parameters to the banking server in a secret sharing mode to perform safe multiparty calculation in cooperation with the banking server to obtain an encryption detection result of a service provider side;
and sending the encryption detection result of the service provider side to the banking server so that the banking server decrypts the encryption detection result of the service provider side to obtain a credit card transaction risk detection result.
2. The method for detecting the risk of credit card transaction as claimed in claim 1, wherein the sending the parameters of the credit card transaction risk detection model to the banking server in a secret sharing manner for secure multiparty computation in cooperation with the banking server comprises:
splitting the credit card transaction risk detection model parameters on a finite field to obtain a shared value of the model parameters;
and sending the shared value of the model parameter to the banking server, and inputting the credit card data shared value and the shared value of the model parameter into a pre-constructed credit card transaction risk detection model so as to cooperate with the banking server to perform safe multiparty calculation.
3. The method for detecting risk of credit card transaction according to claim 2, wherein the step of constructing a model for detecting risk of credit card transaction comprises:
constructing a safety activation function by utilizing a time cycle neural network computing unit;
constructing a safe gate function by using the safety activation function;
and constructing the credit card transaction risk detection model according to the credit card transaction risk detection model parameters and the safe gate function.
4. The method as claimed in claim 3, wherein the step of inputting the credit card data sharing value and the sharing value of the model parameter into a pre-constructed credit card transaction risk detection model for secure multiparty computation in cooperation with the banking server comprises:
inputting the credit card data sharing value and the sharing value of the model parameter into each safe gate function in the credit card transaction risk detection model according to preset logic to perform safe multi-party calculation to obtain an arithmetic sharing output value and a Boolean sharing output value;
and calculating the encryption detection result of the service provider side according to the arithmetic sharing output value and the Boolean sharing output value.
5. A credit card transaction risk detection method, comprising:
discretizing the credit card data of the client to obtain discretized credit card data of the client;
splitting the discretized customer credit card data in a finite field to obtain a credit card data sharing value;
sending the credit card data sharing value to a model service provider to cooperate with the model service provider to perform secure multiparty calculation to obtain an encryption detection result of the bank side;
generating a credit card transaction risk detection result according to an encryption detection result of the service provider side and an encryption detection result of the bank side; and the encryption detection result of the service provider side is obtained by performing secure multiparty calculation by the model service provider.
6. The method for detecting the risk of credit card transactions according to claim 5, wherein said secure multiparty computation in cooperation with said model service provider to obtain bank-side encryption detection results comprises:
obtaining shared values of model parameters from the model service provider in a secret sharing manner; the shared value of the model parameter is obtained by splitting the credit card transaction risk detection model parameter by the model service provider over a finite field;
inputting the credit card data sharing value and the sharing value of the model parameter into a credit card transaction risk detection model so as to cooperate with the model service provider to perform secure multiparty calculation; wherein the credit card transaction risk detection model is pre-constructed by the model service provider.
7. The credit card transaction risk detection method of claim 5, further comprising:
and comparing a preset transaction risk detection threshold with the credit card transaction risk detection result to obtain a transaction risk judgment result.
8. A credit card transaction risk detection device, comprising:
a credit card shared value acquisition unit for acquiring a credit card data shared value in a secret sharing manner; the credit card data sharing value is obtained by processing credit card data of a client in advance by a banking server;
the service provider side detection result generation unit is used for sending credit card transaction risk detection model parameters to the banking service server in a secret sharing mode so as to cooperate with the banking service server to perform safe multiparty calculation to obtain an encryption detection result of the service provider side;
and the service provider side detection result sending unit is used for sending the encryption detection result of the service provider side to the banking server so as to enable the banking server to decrypt the encryption detection result of the service provider side and then obtain a credit card transaction risk detection result.
9. The credit card transaction risk detecting device of claim 8, wherein the facilitator-side detection result generating unit includes:
the parameter sharing value generating module is used for splitting the credit card transaction risk detection model parameters on a finite field to obtain the sharing values of the model parameters;
and the service provider side detection result generation module is used for sending the shared value of the model parameter to the banking business server, inputting the credit card data shared value and the shared value of the model parameter into a pre-constructed credit card transaction risk detection model, and performing safe multiparty calculation in cooperation with the banking business server.
10. The credit card transaction risk detection device of claim 9, further comprising:
the activation function generation unit is used for constructing a safety activation function by utilizing the time cycle neural network calculation unit;
a gate function generating unit, configured to construct a secure gate function using the security activation function;
and the risk detection model building unit is used for building the credit card transaction risk detection model according to the credit card transaction risk detection model parameters and the safe gate function.
11. The credit card transaction risk detecting device of claim 10, wherein the facilitator-side detection result generating module comprises:
the shared output value operator module is used for inputting the credit card data shared value and the shared value of the model parameter into each safe gate function in the credit card transaction risk detection model according to preset logic to carry out safe multiparty calculation so as to obtain an arithmetic shared output value and a Boolean shared output value;
and the service provider side detection result generation submodule is used for calculating the encryption detection result of the service provider side according to the arithmetic sharing output value and the Boolean sharing output value.
12. A credit card transaction risk detection device, comprising:
the discretization processing unit is used for discretizing the credit card data of the client to obtain discretized credit card data of the client;
the credit card sharing value generating unit is used for splitting the discretized client credit card data in a finite field to obtain a credit card data sharing value;
the bank detection result generation unit is used for sending the credit card data sharing value to a model service provider so as to cooperate with the model service provider to perform safe multiparty calculation to obtain an encryption detection result of a bank side;
the detection result synthesis unit is used for generating a credit card transaction risk detection result according to an encryption detection result of the service provider side and an encryption detection result of the bank side; and the encryption detection result of the service provider side is obtained by performing safe multiparty calculation by the model service provider.
13. The credit card transaction risk detection device of claim 12, wherein the bank detection result generation unit comprises:
a parameter shared value obtaining module, configured to obtain a shared value of a model parameter from the model service provider in a secret sharing manner; the shared value of the model parameter is obtained by splitting the credit card transaction risk detection model parameter by the model service provider over a finite field;
the bank detection result generation module is used for inputting the credit card data sharing value and the sharing value of the model parameter into a credit card transaction risk detection model so as to cooperate with the model service provider to perform secure multiparty calculation; wherein the credit card transaction risk detection model is pre-constructed by the model service provider.
14. The credit card transaction risk detection device of claim 12, further comprising:
and the transaction risk judging unit is used for comparing a preset transaction risk detection threshold value with the credit card transaction risk detection result to obtain a transaction risk judging result.
15. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program performs the steps of the credit card transaction risk detection method of any one of claims 1 to 7.
16. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the credit card transaction risk detection method according to any one of claims 1 to 7.
17. A computer program product comprising computer program/instructions, characterized in that the computer program/instructions, when executed by a processor, implement the steps of the credit card transaction risk detection method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211216824.3A CN115564447A (en) | 2022-09-30 | 2022-09-30 | Credit card transaction risk detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211216824.3A CN115564447A (en) | 2022-09-30 | 2022-09-30 | Credit card transaction risk detection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115564447A true CN115564447A (en) | 2023-01-03 |
Family
ID=84744978
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211216824.3A Pending CN115564447A (en) | 2022-09-30 | 2022-09-30 | Credit card transaction risk detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115564447A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115982779A (en) * | 2023-03-17 | 2023-04-18 | 北京富算科技有限公司 | Data anonymization method and device, electronic equipment and storage medium |
-
2022
- 2022-09-30 CN CN202211216824.3A patent/CN115564447A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115982779A (en) * | 2023-03-17 | 2023-04-18 | 北京富算科技有限公司 | Data anonymization method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112183730B (en) | Neural network model training method based on shared learning | |
| WO2021197037A1 (en) | Method and apparatus for jointly performing data processing by two parties | |
| WO2021103901A1 (en) | Multi-party security calculation-based neural network model training and prediction methods and device | |
| CN112182649A (en) | Data privacy protection system based on safe two-party calculation linear regression algorithm | |
| CN109886029B (en) | Polynomial expression based privacy protection set intersection calculation method and system | |
| CN113239404A (en) | Federal learning method based on differential privacy and chaotic encryption | |
| CN109214201A (en) | A kind of data sharing method, terminal device and computer readable storage medium | |
| CN112818374A (en) | Joint training method, device, storage medium and program product of model | |
| CN113505882A (en) | Data processing method based on federal neural network model, related equipment and medium | |
| CN110580409A (en) | model parameter determination method and device and electronic equipment | |
| CN113542228A (en) | Data transmission method and device based on federal learning and readable storage medium | |
| Zhang et al. | PPNNP: A privacy-preserving neural network prediction with separated data providers using multi-client inner-product encryption | |
| CN113591097A (en) | Service data processing method and device, electronic equipment and storage medium | |
| CN115913537A (en) | Data intersection method and system based on privacy protection and related equipment | |
| CN112532383A (en) | Privacy protection calculation method based on secret sharing | |
| CN115564447A (en) | Credit card transaction risk detection method and device | |
| CN111523674A (en) | Model training method, device and system | |
| CN113792890A (en) | Model training method based on federal learning and related equipment | |
| CN112906715A (en) | Safety image feature extraction and classification method based on deep neural network | |
| CN110222092B (en) | Multi-party statistical query method based on differential privacy protection technology | |
| CN115510502B (en) | PCA method and system for privacy protection | |
| JP7297131B2 (en) | Distributed Machine Learning Model Training Method, Apparatus, Equipment and Medium | |
| CN114462626B (en) | Federal model training method and device, terminal equipment and storage medium | |
| CN112183759A (en) | Model training method, device and system | |
| CN114358323A (en) | Third-party-based efficient Pearson coefficient calculation method in federated learning environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |