CN115619220A - Monitoring method and device for identifying aggregative risk and storage medium - Google Patents

Monitoring method and device for identifying aggregative risk and storage medium Download PDF

Info

Publication number
CN115619220A
CN115619220A CN202211344515.4A CN202211344515A CN115619220A CN 115619220 A CN115619220 A CN 115619220A CN 202211344515 A CN202211344515 A CN 202211344515A CN 115619220 A CN115619220 A CN 115619220A
Authority
CN
China
Prior art keywords
risk
data
user
aggregative
same
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211344515.4A
Other languages
Chinese (zh)
Inventor
周波
郭丽青
林敏�
陈蓓珍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Huifu Network Technology Co ltd
Original Assignee
Zhejiang Huifu Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Huifu Network Technology Co ltd filed Critical Zhejiang Huifu Network Technology Co ltd
Priority to CN202211344515.4A priority Critical patent/CN115619220A/en
Publication of CN115619220A publication Critical patent/CN115619220A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0639Performance analysis of employees; Performance analysis of enterprise or organisation operations
    • G06Q10/06393Score-carding, benchmarking or key performance indicator [KPI] analysis

Landscapes

  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Educational Administration (AREA)
  • Operations Research (AREA)
  • Marketing (AREA)
  • Game Theory and Decision Science (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the application discloses a monitoring method, a monitoring device and a storage medium for identifying aggregative risks, wherein the monitoring method for identifying the aggregative risks comprises the following steps: setting a data burying point at a service initiating end, and acquiring data burying point used when a user transacts services through the data burying point, wherein the data burying point comprises positioning information and/or equipment information; acquiring service data input by the user when handling the service, wherein the service data comprises a mobile phone number and/or an identity card number of the user, and acquiring an index corresponding to a monitoring rule dimension of the aggregative risk based on the buried point data and the service data; and analyzing abnormal values exceeding a preset threshold value in the indexes, and determining that the aggregation risk occurs if a common medium exists among the indexes corresponding to a plurality of users with abnormal values.

Description

Monitoring method and device for identifying aggregative risk and storage medium
Technical Field
The present application relates to the field of computer information processing technologies, and in particular, to a monitoring method, device and storage medium for identifying aggregative risks.
Background
In the existing automobile consumption staging scene, when staging business is transacted, a financial institution generally judges credit risk and repayment capacity before loan according to information of a client and related personnel in a single order, so that fund loss after loan is avoided. With the development of the industry, automobile financial business fraud is shifted from individual combat to organized, large-scale, high-density aggregated group work, risks of batch nature are silent, yet lives permeate the industry, and the development of industry health is covered by a layer of shadow, and the aggregated risks refer to the potential risks of fraudulent loan based on a common medium and of batch nature. The current absence of monitoring of aggregate risks in this area makes the risk a multiplier.
Disclosure of Invention
An object of the embodiments of the present application is to provide a monitoring method, an apparatus and a storage medium for identifying an aggregative risk, so as to solve the problem that the aggregation risk cannot be identified and monitored in the prior art.
In order to achieve the above object, an embodiment of the present application provides a monitoring method for identifying an aggregative risk, including: setting a data embedding point at a service initiating end, and acquiring embedding point data used when a user transacts services through the data embedding point, wherein the embedding point data comprises positioning information and/or equipment information;
acquiring service data input by the user when handling the service, wherein the service data comprises a mobile phone number and/or an identity card number of the user, and acquiring an index corresponding to a monitoring rule dimension of the aggregative risk based on the buried point data and the service data;
and analyzing abnormal values exceeding a preset threshold value in the indexes, and determining that the aggregation risk occurs if a common medium exists among the indexes corresponding to a plurality of users with abnormal values.
Optionally, the method further comprises: counting the users with the aggregative risk, obtaining a common attribute of the users with the aggregative risk by combining historical overdue user data, and obtaining a high-risk user name list library containing the potential users with the aggregative risk based on the common attribute;
judging whether the aggregative risk occurs or not based on the high-risk user name list library and the index corresponding to the dimension of the monitoring rule of the acquired aggregative risk;
and updating and iterating the high risk list and the monitoring rule dimensionality based on the obtained buried point data and the service data.
Optionally, after obtaining the buried point data used when the user transacts the service, the method further includes:
and cleaning the buried point data, and storing the structured information of the cleaned buried point data.
Optionally, the monitoring rule dimension of the aggregate risk includes:
the same cell-phone number applies for, is same on a plurality of equipment the identity card number applies for, is same on the equipment uses a plurality ofly the cell-phone number applies for, is same the equipment uses a plurality ofly the identity card number applies for, is same there are a plurality of user account number switches on the equipment the address that user's business was handled is different, the same with the business handling place of car merchant address and input location information is associated a plurality of user account number, a plurality of the cell-phone number uses the same location information application, a plurality of cell-phone number use same wiFi application and/or there is the falsifying of equipment information in the equipment.
Optionally, the positioning information includes an ip address and a GPS address of a device used by the user during service handling.
To achieve the above object, the present application further provides a monitoring device for identifying aggregative risks, comprising: a memory; and
a processor coupled to the memory, the processor configured to:
setting a data burying point at a service initiating end, and acquiring data burying point used when a user transacts services through the data burying point, wherein the data burying point comprises positioning information and/or equipment information;
acquiring service data input by the user when handling the service, wherein the service data comprises a mobile phone number and/or an identity card number of the user, and acquiring an index corresponding to a monitoring rule dimension of the aggregative risk based on the buried point data and the service data;
and analyzing abnormal values exceeding a preset threshold value in the indexes, and determining that the aggregation risk occurs if a common medium exists among the indexes corresponding to a plurality of users with abnormal values.
Optionally, the processor is further configured to: counting the users with the aggregative risk, obtaining a common attribute of the users with the aggregative risk by combining historical overdue user data, and obtaining a high-risk user name list library containing the potential users with the aggregative risk based on the common attribute;
judging whether the aggregative risk occurs or not based on the high-risk user name list library and the index corresponding to the dimension of the monitoring rule of the acquired aggregative risk;
and updating and iterating the high risk list and the monitoring rule dimensionality based on the obtained buried point data and the service data.
Optionally, the processor is further configured to: after the data of the buried point used when the user transacts the business is obtained, the method further comprises the following steps:
and cleaning the buried point data, and storing the structured information of the cleaned buried point data.
Optionally, the processor is further configured to: the monitoring rule dimensions of the aggregate risk include:
the same cell-phone number applies for, is same on a plurality of equipment the identity card number applies for, is same on the equipment uses a plurality ofly the cell-phone number applies for, is same the equipment uses a plurality ofly the identity card number applies for, is same there are a plurality of user account number switches on the equipment the address that user's business was handled is different, the same with the business handling place of car merchant address and input location information is associated a plurality of user account number, a plurality of the cell-phone number uses the same location information application, a plurality of cell-phone number use same wiFi application and/or there is the falsifying of equipment information in the equipment.
To achieve the above object, the present application also provides a computer storage medium having a computer program stored thereon, wherein the computer program when executed by a machine implements the steps of the method as described above.
The embodiment of the application has the following advantages:
the embodiment of the application provides a monitoring method for identifying aggregative risks, which comprises the following steps: setting a data embedding point at a service initiating end, and acquiring embedding point data used when a user transacts services through the data embedding point, wherein the embedding point data comprises positioning information and/or equipment information; acquiring service data input when the user transacts services, wherein the service data comprises a mobile phone number and/or an identity card number of the user, and acquiring an index corresponding to a monitoring rule dimension of the aggregative risk based on the buried point data and the service data; and analyzing abnormal values exceeding a preset threshold value in the indexes, and determining that the aggregation risk occurs if a common medium exists among the indexes corresponding to a plurality of users with abnormal values.
By the method, the dimension of the monitoring rule which possibly generates the aggregative risk when a user transacts business is excavated through the buried point data, and the aggregation attribute corresponding to the abnormal value, such as a common medium, is identified from the buried point data, so that the aggregative risk is identified and monitored.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It should be apparent that the drawings in the following description are merely exemplary and that other implementation drawings may be derived from the provided drawings by those of ordinary skill in the art without inventive effort.
FIG. 1 is a flow chart of a monitoring method for identifying risk of aggregation according to an embodiment of the present application;
FIG. 2 is an aggregate risk display interface of a monitoring method for identifying aggregate risk according to an embodiment of the present disclosure;
fig. 3 is a block diagram of a monitoring device for identifying an aggregative risk according to an embodiment of the present disclosure.
Detailed Description
The present disclosure is not intended to be limited to the particular embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In addition, the technical features mentioned in the different embodiments of the present application described below may be combined with each other as long as they do not conflict with each other.
An embodiment of the present application provides a monitoring method for identifying an aggregative risk, and referring to fig. 1, fig. 1 is a flowchart of a monitoring method for identifying an aggregative risk provided in an embodiment of the present application, it should be understood that the method may further include additional blocks not shown and/or may omit the blocks shown, and the scope of the present application is not limited in this respect.
In step 101, a data embedding point is set at a service initiating end, and embedding point data used when a user transacts a service is obtained through the data embedding point, where the embedding point data includes positioning information and/or device information.
Specifically, at a service initiating end, an APP end or an H5 applet, data point burying is performed through a point burying technology, and positioning information (ip address, GPS address) and equipment information used in service handling are collected. The service initiating end may be various software or applications such as a bank, an e-commerce, an online transaction, etc., which is not limited in this embodiment. The operation behavior data of the user can be collected by presetting a buried point in the service initiating terminal. The data embedding program can be a program independently attached to the service initiating terminal, or an executable program code embedded in the service initiating terminal and used for collecting the data embedding. The preset burial point in the business initiating terminal gathers the waterproof of burying a data, can be the mode that multiple can realize among the prior art, and this application embodiment does not limit to this.
The buried point data may be Positioning information and/or device information, and may include device information of a terminal device operated by a current service initiating terminal, an IP address, positioning information, network information, and the like, where the device information may be hardware information of the terminal device, and may include a processor, a memory, a hardware address, and the like, the Positioning information may be geographical location information obtained by the terminal device having a Positioning function such as a GPS (Global Positioning System), and the network information may include network environment information where the terminal device is currently located, such as network service operator information, WIFI (wireless communication technology) information, and the like. The terminal equipment comprises a mobile phone, a tablet computer, a PC and the like which can operate a service initiating terminal.
In some embodiments, after obtaining the buried point data used when the user transacts the service, the method further includes:
and cleaning the buried point data, and storing the structural information of the cleaned buried point data.
In step 102, service data input when the user transacts a service is obtained, where the service data includes, but is not limited to, a mobile phone number and/or an identity number of the user, and an index corresponding to a monitoring rule dimension of an aggregative risk is obtained based on the buried point data and the service data.
Specifically, the dimensionality of the monitoring rule is extracted by combining the buried point data with the service data, and index development is carried out.
In some embodiments, the monitoring rules dimension of the aggregate risk includes:
the same cell-phone number applies for, is same on a plurality of equipment the identity card number applies for, is same on the equipment uses a plurality ofly the cell-phone number applies for, is same the equipment uses a plurality ofly the identity card number applies for, is same there are a plurality of user account number switches on the equipment the address that user's business was handled is different, the same with the business handling place of car merchant address and input location information is associated a plurality of user account number, a plurality of the cell-phone number uses the same location information application, a plurality of cell-phone number use same wiFi application and/or there is the falsifying of equipment information in the equipment. Of course, the dimension of the monitoring rule may also be set according to actual requirements, which is not limited in the embodiment of the present application.
Specifically, the index corresponding to the monitoring rule dimension of the aggregative risk is a risk judgment condition in a certain dimension, for example, in the dimension of "applying for on multiple devices by the same mobile phone number", the risk judgment condition is the number corresponding to the "multiple devices", and the index is the number of the devices. In some embodiments, the indicators for risk judgment may be combined or superimposed, that is, the dimension of the monitoring rule may be one or more, may be independent, or may be superimposed.
At step 103, abnormal values exceeding a preset threshold value in the indexes are analyzed, and if a common medium exists among the indexes corresponding to a plurality of users with abnormal values, the occurrence of the aggregative risk is determined.
Specifically, the abnormal value is analyzed when the index is applied (if the number of applications of the same mobile phone number on different devices =6,6 is the abnormal value, which is not consistent with the conventional cognition), and the possibility of aggregation is detected through the abnormal value. And when the common medium exists among the indexes corresponding to the plurality of users with abnormal values, carrying out risk monitoring and early warning to give early warning to related personnel.
In some embodiments, the aggregate risk is displayed in a visual form, risk monitoring is performed, and early warning is given to related personnel. Referring to fig. 2, as shown in fig. 2, there are two mobile phone numbers (mobile phone number 1 and mobile phone number 2) and indexes corresponding to 1 device (device id 5) that all have abnormal values (the same mobile phone number applies to multiple devices and multiple mobile phone numbers apply to the same device), where a common medium between the indexes corresponding to multiple users is device id5 (device id7 is a common medium between the indexes corresponding to the two mobile phone numbers), at this time, it is determined that an aggregation risk occurs, the aggregation risk is displayed through a visual graph, statistical information can be displayed through modes such as large-screen display, and corresponding device information, positioning information and/or service data can be displayed at the same time.
In some embodiments, further comprising: counting the users with the aggregative risk, combining historical overdue user data to obtain a common attribute of the users with the aggregative risk, and obtaining a high-risk user name list library containing the potential users with the aggregative risk based on the common attribute;
judging whether the aggregative risk occurs or not based on the high-risk user name list library and the index corresponding to the dimension of the monitoring rule of the acquired aggregative risk;
and updating and iterating the high risk list and the monitoring rule dimensionality based on the obtained buried point data and the service data.
Specifically, given a sample presentation period, the monitored aggregate risk groups are combined with historical overdue sample data to develop a high risk list library through analysis. The high-risk list library and the aggregate risk monitoring dimension are combined with each other and update iterations. For example, a certain number of monitored and counted aggregated risk groups or positioning information in historical overdue repayment user data are associated with the place a or used application devices have devices B, the place a or the devices B are common attributes, the users with the common attributes are potential users with aggregated risks, and the users are listed in a high-risk user name list library.
By the method, the dimension of the monitoring rule which possibly generates the aggregative risk when a user handles the business is mined through the buried point data, and the aggregation attribute corresponding to the abnormal value, such as a common medium, is identified from the buried point data, so that the aggregative risk is identified and monitored.
Fig. 3 is a block diagram of a monitoring device for identifying an aggregative risk according to an embodiment of the present disclosure. The device includes:
a memory 201; and a processor 202 coupled to the memory 201, the processor 202 configured to: setting a data embedding point at a service initiating end, and acquiring embedding point data used when a user transacts services through the data embedding point, wherein the embedding point data comprises positioning information and/or equipment information;
acquiring service data input by the user when handling the service, wherein the service data comprises a mobile phone number and/or an identity card number of the user, and acquiring an index corresponding to a monitoring rule dimension of the aggregative risk based on the buried point data and the service data;
and analyzing abnormal values exceeding a preset threshold value in the indexes, and determining that the aggregation risk occurs if a common medium exists among the indexes corresponding to a plurality of users with abnormal values.
In some embodiments, the processor 202 is further configured to: further comprising: counting the users with the aggregative risk, obtaining a common attribute of the users with the aggregative risk by combining historical overdue user data, and obtaining a high-risk user name list library containing the potential users with the aggregative risk based on the common attribute;
judging whether the aggregative risk occurs or not based on the high-risk user name list library and the index corresponding to the dimension of the acquired monitoring rule of the aggregative risk;
and updating and iterating the high risk list and the monitoring rule dimensionality based on the obtained buried point data and the service data.
In some embodiments, the processor 202 is further configured to: after the data of the buried point used when the user transacts the business is obtained, the method further comprises the following steps:
and cleaning the buried point data, and storing the structural information of the cleaned buried point data.
In some embodiments, the processor 202 is further configured to: the monitoring rule dimensions of the aggregate risk include:
the same cell-phone number is applied for on a plurality of equipment, is the same the identification number applies for on a plurality of equipment, is the same equipment uses a plurality of the cell-phone number applies for, is the same equipment uses a plurality of the identification number application, is the same there are a plurality of user account number switching on the equipment, the address that user's business was handled is different, the same with the business of car merchant address and input is handled the ground the location information is associated a plurality of the user account number, a plurality of the cell-phone number uses the same the location information application, a plurality of cell-phone numbers use same wiFi application and/or there is the falsifying of equipment information in the equipment.
In some embodiments, the processor 202 is further configured to: the positioning information comprises an ip address and a GPS address of equipment used by the user during service handling.
For the specific implementation method, reference is made to the foregoing method embodiments, which are not described herein again.
The present application may be methods, apparatus, systems, and/or computer program products. The computer program product may include a computer-readable storage medium having computer-readable program instructions embodied thereon for carrying out various aspects of the present application.
The computer readable storage medium may be a tangible device that can hold and store the instructions for use by the instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, such as punch cards or in-groove projection structures having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media as used herein is not to be interpreted as a transitory signal per se, such as a radio wave or other freely propagating electromagnetic wave, an electromagnetic wave propagating through a waveguide or other transmission medium (e.g., optical pulses through a fiber optic cable), or an electrical signal transmitted through an electrical wire.
The computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or to an external computer or external storage device over a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing/processing device receives the computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing/processing device.
The computer program instructions for carrying out operations of the present application may be assembler instructions, instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, the electronic circuitry can execute computer-readable program instructions to implement aspects of the present application by utilizing state information of the computer-readable program instructions to personalize the electronic circuitry, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA).
Various aspects of the present application are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer readable program instructions.
These computer-readable program instructions may be provided to a processing unit of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processing unit of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer-readable medium storing the instructions comprises an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer, other programmable apparatus or other devices implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
It is noted that, unless expressly stated otherwise, all the features disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose. Thus, unless expressly stated otherwise, each feature disclosed is one example only of a generic series of equivalent or similar features. Where used, it is further preferred, even further and more preferred that the brief introduction of the further embodiment is made on the basis of the preceding embodiment, the contents of which further, preferably, even further or more preferred the rear band is combined with the preceding embodiment as a complete constituent of the further embodiment. Several further, preferred, still further or more preferred arrangements of the back tape of the same embodiment may be combined in any combination to form a further embodiment.
Although the present application has been described in detail with respect to the general description and the specific examples, it will be apparent to those skilled in the art that certain changes and modifications may be made based on the present application. Accordingly, such modifications and improvements are intended to be within the scope of this invention as claimed.

Claims (10)

1. A monitoring method for identifying an aggregate risk, comprising the steps of:
setting a data embedding point at a service initiating end, and acquiring embedding point data used when a user transacts services through the data embedding point, wherein the embedding point data comprises positioning information and/or equipment information;
acquiring service data input when the user transacts services, wherein the service data comprises a mobile phone number and/or an identity card number of the user, and acquiring an index corresponding to a monitoring rule dimension of the aggregative risk based on the buried point data and the service data;
and analyzing abnormal values exceeding a preset threshold value in the indexes, and determining that the aggregation risk occurs if a common medium exists among the indexes corresponding to a plurality of users with abnormal values.
2. The monitoring method for identifying an aggregate risk of claim 1, further comprising:
counting the users with the aggregative risk, obtaining a common attribute of the users with the aggregative risk by combining historical overdue user data, and obtaining a high-risk user name list library containing the potential users with the aggregative risk based on the common attribute;
judging whether the aggregative risk occurs or not based on the high-risk user name list library and the index corresponding to the dimension of the monitoring rule of the acquired aggregative risk;
and updating and iterating the high risk list and the monitoring rule dimensionality based on the obtained buried point data and the service data.
3. The method for monitoring and identifying aggregative risks according to claim 1 or 2, wherein after acquiring the buried point data used by the user in handling business, the method further comprises:
and cleaning the buried point data, and storing the structured information of the cleaned buried point data.
4. The monitoring method for identifying an aggregated risk according to claim 1 or 2, wherein the monitoring rule dimension of the aggregated risk comprises:
the same cell-phone number applies for, is same on a plurality of equipment the identity card number applies for, is same on the equipment uses a plurality ofly the cell-phone number applies for, is same the equipment uses a plurality ofly the identity card number applies for, is same there are a plurality of user account number switches on the equipment the address that user's business was handled is different, the same with the business handling place of car merchant address and input location information is associated a plurality of user account number, a plurality of the cell-phone number uses the same location information application, a plurality of cell-phone number use same wiFi application and/or there is the falsifying of equipment information in the equipment.
5. Monitoring method for identifying an aggregating risk according to claim 1 or 2,
the positioning information comprises an ip address and a GPS address of equipment used by the user during service handling.
6. A monitoring device that identifies an aggregate risk, comprising:
a memory; and
a processor coupled to the memory, the processor configured to:
setting a data embedding point at a service initiating end, and acquiring embedding point data used when a user transacts services through the data embedding point, wherein the embedding point data comprises positioning information and/or equipment information;
acquiring service data input by the user when handling the service, wherein the service data comprises a mobile phone number and/or an identity card number of the user, and acquiring an index corresponding to a monitoring rule dimension of the aggregative risk based on the buried point data and the service data;
and analyzing abnormal values exceeding a preset threshold value in the indexes, and determining that the aggregation risk occurs if a common medium exists among the indexes corresponding to a plurality of users with abnormal values.
7. The monitoring device of identifying aggregate risk of claim 6, wherein the processor is further configured to:
counting the users with the aggregative risk, obtaining a common attribute of the users with the aggregative risk by combining historical overdue user data, and obtaining a high-risk user name list library containing the potential users with the aggregative risk based on the common attribute;
judging whether the aggregative risk occurs or not based on the high-risk user name list library and the index corresponding to the dimension of the monitoring rule of the acquired aggregative risk;
and updating and iterating the high risk list and the monitoring rule dimensionality based on the obtained buried point data and the service data.
8. The monitoring device of identifying aggregate risk of claim 6 or 7, wherein the processor is further configured to:
after the data of the buried point used when the user transacts the business is obtained, the method further comprises the following steps:
and cleaning the buried point data, and storing the structural information of the cleaned buried point data.
9. The monitoring device of identifying the risk of aggregation according to claim 6 or 7, wherein the processor is further configured to:
the monitoring rule dimensions of the aggregate risk include:
the same cell-phone number applies for, is same on a plurality of equipment the identity card number applies for, is same on the equipment uses a plurality ofly the cell-phone number applies for, is same the equipment uses a plurality ofly the identity card number applies for, is same there are a plurality of user account number switches on the equipment the address that user's business was handled is different, the same with the business handling place of car merchant address and input location information is associated a plurality of user account number, a plurality of the cell-phone number uses the same location information application, a plurality of cell-phone number use same wiFi application and/or there is the falsifying of equipment information in the equipment.
10. A computer storage medium having a computer program stored thereon, wherein the computer program, when executed by a machine, implements the steps of the method of any of claims 1 to 5.
CN202211344515.4A 2022-10-31 2022-10-31 Monitoring method and device for identifying aggregative risk and storage medium Pending CN115619220A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211344515.4A CN115619220A (en) 2022-10-31 2022-10-31 Monitoring method and device for identifying aggregative risk and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211344515.4A CN115619220A (en) 2022-10-31 2022-10-31 Monitoring method and device for identifying aggregative risk and storage medium

Publications (1)

Publication Number Publication Date
CN115619220A true CN115619220A (en) 2023-01-17

Family

ID=84875795

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211344515.4A Pending CN115619220A (en) 2022-10-31 2022-10-31 Monitoring method and device for identifying aggregative risk and storage medium

Country Status (1)

Country Link
CN (1) CN115619220A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116823451A (en) * 2023-08-10 2023-09-29 杭银消费金融股份有限公司 Credit risk control method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116823451A (en) * 2023-08-10 2023-09-29 杭银消费金融股份有限公司 Credit risk control method and system
CN116823451B (en) * 2023-08-10 2024-03-26 杭银消费金融股份有限公司 Credit risk control method and system

Similar Documents

Publication Publication Date Title
CN109067610B (en) Monitoring method and device
US9661012B2 (en) Systems and methods for identifying information related to payment card breaches
US9846953B2 (en) Visualization of relationships and strengths between data nodes
US20200265409A1 (en) Systems and methods to split bills and requests for payment from debit or credit account
CN112581270A (en) Risk account identification method and device, electronic equipment and storage medium
US20210264058A1 (en) Systems and methods for anonymizing sensitve data and simulating accelerated schedule parameters using the anonymized data
CN113205402A (en) Account checking method and device, electronic equipment and computer readable medium
CN110009365A (en) User group's detection method, device and the equipment of improper transfer electronic asset
CN113378855A (en) Method for processing multitask, related device and computer program product
CN115619220A (en) Monitoring method and device for identifying aggregative risk and storage medium
US11798006B1 (en) Automating content and information delivery
US20180322510A1 (en) Visualization and evaluation of capabilities and compliance for information technology platforms
US20160267445A1 (en) Managing accounts and transactions for real and virtual currencies
US20130006705A1 (en) Small business intelligence tool
CN107644366B (en) Order fraud identification method, system, storage medium and electronic equipment
US20200387630A1 (en) Risk assessment engine
CN111144694B (en) Operation flow management method and device based on contact analysis
CN112783796A (en) Single-node testing method and device, computer equipment and readable storage medium
CN112579468A (en) Method and device for testing service system
CN111415168A (en) Transaction warning method and device
CN112598499A (en) Method and device for determining credit limit
CN117093627A (en) Information mining method, device, electronic equipment and storage medium
CN112541765A (en) Method and apparatus for detecting suspicious transactions
CN111160916A (en) Risk transaction identification method and device
CN115270984A (en) Anti-fraud model construction method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination