CN116128513A - Information verification method, server device and storage medium - Google Patents
Information verification method, server device and storage medium Download PDFInfo
- Publication number
- CN116128513A CN116128513A CN202211428969.XA CN202211428969A CN116128513A CN 116128513 A CN116128513 A CN 116128513A CN 202211428969 A CN202211428969 A CN 202211428969A CN 116128513 A CN116128513 A CN 116128513A
- Authority
- CN
- China
- Prior art keywords
- events
- communication state
- transaction request
- state data
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Debugging And Monitoring (AREA)
- Computer And Data Communications (AREA)
Abstract
The application discloses an information verification method, an information verification device, electronic equipment and a readable storage medium, and belongs to the technical field of data processing. The method comprises the following steps: receiving a transaction request sent by terminal equipment, and responding to the transaction request to acquire first communication state data of the terminal equipment; and verifying whether the transaction request is compliant or not based on the first communication state data, and obtaining a verification result. The server side can conduct transaction compliance verification after receiving a transaction request sent by the terminal equipment, and in the verification process, the communication state of the terminal equipment is adopted for verification, namely the first communication state data associated with the terminal equipment is adopted for realizing transaction validity verification, so that the accuracy of the transaction validity verification is improved.
Description
Technical Field
The present disclosure relates to the field of data processing technologies, and in particular, to an information verification method, a server device, and a storage medium.
Background
In recent years, the offence cases are endless, but due to the problems of increasingly exquisite offence skills, weak recognition capability of people and the like, the offence potential is not effectively restrained. The violations in the financial credit related field are particularly prominent, for example, financial transactions are completed through telecommunication violations, namely, the violations are realized, property loss and the like are brought to users, and meanwhile, larger public opinion risks, property loss and the like are brought to enterprises. Thus, there is a need to identify transaction compliance, and it is also understood that verification of transaction compliance may be performed to reduce property damage, etc.
At present, in the process of verifying the compliance of a transaction, a mode is usually adopted that a third party application service is installed to identify, for example, a non-white list of the third party application service can be written into a terminal equipment system under the condition that the third party application service is started, a terminal equipment can match a calling number with the non-white list under the condition that the call is coming, so as to identify whether the calling number is a illegal number, if the matching is successful, the calling number can be considered as the illegal number, namely as an illegal number, and early warning prompt, ringing blocking and the like can be given.
However, the above-mentioned implementation of the transaction compliance verification by means of non-white list matching, because the number of non-white lists is limited or the updating is not in time, the missing of the offending number in the verification process is easy to cause that the accuracy of the transaction compliance verification is lower.
Disclosure of Invention
The embodiment of the application provides an information verification method, server equipment and a storage medium, so as to solve the problem of poor compliance verification accuracy.
In order to solve the technical problems, the application is realized as follows:
in a first aspect, an embodiment of the present application provides an information verification method, which is applied to a server device, where the method includes:
Receiving a transaction request sent by a terminal device, wherein the transaction request is used for requesting the server device to conduct transaction actions;
responding to the transaction request, acquiring first communication state data of the terminal equipment, wherein the first communication state data is fed back to the server equipment by the terminal equipment before the transaction request is sent;
and verifying whether the transaction request is compliant or not based on the first communication state data, and obtaining a verification result of the transaction request.
It can be seen that in the embodiment of the present application, after receiving a transaction request sent by a terminal device, transaction compliance verification may be performed, where the situation that transaction operation is performed while communication is performed in the whole transaction process is less, and this scenario is that the possibility that a offender induces a user to operate a transaction service through a communication manner is greater, so in the transaction compliance verification process of the present application, verification is not performed through a non-whitelist matching manner, but transaction compliance verification is performed by using a communication state before the terminal device sends the transaction request after receiving the transaction request, that is, transaction compliance verification is implemented by using first communication state data associated with the terminal device, so as to improve accuracy of transaction compliance verification.
In a second aspect, an embodiment of the present application further provides an information verification apparatus, which is applied to a server device, including:
the first receiving module is used for receiving a transaction request sent by the terminal equipment, wherein the transaction request is used for requesting the server equipment to conduct transaction actions;
the first acquisition module is used for responding to the transaction request and acquiring first communication state data of the terminal equipment, wherein the first communication state data is fed back to the server equipment by the terminal equipment before the terminal equipment sends the transaction request;
and the verification module is used for verifying whether the transaction request is compliant or not based on the first communication state data to obtain a verification result of the transaction request.
In a third aspect, an embodiment of the present application further provides a server device, including: the information verification system comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the processor realizes the steps in the information verification method when executing the computer program.
In a sixth aspect, embodiments of the present application further provide a computer readable storage medium having a computer program stored thereon, which when executed by a processor, implements the steps of the above-described information verification method.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments of the present application will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is one of the flowcharts of an information verification method provided in an embodiment of the present application;
FIG. 2 is a second flowchart of an information verification method according to an embodiment of the present disclosure;
FIG. 3 is a third flowchart of an information verification method according to an embodiment of the present disclosure;
fig. 4 is a flowchart of communication status data acquisition in an information verification method according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an information verification device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a server device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
Referring to fig. 1, fig. 1 is a flowchart of an information verification method provided in an embodiment of the present application, where the method may be applied to a server device, as shown in fig. 1, and includes the following steps:
step 101: receiving a transaction request sent by a terminal device, wherein the transaction request is used for requesting a server device to conduct transaction actions;
step 102: responding to the transaction request, acquiring first communication state data of the terminal equipment, wherein the first communication state data is fed back to the server equipment by the terminal equipment before the transaction request is sent;
step 103: and verifying whether the transaction request is compliant or not based on the first communication state data, and obtaining a verification result of the transaction request.
The terminal equipment comprises, but is not limited to, a mobile phone, a tablet computer, a notebook computer, a palm computer, a vehicle-mounted terminal, a wearable device, a pedometer and the like.
It should be noted that, the communication state in this embodiment may include a phone call state or a voice state through a communication application, where the phone call state is a call state through a phone number dialing mode, and the communication application is an application with a voice communication function, for example, but not limited to, a conference software application, an instant messaging application, and the like. A transaction request may be understood as a request for performing a transaction, and may be specifically used to request a server device to perform a transaction. For example, the transaction request may include a first account, a second account, and resource transfer information (e.g., a target number of resources), and the transaction request may be used to request the server device to transfer the target number of resources of the first account to the second account.
In general, the user performs a transaction operation while communicating (e.g., making a call or using a communication application to make a voice, etc.) during the entire transaction, and this scenario is very likely to be that an offending molecule induces the user to operate the transaction service through a communication manner. Therefore, in this embodiment, when the server device receives the transaction request sent by the terminal device, the server device may acquire the first communication state data of the terminal device, and perform transaction compliance verification, that is, perform transaction identification, to determine a transaction request compliance verification result by using the first communication state data.
The terminal device may collect the communication status data and report the communication status data to the server device for storage, and in one example, the server device is configured with a database for storing the communication status data associated with the terminal device, that is, the database includes the communication status data associated with the terminal device. Before the terminal device sends the transaction request, the first communication state data can be sent to the server device, that is, the first communication state data is fed back to the server device before the terminal device sends the transaction request, the server device can store the received first communication state data into a database, and the server device can acquire the first communication state data of the terminal device from the database after receiving the transaction request. The first communication state data may be communication state data within a preset time period, that is, the first communication state data may be used for transaction compliance verification to determine a verification result.
In one example, the ending time of the preset time period may be a receiving time of the transaction request (i.e. a time when the server device receives the transaction request), the duration of the preset time period is a preset duration, and the sum of the starting time of the preset time period and the preset duration is the ending time, that is, after the transaction request is received, the communication state data in the preset duration before the terminal device sends the transaction request may be read from the database.
In the embodiment of the application, after receiving the transaction request sent by the terminal device, the transaction compliance verification can be performed, the situation that the transaction operation is performed while communication is performed in the whole transaction process is less, and the situation is that the possibility that the offending molecule induces the user to operate the transaction service in a communication mode is higher, so that in the transaction compliance verification process of the application, the verification is not performed in a non-white list matching mode, but the communication state data before the transaction request is sent by the terminal device is adopted to perform the transaction compliance verification after the transaction request is received, namely, the first communication state data associated with the terminal device is adopted to realize the transaction compliance verification, and the accuracy of the transaction compliance verification can be improved.
In one embodiment, the first communication state data includes a plurality of pieces of communication state data acquired by the terminal device in response to a plurality of operation events, respectively, where the operation events are used to trigger the terminal device to acquire the communication state data;
verifying whether the transaction request is compliant based on the first communication state data, to obtain a verification result, including:
determining a target event sequence from a plurality of operation events based on a plurality of pieces of communication state data, wherein the communication state data associated with each operation event in the target event sequence indicates that the terminal device is in communication;
and verifying whether the transaction request is compliant according to the number of the events of the target event sequence and the total number of the events of the plurality of operation events, and obtaining a verification result.
It will be appreciated that the plurality of pieces of communication state data are associated with the plurality of operation events one by one, i.e. one of the plurality of pieces of communication state data is associated with one operation event and the operation event associated with each of the plurality of pieces of communication state data is different. The operation event is used for triggering the terminal equipment to collect the communication state data, and it can be understood that the operation event is an event triggering the terminal equipment to collect the communication state data, and when the terminal equipment detects one operation event, the terminal equipment can trigger the collection of the communication state data once to obtain one piece of communication state data, namely, a plurality of pieces of communication state data are respectively collected by the terminal equipment in response to the plurality of operation events. In one example, before the first communication state data of the terminal device is acquired in response to the transaction request, a plurality of pieces of communication state data, which are acquired in response to a plurality of operation events and sent by the terminal device, may be received, and the plurality of pieces of communication state data are stored, so that after the transaction request is received, the server device may call the plurality of pieces of communication state data from the stored communication state data in response to the transaction request.
By way of example, the operation event may be an event or a page jump event or the like that operates a control in a page of a launched first application, which may be an application having a transaction function (e.g., a financial application or the like) or an application capable of triggering a transaction function or the like. In addition, it should be noted that the plurality of operation events have a corresponding time sequence, and the transaction request may be a transaction request generated in response to a time-last operation event of the ordered plurality of operation events. The start time of the preset time period may be, for example, a time of an operation event having an earliest time among the plurality of operation events.
For example, a first application is started, login operation is performed in the first application, a login operation event can be detected, communication state data acquisition can be triggered, the communication state data at the moment can be acquired, the communication state data is sent to a server side device, and the server side device stores the communication state data. And responding to the login operation to jump to the page Y1, detecting a page jump event, triggering communication state data acquisition, namely acquiring the communication state data at the moment, and sending the communication state data to the server-side equipment. Clicking the control K1 in the page Y1 can detect an event for operating the control K1, can trigger communication state data acquisition, can acquire the communication state data at the moment, and sends the communication state data to the server-side equipment for storage. In response to the operation of the control K1 jumping to the page Y2, a page jumping event can be detected, communication state data acquisition can be triggered, and the communication state data at the moment can be acquired and sent to the server-side equipment, and the server-side equipment stores the communication state data. Clicking the control K2 in the page Y2 can detect an event for operating the control K2, can trigger communication state data acquisition, can acquire the communication state data at the moment, and sends the communication state data to the server-side equipment for storage. In response to the operation of the control K2 jumping to the page Y3, a page jumping event can be detected, communication state data acquisition can be triggered, and the communication state data at the moment can be acquired and sent to the server-side equipment, and the server-side equipment stores the communication state data. Clicking operation is carried out on the transaction control in the page Y3, an event for operating the transaction control can be detected, communication state data acquisition can be triggered, the communication state data at the moment can be acquired and sent to the server-side equipment, the server-side equipment stores the communication state data, and in addition, a transaction request can be generated in response to clicking operation on the transaction control and sent to the server-side equipment.
In this embodiment, the communication status data corresponding to the operation event indicates that the terminal device is in communication, and may indicate that the current communication status of the terminal device is in communication when the operation event is detected, and in the transaction process, the more the corresponding communication status data indicates that the number of events in communication is greater, the lower the possibility of compliance of the transaction, so that the corresponding communication status data may be determined from a plurality of operation events by using a plurality of pieces of communication status data to indicate that the terminal device is in a communication target event sequence, and the transaction compliance verification may be performed by using the number of events in the target event sequence and the total number of events of the plurality of operation events, so as to improve the accuracy of the obtained transaction compliance verification result.
In one embodiment, each piece of communication state data in the plurality of pieces of communication state data includes a first state attribute value and a second state attribute value;
wherein in the communication state data corresponding to any event of the sequence of target events, the first state attribute value indicates that the microphone and the audio function are used, and the second state attribute value indicates that the terminal device is in speech.
It should be noted that, in using the microphone and the audio function, it is also understood that the microphone and the audio function are in use. It will be appreciated that in this embodiment, the communication state may be a telephone call state or a voice state through a communication application. Each piece of communication state data comprises a first state attribute value and a second state attribute value, and when the first state attribute value of the communication state data represents that the microphone and the audio function are used and the second state attribute value represents that the terminal equipment is in voice, the terminal equipment is in communication, and an operation event corresponding to the communication state data can be taken as an event in a target event sequence.
In this embodiment, whether the terminal device is in communication may be determined by two state attribute values, so as to improve accuracy of determining a communication state of the terminal device, and the target event sequence is an operation event in which corresponding communication state data determined from a plurality of operation events indicates that the terminal device is in communication, so that accuracy of determining the target event sequence may be improved. And carrying out transaction compliance verification according to the number of the events of the target event sequence and the total number of the events of the plurality of operation events so as to improve the accuracy of the transaction compliance verification.
In one embodiment, verifying whether the transaction request is compliant according to the number of events of the target event sequence and the total number of events of the plurality of operation events to obtain a verification result, including:
and under the condition that the ratio of the number of the events to the total number of the events of the target event sequence is greater than or equal to a preset threshold value, obtaining a first verification result, wherein the first verification result indicates that the transaction request is not compliant.
The larger the ratio of the number of events to the total number of events of the target event sequence, the larger the corresponding communication state data indicates that the duty ratio of the events in communication of the terminal equipment in a plurality of operation events is, and the lower the possibility of transaction compliance is. Therefore, under the condition that the ratio of the number of the events of the target event sequence to the total number of the events is greater than or equal to a preset threshold value, the transaction non-compliance can be determined, and a first verification result which indicates that the transaction request is non-compliance is obtained. It should be noted that, the preset threshold may be preset according to historical experience, or preset according to actual requirements, etc.
In this embodiment, by comparing the ratio of the number of events of the target event sequence to the total number of events with the preset threshold, the transaction compliance may be determined when the ratio of the number of events of the target event sequence to the total number of events is greater than or equal to the preset threshold, and a first verification result indicating that the transaction request is not compliant may be obtained, so as to improve the accuracy of transaction compliance verification.
In one embodiment, verifying whether the transaction request is compliant according to the number of events of the target event sequence and the total number of events of the plurality of operation events to obtain a verification result, including:
and under the condition that the ratio of the number of the events to the total number of the events of the target event sequence is smaller than a preset threshold, obtaining a second verification result, wherein the second verification result represents compliance of the transaction request.
The smaller the ratio of the number of the events to the total number of the events of the target event sequence is, the smaller the ratio of the number of the events to the total number of the events in the corresponding communication state data representing that the terminal equipment is in communication is, the higher the probability of transaction compliance is, so that in the embodiment, the transaction compliance can be determined under the condition that the ratio of the number of the events to the total number of the events of the target event sequence is smaller than the preset threshold value by comparing the ratio of the number of the events to the total number of the events of the target event sequence with the preset threshold value, and the second verification result representing the transaction request compliance can be obtained to improve the verification accuracy of the transaction compliance.
In one embodiment, verifying whether the transaction request is compliant based on the first communication status data, after obtaining a verification result of the transaction request, includes:
transmitting a transaction result representing a transaction failure to the terminal device under the condition that the verification result represents that the transaction request is not compliant; or alternatively
And executing the transaction action corresponding to the transaction request when the verification result shows that the transaction request is compliant, and sending a transaction result showing that the transaction is successful to the terminal equipment when the transaction action is executed.
Under the condition that the verification result shows that the transaction request is not compliant, the server side equipment can understand that the transaction risk is larger, intercept or prevent or stop the transaction behavior, and send the transaction result showing the transaction failure to the terminal equipment so as to remind the terminal equipment user of the transaction failure. Under the condition that the verification result shows that the transaction is compliant, the risk of the transaction is smaller, the server side equipment can execute the transaction behavior, and after the transaction is successful, the transaction result showing that the transaction is successful is sent to the terminal equipment, so that the terminal equipment user is reminded of the success of the transaction.
In one embodiment, the first communication state data is communication data in a preset time period, and when a ratio of the number of events of the target event sequence to the total number of events is greater than or equal to a preset threshold, obtaining a first verification result includes:
Under the condition that the ratio of the number of the events to the total number of the events of the target event sequence is larger than or equal to a preset threshold value, a plurality of screen sharing identifiers of the terminal equipment in a preset time period are obtained, the screen sharing identifiers are associated with a plurality of operation events, and the screen sharing identifiers are used for indicating whether the screens of the terminal equipment are in a sharing state or not;
and obtaining a first verification result when the number of the identifiers which are the first preset value in the plurality of screen sharing identifiers is larger than the preset number, wherein the screen sharing identifiers are used for indicating that the screens are in a sharing state when the number of the identifiers which are the first preset value is the first preset value.
It should be noted that, the plurality of screen sharing identifiers are fed back to the server device before the receiving time of the transaction request by the terminal device, and it can be understood that the plurality of screen sharing identifiers are associated with the plurality of operation events one by one, that is, one screen sharing identifier in the plurality of screen sharing identifiers is associated with one operation event, and the operation event associated with each screen sharing identifier in the plurality of screen sharing identifiers is different. When the terminal equipment detects an operation event, the terminal equipment can trigger the acquisition of communication state data once to obtain the communication state data, and can trigger the acquisition of a screen sharing identifier once, namely a plurality of screen sharing identifiers are acquired by the terminal equipment respectively responding to a plurality of operation events. In addition, a screen sharing identifier that is a first preset value (e.g., 1) may be used to indicate that the screen is in a shared state, and a screen sharing identifier that is a second preset value (e.g., 0) may be used to indicate that the screen is in an unshared state.
In this embodiment, the preliminary transaction compliance verification may be performed by comparing the ratio of the number of events of the target event sequence to the total number of events with a preset threshold, where the transaction compliance is identified as being greater when the ratio of the number of events of the target event sequence to the total number of events is greater than or equal to the preset threshold, and in this case, the verification may be further performed by sharing the identification with multiple screens within a preset period of time. Specifically, a plurality of screen sharing identifiers of the terminal device in a preset time period can be obtained first, verification is performed through comparison of the number of identifiers which are the first preset value in the plurality of screen sharing identifiers and the preset number, and a first verification result is obtained when the number of identifiers which are the first preset value in the plurality of screen sharing identifiers is larger than the preset number. It may be understood that in this embodiment, first, the primary verification is implemented by comparing the ratio of the number of the events of the target event sequence to the total number of the events with the preset threshold, then further verification is implemented by comparing the number of the identifiers of the first preset value in the plurality of screen sharing identifiers with the preset number, and when the ratio of the number of the events of the target event sequence to the total number of the events is greater than or equal to the preset threshold, and the number of the identifiers of the first preset value in the plurality of screen sharing identifiers is greater than the preset number, the first verification result is obtained, so that the accuracy of the transaction compliance verification can be improved.
In one embodiment, when the number of identifiers which are preset values in the plurality of screen sharing identifiers is greater than the preset number, obtaining a first verification result includes:
acquiring user operation behavior data of the terminal equipment in a preset time period under the condition that the number of the marks which are preset values in the plurality of screen sharing marks is larger than the preset number;
and obtaining a first verification result under the condition that abnormal behaviors are detected based on the user operation behavior data.
It should be noted that, the user operation behavior data is fed back to the server device by the terminal device before the receiving time of the transaction request.
In the process of inducing the user to conduct the transaction by the offending molecule, compared with the normal transaction behavior of the user, the operation behavior of the user in the terminal equipment is easier to be abnormal, namely the possibility of occurrence of the abnormal behavior is higher, and in the embodiment, the abnormal behavior can be further verified according to the detection of the user operation behavior data. In this embodiment, the comparison between the ratio of the number of the events to the total number of the events in the target event sequence and the preset threshold may be performed to perform preliminary transaction compliance verification, then the comparison between the number of the identifiers of the first preset value and the preset number may be performed to further verify, and then the user operation behavior data within the preset time period may be further verified, where the ratio between the number of the events in the target event sequence and the total number of the events is greater than or equal to the preset threshold, the number of the identifiers of the first preset value in the plurality of screen sharing identifiers is greater than the preset number, and the abnormal behavior is detected based on the user operation behavior data, to obtain the first verification result, so as to improve the accuracy of the transaction compliance verification.
Referring to fig. 2, fig. 2 is a flowchart of an information verification method provided in an embodiment of the present application, where the method may be applied to a terminal device, as shown in fig. 2, and includes the following steps:
step 201: and sending a transaction request to the server-side equipment, so that the server-side equipment responds to the transaction request, acquires the first communication state data of the terminal equipment, verifies whether the transaction request is compliant based on the first communication state data, and obtains a verification result.
Wherein the first communication status data is fed back to the server device by the terminal device before sending the transaction request.
In this embodiment, the terminal device may send a transaction request to the server device, so that the server device performs transaction compliance verification on the transaction request, and in the process of transaction compliance verification, the communication state of the terminal device is adopted for verification, that is, the first communication state data before the terminal device sends the transaction request is adopted for implementing transaction compliance verification, so as to improve accuracy of transaction compliance verification.
In one embodiment, before sending the transaction request to the server device, the method further includes:
and each time an operation event is detected, responding to the operation event to collect one piece of communication state data of the terminal equipment, and sending the one piece of communication state data to the server equipment, wherein the operation event is used for triggering the terminal equipment to collect the communication state data, and the operation event is associated with the one piece of communication state data.
It should be noted that, in the terminal device, a plurality of operation events are performed to generate a transaction request, and once an operation event is detected, a piece of communication state data associated with the operation event is acquired, and the acquired piece of communication state data associated with the operation event is reported to the server device, so that, in response to a plurality of operation times, a plurality of pieces of communication state data, namely, first communication state data, can be acquired and uploaded to the server device, and in this way, the server device reads the first communication state data of the terminal device after receiving the transaction request, and performs transaction compliance verification by using the first communication state data.
In one example, each time an operational event is detected, collecting a piece of communication status data of the terminal device in response to the operational event may include: upon detection of an operational event after launching the first application, a piece of communication status data of the terminal device is collected in response to the operational event. After the terminal device starts the first application, the user may perform a plurality of operation events in the first application to generate a transaction request, and once an operation event is detected, the communication state data may be collected and the collected communication state data may be reported to the server device.
In one embodiment, collecting a piece of communication status data of a terminal device in response to an operational event includes:
detecting a version of an operating system of the terminal device in response to the operating event;
a piece of communication status data associated with the operational event is determined based on the version of the operating system.
The version of the operating system of the terminal device is different, and the mode of determining the communication state can be different, in this implementation, the communication state data of the terminal device can be determined according to the version of the operating system, so as to improve the flexibility of determining the communication state data. In one example, the operating system of the terminal device may be an iOS operating system.
In one embodiment, determining a piece of communication status data associated with the operational event based on the version of the operating system includes:
under the condition that the version of the operating system is higher than or is a first preset version, a first state attribute value and a second state attribute value are obtained from an audio session AVAudio session object; or alternatively
Under the condition that the version of the operating system is higher than or equal to a second preset version and lower than the first preset version, acquiring a first state attribute value from the AVAudio session object, and taking the first preset value as a second state attribute value, wherein the first state attribute value is used for representing the use state of a microphone and an audio function, and the second state attribute value is used for representing the voice state of the terminal equipment; or alternatively
Taking the first preset value as a first state attribute value and taking the first preset value as a second state attribute value under the condition that the version of the operating system is lower than the second preset version;
wherein the first preset version is higher than the second preset version.
For example, the first preset version may be version 13.0 and the second preset version may be version 8.0. An AVAudioSession object is a class that the iOS operating system uses to manage the use of resources of audio hardware devices (microphones, speakers, etc.) by applications, and can be understood to be an object that instantiates a class. It should be noted that, the first state attribute value is obtained from the AVAudioSession object as a second preset value (e.g., 1) or a third preset value (e.g., 0), and the second state attribute value is obtained from the AVAudioSession object as a fourth preset value or a fifth preset value (e.g., 1852992876). In the case of a second preset version, the version of the operating system being lower than that of the first preset version, the AVAudioSession object does not include the first state attribute value and the second state attribute value, and the first state attribute value and the second state attribute value are determined by means of assignment, i.e., -1) is used as the first state attribute value and the second state attribute value. And under the condition that the operating system version is lower than the first preset version and higher than or equal to the second preset version, the AVAudio session object comprises a first state attribute value and does not comprise a second state attribute value, so that the first state attribute value can be obtained from the AVAudio session object, and the first preset value is used as the second state attribute value. And under the condition that the version of the operating system is higher than or is a first preset version, the AVAudio session object comprises a first state attribute value and a second state attribute value, and the first state attribute value and the second state attribute value can be obtained from the AVAudio session object.
In this embodiment, under the condition of different versions of the operating system, the first state attribute value and the second state attribute value may be acquired in different manners, so as to achieve acquisition of communication state data and improve flexibility of data acquisition.
In one example, the first state attribute value is a first preset value, which indicates that the use state of the microphone and the audio function is unknown, the first state attribute value is a second preset value, which indicates that the microphone and the audio function are in use, the first state attribute value is a third preset value, which indicates that the microphone and the audio function are in an unused state, the second state attribute value is a first preset value, which indicates that the voice state is unknown, the second state attribute value is a fourth preset value, which indicates that the microphone and the audio function are not in voice, and the second state attribute value is a fifth preset value.
The procedure of the above method is specifically described in the following with reference to an embodiment.
At present, a third party application service is installed, a third party application service is started, a non-whitelist matching mode is utilized to identify illegal numbers so as to prevent users from being deceived, but at present, the illegal means are layered, the identification of the telephone number mode is bypassed by exchanging telephone numbers or communicating through communication application, and moreover, the number of non-whitelists is limited or is not updated timely, so that detection omission is easily caused, and the illegal identification accuracy is lower. In some cases, it is necessary to install a third party application service and start the third party service, which is not beneficial to the operation of people unfamiliar with the system. In order to better identify, remind and intercept the cheated users, reduce public opinion risks and property loss, a real-time scheme is needed to identify whether the users are suffering from violations or not, intercept the transaction behaviors of the users through strategies in real time, and reduce asset loss. Based on this, a transaction compliance verification method of the embodiment of the present application is presented.
The following parameters are described:
NSMutableDictionary: is an iOS data structure object, similar to Map in Java.
AVAudio session: a class that manages Application (APP) usage of audio hardware device (microphone speaker) resources for iOS systems.
@ available: an iOS system version judging method.
second audiosholdebesilecedHint: the application is using the microphone and audio functions to identify an attribute, the first attribute below being described by way of example.
promptStyle: a second attribute, described below as an example of this attribute, is a voice prompt style (1852992876: normal, 1852795517: none,1936224884: short). Voice prompt style description: normal: normal. None: indicating that another session is actively using microphone input. Short: representing one of three states: siri is active but not recorded; voice mail playing is in an active state; or the voice call is in an active state. The attribute field is mainly used for judging whether the background of the terminal equipment is used for microphone in the process of operating the business flow, namely whether the background of the terminal equipment is in voice.
As shown in fig. 3, the specific flow of the information verification method in the embodiment of the present application is as follows:
First, a user starts a first application, and after the first application is started, a call voice state collection event, for example, an a event, a B event, a C event, a D event, an E event, an F event, and a G event as shown in fig. 3, is triggered in an actual business process. Specifically, as shown in fig. 3, when a login operation is performed in the first application, a login operation event (event a) may be detected, and communication state data may be collected, that is, the communication state data at this time may be collected and reported to the server device, where the server device receives and stores the data. And in response to the login operation jumping to the service page Y1, a page jumping event (event B) can be detected, communication state data acquisition can be triggered, and the communication state data at the moment can be acquired and reported to the server equipment for storage. Clicking operation is carried out on the control K1 in the service page Y1, an event (event C) for operating the control K1 can be detected, communication state data acquisition can be triggered, and the communication state data at the moment can be acquired and reported to the server equipment for storage. In response to the operation of the control K1 jumping to the service page Y2, a page jumping event (event D) may be detected, and communication state data acquisition may be triggered, that is, communication state data at this time may be acquired and reported to the server device for storage. Clicking operation is carried out on the control K2 in the service page Y2, an event (event E) for operating the control K2 can be detected, communication state data acquisition can be triggered, and the communication state data at the moment can be acquired and reported to the server-side equipment for storage. In response to the operation of the control K2 jumping to the service page Y3, a page jumping event (event F) may be detected, and communication state data acquisition may be triggered, that is, communication state data at this time may be acquired and reported to the server device for storage. The transaction control in the service page Y3 is clicked, an event (event G) for operating the transaction control can be detected, communication state data can be acquired, namely, the communication state data can be acquired and reported to the server device for storage, in addition, a transaction request can be generated in response to the clicking operation of the transaction control and sent to the server device, and it can be understood that a user operates an actual transaction service, triggers the event a to the event G, and can generate a transaction request in response to the event G and send to the server device. It should be noted that, after each time the server device receives the collected communication status data reported by the terminal device, the communication status data is stored, for example, in a database.
For each event detected, the communication state data acquisition process of the terminal device is executed, and the communication state data acquisition process of any event is as follows:
a: creating an acquired data NSMutabledictionary object (noted as a subject) for storing the data acquired by the event, and then executing b;
b: collecting communication status data (e.g., voice status data for a telephone call or through a communication application) proceeds as follows:
i: acquiring an AVAudio session object by calling a sharedInstance method of the system AVAudio session, and executing II;
II: judging whether the current system version is iOS 8.0 or above through an @ available, if so, acquiring whether the application is using a microphone and audio power identification data through a second audio device BeSilencedHint attribute in an AVAudio session object, namely calling a second audio device BeSilencedHint attribute in the AVAudio session object to acquire whether the application is using the microphone and audio power identification, storing the microphone and audio power identification in a subject, executing III, otherwise, marking whether the application is using the microphone and audio function identification as-1 in the subject;
III: judging whether the current system version is iOS 13 or above through @ available, if yes, acquiring voice prompt style identification data through a promttStyle attribute in an AVAudio session object, storing the voice prompt style identification data into a subject, and otherwise, marking the voice prompt style identification as-1 and storing the voice prompt style identification data into the subject.
Secondly, after receiving the transaction request, the server device executes the following steps:
(1) Counting the number of events of the target event sequence:
reading first communication state data in a preset time period in a database;
the first attribute value (second audiosholdebesilecedHint attribute value) in the read first communication state data is equal to 1, the number of the events corresponding to the second attribute value (promttstyle attribute value) of 1852796517 or 1936224884 is marked as x (namely the number of the events of the target event sequence), and the total number of the events in the transaction service flow is marked as y;
(2) Judging whether x/y is greater than or equal to z:
under the condition that x/y > =z, the fact that the transaction has larger risk is indicated, the transaction is not compliant can be determined, the server side equipment prevents the transaction, a verification result showing that the transaction request is not compliant is obtained, a transaction result showing that the transaction is failed is returned to the terminal equipment, and z is a preset threshold value;
under the condition that x/y is less than z, the fact that the transaction has small risk is indicated, the transaction compliance can be determined, a verification result showing the transaction request compliance is obtained, the server side equipment executes the transaction operation, namely executes the transaction service, and a transaction result showing that the transaction is successful is returned to the terminal equipment after the transaction is executed successfully;
(3) The terminal equipment receives the transaction result returned by the server equipment, judges whether the transaction is successful according to the transaction result, if the transaction result is the transaction result indicating that the transaction is successful, continues the subsequent service (carries out the next service), otherwise prompts that the transaction is failed, and ends.
Normal users rarely operate while making calls or using communication application voice throughout the transaction environment flow, which is most likely the situation where the offender is inducing user operation business. Therefore, when a plurality of links exist, the user is displayed in the conversation or the voice, the possibility that the user is fraudulent is higher, namely the possibility that the transaction is not compliant is higher; if the individual links exist in the call or the voice, the user is indicated to hear the normal call or the voice call midway.
The technical scheme is characterized in that each link in the whole transaction flow of a user triggers one-time communication state data acquisition to acquire whether the current user is making a call or passing through communication application voice, transaction compliance verification is carried out through the communication state data when an actual transaction request is called, whether the user has risk of non-compliance transaction is judged, and whether the current transaction is blocked is determined according to a verification result. The problem of small coverage scene can be solved, the method can be applied to various transaction scenes, a user is not required to install a third party application service, and the user is not required to open permission to cover various crowds; the method does not need to manually maintain the non-white list, does not have the problem of incomplete non-white list and update hysteresis, and reduces the maintenance cost. And moreover, the users with the current suspected non-compliance in transaction can be identified in real time, the transaction can be prevented in time, and the asset loss is reduced.
Referring to fig. 5, fig. 5 is a block diagram of an information verification apparatus provided in an embodiment of the present application, where the information verification apparatus of the present embodiment may be applied to a server device, and may implement details of the information verification method in the embodiment applied to the server device, and achieve the same effect. As shown in fig. 5, the information verification apparatus 500 includes:
a first receiving module 501, configured to receive a transaction request sent by a terminal device, where the transaction request is used to request a server device to perform a transaction action;
a first obtaining module 502, configured to obtain, in response to a transaction request, first communication status data of a terminal device, where the first communication status data is fed back to a server device by the terminal device before the terminal device sends the transaction request;
the verification module 503 is configured to verify whether the transaction request is compliant based on the first communication status data, and obtain a verification result of the transaction request.
In one embodiment, the first communication state data includes a plurality of pieces of communication state data acquired by the terminal device in response to a plurality of operation events, respectively, where the operation events are used to trigger the terminal device to acquire the communication state data;
the verification module 503 includes:
an event determining module, configured to determine a target event sequence from a plurality of operation events based on a plurality of pieces of communication state data, where the communication state data associated with each operation event in the target event sequence indicates that the terminal device is in communication;
And the verification result determining module is used for verifying whether the transaction request is compliant according to the number of the events of the target event sequence and the total number of the events of the plurality of operation events to obtain a verification result.
In one embodiment, each piece of communication state data in the plurality of pieces of communication state data includes a first state attribute value and a second state attribute value;
wherein in the communication state data corresponding to any event of the sequence of target events, the first state attribute value indicates that the microphone and the audio function are used, and the second state attribute value indicates that the terminal device is in speech.
In one embodiment, the verification result determining module is specifically configured to:
and under the condition that the ratio of the number of the events to the total number of the events of the target event sequence is greater than or equal to a preset threshold value, obtaining a first verification result, wherein the first verification result indicates that the transaction request is not compliant.
In one embodiment, the verification result determining module is specifically configured to:
and under the condition that the ratio of the number of the events to the total number of the events of the target event sequence is smaller than a preset threshold, obtaining a second verification result, wherein the second verification result represents compliance of the transaction request.
In one embodiment, the information verification apparatus 500 further includes:
The first sending module is used for sending a transaction result representing transaction failure to the terminal equipment under the condition that the verification result represents that the transaction request is not compliant;
alternatively, the information verification apparatus 500 further includes:
the transaction execution module is used for executing transaction actions corresponding to the transaction request under the condition that the verification result shows that the transaction request is compliant;
and the second sending module is used for sending a transaction result indicating that the transaction is successful to the terminal equipment under the condition that the transaction action is executed.
In one embodiment, the verification result determination module includes:
the device comprises an identification acquisition module, a display module and a display module, wherein the identification acquisition module is used for acquiring a plurality of screen sharing identifications of the terminal equipment in a preset time period when the ratio of the number of the events of a target event sequence to the total number of the events is greater than or equal to a preset threshold value, the plurality of screen sharing identifications are associated with a plurality of operation events, and the screen sharing identifications are used for indicating whether the screen of the terminal equipment is in a sharing state or not;
the verification result determining unit is used for obtaining a first verification result when the number of the identifiers which are the first preset value in the plurality of screen sharing identifiers is larger than the preset number, and is used for indicating that the screens are in a sharing state when the screen sharing identifiers are the first preset value.
In one embodiment, the verification result determining unit includes:
the behavior data acquisition module is used for acquiring user operation behavior data of the terminal equipment in a preset time period under the condition that the number of the identifiers which are preset values in the plurality of screen sharing identifiers is larger than the preset number;
and the verification result acquisition unit is used for acquiring a first verification result when abnormal behaviors are detected based on the user operation behavior data.
The information verification device provided in the embodiment of the present application can implement each process implemented by the information verification method applied to the server device in the above embodiment, and technical features are in one-to-one correspondence, so that repetition is avoided, and no redundant description is provided here.
As shown in fig. 6, the embodiment of the present application further provides a server device 600, including a processor 601 and a memory 602, where the memory 602 stores a computer program or instructions that can be executed on the processor 601, and the computer program or instructions implement each process of the embodiment of the information verification method when executed by the processor 601, and achieve the same technical effects, so that repetition is avoided, and no redundant description is given here.
The embodiment of the application further provides a computer readable storage medium, on which a computer program or an instruction is stored, which when executed by a processor, implements each process of the above-mentioned information verification method embodiment, and can achieve the same technical effect, so that repetition is avoided, and no further description is provided herein. Among them, a computer readable storage medium such as Read-Only Memory (ROM), random access Memory (Random Access Memory RAM), magnetic disk or optical disk, and the like.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solutions of the present application may be embodied essentially or in part in the form of a computer software product stored on a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) including several instructions for causing a server device to perform the methods described in the embodiments of the present application.
The embodiments of the present application have been described above with reference to the accompanying drawings, but the present application is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those of ordinary skill in the art without departing from the spirit of the present application and the scope of the claims, which are also within the protection of the present application.
Claims (10)
1. An information verification method, applied to a server device, comprising:
receiving a transaction request sent by a terminal device, wherein the transaction request is used for requesting the server device to conduct transaction actions;
responding to the transaction request, acquiring first communication state data of the terminal equipment, wherein the first communication state data is fed back to the server equipment by the terminal equipment before the transaction request is sent;
and verifying whether the transaction request is compliant or not based on the first communication state data, and obtaining a verification result of the transaction request.
2. The method according to claim 1, wherein the first communication state data includes a plurality of pieces of communication state data acquired by the terminal device in response to a plurality of operation events, respectively, the operation events being used to trigger the terminal device to acquire the communication state data;
The verifying whether the transaction request is compliant based on the first communication state data, to obtain a verification result, includes:
determining a target event sequence from the plurality of operation events based on the plurality of pieces of communication state data, wherein the communication state data associated with each operation event in the target event sequence indicates that the terminal device is in communication;
and verifying whether the transaction request is compliant according to the number of the events of the target event sequence and the total number of the events of the plurality of operation events, and obtaining the verification result.
3. The method of claim 2, wherein each piece of communication state data in the plurality of pieces of communication state data includes a first state attribute value and a second state attribute value;
wherein in the communication state data corresponding to any event of the target sequence of events, the first state attribute value indicates that a microphone and an audio function are used, and the second state attribute value indicates that the terminal device is in voice.
4. The method according to claim 2, wherein verifying whether the transaction request is compliant based on the number of events of the target event sequence and the total number of events of the plurality of operation events, to obtain the verification result, comprises:
And under the condition that the ratio of the number of the events of the target event sequence to the total number of the events is greater than or equal to a preset threshold value, obtaining a first verification result, wherein the first verification result indicates that the transaction request is not compliant.
5. The method according to claim 4, wherein the first communication status data is communication data within a preset time period, and the obtaining a first verification result when a ratio of the number of events of the target event sequence to the total number of events is greater than or equal to a preset threshold value includes:
acquiring a plurality of screen sharing identifiers of the terminal equipment in the preset time period under the condition that the ratio of the number of the events of the target event sequence to the total number of the events is greater than or equal to a preset threshold, wherein the screen sharing identifiers are associated with the plurality of operation events, and the screen sharing identifiers are used for indicating whether the screen of the terminal equipment is in a sharing state or not;
and obtaining the first verification result when the number of the identifiers which are the first preset value in the plurality of screen sharing identifiers is larger than the preset number, wherein the screen sharing identifiers are used for indicating that the screens are in a sharing state when the number of the identifiers which are the first preset value is the first preset value.
6. The method according to claim 5, wherein obtaining the first verification result when the number of identifiers that are preset values in the plurality of screen sharing identifiers is greater than a preset number includes:
acquiring user operation behavior data of the terminal equipment in the preset time period under the condition that the number of the identifiers which are preset values in the plurality of screen sharing identifiers is larger than the preset number;
and obtaining the first verification result under the condition that abnormal behaviors are detected based on the user operation behavior data.
7. The method according to claim 2, wherein verifying whether the transaction request is compliant based on the number of events of the target event sequence and the total number of events of the plurality of operation events, to obtain the verification result, comprises:
and under the condition that the ratio of the number of the events of the target event sequence to the total number of the events is smaller than a preset threshold value, obtaining a second verification result, wherein the second verification result represents the compliance of the transaction request.
8. An information verification apparatus, applied to a server device, comprising:
the first receiving module is used for receiving a transaction request sent by the terminal equipment, wherein the transaction request is used for requesting the server equipment to conduct transaction actions;
The first acquisition module is used for responding to the transaction request and acquiring first communication state data of the terminal equipment, wherein the first communication state data is fed back to the server equipment by the terminal equipment before the terminal equipment sends the transaction request;
and the verification module is used for verifying whether the transaction request is compliant or not based on the first communication state data to obtain a verification result of the transaction request.
9. A server device comprising a processor and a memory storing a program or instructions executable on the processor, which when executed by the processor, implement the steps of the information verification method of any one of claims 1 to 7.
10. A readable storage medium, characterized in that the readable storage medium has stored thereon a program or instructions which, when executed by a processor, implement the steps of the information authentication method according to any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211428969.XA CN116128513A (en) | 2022-11-15 | 2022-11-15 | Information verification method, server device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211428969.XA CN116128513A (en) | 2022-11-15 | 2022-11-15 | Information verification method, server device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116128513A true CN116128513A (en) | 2023-05-16 |
Family
ID=86308839
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211428969.XA Pending CN116128513A (en) | 2022-11-15 | 2022-11-15 | Information verification method, server device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116128513A (en) |
-
2022
- 2022-11-15 CN CN202211428969.XA patent/CN116128513A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9763100B2 (en) | Instant messaging message processing method and device and storage medium | |
| CN108040295B (en) | Public cutting method, server, user side and public cutting system | |
| CN110046902A (en) | Risk trade processing method, device and equipment | |
| US11652917B2 (en) | Systems and methods for authentication and fraud detection | |
| US10958780B1 (en) | Decentralized automatic phone fraud risk management | |
| CN109769244B (en) | Abnormal telephone card identification method, device, equipment and readable storage medium | |
| CN109800098A (en) | Service exception node positioning method, device, computer equipment and storage medium | |
| CN107483398B (en) | A kind of silence verification method and device, electronic equipment | |
| CN107241336A (en) | Auth method and device | |
| CN109660531A (en) | A kind of auth method, server and customer service terminal | |
| CN109145590A (en) | A kind of function hook detection method, detection device and computer-readable medium | |
| EP2472915A1 (en) | Method and device for detecting whether missed call is effective | |
| CN110782341A (en) | Business collection method, device, equipment and medium | |
| CN114268461B (en) | User identity authentication method, device, server, terminal and storage medium | |
| CN107508746B (en) | Good friend's adding method, device and electronic equipment | |
| CN107872446B (en) | Communication account management method and device and server | |
| CN104394258B (en) | The method and apparatus that contact method change to communication object is handled | |
| CN116128513A (en) | Information verification method, server device and storage medium | |
| CN113556430B (en) | Outbound system and outbound method | |
| US11451538B2 (en) | Methods and systems of authenticating of personal communications | |
| CN114168423A (en) | Abnormal number calling monitoring method, device, equipment and storage medium | |
| CN111988473B (en) | Voice communication call control method and device based on intelligent contract | |
| CN106060260A (en) | Method and equipment for prompting abnormal number in call | |
| KR20170006287A (en) | System and method for managing voice phishing information | |
| CN115623430B (en) | Telephone number labeling method, system, electronic equipment and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |