EA038077B1 - Method and system for marking user actions for subsequent analysis and accumulation - Google Patents

Abstract

The invention generally relates to digital data processing, in particular to a method and system of marking user actions for subsequent analysis and accumulation. A computer-implemented method of marking user actions for subsequent analysis and accumulation, where at least one open and private encryption key is generated for a certain period of action; a unique user identifier is encrypted with an open encryption key in case of the user's access to a web resource or a software application using a computer device; the unique user identifier encrypted on the previous step is saved in overhead-type files in said computer device with validity period of these files automatically set in accordance with the validity period of said open key; at least one code on a web resource page or a software application is generated with the built-in encrypted unique user identifier; the user actions are tracked using said code and then recorded into a database; recorded user actions and previously generated private encryption key are transferred to a passive authentication system; the user identifier is decrypted in the passive authentication system by the private encryption key; and the received actions are associated with the user profile. The technical result: providing a method for verified collection of user action data associated with the user activity by using encryption of a unique user identifier used during a session of user's access to a resource in the Internet for linking the monitoring results with a user profile.

Description

Technology area

The present technical solution, in general, relates to the processing of digital data, and in particular to a method and system for marking user actions for subsequent analysis and accumulation.

State of the art

Currently, solutions are widely used to analyze user activity in computer information networks, for example, the Internet, in order to determine the most beneficial offers for users, targeted advertising, etc.

As an example of such solutions, we can consider the well-known methods and systems described in documents RU 2509362, US 20040019523, US 7685191. As a rule, such solutions are based on capturing information that identifies the information resource on which the user performs certain actions, but the main drawback Their implementation is the insufficient degree of analysis of the authorized client with the binding of specific actions to his profile, which leads to the appearance of noise and false information, which may not be inherent in the activity of the corresponding user.

These drawbacks, in turn, lead to a significant increase in the volume of irrelevant information, which is falsely indexed for the corresponding user profile, which subsequently makes it difficult to further use it for processing and calculation based on it targeted information for users.

The essence of the technical solution

A technical problem or task in this technical solution is the need to create a method for collecting information about user actions, as well as verification of this information for the current user profile in order to monitor relevantly his actions on the corresponding resource on the Internet.

The technical result is to provide a method for verified collection of data of user actions related to his activity by using encryption of a unique user identifier used during a user's access session to a resource on the Internet to link monitoring results with a user profile. An additional technical result is to increase the protection of the collection of user actions data through the use of a procedure for cryptographic protection of the user identifier.

The claimed method of marking user actions for subsequent analysis and accumulation includes the implementation of stages at which:

generate at least one public and private encryption key for a certain period of validity;

encrypting the user's unique identifier with a public encryption key when accessing a web resource or software application using a computer device;

storing the unique user identifier encrypted at the previous step into service-type files on the said computer device, and the validity period of these service-type files is automatically set according to the validity period of the public key;

form at least one code on a web resource page or software application with an embedded encrypted unique user identifier;

tracking the user's actions using the mentioned code and their subsequent recording in the database;

transferring the recorded user actions and the previously generated private encryption key to the authentication system;

the user identifier is decrypted in the passive authentication system by means of a private encryption key and the obtained actions are associated with his profile.

In one of the private embodiments of the claimed method of user actions, they include at least one of: the trajectory of the cursor movement, interaction with the graphical interface element, the time the cursor is on the graphical interface element, scrolling the web resource page, navigating to a web resource of another domain, data transactions. In another particular embodiment of the claimed method, each recorded action contains a unique identifier (UID). The claimed solution is also implemented by a system for marking user actions for subsequent analysis and accumulation, which contains at least one processor and at least one memory means containing machine-readable instructions, which, when executed by the processor, implement the above method.

Brief Description of Drawings

The features and advantages of the present technical solution will become apparent from the following detailed description and the accompanying drawings, in which:

fig. 1 illustrates a block diagram of an implementation of the claimed method for marking and storing data;

fig. 2 illustrates an example of a system for implementing the method;

fig. 3 illustrates a flow diagram of a method for selecting relevant offers;

- 1 038077 fig. 4 illustrates an example of processing information on the interests of a user;

fig. 5 illustrates an example of a computing device.

Detailed description

This technical solution can be implemented on a computer, in the form of an automated information system (AIS) or a computer-readable medium containing instructions for performing the above method. The technical solution can be implemented as a distributed computer system that can be installed on a centralized server (set of servers). User access to the system is possible both from the Internet and from the internal network of an enterprise / organization via a mobile communication device on which software with a corresponding graphical user interface is installed, or a personal computer with access to the web version of the system with a corresponding graphical user interface.

Below will be described the terms and concepts necessary for the implementation of this technical solution.

In this solution, the system means a computer system, a computer (electronic computing machine), CNC (numerical control), PLC (programmable logic controller), computerized control systems and any other devices capable of performing a given, clearly defined sequence of computational operations (actions, instructions ).

A command processing device means an electronic unit or an integrated circuit (microprocessor) that executes machine instructions (programs).

A command processor reads and executes machine instructions (programs) from one or more storage devices. The role of data storage devices can be, but are not limited to, hard disks (HDD), flash memory, ROM (read only memory), solid state drives (SSD), optical drives.

A program is a sequence of instructions intended for execution by a computer control device or a command processing device.

FIG. 1 shows a general diagram of an implementation of a method 100 for marking user actions for subsequent analysis and accumulation. In the first step 101, at least one public and private encryption key is generated for a certain period of validity (day, week, month, etc.). After the expiration of the specified period of validity of the keys, they are deactivated.

The encryption method can be selected from various known solutions, for example the RSA algorithm, which encrypts the data using a public key known to the AIS. Deactivation of keys means the deletion of the current version of the keys when the specified date of their validity has expired. they can no longer be used to identify the user in the AIS when decrypting information. When the keys are deactivated, new keys are subsequently generated. At step 102, when a user accesses a service channel via the Internet from a personal computer device, in particular, when accessing a website (website page) or a software application installed on the user's device, an authentication procedure is performed. An encrypted unique identifier (UID) is prepared for each user using a public key. The encryption method can be chosen from various known solutions, for example, a unidirectional encryption mechanism using a salt (for example, sha1 or sha2), which allows you to obtain a unique key that cannot be decrypted back. The generated UID is written to service-type files stored on the user's computer device, such as Internet session files or cookies (block 103). When the public key is updated after its expiration, the data in the service file is updated.

UID can be permanent or temporary. A temporary UID is created when there is no user profile information in the authentication system located on the server (to be disclosed below). If there is information about a user profile that previously accessed the corresponding resource, the corresponding UID is stored in the authentication system.

Further, at step 104, at least one code (script, program) is generated on the resource for which it is necessary to monitor the user's activity, which contains the encrypted UID of the user to identify it and perform the corresponding monitoring. To monitor user actions, a script can be used that is responsible for sending messages about user actions on the resource, for example, clickstream or click path, which allow you to track the chain of transitions. In this case, a resource means, for example, a page of a website or a software application. Alternatively, the code can be a personal page on a website or software application interface. The analysis of user actions at block 105 consists in monitoring the events occurring on the resource with which the user interacts. Such actions can be, for example, the trajectory of the cursor movement, interaction with the graphical interface element, the time the cursor is on the graphical interface element, scrolling the page of a web resource, switching to a web resource of another domain, transaction data, downloading files, switching from the resource to social networks, etc. Received action information

- 2 038077 y of the user at step 106 is stored and transmitted along with the private key to the authentication system for subsequent decryption of the UID and matching the actions of the user and his profile (step 107). Each activity also contains an UID for storing and analyzing the corresponding types of identified activities.

UID can be associated with information such as: user's phone number, e-mail address, user's full name, payment card number, etc.

FIG. 2 shows a general view of the system of interaction of the elements of the claimed solution. As noted above, a user interacts with a web resource 250, such as a website or software application, using a computer device 200, such as a smartphone, personal computer, tablet, game console, smart TV, wearable smart device, etc. (for example, Sberbank Online).

The fact of user interaction on the resource 250 is recorded on the control server 300. The server 300 contains the necessary software and hardware for organizing the operation of the necessary functions for implementing the claimed method 100. Using the module 310, automated code generation is carried out for monitoring user actions on the web resource 250. С using the authentication system 320, a UID is created for the user, or it is selected from the database (DB) of the server 330, if the user is already registered in the system. Information about the user's actions on the web resource is also subsequently stored in the database 330. The data on user actions is also transmitted to the event handler module 340, which provides the selection of relevant offers for users based on the analysis of their activity (actions) on the web resource 250 (Internet resource ).

As an example of using the method 100 for marking user actions for subsequent analysis and accumulation, one can consider its application for the purpose of obtaining relevant offers for users, for example, financial offers (loans, mortgages, deposits, etc.). FIG. 3 shows a general diagram of the implementation of the method for selecting proposals 400 for the user based on the monitoring data of his actions on the web resource 250. Based on the information received about user actions (step 401) on the web resource 250, the data is analyzed using the automated system (step 402) to identify relevant offers for the respective user profile.

The analysis of user actions 401, as indicated above, can be carried out according to various criteria. For example, the analysis can be carried out on the transactions performed by the user (website, POS terminals, ATM, self-service device, etc.) made both using the web resource 250 on the Internet (website or software application), and when payment by means of means of payment (debit, credit cards), which are subsequently processed on the server of the payment system and transmitted to the database 330 when they are compared with the data of the corresponding user. The analysis of information can be based on data characterizing the type of product or information corresponding to the user's interest, for example, on the basis of obtaining data recording the time the user spends on the corresponding tab of the website or his interaction with the application interface (for example, a loan calculator, issuance of a credit cards, opening a deposit). The recorded actions of the user are used to form the attributes of the event or the vector of the user's service during subsequent calls to the channel.

Based on the attribute composition of events recorded on the web resource 250 (Internet resource), business events and / or complex events are formed, which are automatically analyzed and processed by business rules implemented using program logic that interacts with the server 300. in particular, using the event handler module 340. Based on the results of processing the business rules, a specific product is searched for at block 403 and a message is sent to the user with its description at block 404

A business event is a system-processed event generated by a user of the resource 250 (eg, card transactions performed, a transition to a product description on a website, etc.). Business rules are a sequence of analyzing and processing a user's business events.

To process business rules, module 340 can use the following data: contact information, age, gender, segment, region, and other user attributes. The end of the processing of each business rule is the name or ID of a specific product / type of product (offer). For this, information from the database 330 about the current available offers, as well as the current product catalog, can be used. In the event handler module 340, an analytical function can be implemented that allows you to calculate analytical values for each user in the context of a time interval, for example, such values can be: the number of events, minimum / average / maximum / total / average deviation, etc. attributes of the event. This function allows you to take into account incoming events for each user profile at a specified time interval, for example, per second / minute / hour / day / week / month. Counter data is used to configure algorithms for detecting complex business events before

- 3 038077 applications and selection of the most relevant information for the relevant users. A complex business event, as a rule, is understood as a business event formed as a result of several previous events generated by the user on the resource 250.

Module 340 assigns an UID to each business event and / or complex event. Module 340 can also implement an interface for flexible configuration of algorithms for filtering operations recorded by user actions. Module 340 searches and selects offers for the user based on the received user action event attributes.

The server 300 decrypts the user's UID, which is contained in the attributes of the event generated by his actions on the corresponding resource. As a result of event processing, the server 300 associates the generated event attributes with the user's UID for subsequent transfer of information to the event processing module 340 and selection of appropriate proposals for the said user UID. At block 402, the analysis of proposals has a time range for accumulating the necessary information and selecting relevant data. As shown in FIG. 4, using the claimed solution, in particular by processing the incoming data, the module 340 can record at step 401 repeating pages or categories of interest of the user according to the actions taken, for example, when viewing thematically similar elements of a web resource during the day or a week (topics of the web -pages) 250. The topic may refer to different offers, such as credit offers, deposits, debit / credit cards. The server 300 receives data about user events in a given time period and ranks them for the availability of offers available to a given user.

The time period for sending a message with a proposal to the user can also be selected based on the analysis of the general activity of the user both in a given time period and for a longer period, which is determined based on the presence of a relevant proposal or the activity of user actions and the corresponding program logic implemented on the server 300. Additionally, the user's transaction history can be taken into account to take into account these attributes when selecting relevant offers. The table below will provide an example of storing customer activity data for analyzing relevant business events.

Business event identifier Offer [Date 1] [Date 2] [Date 3] Date N ID 1 Contribution 01.01.2018 02.01.2018 10.01.2018 ID 2 Map 01.01.2018 02.01.2018 10.01.2018

Business Event ID - The business event ID received in the offer search request.

Offer - the name of the sold (banking) / marketing product from the product catalog, by the identifier of which the request to search for an offer was received.

Date 1 - the number of requests for the unique link between business event and product received by the system on the first day of the selected period.

Date 2 - the number of requests for the unique link business event - product received by the system on the second day of the selected period.

Date 3 - the number of requests for the unique link between business event and product received by the system on the third day of the selected period.

Date N - the number of requests for the unique link business event - product received by the system on the last day of the selected period.

Filtering records can be done as follows:

1) By field, business event identifier - in alphabetical order;

2) By the Product field - in alphabetical order.

Applied filters:

1) Date from. The date of the beginning of the period for generating the report, the date of receipt of the request for the search for an offer is used

2) Date to. The end date of the period for generating the report, the date of receipt of the request for the search for an offer is used

3) Business event identifier. List of all received business event IDs in offer search requests.

4) Product. List of all products for which search requests have been received.

Searching for suggestions for a user profile can be done as follows:

Client ID;

Identifier of the Product Type and / or the product being sold or the Identifier of the Information Product;

- 4 038077

The type of communication channel.

If the list of attributes consists of two user IDs, then the search is performed by the main ID first. If the user is not found, then an additional search is performed. In the message for the search for an offer, in addition to the attributes for the search, the ID of the business event and / or complex event and the ID of the business rules are transmitted.

When sending at step 404 a message about the found relevant offer, the user can be provided with the function of generating personalized requests, for example, SMS messages or letters sent via e-mail, PUSH notifications or by calling the user of the call center operator. The channel for sending messages to the user about the notification about the presence of identified offers is selected, as a rule, from the following information transmission channels: SMS, PUSH notifications, Internet network, telephone communication, software application, messenger, etc.

The offer sent to the user may contain information describing a specific product or the conditions for purchasing a product, the validity of the offer, cost and other type of data. For each pair of business event - product, an algorithm for forming a control group can be provided, which is used to assess the effectiveness. Using this algorithm, the number of customers for whom an offer was found corresponding to a pair of business event - product is recorded.

The use of the method 100 for marking and storing data on user actions makes it possible to improve the search for one or more relevant offers for the user by monitoring his activity on the web resource with reliable identification of the user profile. FIG. 5 shows an example of a computing device 500 that can be used to perform functions for logical processing of the necessary data to implement the claimed solution. It should be noted that the user's computing device 200 and the server 300 referred to herein may be one of the embodiments of the computing device 500.

In general, computing device 500 includes one or more processors 501, combined by a common bus 510, memory means such as RAM 502 and ROM 503, I / O interfaces 504, I / O means 505, and means for networking 506. Processor 501 (or multiple processors, multi-core processor) can be selected from a wide range of devices currently in use, such as Intel ™, AMD ™, Apple ™, Samsung Exynos ™, MediaTEK ™, Qualcomm Snapdragon ™ and the like.

RAM 502 is a random access memory and is intended for storing machine-readable instructions executed by the processor 501 for performing the necessary operations for logical processing of data. RAM 502 typically contains executable instructions of an operating system and associated software components (applications, software modules, etc.).

ROM 503 is one or more persistent storage devices such as a hard disk drive (HDD), solid state data storage device (SSD), flash memory (EEPROM, NAND, etc.), optical storage media (CD-R / RW, DVD-R / RW, BlueRay Disc, MD), etc.

To organize the operation of the components of the device 500 and the organization of the operation of external connected devices, various types of I / O 504 interfaces are used. The choice of the appropriate interfaces depends on the specific version of the computing device, which can be, but are not limited to: PCI, AGP, PS / 2, IrDa, FireWire , LPT, COM, SATA, IDE, Lightning, USB (2.0, 3.0, 3.1, micro, mini, type C), TRS / Audio jack (2.5, 3.5, 6.35), HDMI, DVI, VGA, Display Port, RJ45, RS232, etc.

Various I / O means 505 are used to provide user interaction with computing device 500, such as keyboard, display (monitor), touch display, touch pad, joystick, mouse, light pen, stylus, touch pad, trackball, speakers, microphone , augmented reality, optical sensors, tablet, light indicators, projector, camera, biometric identification (retina scanner, fingerprint scanner, voice recognition module), etc.

The networking tool 506 allows the device 500 to transmit data over an internal or external computer network, such as an Intranet, Internet, LAN, and the like. One or more tools 506 may include, but are not limited to: Ethernet card, GSM modem, GPRS modem, LTE modem, 5G modem, satellite communication module, NFC module, Bluetooth and / or BLE module, Wi-Fi module, etc.

Additionally, satellite navigation aids can also be used, for example, GPS, GLONASS, BeiDou, Galileo.

The presented application materials disclose preferred examples of the implementation of the technical solution and should not be construed as limiting other, particular examples of its implementation, which do not go beyond the scope of the claimed legal protection, which are obvious to specialists in the relevant field of technology.

Claims (4)

CLAIM 1. A computer-implemented method of marking user actions for subsequent analysis and accumulation, including the following steps: generate at least one public and private encryption key for a certain period of validity; encrypting the user's unique identifier with a public encryption key when accessing a web resource or software application using a computer device; storing the unique user identifier encrypted at the previous step into service-type files on the said computer device, and the validity period of these service-type files is automatically set according to the validity period of the public key; form at least one code on a web resource page or software application with an embedded encrypted unique user identifier; tracking the user's actions using the mentioned code and their subsequent recording in the database; the recorded user actions and the previously generated private encryption key are transmitted to the passive authentication system; the user identifier is decrypted in the passive authentication system by means of a private encryption key and the obtained actions are associated with his profile. 2. The method according to claim 1, characterized in that the user's actions include at least one of: the trajectory of the cursor movement, interaction with the graphical interface element, the time the cursor is on the graphical interface element, scrolling the web resource page, switching to the web -resource of another domain, transaction data. 3. The method according to claim 1, characterized in that each recorded action contains a unique identifier (UID). 4. A system for marking user actions for subsequent analysis and accumulation, comprising at least one processor and at least one memory means containing machine-readable instructions, which, when executed by the processor, implement the method according to any one of claims 1-3.