KR102250037B1 - Method, apparatus and computer-readable medium of providing an response solution to financial fraud - Google Patents

Abstract

The present invention relates to a method and an apparatus for providing solutions to a financial fraud and a computer-readable medium. According to an embodiment of the present invention, a method for providing solutions to a financial fraud, which is implemented by a computing device including at least one processor and at least one memory for storing commands that can be executed by the at least one processor, comprises: a fraud report receiving step of receiving a financial fraud report from a victim account requesting a remedy for damage among a plurality of user accounts; a report information analysis step of analyzing report information included in the received report by the fraud report receiving step; an accident type classification step of determining an accident type of the report information based on the result of the report information analysis step and classifying the report information into categories corresponding to the determined accident type; and a solution providing step of matching at least one of counter measure information and fraud expert information preset for each category with the victim account that has transmitted the report information, and transmitting at least one of the counter measure information and the fraud expert information matched to the victim account. Therefore, damage to the victim account (victim) who suffered financial fraud can be prevented from spreading. In addition, various embodiments identified through the present document are possible.

Description

METHOD, APPARATUS AND COMPUTER-READABLE MEDIUM OF PROVIDING AN RESPONSE SOLUTION TO FINANCIAL FRAUD}

The present invention relates to a method of providing a response solution to financial fraud, and specifically, a method of responding to financial fraud to a user account damaged by financial fraud by receiving a request for relief from a user account damaged by financial fraud. Or you can connect a financial fraud expert. Accordingly, it can have the effect of reducing mental damage or property damage caused by financial fraud to a minimum. In addition, by periodically providing various services or contents to prevent financial fraud to user accounts damaged by financial fraud, it may have an effect of preventing financial fraud using various techniques.

As IT technology is advanced, most of financial transactions are processed using the Internet or the like. However, financial transactions through the Internet are exposed to risks from various fraudulent techniques. Among them, phishing is one of the fraudulent methods that attempt to obtain confidential information such as account passwords and credit card information fraudulently by pretending to be a message from a trusted person or organization using a network. Since then, 117,075 reports of damage caused by phishing have been received, and the amount of damage over the last four years has been counted at 1.74 trillion won. Accordingly, as damage caused by financial fraud increases, technologies for preventing damage caused by financial fraud to a minimum are actively increasing.

As an example, Korean Patent Registration No. 10-2001-1570000 (Financial Fraud Prevention Method) includes the step (a) of checking a call time when a user terminal connects a phone number using a suspected fraudulent phone number as a source; And (b) generating an alarm to the user terminal when the call time exceeds the reference time; A technique of forcibly terminating the device is disclosed.

However, in the above-described prior art, a technology for preventing financial fraud is disclosed, but as a technology for relieving users who have been damaged by financial fraud has not been disclosed, In the case of filing an accident report, there is a problem in that the property damage of the user who has been damaged by financial fraud cannot be minimized.

Accordingly, the present invention provides a method for providing a response solution to financial fraud, specifically, when a report is received from a user account that has been damaged by financial fraud, first response information for minimizing damage is provided. By transmitting the first response result information according to the first response information from the user account, the received first response result information is transmitted to the fraud response expert account, and property damage is minimized by connecting the victim and the expert. It aims to provide technology to prevent financial fraud that may occur or recur.

In order to achieve the above object, there is provided a method for providing a solution for responding to financial fraud implemented by a computing device including at least one processor and at least one memory storing instructions executable by the processor according to an embodiment of the present invention. A fraud report receiving step of receiving a financial fraud report from a victim account requesting relief for damage among a plurality of user accounts; A report information analysis step of analyzing report information included in the received reception by the fraud report receiving step; An accident type classification step of classifying the reported information into a category corresponding to the determined accident type by determining an accident type of the reported information based on a result of performing the report information analyzing step; And matching at least one of the countermeasure method information and fraud response expert information preset for each category to the victim account that received the report information, and transmitting at least one of the countermeasure method information and fraud response expert information matched to the victim account. It characterized in that it comprises a; solution providing step.

In the step of providing the solution, when providing first response information among the matched response method information to the victim account, and receiving first response result information based on a response result according to the first response information from the victim account, It is preferable that the first response result information is stored in a database, and the first response result information is automatically transmitted to an expert account corresponding to the preset fraud response expert information.

In the case of receiving a response completion message for the reception from the victim account and the expert account corresponding to the fraud response expert information, the solution providing step may be performed according to second response information other than the first response information from the victim account. It is possible to include a result storage step of receiving second response result information based on the response result, receiving third response result information based on the response result by the expert account from the expert account, and storing it in a database. .

The solution providing step further includes a service providing step of periodically transmitting content information about the same type and different types of financial fraud guide content information and prevention method to the victim account when receiving the response completion message. It is possible.

In the step of providing the service, in the case of receiving an outgoing call and a text message from a previously registered dangerous number to a victim account with a damage history, a message notification service, a pop-up notification service, and a call to warn of the risk of financial fraud due to the dangerous number It is possible to provide at least one service among notification services.

The solution providing step includes analyzing the first correspondence result information, the second correspondence result information, and the third correspondence result information, obtaining correspondence process information, and storing the obtained correspondence process information in the database. It is possible.

The report information preferably includes at least one of a type of fraud, an amount of damage, a time of fraud, and profile information of the victim account.

The preset fraud response expert information is transmitted to the victim account by selecting fraud response expert information according to a matching criterion based on at least one of the type of fraud, the damage amount, the fraud time, and profile information of the victim account. It is possible to become.

A method of providing a solution for responding to financial fraud implemented by a computing device including at least one processor and at least one memory storing instructions executable by the processor according to an embodiment of the present invention is Based on the result of analyzing the report information included in the report information received from the victim account requesting the specific information, and responding to the determined type of accident based on the result of analyzing the report information included in the received reception, After classifying the report information by category, matching at least one of the countermeasure method information and fraud response expert information preset for each category to the victim account that received the report information, and the countermeasure method information matched to the victim account and fraud Since at least one of the response expert information is transmitted, it is possible to prevent the spread of damage to the victim account (victim) who suffered from financial fraud.

In addition, according to an embodiment of the present invention, the first response information of the matched response method information is provided to the victim account, and a first response result based on a response result according to the first response information from the damage account When receiving information, the first response result information is stored in a database, but the first response result information can be automatically transmitted to an expert account corresponding to the preset fraud response expert information. We can provide professional services to respond to.

In addition, according to an embodiment of the present invention, when a response completion message for the reception is received from an expert account corresponding to the victim account and fraud response expert information, a response other than the first response information is received from the victim account. By receiving the second response result information based on the response result according to the information, and receiving the third response result information based on the response result by the expert account from the expert account and storing the database, it is possible to prevent various financial fraud methods. It is possible to build a database of the point of view of the victim and the point of view of the expert. Accordingly, by acquiring data on various methods of financial fraud, it is possible to establish a response process having various response directions.

In addition, according to an embodiment of the present invention, when receiving the response completion message, it is possible to periodically transmit the same type and different types of financial fraud guide content information and content information on the prevention method to the victim account, It can provide information and solutions for recurring financial fraud in advance.

In addition, according to an embodiment of the present invention, in the case of receiving an outgoing call and text message from a previously registered risky number to a damaged account having a damage history, a message notification service notifying the risk of financial fraud due to the risky number, pop At least one of an up notification service and a call notification service may be provided, thereby preventing financial fraud that may recur in the future, thereby preventing property damage.

In addition, according to an embodiment of the present invention, the preset fraud response expert information is based on a matching criterion based on at least one of the type of fraud, the damage amount, the fraud time, and profile information of the victim account. Accordingly, the selected fraud response expert information may be transmitted to the victim account, so that experts who satisfy the needs of victims of financial fraud may be matched.

1 is a flowchart illustrating a method of providing a response solution to financial fraud according to an embodiment of the present invention.
2 is another flow chart for explaining a method of providing a response solution to financial fraud according to an embodiment of the present invention.
3 is a block diagram of an apparatus for providing a response solution to financial fraud according to an embodiment of the present invention.
4 is a diagram for explaining a method of receiving report information according to an embodiment of the present invention.
5 is a diagram for explaining a method of classifying a type of accident information according to an embodiment of the present invention.
6 is a view for explaining a solution providing step according to an embodiment of the present invention.
7 is a diagram for explaining a method of connecting a victim account and an expert account according to an embodiment of the present invention.
8 is a diagram for explaining content information on fraud guide content information and a method for preventing fraud according to an embodiment of the present invention.
9 is a diagram illustrating an example of an internal configuration of a computing device according to an embodiment of the present invention.

In the following, various embodiments and/or aspects are now disclosed with reference to the drawings. In the following description, for illustrative purposes, a number of specific details are disclosed to aid in an overall understanding of one or more aspects. However, it will also be appreciated by those of ordinary skill in the art that this aspect(s) may be practiced without these specific details. The following description and the annexed drawings set forth in detail certain illustrative aspects of the one or more aspects. However, these aspects are illustrative and some of the various methods in the principles of the various aspects may be used, and the descriptions described are intended to include all such aspects and their equivalents.

As used herein, "embodiment", "example", "aspect", "example", etc. may not be construed as having any aspect or design described as being better or advantageous than other aspects or designs. .

In addition, the terms "comprising" and/or "comprising" mean that the corresponding feature and/or component is present, but excludes the presence or addition of one or more other features, components, and/or groups thereof. It should be understood as not doing.

In addition, terms including ordinal numbers such as first and second may be used to describe various elements, but the elements are not limited by the terms. The above terms are used only for the purpose of distinguishing one component from another component. For example, without departing from the scope of the present invention, a first element may be referred to as a second element, and similarly, a second element may be referred to as a first element. The term and/or includes a combination of a plurality of related listed items or any of a plurality of related listed items.

In addition, in the embodiments of the present invention, unless otherwise defined, all terms used herein, including technical or scientific terms, are those commonly understood by those of ordinary skill in the art to which the present invention belongs. It has the same meaning. Terms as defined in a commonly used dictionary should be interpreted as having a meaning consistent with the meaning in the context of the related technology, and unless explicitly defined in the embodiments of the present invention, an ideal or excessively formal meaning Is not interpreted as.

1 is a flowchart illustrating a method of providing a response solution to financial fraud according to an embodiment of the present invention.

Referring to FIG. 1, a method of providing a response solution to financial fraud implemented by a computing device including at least one processor and at least one memory storing instructions executable by the processor includes an accident report reception step (step S101). You can do it. The computing device may include a smartphone, a desktop, a tablet, and the like, and any device capable of providing a response solution to financial fraud is not limited thereto.

In step S101, the at least one processor (hereinafter referred to as a processor) may receive a report of a financial fraud report from a victim account among a plurality of accounts through at least one communication module (hereinafter referred to as a communication module).

According to another embodiment, the processor may receive the reception of the financial fraud report from another electronic device interlocked with a device providing a method for providing a countermeasure solution to the financial fraud. For example, the processor may receive the reception of the financial fraud report from a victim account subscribed to a financial institution (eg, Kookmin Bank) through the communication module. That is, the plurality of user accounts are accounts pre-registered in a server communicatively connected with a device performing a method for providing a response solution to the financial fraud or a device performing a method for providing a response solution against the financial fraud. The damage account may be an account of a user who has been damaged by financial fraud, and may be an account that requests relief for damage caused by the financial fraud.

The above financial scams include voice phishing that impersonates the prosecution, police officers, financial supervisory service, financial companies, or a specific person to induce money transfer by tricking the victim over the phone, or when using a website by infecting a PC with malicious code. Farming, which steals financial transaction information and withdraws funds after directing to the site, messenger phishing, which deceives victims as if they are acquaintances by unauthorized theft of financial transaction information, and requests for dispatch, free coupons, invitations If you click a link in a text message with content, etc., malicious code is installed to hijack the power supply.Smishing, which pretends to be an employee of a financial company, arranges roughly and induces funds to be remitted in the name of insurance premiums. It may include fraud and the like.

According to an embodiment, when receiving the reception of a financial fraud report from the victim account in step S101, the processor may perform a report information analysis step (step S103).

In step S103, the processor may analyze the report information included in the reception of the report on the financial fraud. According to an embodiment, when receiving the reception of the financial fraud report from the victim account, the processor may start analyzing the report information included in the received reception. The report information may include at least one of a type of fraud, an amount of damage, a time of fraud, and profile information of the victim account.

For example, by analyzing the type of fraud included in the report information, the processor may confirm that the fraud type is voice phishing. In addition, by analyzing the damage amount and the time of fraud included in the report information, the processor may confirm that the amount of damage is 50,000,000 won, and that the time of fraud occurs around 15:23:23 on November 17, 20. In addition, the processor may analyze the profile information of the victim account included in the report information, and confirm that the victim is a woman in her 40s residing in Yangjae 2-dong, Gangnam-gu, Seoul. The report information is not limited to the type of fraud, the amount of damage, the time of the fraud, and information necessary to respond to the damage of financial fraud, as well as the profile information of the victim account.

According to an embodiment, the processor may perform the accident type classification step (S105) in a state in which the analysis of the report information is completed in step S103.

In the step S105, the processor checks the accident type of the report information analyzed in the step S103, and reports the report in a category corresponding to the determined accident type in order to provide a response or solution based on the checked accident type. Information can be classified.

According to an embodiment, the processor may classify the report information into a preset category based on the financial fraud method according to the type of accident of the analyzed report information. For example, if the accident type of the report information analyzed in step S103 is voice phishing, in order to provide a response or solution to the voice phishing, the processor sets the report information to a preset category, “voice phishing category. It can be classified as ". However, the type of the category is not limited to voice phishing, and may include at least one or more categories according to each financial fraud method.

According to an embodiment, when the category of the report information is classified in step S105, the processor may perform a solution providing step (S107).

In the step S107, the processor matches one of the response method information and the fraud response expert information preset for each category to the victim account that received the report information, and the response method information matched to the victim account and the fraud response expert At least one of the information can be transmitted. The preset response method information may be information including a response process according to each financial fraud method. The preset fraud response expert information may be information including profile information of experts capable of responding to each financial fraud method. In other words, a device that provides a response solution to financial fraud can provide better services to victims by accumulating data on increasingly diverse financial fraud methods and by establishing a response process that responds to data on financial fraud methods. In addition, immediate action against new financial fraud techniques can have possible effects.

According to an embodiment, the processor classifies the category of the report information according to the fraud type of the report information, and then receives the report information with one of response method information and fraud response expert information preset in the classified category. You can match one damage account.

According to an embodiment, in order to match the fraud response expert information preset in the category to the victim account, the processor may request to set a matching criterion from an expert account corresponding to the fraud response expert information. In more detail, the processor transfers the fraud type item, the damage amount range, the reception time range, and the personal information included in the profile information of the victim account, which are matching criteria information to be matched with the victim account from the expert account corresponding to the fraud response expert information. You can ask to set it up.

According to an embodiment, when receiving the reception of a report of a financial accident from the victim account, the processor provides the fraud response expert information to the victim account based on the report information of the victim account and the matching criteria set in the expert account. Can match. In other words, as a method of providing a response solution to financial fraud, a specialized response method and expert can be matched to the victim for each method of financial fraud, which provides a solution that satisfies the user's needs in consideration of the degree of damage to the user. It can have an effect.

For example, if the fraud type of the report information received from the victim account is smishing, damage amount of KRW 40,000,000, fraud time at 14:00:00 on November 15, 20, and profile information of a male in their 30s, fraud Fraud response expert information of expert accounts whose type is smishing, voice phishing, damage amount range 30,000,000 to 100,000,000 won, reception time range from November 15 to 20, 20, profile information 20 to 40 male and female matching criteria Can be transferred to the victim account. That is, the damage account may take measures to prevent the spread of damage due to financial fraud by receiving the preset response method information from the processor, and when the fraud response expert information is provided, an expert matching the expert information It is connected to and can be provided with a relief service for the financial fraud. That is, a device that provides a response solution to financial fraud can prevent property damage to a minimum by providing a measure for property damage that may occur after a financial fraud.

2 is another flow chart for explaining a method of providing a response solution to financial fraud according to an embodiment of the present invention.

Referring to FIG. 2, a method of providing a response solution to financial fraud implemented by a computing device including at least one processor and at least one memory storing instructions executable by the processor includes an accident report receiving step (step S201). You can do it. The computing device may include a smartphone, a desktop, a tablet, and the like, and any device capable of providing a response solution to financial fraud is not limited thereto.

In the step S201, the at least one processor (hereinafter referred to as a processor) may receive a report of a financial fraud report from a victim account among a plurality of accounts through at least one communication module (hereinafter referred to as a communication module).

According to another embodiment, the processor may receive the reception of the financial fraud report from another electronic device interlocked with a device providing a method for providing a countermeasure solution to the financial fraud. For example, the processor may receive the reception of the financial fraud report from a victim account subscribed to a financial institution (eg, Kookmin Bank) through the communication module. That is, the plurality of user accounts are accounts pre-registered in a server communicatively connected with a device performing a method for providing a response solution to the financial fraud or a device performing a method for providing a response solution against the financial fraud. The damage account may be an account of a user who has been damaged by financial fraud, and may be an account that requests relief for damage caused by the financial fraud.

The above financial scams include voice phishing that impersonates the prosecution, police officers, financial supervisory service, financial companies, or a specific person to induce money transfer by tricking the victim over the phone, or when using a website by infecting a PC with malicious code. Farming, which steals financial transaction information and withdraws funds after directing to the site, messenger phishing, which deceives victims as if they are acquaintances by unauthorized theft of financial transaction information, and requests for dispatch, free coupons, invitations If you click a link in a text message with content, etc., malicious code is installed to hijack the power supply.Smishing, which pretends to be an employee of a financial company, arranges roughly and induces funds to be remitted in the name of insurance premiums. It may include fraud and the like.

According to an embodiment, when receiving the reception of a financial fraud report from the victim account in step S201, the processor may perform a report information analysis step (step S203).

In step S203, the processor may analyze the report information included in the reception of the report on the financial fraud. According to an embodiment, when receiving the reception of the financial fraud report from the victim account, the processor may start analyzing the report information included in the received reception. The report information may include at least one of a type of fraud, an amount of damage, a time of fraud, and profile information of the victim account.

For example, by analyzing the type of fraud included in the report information, the processor may confirm that the fraud type is voice phishing. In addition, by analyzing the damage amount and the time of fraud included in the report information, the processor may confirm that the amount of damage is 50,000,000 won, and that the time of fraud occurs around 15:23:23 on November 17, 20. In addition, the processor may analyze the profile information of the victim account included in the report information, and confirm that the victim is a woman in her 40s residing in Yangjae 2-dong, Gangnam-gu, Seoul. The report information is not limited to the type of fraud, the amount of damage, the time of the fraud, and information necessary to respond to the damage of financial fraud, as well as the profile information of the victim account.

According to an embodiment, the processor may perform the accident type classification step (S205) in a state in which the analysis of the report information is completed in the step S203.

In the step S205, the processor checks the accident type of the report information analyzed in the step S203, and reports the report in a category corresponding to the determined accident type in order to provide a response or solution based on the checked accident type. Information can be classified.

According to an embodiment, the processor may classify the report information into a preset category based on the financial fraud method according to the type of accident of the analyzed report information. For example, if the accident type of the report information analyzed in step S203 is voice phishing, in order to provide a response or solution to the voice phishing, the processor sets the report information to a preset category of "voice phishing category." It can be classified as ". However, the type of the category is not limited to voice phishing, and may include at least one or more categories according to each financial fraud method.

According to an embodiment, when the category of the report information is classified in step S205, the processor may perform a solution providing step (S207).

In the step S207, the processor may match one of the countermeasure method information and the fraud response expert information preset for each category to the victim account receiving the report information. The processor may transmit at least one of the matched response method information and fraud response expert information.

In more detail, the processor may transmit the first response information included in the matched response method information to the victim account. The first response information may be guide information for a victim who has suffered financial damage to initially take follow-up measures to prevent the spread of property damage. For example, when the fraud type of the reported information is pharming, the processor may classify the reported information into a pharming category. The processor may transmit first response information included in response method information preset in the farming category to the victim account. For example, according to the first response information, the user of the victim account who has received the first response information requests a suspension of cash payment through the police station or a financial company call center and submits a "incident fact check" to the financial institution. Then, you can apply for a refund of damages.

According to an embodiment, after providing the first response information to the damage account, the processor may receive first response result information based on a response result according to the first response information from the damage account.

According to an embodiment, when receiving the first response result information, the processor may transmit the received first response result information to an expert account corresponding to the category preset fraud response expert information. That is, the processor transmits the first response information included in the response method information to the victim account, receives first response result information according to the transmitted first response information from the victim account, and sends the fraud response expert information. It can be transferred to the appropriate expert account. The processor may transmit fraud response expert information corresponding to the expert account receiving the first response result information to the victim account.

According to an embodiment, when receiving a request for connection with an expert account corresponding to the fraud response expert information from the victim account, the processor communicatively connects the victim account and the expert account, The user may receive second response information (eg, action service) for financial fraud from the user of the expert account. In more detail, the damage account may receive second response information according to the first response result information from the expert account. The second response information, based on the first response result information received by the processor, may be information for the victim account to resolve insufficient response measures among response measures based on the first response result information. .

According to an embodiment, after receiving the action service from the expert account in step S207, the processor may perform a result storage step (S209). The result storage step may be an operation performed by the result storage step unit disclosed in FIG. 3.

In the step S209, the processor, when receiving a response completion message for reception of the financial fraud report from the victim account and the expert account, according to the second response information other than the first response information from the victim account. The second response result information based on the response result may be received. The second response result information may be information that the user of the victim account directly measures against financial fraud based on the second response information. In more detail, the second response result information may be process information directly controlled by the user of the victim account based on the guide of the second response information received from the expert account.

According to an embodiment, while receiving the second correspondence result information, the processor may receive third correspondence result information based on a response result by the expert account from the expert account. In more detail, the third response result information is based on the first response result information in which the expert account is damaged, and in order to resolve a measure that the victim account could not handle, the user of the expert account remotely accesses the victim account. May be process information taken by remotely controlling the victim account. In addition, the processor may store the first correspondence result information, the second correspondence result information, and the third correspondence result information in a database. That is, the method of providing a response solution to financial fraud can be remotely connected to an expert through communication, so it is convenient to easily provide a solution to an elderly victim who is not familiar with electronic devices or user interfaces.

According to an embodiment, the processor may obtain corresponding process information based on the second correspondence result information and the third correspondence result information stored in the database. For example, the processor is based on the response order information and response method information included in the second response result information and the third response result information, for each type of financial fraud, another response that is not stored in the database. By deriving a method, the corresponding process information can be obtained. Another example. The processor may analyze the second correspondence result information and the result information included in the third correspondence result information to derive another correspondence method that is not stored in the database.

According to an embodiment, when receiving the response completion message in step S209, the processor may perform a service provision step (S211). The service providing step may be an operation performed by the service provider disclosed in FIG. 3.

In step S211, the processor may periodically transmit the same type and different types of financial fraud guide content information and content information about a prevention method to the victim account. In addition, the processor, when the victim account receives an outgoing call and text message from a previously registered dangerous number, at least one of a message notification service, a pop-up notification service, and a call notification service notifying the risk of financial fraud due to the dangerous number. Can provide services. The previously registered risk number may be a number stored in a database of a device that provides a response solution to the financial fraud. For example, when the processor receives information indicating that an outgoing call and text message has been received from the victim account, which is a pre-registered dangerous number "1234-5678", a message service that warns the victim account of the risk of financial fraud. I, it is possible to provide a pop-up notification service that switches the vibration function to the ON state. In other words, the method of providing a response solution to financial fraud can selectively provide response method information or expert information based on the report information received from the victim, so it is possible to remedy multiple victims even with a limited number of experts. Can have.

3 is a block diagram of an apparatus for providing a response solution to financial fraud according to an embodiment of the present invention.

Referring to FIG. 3, a computing device 300 including one or more processors and one or more memories storing instructions executable by the processor includes an accident report reception unit 301, a report information analysis unit 303, and an accident type classification unit. 305 and a solution providing unit 307 may be included.

According to an embodiment, the accident report receiving unit 301 may receive a report of a financial fraud report from the victim account 311 among a plurality of accounts through at least one communication module (hereinafter referred to as a communication module). The plurality of user accounts are connected to a server that is communicatively connected with the device 300 performing a method of providing a response solution to the financial fraud or the device 300 performing a method of providing a response solution to the financial fraud. It may be a previously registered account, and the victim account 311 is an account of a user who has been damaged by financial fraud, and may be an account that requests relief for the damage caused by the financial fraud.

According to an embodiment, when the accident report receiving unit 301 receives the reception of a financial fraud report from the damage account 311, the report information analysis unit 303 transmits the report information by the reception of the financial fraud report. Can be transmitted.

According to an embodiment, the report information analysis unit 303 may analyze report information included in the reception of the financial fraud report. The report information may include at least one of a type of fraud, an amount of damage, a time of fraud, and profile information of the victim account.

For example, the report information analysis unit 303 may analyze the type of fraud included in the report information and confirm that the fraud type is messenger phishing. In addition, the report information analysis unit 303 analyzes the damage amount and fraud time included in the report information, and the damage amount is 4,000,000 won, and the time of fraud occurs around 11:33:23 on November 18, 20. Can be confirmed. In addition, the report information analysis unit 303 may analyze the profile information of the victim account included in the report information, and confirm that the victim is a woman in her twenties residing in Seocho-dong, Gangnam-gu, Seoul. The report information is not limited to the type of fraud, the amount of damage, the time of the fraud, and information necessary to respond to the damage of financial fraud, as well as the profile information of the victim account.

According to an embodiment, when the analysis of the report information is completed, the report information analysis unit 303 may transmit the analyzed report information to the accident type classification unit 305.

The accident type classification unit 305 identifies the accident type of the analyzed report information, and classifies the reported information into a category corresponding to the analyzed accident type in order to provide a response or solution based on the checked accident type. can do.

According to an embodiment, the accident type classification unit 305 may classify the report information into a preset category based on the financial fraud method according to the accident type of the analyzed report information. For example, when the accident type of the analyzed report information is voice phishing, the accident type classification unit 305 sets the report information to a preset category in order to provide a response or solution to the voice phishing. It can be classified as "voice phishing category". However, the type of the category is not limited to voice phishing, and may include at least one or more categories according to each financial fraud method.

According to an embodiment, when the category of the report information is classified by the accident type classification unit 305, the solution providing unit 307 provides information on a countermeasure method preset for each category and expert information on fraud response. One of 313 may be matched with the victim account for which the report information is received, and at least one of response method information 317 and fraud response expert information 313 matched to the victim account may be transmitted. The preset response method information 317 may be information including a response process according to each financial fraud method. The preset fraud response expert information 313 may be information including profile information of experts capable of responding to each financial fraud method.

According to an embodiment, the solution provider 307 classifies the category of the report information according to the type of fraud of the report information, and then, the response method information 315 and fraud response expert information set in the classified category. One of 313 may be matched with the victim account that received the report information. When the fraud response expert information 313 is matched, the victim account 311 may determine whether to communicatively connect with the expert corresponding to the fraud response expert information 313. That is, the damage account may take measures to prevent the spread of damage due to financial fraud by receiving the preset response method information 317 from the solution provider 307, and provides the fraud response expert information 313 When provided, it is possible to connect with an expert corresponding to the fraud response expert information to receive a relief service for the financial fraud.

According to an embodiment, the computing device 300 including one or more processors and one or more memories storing instructions executable by the processor further includes a result storage step unit (not shown) and a service providing unit (not shown). can do. A description of the result storage step unit and the service providing unit will be described in detail in steps S209 and S211 of FIG. 2.

4 is a diagram for explaining a method of receiving report information according to an embodiment of the present invention.

Referring to FIG. 4, an apparatus for providing a response solution to financial fraud implemented by a computing device including at least one processor and at least one memory storing instructions executable by the processor includes at least one server 400 (hereinafter, (Referred to as a server). The computing device may include a smartphone, a desktop, a tablet, and the like, and any device capable of providing a response solution to financial fraud is not limited thereto.

According to an embodiment, a user of the victim account 405 logged in to the electronic device 401 may proceed with the filing of an accident 403 due to financial fraud. The user of the damage account 405 may create report information 407 when proceeding with the accident reception 403. The report information 407 may include an accident type, a time of fraud, a damage amount, and profile information of a victim account, and is not limited thereto as long as it is necessary information in a process of responding to financial fraud.

For example, the user of the victim account 405 sets the accident type to "Voice Phishing", sets the fraud time to "November 17, 20, 14:53:24 seconds", and sets the damage amount to 50,000,000 won. One report information 407 may be transmitted to the server 400 through a communication module of the electronic device 401. In this case, the report information 407 may also transmit profile information of the user entered when the user of the victim account 405 signs up for an account.

5 is a diagram for explaining a method of classifying a type of accident information according to an embodiment of the present invention.

Referring to FIG. 5, an apparatus 500 for providing a response solution to financial fraud implemented by a computing device including at least one processor and at least one memory storing instructions executable by the processor is an accident type classification unit 501 ) Can be included.

According to an embodiment, the accident type classification unit 501 may check the accident type of the report information analyzed by the report information analysis unit (not shown), and classify the analyzed report information according to the checked accident type. have. In more detail, the accident type classification unit 501 may classify and store the accident information in a first category 501a or a second category 501b according to the accident type of the report information. For example, when the accident type of the report information is “voice phishing”, the accident type classification unit 501 may classify and store the report information in a second category 501b set as “voice phishing category”. .

According to an embodiment, for each of the first category 501a and the second category 501b, at least one of information on a fraud response plan according to a financial fraud method and information on a fraud response expert may be set. At least one of the fraud response plan information and fraud response expert information preset for each category may be automatically transmitted by matching the victim account that received the report information by a solution provider (not shown) to be described in FIG. 6. .

6 is a view for explaining a solution providing step according to an embodiment of the present invention.

Referring to FIG. 6, an apparatus for providing a response solution to financial fraud implemented by a computing device including at least one processor and at least one memory storing instructions executable by the processor includes a solution provider 601. I can.

According to an embodiment, the solution provider 601 may transmit at least one of fraud response plan information and fraud response expert information stored in the database 603 to the electronic device 605 to which the victim account is logged in. In more detail, the solution providing unit 601 may transmit, to the electronic device 605, information on a fraud response plan and information on a fraud response expert set in advance to a victim account that has received report information classified into a category corresponding to the type of accident. have. For example, when the category of the classified accident information is a "farming category", the solution provider 601 may store at least one of information on a fraud response plan and information on a fraud response expert set in the "farming category" as the data. The call may be made to the base 603 and transmitted to the electronic device 605.

7 is a diagram for explaining a method of connecting a victim account and an expert account according to an embodiment of the present invention.

Referring to FIG. 7, an electronic device 701 (hereinafter referred to as a first electronic device) to which a victim account is logged in communicates with another electronic device 711 (hereinafter referred to as a second electronic device) to which an expert account is logged. It can be connected as an enemy.

According to an embodiment, the first electronic device 701 is a device that provides a response solution to financial fraud implemented as a computing device including one or more processors and one or more memories storing instructions executable by the processor. From (hereinafter referred to as a server), fraud response expert information 705 of the expert account may be received. The fraud response expert information 705 may include history information corresponding to financial fraud as history information of the expert account. In addition, the fraud response expert information 705 may include profile information of an expert account corresponding to the fraud response expert information 705, but is not limited thereto.

According to an embodiment, when the fraud response expert information 705 is provided to the first electronic device 701, the second electronic device 711 displays a message 713 that a connection with the victim account is waiting. You can print in some areas of the. The second electronic device 711 may receive report information 717 of the victim account through the server, and the report information includes the type of accident (fraud), time of fraud, amount of damage, and profile information of the victim account. It may include at least one of.

According to an embodiment, the first electronic device 701 may output a connection status message for communicatively connecting with the expert account. The first electronic device 701 may receive a user input for determining whether to connect or not from a user of the first victim account (hereinafter, referred to as a victim). When the first electronic device 701 receives a user input that agrees to connect to the expert account from the victim, the first electronic device 701 may be communicatively connected to the expert account logged in to the second electronic device 711 through the server. I can. That is, a victim who is a user of the first electronic device 701 communicatively connected to the second electronic device 711 may be provided with a measure service corresponding to the report information 717 from an expert. In other words, the method of providing a response solution to financial fraud can have the effect of improving the satisfaction of the victim by matching experts who satisfy the needs of the victim.

8 is a diagram for explaining content information on fraud guide content information and a method for preventing fraud according to an embodiment of the present invention.

Referring to FIG. 8, a device that provides a response solution to financial fraud implemented by a computing device (hereinafter referred to as an electronic device) including at least one processor and at least one memory storing instructions executable by the processor is damaged. The content 803 including information on information on the same type and other types of financial fraud guide information and prevention methods of the victim account may be provided to the terminal device 801 of the victim account for which a history exists.

According to an embodiment, when a victim account with a damage history receives an outgoing call and text message from a previously registered risk number, the electronic device may provide a message notification service, a pop, to warn of the risk of financial fraud due to the risk number. At least one of an up notification service and a call notification service may be provided. For example, when the electronic device receives information indicating that an outgoing call and text message has been received from the victim account, which is a pre-registered risk number "1234-5678", a message warning the victim account of the risk of financial fraud It can provide a service or a pop-up notification service that switches the vibration function to the ON state. That is, a method of providing a countermeasure solution to financial fraud may have an effect of preventing recurrence of financial fraud.

9 illustrates an example of an internal configuration of a computing device according to an embodiment of the present invention, and in the following description, a description of unnecessary embodiments overlapping with the description of FIGS. 1 to 8 will be omitted. It should be.

9, the computing device 10000 includes at least one processor 11100, a memory 11200, a peripheral interface 11300, and an input/output subsystem ( I/O subsystem) 11400, a power circuit 11500 and a communication circuit 11600. In this case, the computing device 10000 may be a user terminal connected to a tactile interface device (A) or may correspond to the aforementioned computing device (B).

The memory 11200 may include, for example, high-speed random access memory, magnetic disk, SRAM, DRAM, ROM, flash memory, or nonvolatile memory. have. The memory 11200 may include a software module, an instruction set, or other various data necessary for the operation of the computing device 10000.

In this case, access to the memory 11200 from another component such as the processor 11100 or the peripheral device interface 11300 may be controlled by the processor 11100.

The peripheral device interface 11300 may couple input and/or output peripheral devices of the computing device 10000 to the processor 11100 and the memory 11200. The processor 11100 may execute various functions for the computing device 10000 and process data by executing a software module or instruction set stored in the memory 11200.

The input/output subsystem 11400 may couple various input/output peripherals to the peripherals interface 11300. For example, the input/output subsystem 11400 may include a monitor, a keyboard, a mouse, a printer, or a controller for coupling a peripheral device such as a touch screen or a sensor to the peripheral device interface 11300 as needed. According to another aspect, the input/output peripheral devices may be coupled to the peripheral device interface 11300 without going through the input/output subsystem 11400.

The power circuit 11500 may supply power to all or part of the components of the terminal. For example, the power circuit 11500 may include a power management system, one or more power sources such as batteries or alternating current (AC), a charging system, a power failure detection circuit, a power converter or inverter, a power status indicator or power. It may contain any other components for creation, management, and distribution.

The communication circuit 11600 may enable communication with another computing device using at least one external port.

Alternatively, as described above, if necessary, the communication circuit 11600 may enable communication with other computing devices by transmitting and receiving an RF signal, also known as an electromagnetic signal, including an RF circuit.

The embodiment of FIG. 9 is only an example of the computing device 10000, and the computing device 11000 omits some of the components shown in FIG. 9, further includes additional components not shown in FIG. 9, or 2 It can have a configuration or arrangement that combines two or more components. For example, a computing device for a communication terminal in a mobile environment may further include a touch screen or a sensor in addition to the components shown in FIG. 9, and various communication methods (WiFi, 3G, LTE) are included in the communication circuit 1160. , Bluetooth, NFC, Zigbee, etc.) may include a circuit for RF communication. Components that may be included in the computing device 10000 may be implemented in hardware, software, or a combination of both hardware and software, including one or more signal processing or application-specific integrated circuits.

Methods according to an embodiment of the present invention may be implemented in the form of program instructions that can be executed through various computing devices and recorded in a computer-readable medium. In particular, the program according to the present embodiment may be configured as a PC-based program or an application dedicated to a mobile terminal. An application to which the present invention is applied may be installed on a user terminal through a file provided by the file distribution system. As an example, the file distribution system may include a file transmission unit (not shown) that transmits the file according to the request of the user terminal.

The apparatus described above may be implemented as a hardware component, a software component, and/or a combination of a hardware component and a software component. For example, the devices and components described in the embodiments include, for example, a processor, a controller, an arithmetic logic unit (ALU), a digital signal processor, a microcomputer, a field programmable gate array (FPGA), It may be implemented using one or more general purpose computers or special purpose computers, such as a programmable logic unit (PLU), a microprocessor, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and one or more software applications executed on the operating system. Further, the processing device may access, store, manipulate, process, and generate data in response to the execution of software. For the convenience of understanding, although it is sometimes described that one processing device is used, one of ordinary skill in the art, the processing device is a plurality of processing elements and/or a plurality of types of processing elements. It can be seen that it may include. For example, the processing device may include a plurality of processors or one processor and one controller. In addition, other processing configurations are possible, such as a parallel processor.

The software may include a computer program, code, instruction, or a combination of one or more of these, configuring the processing unit to operate as desired or processed independently or collectively. You can command the device. Software and/or data may be interpreted by a processing device or to provide instructions or data to a processing device, of any type of machine, component, physical device, virtual equipment, computer storage medium or device. It can be permanently or temporarily embody. The software may be distributed over networked computing devices and stored or executed in a distributed manner. Software and data may be stored on one or more computer-readable recording media.

The method according to the embodiment may be implemented in the form of program instructions that can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, etc. alone or in combination. The program instructions recorded on the medium may be specially designed and configured for the embodiment, or may be known and usable to those skilled in computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floptical disks. -A hardware device specially configured to store and execute program instructions such as magneto-optical media, and ROM, RAM, flash memory, and the like. Examples of program instructions include not only machine language codes such as those produced by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like. The hardware device described above may be configured to operate as one or more software modules to perform the operation of the embodiment, and vice versa.

As described above, although the embodiments have been described with reference to limited embodiments and drawings, various modifications and variations are possible from the above description to those of ordinary skill in the art. For example, the described techniques are performed in a different order from the described method, and/or components such as systems, structures, devices, circuits, etc. described are combined or combined in a form different from the described method, or other components Alternatively, even if substituted or substituted by an equivalent, an appropriate result can be achieved. Therefore, other implementations, other embodiments, and those equivalent to the claims also fall within the scope of the claims to be described later.

Claims (10)

In the method of providing a response solution to financial fraud implemented by a computing device comprising at least one processor and at least one memory for storing instructions executable by the processor,
A fraud report receiving step of receiving a report of a financial fraud report from a victim account requesting relief for damage among a plurality of user accounts;
A report information analysis step of analyzing report information included in the received reception by the fraud report receiving step;
An accident type classification step of classifying the reported information into a category corresponding to the determined accident type by determining an accident type of the reported information based on a result of performing the report information analyzing step; And
A solution for transmitting at least one of response method information and fraud response expert information matched to the victim account by matching at least one of the countermeasure method information and fraud response expert information preset for each category to the victim account that received the report information Including; providing step;
The fraud response expert information,
Includes expert profile information and expert accounts,
The solution providing step,
Finance matching the victim account and the expert account in real time based on matching criteria information including at least one of a fraud type item set by the expert account, a damage amount range, a reception time range, and profile information of the victim account. How to provide a response solution to fraud.
The method of claim 1,
The solution providing step,
Provide first response information among the matched response method information to the victim account,
When receiving first response result information based on a response result according to the first response information from the damage account, storing the first response result information in a database,
The method of providing a response solution to financial fraud, characterized in that automatically transmitting the first response result information to the matched expert account.
The method of claim 2,
The solution providing step,
When a response completion message for the reception is received from the victim account and the expert account matched with the victim account, a response result based on the response result according to the second response information, which is different response information from the first response information, is received from the damage account. 2 Receive response result information,
And storing a result of receiving third response result information based on the response result of the expert account from the expert account and storing the result in a database.
The method of claim 3,
The solution providing step,
When receiving the response completion message, a service providing step of periodically transmitting content information on the same type and different types of financial fraud guide content information and prevention method to the victim account; financial fraud, characterized in that it further comprises How to provide a response solution for.
The method of claim 4,
The service providing step,
In the case of receiving an outgoing call or text message from a previously registered dangerous number, the victim account with a damage history has at least one of a message notification service, a pop-up notification service, and a call notification service that warns of the risk of financial fraud A method of providing a response solution to financial fraud, characterized in that providing a service.
The method of claim 3,
Analyzing the first correspondence result information, the second correspondence result information, and the third correspondence result information, to obtain correspondence process information,
A method for providing a response solution to financial fraud, characterized in that storing the obtained response process information in the database.

The method of claim 1,
The report information above is:
A method of providing a response solution to financial fraud, comprising at least one of a type of fraud, a damage amount, a fraud time, and profile information of the victim account.
delete An apparatus for providing a response solution to financial fraud implemented by a computing device including at least one processor and at least one memory storing instructions executable by the processor,
A fraud report receiving unit for receiving a report of a financial fraud report from a victim account requesting relief for damage among a plurality of user accounts;
A report information analysis unit that analyzes report information included in the received reception by the fraud report receiving unit;
An accident type classification unit for classifying the reported information into a category corresponding to the determined accident type by determining an accident type of the reported information based on a result of the execution of the report information analysis unit; And
A solution for transmitting at least one of response method information and fraud response expert information matched to the victim account by matching at least one of preset response method information and fraud response expert information for each category to the victim account that received the report information Including;
The fraud response expert information,
Includes expert profile information and expert accounts,
The solution provider,
Finance matching the victim account and the expert account in real time based on matching criteria information including at least one of a fraud type item set by the expert account, a damage amount range, a reception time range, and profile information of the victim account. A device that provides a response solution to fraud.
As a computer-readable recording medium,
The computer-readable recording medium stores instructions that cause a computing device to perform the following steps, the steps comprising:
A fraud report receiving step of receiving a report of a financial fraud report from a victim account requesting relief for damage among a plurality of user accounts;
A report information analysis step of analyzing report information included in the received reception by the fraud report receiving step;
An accident type classification step of classifying the reported information into a category corresponding to the determined accident type by determining an accident type of the reported information based on a result of performing the report information analyzing step; And
A solution for transmitting at least one of response method information and fraud response expert information matched to the victim account by matching at least one of preset response method information and fraud response expert information for each category to the victim account that received the report information Including; providing step;
The fraud response expert information,
Includes expert profile information and expert accounts,
The solution providing step,
Matching the victim account and the expert account in real time based on matching criteria information including at least one of a fraud type item, a damage amount range, a reception time range, and profile information of the victim account set by the expert account. Computer-readable recording medium characterized by.

Images