KR102376488B1 - Method for detecting financial fraud - Google Patents

Abstract

The present invention relates to a financial fraud detection method including the following steps of: extracting a fraud report transfer history including a preset fraud-related keyword from an account transfer history stored in a financial server; assigning a risk score to a first recipient of the extracted fraud report transfer history; assigning a risk score to a second recipient who has received remittance from the first recipient based on transfer information of the first recipient; classifying, in a case where the accumulated risk score of the first recipient or the second recipient exceeds a preset reference value, the recipient as a high-risk recipient; and providing, in a case where there is a transfer request for remittance to the high-risk recipient, a notification to the sender regarding the transfer request.

Description

Method for detecting financial fraud

The present invention relates to a method for detecting financial fraud. Specifically, the present invention relates to a method of allocating a risk score to a payee by analyzing account transfer details, and providing a notification to a sender who requests a transfer for a high-risk payee whose accumulated risk score exceeds a reference value.

The content described in this section merely provides background information for the present embodiment and does not constitute the prior art.

In recent years, as the number of second-hand transactions has rapidly increased in Korea, the number of second-hand transactions between individuals is also rapidly increasing.

For example, fraudulent organizations use “high-profit home-based part-timers” as bait to recruit transfer workers from part-time job sites and use them for fraud. Specifically, when a victim purchases a product, the fraudulent organization is conducting a fraudulent transaction in such a way that the money is deposited into the transfer worker's account, the money is transferred back to the transfer worker, and the goods are not delivered to the victim. Even if the victim finds out that it is a scam and reports the transfer account, it is difficult for the investigation agency to immediately know the relationship between the transfer employee and the actual fraudulent organization, so it is difficult to remedy the victim.

With the above method, the number of victims and damages is increasing, but in the current law, used transaction fraud is treated as a transaction between individuals and is not treated as a 'telecommunication financial fraud'. Since it is difficult to detect, there is a problem in that it is difficult to actively deal with fraudulent activity.

Therefore, there was a need for a method to analyze the transfer details and fraud report details of the recipient when transferring money according to an individual transaction, and to provide a notification including a warning to the sender when an account used for fraud is suspected. .

An object of the present invention is to identify a high-risk payee by extracting transfer details containing fraud-related keywords from the account transfer details, assigning a risk score to the payee of the transfer details, and to provide an alarm to the sender who transfers to the high-risk payee. It is to provide a method for detecting financial fraud.

In addition, an object of the present invention is to determine a high-risk payee by receiving the fraud report details of the victim, extracting the transfer details related thereto, and assigning a risk score to the payee. It is to provide a method for detecting financial fraud.

In addition, an object of the present invention is to calculate the transfer risk for the payee using a deep learning module based on the payee's customer information and transfer transmission/reception data, and use this to give a risk score to the payee to determine the high-risk payee, The goal is to provide a financial fraud detection method that can provide an alarm to the sender making a transfer to a high-risk recipient.

The objects of the present invention are not limited to the above-mentioned objects, and other objects and advantages of the present invention not mentioned may be understood by the following description, and will be more clearly understood by the examples of the present invention. It will also be readily apparent that the objects and advantages of the present invention may be realized by the means and combinations thereof indicated in the appended claims.

A method for detecting financial fraud according to an embodiment of the present invention includes the steps of extracting a fraud report transfer detail including a preset fraud-related keyword from account transfer details stored in the financial server, and a first allocating a risk score to a payee; allocating a risk score to a second payee receiving remittance from the first payee based on the transfer information of the first payee; Classifying the payee as a high-risk payee when the risk score exceeds a preset threshold, and providing a notification to the sender of the transfer request when there is a transfer request to the high-risk payee.

In addition, in the step of extracting the fraud report transfer details, the transfer details including the preset fraud-related keywords in the transfer summary of the account transfer details, or transfer details transferred with a preset amount are set as the fraud report transfer details may include doing

Also, when the second payee is classified as the high-risk payee, the method may further include classifying the first payee having a history of remittance to the second payee as the high-risk payee.

In addition, the step of providing the notification may include providing a transfer warning pop-up to the remitter notifying that the payee is the high-risk payee, providing an authentication pop-up for performing additional authentication for account transfer, or transferring an account to the payee is impossible It may include providing a non-transfer pop-up notifying that

In addition, the providing of the notification may include providing the notification in the preliminary transfer step of checking account information of the recipient before performing the account transfer according to the transfer request.

A method for detecting financial fraud according to another embodiment of the present invention includes the steps of extracting, from the account transfer details stored in the financial server, the fraud report transfer details related to the previously received fraud report details; Allocating a risk score to a first payee, allocating a risk score to a second payee receiving remittance from the first payee based on the transfer information of the first payee, accumulating the first payee or the second payee Classifying the payee as a high-risk payee when the assigned risk score exceeds a preset threshold, and providing a notification to the sender of the transfer request when there is a transfer request to the high-risk payee.

In addition, the fraud report details, including the name of the payee of the account transfer, and the account number of the payee, may be input through the sender's terminal or received from an external server.

In the financial fraud detection method according to another embodiment of the present invention, in the financial server, based on the customer information of the first payee for the transfer request of the sender and the transfer transmission and reception data for a predetermined period, deep learning learned in advance Calculating the transfer risk of the first payee using a module, allocating a risk score to the first payee when the calculated transfer risk is higher than a predetermined reference value, based on the transfer information of the first payee allocating a risk score to a second payee receiving remittance from the first payee, and classifying the payee as a high-risk payee when the accumulated risk score of the first payee or the second payee exceeds a preset reference value and providing a notification to the remitter of the transfer request when there is a transfer request for remittance to the high-risk remittee.

In addition, the deep learning module includes an input layer using the customer information and the transfer transmission/reception data as an input node, an output layer using the transfer risk as an output node, and at least one disposed between the input layer and the output layer. Including a hidden layer, weights of nodes and edges between the input node and the output node may be updated by a learning process of the deep learning module.

In addition, the customer information includes the age and gender of the customer, and the transfer transmission/reception data includes the number of transfers and total amount of transfers for the predetermined period, the number of transfers received, the total amount of transfers received, and detection of abnormal transactions It may include a number of times.

In addition, the transfer transmission/reception data includes a transfer summary including preset fraud-related keywords, and the deep learning module, as the number of fraud-related keywords included in the transfer transmission/reception data increases, is relatively high. You can print the transfer risk.

In addition, extracting the fraud report transfer details including a preset fraud-related keyword from the account transfer details stored in the financial server, and transferring the fraud report related to the previously received fraud report details from the account transfer details stored in the financial server The method may further include extracting the details and allocating a risk score to the first payee of the extracted fraud report transfer details.

The financial fraud detection method of the present invention may include a fraud-related keyword or extract a transfer history transferred with a preset amount to give a risk score to the recipient of the transfer history. Then, when a remittance is attempted to a recipient whose accumulated risk score exceeds the threshold, a notification is provided to notify the remitter of the risk of transfer, thereby preventing financial accidents and fraud damage in interpersonal transactions.

In addition, the financial fraud detection method of the present invention classifies a remitter who has sent money to a person classified as a high-risk recipient as a high-risk recipient. , it can reduce the possibility of victims of fraudulent transactions using transfer alba.

In addition, the financial fraud detection method of the present invention can increase the accuracy of classification of high-risk payees by accumulating risk scores based on fraud report details received from external servers and remitter terminals to classify high-risk payees.

In addition, the financial fraud detection method of the present invention can classify a high-risk payee by calculating the transfer risk of the payee through a deep learning module learned in advance using the payee's customer information and transfer data for a certain period of time. Subsequently, when a remittance is attempted to a high-risk recipient, a notification is provided to the remitter, thereby reducing the possibility of a financial accident.

The specific effects of the present invention in addition to the above will be described together while explaining the specific details for carrying out the invention below.

1 is a diagram for briefly explaining a financial fraud detection system according to an embodiment of the present invention.
2 is a flowchart illustrating a method for detecting financial fraud according to an embodiment of the present invention.
3 to 4 are flowcharts for explaining some examples of a method for extracting fraud report transfer details according to an embodiment of the present invention.
5 is a diagram for explaining an example of a method for detecting financial fraud according to an embodiment of the present invention.
6 is a flowchart illustrating a method for detecting financial fraud according to another embodiment of the present invention.
7 is a diagram for explaining an example of a method for detecting financial fraud according to another embodiment of the present invention.
8 is a view for explaining a method for detecting financial fraud according to another embodiment of the present invention.
9 is a block diagram schematically illustrating a deep learning module used in a method for detecting financial fraud according to another embodiment of the present invention.
FIG. 10 is a diagram illustrating the configuration of the deep learning module of FIG. 9 .
11 is a diagram for explaining an example of a method for detecting financial fraud according to another embodiment of the present invention.
12 is a diagram illustrating a prediction effect of a method for detecting financial fraud according to some embodiments of the present invention.

Terms or words used in this specification and claims should not be construed as being limited to a general or dictionary meaning. In accordance with the principle that the inventor can define a term or concept of a word in order to best describe his/her invention, it should be interpreted as meaning and concept consistent with the technical idea of the present invention. In addition, since the embodiments described in this specification and the configurations shown in the drawings are only one embodiment in which the present invention is realized, and do not represent all the technical spirit of the present invention, they can be substituted at the time of the present application. It should be understood that there may be various equivalents and modifications and applicable examples.

Terms such as first, second, A, B, etc. used in this specification and claims may be used to describe various elements, but the elements should not be limited by the terms. The above terms are used only for the purpose of distinguishing one component from another. For example, without departing from the scope of the present invention, a first component may be referred to as a second component, and similarly, a second component may also be referred to as a first component. The term 'and/or' includes a combination of a plurality of related listed items or any of a plurality of related listed items.

Terms used in this specification and claims are used only to describe specific embodiments, and are not intended to limit the present invention. The singular expression includes the plural expression unless the context clearly dictates otherwise. It should be understood that terms such as “comprise” or “have” in the present application do not preclude the possibility of addition or existence of features, numbers, steps, operations, components, parts, or combinations thereof described in the specification in advance. .

Unless defined otherwise, all terms used herein, including technical and scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.

Terms such as those defined in commonly used dictionaries should be interpreted as having a meaning consistent with the meaning in the context of the related art, and should not be interpreted in an ideal or excessively formal meaning unless explicitly defined in the present application. does not

In addition, each configuration, process, process or method included in each embodiment of the present invention may be shared within a range that does not technically contradict each other.

Hereinafter, a financial fraud detection system that classifies a high-risk payee using account transfer details and provides a notification (hereinafter referred to as a warning alert) informing the sender of the risk of a transfer to a high-risk payee and a method for performing this will be described in detail. see.

1 is a diagram for briefly explaining a financial fraud detection system according to an embodiment of the present invention.

Referring to FIG. 1 , a financial fraud detection system according to an embodiment of the present invention includes a financial server 100 and a remitter terminal 200 .

The financial server 100 according to an embodiment of the present invention classifies a high-risk payee using the account transfer details. Next, when the payee of the transfer request received from the remitter terminal 200 is a high-risk payee, the financial server 100 provides a warning notification to the remitter terminal 200 . The remitter terminal 200 displays a warning notification received from the financial server 100 on the screen.

Specifically, the financial server 100 may extract the fraud report transfer details from the account transfer details between users. Here, the fraud report transfer details include a preset fraud-related keyword or refer to a transfer history transferred with a preset amount.

Then, the financial server 100 may classify some of the plurality of payees as high-risk payees based on the fraud report transfer details. Subsequently, when the remitter terminal 200 requests a transfer to a high-risk remittee, the financial server 100 may provide a warning notification through a terminal application installed in the remitter terminal 200 .

In this case, the financial server 100 and the remitter terminal 200 may be implemented as a server-client system. Specifically, the remitter terminal 200 may provide the financial information or notification provided from the financial server 100 to the user through a terminal application installed in the remitter terminal 200 .

Here, the terminal application may be a dedicated application for providing financial information or notifications, or a web browsing application for providing through a web page. Here, the dedicated application for providing financial information or notification may be an application built into the remitter terminal 200 or an application downloaded from an application distribution server and installed in the remitter terminal 200 .

Hereinafter, for convenience of explanation, an example in which the remitter terminal 200 displays a notification provided from the financial server 100 on the screen using a pre-installed terminal application (hereinafter referred to as an application) will be described as an example.

The remitter terminal 200 refers to a communication terminal capable of operating a terminal application in a wired/wireless communication environment. The remitter terminal 200 may be a user's portable terminal. Although the remitter terminal 200 in FIG. 1 is illustrated as a smart phone, which is a type of a portable terminal, the present invention is not limited thereto, and as described above, it can be applied without limitation to a device capable of mounting a terminal application. . For example, the remitter terminal 200 may include various types of electronic devices, such as a personal computer (PC), a notebook computer, a tablet, a mobile phone, a smart phone, and a wearable device (eg, a watch-type terminal).

In addition, although only one remitter terminal 200 is illustrated in the drawing, the present invention is not limited thereto, and the financial server 100 may operate in conjunction with a plurality of remitter terminals 200 .

Additionally, the remitter terminal 200 includes an input unit that receives a user's input, a display unit that displays visual information, a communication unit that transmits and receives signals with the outside, and processes data and controls each unit inside the remitter terminal 200, It may include a control unit for controlling data transmission/reception between units. Hereinafter, commands performed by the control unit inside the remitter terminal 200 according to a user's command are collectively referred to as being performed by the remitter terminal 200 .

Meanwhile, the communication network 300 serves to connect the financial server 100 and the remitter terminal 200 . That is, the communication network 300 refers to a communication network that provides a connection path so that the remitter terminals 200 can transmit and receive data after accessing the financial server 100 . The communication network 300 is, for example, a wired network such as LANs (Local Area Networks), WANs (Wide Area Networks), MANs (Metropolitan Area Networks), ISDNs (Integrated Service Digital Networks), etc., wireless LANs, CDMA, Bluetooth, satellite communication, etc. may cover a wireless network, but the scope of the present invention is not limited thereto.

In an embodiment of the present invention, the financial server 100 may extract the fraud report transfer details from the account transfer details performed between the plurality of remitter terminals 200 . Then, the financial server 100 may classify the high-risk payee by assigning a risk score to the payee using the extracted fraud report transfer details. Next, when receiving a transfer request for a high-risk remittance from the remitter terminal 200, the financial server 100 sends a transfer warning, additional authentication, or a notification (or pop-up) related to non-transfer to the terminal application of the remitter terminal 200 can be provided through

In this case, the operation of classifying the high-risk payee in the financial server 100 is performed in advance based on the account transfer details received from users, or when a transfer request is received from the remitter terminal 200, the payee for the transfer request is selected. can be performed on target. That is, the financial server 100 analyzes all account transfer details received from users and classifies high-risk payees in advance, or whenever there is a transfer request from the remitter terminal 200, whether the payee of the transfer request corresponds to a high-risk payee can determine whether

Hereinafter, for convenience of explanation, when a transfer request is received from the remitter terminal 200, determining whether or not a high-risk payee is an example will be described.

For example, when the financial server 100 of the present invention receives a transfer request for the first account of the first payee from the remitter terminal 100, the financial server 100 receives the account transfer details of the first account. can do. In this case, the account transfer details may include a transfer amount and a transfer summary.

Next, the financial server 100 extracts, from the account transfer details of the first account, the fraud report transfer details transferred with a preset fraud-related keyword or a preset amount. If there is a transfer history corresponding to this, the financial server 100 allocates a risk score to the first payee of the first account. In this case, the financial server 100 may allocate a risk score in proportion to the number of transfers in the fraud report transfer details. However, this corresponds to one embodiment, and the present invention is not limited thereto.

As another example, the financial server 100 of the present invention determines whether the first payee of the first account is included in the previously received fraud report details. If there is a fraud report report related to the first payee, the financial server 100 allocates a risk score to the first payee of the first account. In this case, the financial server 100 may allocate a risk score in proportion to the number of reported cases of fraud report transfer details. However, this corresponds to one embodiment, and the present invention is not limited thereto.

As another example, the financial server 100 of the present invention uses a deep learning module learned in advance based on the customer information of the first payee for the transfer request of the sender and the transfer transmission/reception data for a predetermined period to the first payee of transfer risk can be calculated. Then, when the calculated transfer risk is higher than a predetermined reference value, the financial server 100 may allocate a risk score to the first payee. In this case, the financial server 100 may allocate a different risk score according to a range to which the degree of transfer risk belongs. However, this corresponds to one embodiment, and the present invention is not limited thereto.

Subsequently, when the accumulated risk score of the first payee exceeds the reference value, the financial server 100 may classify the first payee as a high risk first payee. Subsequently, when the remitter terminal 100 performs a transfer request to the first remittee, the financial server 100 may provide a transfer warning, additional authentication, or a notification informing the remittance impossible to the remitter terminal 200 .

Meanwhile, the financial server 100 may allocate a risk score to the second payee based on the transfer details of the first payee. In this case, the second payee is the account holder of the second account with the details of receiving remittance from the first payee.

Subsequently, when the accumulated risk score of the second payee exceeds the reference value, the financial server 100 may classify the second payee as a high risk payee. Subsequently, when the remitter terminal 100 makes a transfer request to the second remittee, the financial server 100 may provide a transfer warning, additional authentication, or a notification informing the remitter impossible to transfer to the remitter terminal 200 .

Hereinafter, a method for detecting financial fraud according to some embodiments of the present invention will be described in detail.

2 is a flowchart illustrating a method for detecting financial fraud according to an embodiment of the present invention.

Referring to FIG. 2 , in the method for detecting financial fraud according to an embodiment of the present invention, the financial server 100 extracts the fraud report transfer details including the fraud related keywords from the account transfer details ( S110 ). In this case, the account transfer details may include a plurality of transfer details previously stored in the financial server 100 or received in real time.

In this case, the financial server 100 may extract the account transfer details including the transfer summary including the preset specific keyword from the account transfer details as the fraud report transfer details. For example, the specific keyword may include fraud, part-time job, used, impersonation, artillery, damage, or illegal. In addition, the specific keyword may be preset by the manager of the financial fraud detection system or the remitter.

Also, the financial server 100 may extract the account transfer details transferred with a preset amount from the account transfer details as the fraud report transfer details. For example, the preset amount may be set to 'one won', and account transfer details transferred with 1 won may be extracted as fraud report transfer details.

Next, the financial server 100 assigns a risk score to the payee (hereinafter, the first payee) of the fraud report transfer details (S120). In this case, the financial server 100 may allocate a risk score proportional to the number of extracted fraud report transfer details to the first payee.

Next, the financial server 100 assigns a risk score to the second remittee who received remittance from the first remittee based on the transfer information of the first remittee (S130). Similarly, the financial server 100 may allocate a risk score proportional to the number of times the remittance is received from the first payee to the second payee. In this case, the second remittee may be assigned by accumulating risk points by a plurality of first remitter to which the risk points are assigned.

Next, the financial server 100 determines whether the accumulated risk score of the payee exceeds a preset reference value (S140). In this case, the payee may include the first payee and the second payee described above. The preset reference value may be preset by the manager of the financial fraud detection system.

Subsequently, when the accumulated risk score exceeds a preset reference value, the financial server 100 classifies the payee as a high risk payee (S150).

Additionally, when the second payee is classified as a high-risk payee, the financial server 100 may also classify the first payee having a history of remittance to the second payee as a high-risk payee. However, it corresponds to one embodiment of the present invention, and the present invention is not limited thereto.

Next, when a transfer request with a pre-classified high-risk payee as a payee occurs, the financial server 100 provides a notification to the remitter terminal 200 that has transmitted the transfer request (S160).

In this case, the financial server 100 may provide a notification in the preliminary transfer step of confirming the account information of the payee before performing the account transfer according to the transfer request.

Additionally, in the step of providing the above-described notification, the financial server 100 provides a transfer warning pop-up informing that the payee is the high-risk payee, or provides an authentication pop-up for performing additional authentication for account transfer, or transfer money to the payee You can provide a non-transfer pop-up notifying that this is not possible.

3 to 4 are flowcharts for explaining some examples of a method for extracting fraud report transfer details according to an embodiment of the present invention. Here, FIG. 3 is a flowchart for explaining a method of extracting fraud report transfer details by using a fraud related keyword among account transfer details. 4 is a flowchart for explaining a method of extracting a fraud report transfer history using a preset amount transfer among account transfer details.

Referring to FIG. 3 , the financial server 100 analyzes the transfer summary included in the account transfer details ( S211 ). In this case, the financial server 100 may analyze the transfer summary of the account transfer details for a predetermined period.

Next, the financial server 100 determines whether a specific keyword is included in the transfer summary (S215). In this case, the specific keyword may include fraud, damage, impersonation, artillery or illegality. In addition, specific keywords may be set by the financial fraud detection system or the remitter.

Next, when there is a transfer summary including a specific keyword, the financial server 100 classifies the transfer summary including the specific keyword into a fraud report transfer detail ( S219 ).

Meanwhile, referring to FIG. 4 , the financial server 100 analyzes the transfer amount of the account transfer details ( S313 ).

Next, the financial server 100 determines whether to transfer a preset amount ( S315 ). For example, the preset amount may be set to 'one won', and account transfer details transferred with 1 won may be extracted as fraud report transfer details. In this case, the preset amount may be set by the financial fraud detection system or the remitter.

Next, when there is a transfer history transferred with a preset amount, the financial server 100 classifies the transfer history to which the preset amount has been transferred as a fraud report transfer history ( S319 ).

3 and 4, the financial server 100 assigns a risk score to the payee based on the classified fraud report transfer details (S120 in FIG. 2). Since the contents following step S120 are the same as those described above with reference to FIG. 2 , a description of the overlapping contents will be omitted.

5 is a diagram for explaining an example of a method for detecting financial fraud according to an embodiment of the present invention. Here, <a1> of FIG. 5 is a diagram illustrating the account transfer relationship between a remitter and a recipient, and <a2> is a diagram illustrating a notification provided to a remitter who requests a transfer to a high-risk recipient.

Referring to FIG. 5 , the financial server 100 may analyze account transfer details for account transfer between users. In this case, the financial server 100 may analyze the account transfer details for a preset period (eg, one month).

The financial server 100 may classify the remitter group G1, the first remittee group G2, and the second remittee group G3 based on the account transfer details.

At this time, the remitter group (G1) means the remitter a1 to a6 who have remitted money to the first remittee group (G2), and the first remittee group (G2) is the second remittee group (G3). It may mean the remitter (b1 to b6).

The financial server 100 may extract the fraud report transfer details by analyzing the first account transfer details T10, which are account transfer details between the remitter group G1 and the first payee group G2. In this case, the financial server 100 may extract the fraud report transfer details using a fraud-related keyword or a preset amount included in the transfer summary.

The financial server 100 may extract the fraud report transfer details including a predetermined word from the first account transfer details T10. That is, the financial server 100 may extract the transfer details including at least one fraud-related keyword in the brief of the transfer details among the first account transfer details T10 as the fraud report transfer details.

For example, the financial server 100 may extract transfer details (T11, T12, T15, T19) including fraud-related keywords 'fraud' or 'impersonation' in the summary of the transfer details as fraud report transfer details. . In addition, the financial server 100 may extract the transfer details T14 and T16 including the fraud-related keyword 'illegal' in the brief as the fraud report transfer details.

Meanwhile, the financial server 100 may extract the transfer details transferred to a preset amount from the account transfer details as the fraud report transfer details.

For example, the financial server 100 may set the standard amount for extracting the fraud report transfer details as 'one won'. In this case, the financial server 100 may extract the transfer details in which the transfer amount is one cause among the first account transfer details T10 as the fraud report transfer details.

Subsequently, the financial server 100 may assign a risk score FS proportional to the number of fraud report transfer details to the recipient of the fraud report transfer details extracted from the first account transfer details T10. In this case, the risk score (FS) may be assigned one point per fraud report transfer history.

For example, the first payee b1 may be a payee of the transfer details T11 and T14 extracted as fraud report transfer details. The financial server 100 may allocate to the first payee b1 a risk score (FS) of two points for two cases, which is the number of fraud report transfer details.

Similarly, the financial server 100 allocates 1 risk score FS to the first payee b2 based on the transfer details T12, and the first payee of the transfer details T15 and T16. Two risk points (FS) may be assigned to the payee (b3). In addition, a risk score FS of 2 points may be assigned to the first payee b5 who has received the transfer details T17 and T19.

Subsequently, the financial server 100 may analyze the second account transfer details T20 that are account transfer details between the first payee group G2 and the second payee group G3 .

The financial server 100 uses the analyzed second account transfer details T20 to obtain a risk score (FS) for a second payee who has transferred an amount from a first payee who has a risk score (FS) equal to or greater than a preset first reference value. ) can be assigned.

For example, the financial server 100 may allocate a risk score FS to a second payee who has transferred an amount to a first payee equal to or greater than a preset first reference value (eg, a risk score of 2).

That is, in FIG. 5 , a risk score (FS) of 3 points is accumulated for the second payee (c1) transferred from three first payees (b1, b3, b5) having a risk score (FS) of 2 or more points, and the risk score (FS) is accumulated The second payee (c2), who has transferred money from the two first payees (b1, b5) with a score (FS) of 2 or more, accumulates a risk score of 2 points (FS), and a risk score (FS) of 2 points A risk score FS of 1 may be accumulated for the second payee c3 who has received money transferred from the one or more first payee b5.

However, this is only an example, and in another embodiment of the present invention, the preset first reference value may be 1 point of the risk score (FS), and in this case, the risk score (FS) of the second recipient is the risk score ( FS) can be the sum of the number of transfers received from all primary payees holding FS.

Subsequently, the financial server 100 may determine whether the accumulated risk score FS of the first payee or the second payee is equal to or greater than a preset second reference value.

For example, the second reference value may be 2 points. In this case, the financial server 100 may classify the first payees b1, b3, and b5 and the second payees c1 and c2 having the accumulated risk score FS of 2 or more as high risk payees.

Subsequently, when a transfer request is made to the first payee (b1, b3, b5) or the second payee (c1, c2), which is a high-risk payee, the financial server 100 transmits the transfer request to the remitter (a1, a2, A warning notification may be provided to a3, a4, a6) or the first payee terminal b1, b3, b4, b5.

At this time, the warning notification may include a transfer warning pop-up informing the payee of the transfer request to a high-risk payee, an additional authentication pop-up performing additional authentication for account transfer, or a non-transferring pop-up informing the payee that account transfer is impossible.

Additionally, the financial server 100 may classify the first payee having a history of remittance to the second payee classified as the high-risk payee as the high-risk payee.

For example, the financial server 100 may classify the first payee b4 having a transfer history with respect to the second payee c1 as a high risk payee. Next, when a transfer request T18 to the first payee b4 classified as a high-risk payee occurs, the financial server 100 displays a pop-up PU indicating a warning notification on the terminal 200 of the sender a5 can do.

That is, the financial fraud detection method according to this embodiment includes a fraud-related keyword or extracts the transfer details transferred with a preset amount to give a risk score to the recipient of the transfer details, and the accumulated risk score exceeds the standard value When remittance is attempted to a remittance recipient, a notification of the risk of transfer is provided to the remitter, thereby preventing financial accidents and fraud damage in interpersonal transactions.

In addition, the financial fraud detection method of the present invention classifies a remitter who has sent money to a person classified as a high-risk recipient as a high-risk recipient. , it can reduce the possibility of victims of fraudulent transactions using transfer alba.

6 is a flowchart illustrating a method for detecting financial fraud according to another embodiment of the present invention. Hereinafter, content overlapping with the content of the above-described embodiment of the present invention will be omitted and described.

Referring to FIG. 6 , in the method for detecting financial fraud according to another embodiment of the present invention, the financial server 100 extracts the fraud report transfer details related to the fraud report details from the account transfer details ( S410 ). In this case, the fraud report details may be input through the remitter terminal or may be received from an external server.

Specifically, the fraud report details may include the name of the payee of the account transfer and the account number of the payee. The financial server 100 may compare the name and account number of the account transfer payee included in the fraud report details with the account transfer details stored in the financial server 100 .

If there is a payee with the same name and/or account number of the account transfer payee included in the fraud report in the account transfer details, the financial server 100 may extract the transfer details about the payee as the fraud report transfer details. there is.

Next, the financial server 100 assigns a risk score to the first recipient of the extracted fraud report transfer details (S420). In this case, the financial server 100 may allocate a risk score proportional to the number of fraud report transfer details to the first payee.

Next, the financial server 100 allocates a risk score to the second remittee who received remittance from the first remittee based on the transfer information of the first remittee (S430).

In this case, the financial server 100 may assign a risk score to the second payee based on the number of people of the first payee or the number of times of remittance of the first payee, etc., transmitted to the second payee.

Next, the financial server 100 determines whether the accumulated risk score of the payee exceeds a preset reference value (S440).

Next, when the accumulated risk score of the payee exceeds a preset reference value, the financial server 100 classifies the payee as a high risk payee ( S450 ).

Next, the financial server 100 provides a notification to the terminal of the remitter that has transmitted the transfer request when a transfer request to the high-risk payee is generated ( S460 ). In this case, the financial server 100 may display a notification such as a transfer warning pop-up, an additional authentication pop-up, or a transfer impossible pop-up on the sender's terminal.

7 is a view for explaining an example of a method for detecting financial fraud according to another embodiment of the present invention. Here, <b1> of FIG. 7 is a diagram illustrating the account transfer relationship between a remitter and a recipient, and <b2> is a diagram illustrating a notification provided to a remitter who requests a transfer to a high-risk recipient. Hereinafter, the description will focus on the differences excluding overlapping content.

Referring to FIG. 7 , the financial server 100 may receive account transfer details stored in the financial server 100 . In this case, the financial server 100 may classify the remitter group G1, the first remittee group G2, and the second remittee group G3 based on the account transfer details.

Subsequently, the financial server 100 may receive the fraud report details for the first payee group G2. Here, the fraud report details may be input through the sender's terminal 200 or may be received through an external server.

Subsequently, the financial server 100 extracts the fraud report details for the first payee included in the first payee group (G2) by using the name of the receiver of the account transfer and the account number of the payee of the received fraud report details. there is.

For example, when the name and account number of the recipient of the fraud report are the same as the name and account number of the first recipient of the first payee group G2, the financial server 100 transmits the fraud report details to the fraud of the first payee. It can be extracted as a report transfer history. However, the present invention is not limited thereto.

For example, the financial server 100 may extract three fraud report transfer details for the first payee b1, and report two fraud reports to the first payee b2 and the first payee b5. Transfer details can be extracted. In addition, it is possible to extract one fraud report transfer history for the first payee (b3).

Subsequently, the financial server 100 may allocate a risk score FS proportional to the number of fraud report transfer details. That is, the financial server 100 allocates a risk score FS of 3 points to the first payee b1, and assigns a risk score FS of 2 points to the first payee b2 and the first payee b5. and one risk score FS may be assigned to the first payee b3.

Next, the financial server 100 uses the second account transfer details T40 to obtain a risk score (FS) for the second payee who has transferred money from the first payee who has a risk score FS that is equal to or greater than the preset first reference value. ) can be assigned.

For example, the financial server 100 may allocate a risk score FS to a second payee who has transferred an amount to a first payee equal to or greater than a preset first reference value (eg, a risk score of 2). That is, in FIG. 7 , a risk score (FS) of 3 points is accumulated for the second payee (c1) transferred from three first payees (b1, b2, b5) having a risk score (FS) of 2 or more, and the risk score (FS) is accumulated The second payee (c2) who has transferred money from the two first payees (b2, b5) with a score (FS) of 2 or more accumulates a risk score of 2 points (FS), and a risk score (FS) of 2 points One risk score (FS) may be accumulated for the second payee (c3) who has transferred money from the one or more first payee (b2).

Subsequently, the financial server 100 may determine whether the accumulated risk score FS of the first payee or the second payee is equal to or greater than a preset second reference value.

For example, the second reference value may be 2 points. In this case, the financial server 100 may classify the first payees b1, b2, and b5 and the second payees c1 and c2 having the accumulated risk score FS of 2 or more as high-risk payees.

Subsequently, when a transfer request occurs to the first payee (b1, b2, b5) or the second payee (c1, c2), which is a high-risk payee, the financial server 100 transmits the transfer request to the remitter (a1, a2, a6) or a warning notification may be provided to the first payee terminals b1, b2, b3, b4, b5.

At this time, the warning notification may include a transfer warning pop-up informing the payee of the transfer request to a high-risk payee, an additional authentication pop-up performing additional authentication for account transfer, or a non-transferring pop-up informing the payee that account transfer is impossible.

Additionally, the financial server 100 may classify the first payee having a history of remittance to the second payee classified as the high-risk payee as the high-risk payee.

For example, the financial server 100 may classify the first payee b4 having a transfer history with respect to the second payee c1 as a high risk payee. Next, when a transfer request T33 to the first payee b4 classified as a high-risk payee occurs, the financial server 100 displays a pop-up PU indicating a warning notification on the terminal 200 of the sender a5 can do.

That is, the financial fraud detection method of the present invention can increase the accuracy of classification of high-risk payees by accumulating risk scores based on fraud report details received from external servers and remitter terminals to classify high-risk payees.

Hereinafter, a method for detecting financial fraud using deep learning according to other embodiments of the present invention will be described with reference to FIGS. 8 to 11 . Likewise, portions overlapping with the above description will be simplified or omitted.

8 is a view for explaining a method for detecting financial fraud according to another embodiment of the present invention.

Referring to FIG. 8 , in a method for detecting financial fraud according to another embodiment of the present invention, the financial server 100 calculates a transfer risk for a first payee by using a deep learning module ( S510 ).

Specifically, the financial server 100 may calculate the transfer risk of the first payee based on customer information of the first payee for the transfer request of the remitter and transfer transmission/reception data for a predetermined period.

Next, the financial server 100 determines whether the transfer risk of the first payee exceeds a predetermined reference value ( S520 ). In this case, the reference value may be set by the manager of the financial fraud detection system.

If the transfer risk of the first payee exceeds a predetermined reference value, the financial server 100 assigns a risk score to the first payee ( S530 ).

For example, when the transfer risk of the first payee exceeds 80%, the financial server 100 may assign a risk score (FS) of 3 points to the first payee. When the transfer risk of the first payee is 60% to 80%, the financial server 100 may allocate 2 risk points (FS) to the first payee.

Next, the financial server 100 assigns a risk score to the second remittee who has received remittance from the first remittee based on the transfer information of the first remittee (S540).

Next, the financial server 100 determines whether the accumulated risk score of the payee exceeds a preset reference value (S550).

If the accumulated risk score of the payee exceeds a preset reference value, the financial server 100 classifies the payee as a high risk payee (S560).

Next, the financial server 100 provides a notification to the transfer request remitter when a transfer request to the high-risk remittee occurs (S570).

9 is a block diagram schematically illustrating a deep learning module used in a method for detecting financial fraud according to another embodiment of the present invention.

Specifically, referring to FIG. 9 , the deep learning module (DL) may receive customer information and/or transfer transmission/reception data, and output the transfer risk of the payee as an output thereof. Here, the customer information may include the age and gender of the user. In addition, the transfer transmission/reception data may include the number of transfers and transfers for a predetermined period, the total amount of transfers, the number of transfers received, the total amount of transfers received, and the number of abnormal transaction detections (e.g., login or password errors, etc.). .

In this case, the deep learning module (DL) may store data in a memory based on parameters for customer information and transfer transmission/reception data, or classify similar data according to categories. However, in this case, customer information and transfer transmission/reception data used to output the transfer risk are only examples of input parameters, and the input data applied to the deep learning module (DL) may be variously added or changed and used.

However, hereinafter, for convenience of explanation, customer information and transfer transmission/reception data are applied to the input terminal of the deep learning module (DL), and the transfer risk is derived as an output.

Then, the deep learning module (DL) can derive the transfer risk required for the financial fraud detection method using the artificial neural network learned based on big data.

In addition, the deep learning module (DL) may perform artificial neural network learning using mapping data for a separate parameter derived based on the input data. The deep learning module DL may perform machine learning on parameters input as learning factors. In this case, data used for machine learning and result data may be stored in the memory of the financial server 100 .

To be more specific, Deep Learning, a type of machine learning, learns by going down to a deep level in multiple stages based on data.

Deep learning refers to a set of machine learning algorithms that extract core data from a plurality of data while increasing the level.

The deep learning module (DL) may use various well-known deep learning structures. For example, the deep learning module (DL) may use a structure such as a Convolutional Neural Network (CNN), a Recurrent Neural Network (RNN), a Deep Belief Network (DBN), or a Graph Neural Network (GNN).

Specifically, CNN (Convolutional Neural Network) is a human brain function created based on the assumption that when a person recognizes an object, it extracts the basic features of the object, then performs complex calculations in the brain and recognizes the object based on the result. It is a simulated model.

RNN (Recurrent Neural Network) is widely used for natural language processing, etc., and is an effective structure for processing time-series data that changes with time.

DBN (Deep Belief Network) is a deep learning structure composed of multi-layered Restricted Boltzman Machine (RBM), a deep learning technique. When a certain number of layers is obtained by repeating Restricted Boltzman Machine (RBM) learning, a Deep Belief Network (DBN) having the corresponding number of layers may be configured.

GNN (Graphic Neural Network, hereinafter, GNN) represents an artificial neural network structure implemented in such a way that similarities and feature points between modeling data are derived using modeling data modeled based on data mapped between specific parameters. .

On the other hand, artificial neural network learning of the deep learning module (DL) can be performed by adjusting the weight of the connection line between nodes (and adjusting the bias value if necessary) so that a desired output is obtained for a given input. In addition, the artificial neural network may continuously update a weight value by learning. In addition, a method such as back propagation may be used for learning the artificial neural network.

On the other hand, the memory of the financial server 100 may be loaded with an artificial neural network (Artificial Neural Network) pre-trained by machine learning.

The deep learning module DL may perform a machine learning-based improvement process recommendation operation using modeling data for the derived parameters as input data. In this case, both semi-supervised learning and supervised learning may be used as the machine learning method of the artificial neural network. In addition, the deep learning module (DL) may be controlled to automatically update the artificial neural network structure for outputting the risk of transfer after learning according to settings.

Additionally, although not clearly shown in the drawings, in another embodiment of the present invention, the operation of the deep learning module (DL) may be performed in the financial server 100 or a separate cloud server (not shown). Hereinafter, the configuration of the deep learning module (DL) according to the embodiment of the present invention will be described.

FIG. 10 is a diagram illustrating the configuration of the deep learning module of FIG. 9 .

Referring to FIG. 10 , the deep learning module (DL) includes an input layer using customer information and transfer transmission/reception data as input nodes, an output layer using the transfer risk of the corresponding recipient as an output node, and an input layer and M hidden layers disposed between the output layer and the output layer.

Here, a weight may be set on an edge connecting the nodes of each layer. The presence or absence of such weights or edges may be added, removed, or updated during the learning process. Accordingly, through the learning process, weights of nodes and edges disposed between k input nodes and i output nodes may be updated.

Before the deep learning module (DL) performs learning, all nodes and edges can be set to initial values. However, when cumulative information is input, the weights of nodes and edges are changed, and in this process, parameters input as learning factors (ie, customer information and transfer/reception data) and values assigned to output nodes (ie, transfer) risk) can be matched.

Additionally, when using a cloud server (not shown), the deep learning module (DL) may receive and process a large number of parameters. Therefore, the deep learning module (DL) can perform learning based on massive data.

In addition, the weights of nodes and edges between input nodes and output nodes constituting the deep learning module DL may be updated by the learning process of the deep learning module DL. In addition, it goes without saying that the parameters output from the deep learning module (DL) can be further expanded to various data in addition to the risk of transfer.

11 is a diagram for explaining an example of a method for detecting financial fraud according to another embodiment of the present invention. Here, <c1> of FIG. 11 is a diagram illustrating the account transfer relationship between a remitter and a recipient, and <c2> is a diagram illustrating a notification provided to a remitter who requests a transfer to a high-risk recipient. Hereinafter, the description will focus on the differences excluding overlapping content.

9 and 11 , upon receiving a transfer request from the sender, the financial server 100 may derive customer information of the first payee for the transfer request account and transfer transmission/reception data for a predetermined period. .

In this case, the customer information may include the customer's age, gender, and recipient. In addition, the transfer transmission/reception data may include the number of transfer transmissions, the total amount of transfer transmissions, the number of transfers received, the total amount of transfer receipts, and the number of times of detection of abnormal transactions for a predetermined period (eg, 2 weeks).

Next, the financial server 100 may calculate the transfer risk of the first payee based on the customer information of the first payee and the transfer transmission/reception data, using the deep learning module (DL) learned in advance.

For example, when the financial server 100 receives a transfer request to the first payee b1, the financial server 100 may receive customer information and transfer transmission/reception data of the first payee b1.

Then, the deep learning module (DL) outputs the transfer risk of the first payee (b1) by the sender based on the customer information and the transfer transmission/reception data of the first payee (b1). For example, the deep learning module (DL) can output a transfer risk of 90% for the first payee (b1), 85% for the first payee (b2), and 75% for the first payee (b5). there is.

In this case, the transfer transmission/reception data may include a transfer summary including a preset fraud-related keyword. The deep learning module (DL) may be trained in advance to output a higher transfer risk as the number of fraud-related keywords included in the transfer transmission/reception data increases.

Subsequently, the financial server 100 may allocate a risk score FS to the first payee based on the degree of transfer risk output from the deep learning module DL. For example, the first payee (b1, b2) is assigned a risk score of 3 because the transfer risk is 80% or higher, and the first payee (b5) has a transfer risk between 60% and 80% 2 A risk score (FS) of a point may be assigned.

Next, the financial server 100 uses the second account transfer details T60 to obtain a risk score (FS) for the second payee who has transferred money from the first payee who has a risk score (FS) equal to or greater than the preset first reference value. ) can be assigned. For example, the financial server 100 may allocate a risk score FS to a second payee who has transferred an amount to a first payee equal to or greater than a preset first reference value (eg, a risk score of 2). That is, in FIG. 11 , a risk score (FS) of 3 points is accumulated for the second payee (c1) transferred from three first payees (b1, b2, b5) having a risk score (FS) of 2 or more, and the risk score (FS) is accumulated, and the risk The second payee (c2) who received money transferred from the two first payees (b2, b5) with a score (FS) of 2 or higher accumulates a risk score of 2 points (FS), and a risk score (FS) of 2 points One risk score (FS) may be accumulated for the second payee (c3) who has transferred money from the one or more first payee (b2).

Subsequently, the financial server 100 may determine whether the accumulated risk score FS of the first payee or the second payee is equal to or greater than a preset second reference value.

For example, the second reference value may be 2 points. In this case, the financial server 100 may classify the first payees b1, b2, and b5 and the second payees c1 and c2 having the accumulated risk score FS of 2 or more as high-risk payees.

Subsequently, when a transfer request occurs to the first payee (b1, b2, b5) or the second payee (c1, c2), which is a high-risk payee, the financial server 100 transmits the transfer request to the remitter (a1, a2, a6) or a warning notification may be provided to the first payee terminals b1, b2, b3, b4, b5.

At this time, the warning notification may include a transfer warning pop-up informing the payee of the transfer request to a high-risk payee, an additional authentication pop-up performing additional authentication for account transfer, or a non-transferring pop-up informing the payee that account transfer is impossible.

Additionally, the financial server 100 may classify the first payee having a history of remittance to the second payee classified as the high-risk payee as the high-risk payee.

For example, the financial server 100 may classify the first payee b4 having a transfer history with respect to the second payee c1 as a high risk payee. Subsequently, when a transfer request T53 to the first payee b4 classified as a high-risk payee occurs, the financial server 100 displays a pop-up PU indicating a warning notification on the terminal 200 of the sender a5 can do.

Through this, the financial fraud detection method of the present invention calculates the transfer risk of the payee through the deep learning module learned in advance using the payee's customer information and the transfer/reception data for a certain period, so that the high-risk payee can be classified. . Subsequently, when a remittance is attempted to a high-risk recipient, a notification is provided to the remitter, thereby reducing the possibility of a financial accident.

Additionally, although not clearly shown in the drawing, the financial server 100 provides a first method using the aforementioned preset fraud-related keywords and a transfer history of a preset amount, a second method using a market price report, and a deep learning module. Two or more of the third methods used may be simultaneously used to accumulate the risk score (FS).

Then, the financial server 100 classifies a high-risk payee based on the risk score (FS) accumulated through the above method, and provides a notification to the sender for the transfer request when there is a transfer request to remit money to the high-risk payee. there is.

Through this, the financial fraud detection method of the present invention can increase the classification accuracy for high-risk payees, and can greatly reduce the possibility of a financial accident.

Hereinafter, the expected effects of the financial fraud detection method according to some embodiments of the present invention will be described.

12 is a diagram illustrating a prediction effect of a method for detecting financial fraud according to some embodiments of the present invention. Here, <d1> of FIG. 12 is a graph showing a change in the number of transfers and receptions of a high-risk recipient predicted after introducing the financial fraud detection method, and <d2> is a high-risk recipient predicted after introducing the financial fraud detection method This is a graph showing the change in the total amount of transfers and receptions.

Referring to <d1> of FIG. 12 , the horizontal axis of <d1> may indicate the number of days elapsed from the first implementation date of the financial fraud detection method, and the vertical axis may indicate the number of transfers.

It can be seen that the number of transfers and transfers received by high-risk recipients gradually increases before the implementation date of the financial fraud detection method. Subsequently, it can be seen that after the financial fraud detection method is implemented, the number of transfers received and the number of transfers sent to high-risk recipients is drastically reduced.

Referring to <d2> of FIG. 12 , the horizontal axis of <d2> may indicate the number of days elapsed from the first implementation date of the financial fraud detection method, and the vertical axis may indicate a transfer amount.

It can be seen that the amount received and sent by high-risk recipients also gradually increased before the implementation date of the financial fraud detection method. Then, it can be seen that after the financial fraud detection method is implemented, the amount received and the amount sent from the high-risk recipients are drastically reduced.

When analyzing based on these statistical data, the financial fraud detection method according to some embodiments of the present invention provides a notification informing the sender of the risk of transfer when an attempt is made to send money to a high-risk recipient whose accumulated risk score exceeds the reference value. , it can prevent financial accidents and prevent fraudulent damage in interpersonal transactions.

The above description is merely illustrative of the technical idea of this embodiment, and a person skilled in the art to which this embodiment belongs may make various modifications and variations without departing from the essential characteristics of the present embodiment. Accordingly, the present embodiments are intended to explain rather than limit the technical spirit of the present embodiment, and the scope of the technical spirit of the present embodiment is not limited by these embodiments. The protection scope of this embodiment should be interpreted by the following claims, and all technical ideas within the scope equivalent thereto should be interpreted as being included in the scope of the present embodiment.

Claims (12)

A method for detecting financial fraud performed in a financial server, the method comprising:
extracting fraud report transfer details including a preset fraud-related keyword from the account transfer details stored in the financial server;
allocating a first risk score to a first payee based on the extracted fraud report transfer details;
determining a second payee receiving remittance from the first payee based on the transfer information of the first payee, and assigning a second risk score to the second payee;
classifying the payee as a high-risk payee when the accumulated first risk score of the first payee or the accumulated second risk score of the second payee exceeds a preset reference value; and
If there is a transfer request for remittance to the high-risk remittee, providing a notification to the remitter for the transfer request;
How to detect financial fraud.
According to claim 1,
The step of extracting the transfer details of the fraud report is,
Containing setting the transfer details including the preset fraud-related keyword in the transfer summary of the account transfer details, or the transfer details transferred with a preset amount as the fraud report transfer details
How to detect financial fraud.
According to claim 1,
If the second payee is classified as the high-risk payee, classifying the first payee who has a history of remittance to the second payee as the high-risk payee together
How to detect financial fraud.
According to claim 1,
The step of providing the notification comprises:
to the sender,
Provide a transfer warning pop-up notifying that the payee is the high-risk payee, or
Provide an authentication pop-up to perform additional authentication for account transfer, or
Comprising providing a non-transfer pop-up notifying the payee that account transfer is impossible
How to detect financial fraud.
According to claim 1,
The step of providing the notification comprises:
Before performing the account transfer according to the transfer request, in the preliminary transfer step of confirming the account information of the payee, providing the notification
How to detect financial fraud.
A method for detecting financial fraud performed in a financial server, the method comprising:
extracting fraud report transfer details related to fraud report details from the account transfer details stored in the financial server;
allocating a first risk score to a first payee based on the extracted fraud report transfer details;
determining a second payee receiving remittance from the first payee based on the transfer information of the first payee, and assigning a second risk score to the second payee;
classifying the payee as a high-risk payee when the accumulated first risk score of the first payee or the accumulated second risk score of the second payee exceeds a preset reference value; and
When there is a transfer request for remittance to the high-risk remittee, providing a notification to the remitter for the transfer request;
How to detect financial fraud.
7. The method of claim 6,
The fraud report details are:
including the name of the payee of the bank transfer, and the account number of the payee;
input through the sender's terminal or received from an external server
How to detect financial fraud.
A method for detecting financial fraud performed in a financial server, the method comprising:
Calculating, in the financial server, the transfer risk of the first payee based on the customer information of the first payee for the transfer request of the sender and the transfer transmission/reception data for a predetermined period using a pre-learned deep learning module ;
allocating a first risk score to the first payee based on the calculated transfer risk;
determining a second payee receiving remittance from the first payee based on the transfer information of the first payee, and assigning a second risk score to the second payee;
classifying the payee as a high-risk payee when the accumulated first risk score of the first payee or the accumulated second risk score of the second payee exceeds a preset reference value; and
When there is a transfer request for remittance to the high-risk remittee, providing a notification to the remitter for the transfer request;
How to detect financial fraud.
9. The method of claim 8,
The deep learning module,
an input layer using the customer information and the transfer transmission/reception data as input nodes;
an output layer using the transfer risk as an output node;
one or more hidden layers disposed between the input layer and the output layer;
The weights of nodes and edges between the input node and the output node are updated by the learning process of the deep learning module.
How to detect financial fraud.
10. The method of claim 9,
The customer information includes the age and gender of the customer,
The transfer transmission/reception data includes the number of transfer transmissions, the total amount of transfer transmission, the number of transfers received, the total amount of transfer reception, and the number of times of detection of abnormal transactions for the predetermined period.
How to detect financial fraud.
10. The method of claim 9,
The transfer transmission/reception data includes a transfer summary including preset fraud-related keywords,
The deep learning module,
As the number of the fraud-related keywords included in the transfer transmission/reception data increases, the relatively high transfer risk is output.
How to detect financial fraud.
9. The method of claim 8,
extracting fraud report transfer details including preset fraud related keywords from the account transfer details stored in the financial server;
extracting the fraud report transfer details related to the previously received fraud report details from the account transfer details stored in the financial server;
Further comprising the step of allocating the first risk score to the first payee of the extracted fraud report transfer details
How to detect financial fraud.

Images