TWI804575B - Method and apparatus, computer readable storage medium, and computing device for identifying high-risk users - Google Patents

Method and apparatus, computer readable storage medium, and computing device for identifying high-risk users Download PDF

Info

Publication number
TWI804575B
TWI804575B TW108104910A TW108104910A TWI804575B TW I804575 B TWI804575 B TW I804575B TW 108104910 A TW108104910 A TW 108104910A TW 108104910 A TW108104910 A TW 108104910A TW I804575 B TWI804575 B TW I804575B
Authority
TW
Taiwan
Prior art keywords
user
risk
event
group
relationship
Prior art date
Application number
TW108104910A
Other languages
Chinese (zh)
Other versions
TW201944306A (en
Inventor
王修坤
Original Assignee
開曼群島商創新先進技術有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 開曼群島商創新先進技術有限公司 filed Critical 開曼群島商創新先進技術有限公司
Publication of TW201944306A publication Critical patent/TW201944306A/en
Application granted granted Critical
Publication of TWI804575B publication Critical patent/TWI804575B/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes

Landscapes

  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Economics (AREA)
  • Operations Research (AREA)
  • Game Theory and Decision Science (AREA)
  • Development Economics (AREA)
  • Marketing (AREA)
  • Educational Administration (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

本說明書實施例提供一種確定高風險用戶的方法和裝置,根據該方法,首先基於異常規則集合,確定出高風險的業務請求事件,以及對應的具有高風險的第一用戶,然後基於人群關係圖譜進行風險擴散,將圖譜中與第一用戶存在特定關聯關係的第二用戶也作為高風險用戶,添加到高風險用戶集中。進一步地,可以基於高風險用戶集,更新異常規則集合。如此可以更高效地識別出高風險用戶。 The embodiment of this specification provides a method and device for determining high-risk users. According to the method, first, based on the set of abnormal rules, high-risk business request events and corresponding first users with high risks are determined, and then based on the crowd relationship map Carry out risk diffusion, and add the second user who has a specific association relationship with the first user in the map as a high-risk user and add it to the high-risk user set. Further, the exception rule set can be updated based on the high-risk user set. In this way, high-risk users can be identified more efficiently.

Description

確定高風險用戶的方法及裝置、電腦可讀儲存媒體、和計算設備 Method and apparatus, computer readable storage medium, and computing device for identifying high-risk users

本說明書一個或多個實施例係有關電腦技術領域,尤其有關透過電腦確定高風險用戶的方法和裝置。 One or more embodiments of this specification are related to the field of computer technology, especially related to the method and device for determining high-risk users through computers.

隨著電腦和互聯網技術的發展,越來越多的業務透過計算平臺來實現,例如商品交易、錢款支付、金融借貸、保險理賠等等。然而,在許多業務的執行和處理中,如果不對業務請求人的背景,以及所請求的業務進行審核,就很可能帶來較大風險,例如一些不法分子可能利用電子平臺,實施金融詐騙、借貸套現、保險騙保等等。 With the development of computer and Internet technology, more and more businesses are realized through computing platforms, such as commodity trading, money payment, financial lending, insurance claims and so on. However, in the execution and processing of many businesses, if the background of the business requester and the requested business are not reviewed, it is likely to bring greater risks. For example, some lawbreakers may use electronic platforms to carry out financial fraud and borrowing money. Cash out, insurance fraud, etc.

在習知技術中,為了防止和降低上述風險,往往透過人工進行風險審核。在有些平臺中,也會設定一些簡單的規則,輔助人工進行判斷。然而,這樣的方式效率很低,難以滿足業務快速發展的需要;並且,識別高風險用戶和高風險事件的準確性有賴於人工審核的業務員的自身經驗,準確度難以得到確保,常常出現遺漏。 In the prior art, in order to prevent and reduce the above-mentioned risks, risk review is often performed manually. In some platforms, some simple rules are also set to assist humans in making judgments. However, this method is very inefficient and difficult to meet the needs of rapid business development; moreover, the accuracy of identifying high-risk users and high-risk events depends on the experience of the salesperson who manually audits, the accuracy is difficult to ensure, and omissions often occur .

因此,希望能有改進的方案,透過高效地識別和確定高風險用戶,降低業務風險。 Therefore, an improved solution is desired to reduce business risk by efficiently identifying and determining high-risk users.

本說明書一個或多個實施例描述了一種方法和裝置,可以基於人群關係圖譜,將確定的高風險用戶進行擴散,從而更加高效而準確地識別出高風險用戶。 One or more embodiments of this specification describe a method and device, which can spread identified high-risk users based on a crowd relationship graph, so as to more efficiently and accurately identify high-risk users.

根據第一態樣,提供了一種確定高風險用戶的方法,包括:獲取待評估的業務請求事件的事件資訊,所述事件資訊包括,所述業務請求事件所涉及的第一用戶的用戶資訊;至少基於異常規則集合和所述第一用戶的用戶資訊,判斷所述業務請求事件是否為高風險事件;在確定所述業務請求事件為高風險事件的情況下,基於人群關係圖譜,確定與所述第一用戶存在特定關聯關係的第二用戶,將所述第一用戶和所述第二用戶添加到高風險用戶集;基於所述高風險用戶集,更新所述異常規則集合。 According to a first aspect, a method for determining a high-risk user is provided, including: acquiring event information of a service request event to be evaluated, where the event information includes user information of a first user involved in the service request event; Based on at least the set of abnormal rules and the user information of the first user, determine whether the service request event is a high-risk event; Add the first user and the second user to a high-risk user set with a second user with a specific association relationship with the first user; update the abnormal rule set based on the high-risk user set.

根據一種可能的設計,上述異常規則集合包括多個用戶特徵,和針對所述多個用戶特徵設定的多個判定規則。 According to a possible design, the abnormal rule set includes a plurality of user characteristics, and a plurality of determination rules set for the plurality of user characteristics.

在一種可能的設計中,上述多個用戶特徵包括以下中的一項或多項:用戶基本屬性特徵、用戶行為特徵、用戶關係特徵、用戶位置特徵。 In a possible design, the above multiple user features include one or more of the following: user basic attribute features, user behavior features, user relationship features, and user location features.

根據一種實施方式,基於異常規則集合判斷業務請求事件是否為高風險事件具體包括:將第一用戶的用戶資訊與所述多個判定規則進行比較;當比較結果符合預定條件的情況下,判斷所述業務請求事件為高風險事件。 在一種可能的設計中,判斷業務請求事件是否為高風險事件還包括:當進一步接收到第一核驗結果的情況下,確定所述業務請求事件為高風險事件,其中,所述第一核驗結果為將所述業務請求事件核驗為高風險事件的人工核驗結果。或者,當進一步接收到第二核驗結果的情況下,確定所述業務請求事件為非高風險事件,其中,所述第二核驗結果為將所述業務請求事件核驗為非高風險事件的人工核驗結果;在這樣的情況下,所述方法還包括,根據所述第二核驗結果,更新所述異常規則集合。 根據一種可能的設計,人群關係圖譜基於以下一種或多種關係而建立:交易關係、設備關係、資金關係、社交關係。 在一個實施例中,基於人群關係圖譜,確定與所述第一用戶存在特定關聯關係的第二用戶具體包括: 從人群關係圖譜中確定出包含所述第一用戶的至少一個群組; 根據各個群組的高風險用戶比例,從所述至少一個群組中確定出高風險群組,其中,各個群組的高風險用戶比例為,該群組與所述高風險用戶集的交集中的用戶數目M與該群組的用戶總數N的比例; 將所述高風險群組中的用戶確定為所述第二用戶。 在一種可能的設計中,所述方法還包括,基於所述人群關係圖譜,確定與所述第二用戶相關聯的第三用戶,將所述第三用戶添加到所述高風險用戶集中。 在一個實施例中,基於高風險用戶集更新異常規則集合具體包括:基於所述高風險用戶集中各個用戶的用戶特徵的統計,更新所述多個用戶特徵,和/或所述多個判定規則。 根據第二態樣,提供一種確定高風險用戶的裝置,包括: 事件獲取單元,配置成獲取待評估的業務請求事件的事件資訊,所述事件資訊包括,所述業務請求事件所涉及的第一用戶的用戶資訊; 事件判斷單元,配置成至少基於異常規則集合和所述第一用戶的用戶資訊,判斷所述業務請求事件是否為高風險事件; 用戶確定單元,配置成在確定所述業務請求事件為高風險事件的情況下,基於人群關係圖譜,確定與所述第一用戶存在特定關聯關係的第二用戶,將所述第一用戶和所述第二用戶添加到高風險用戶集; 第一更新單元,配置成基於所述高風險用戶集,更新所述異常規則集合。 根據第三態樣,提供了一種電腦可讀儲存媒體,其上儲存有電腦程式,當所述電腦程式在電腦中執行時,令電腦執行第一態樣的方法。 根據第四態樣,提供了一種計算設備,包括記憶體和處理器,其特徵在於,所述記憶體中儲存有可執行碼,所述處理器執行所述可執行碼時,實現第一態樣的方法。 透過本說明書實施例提供的方法和裝置,首先基於異常規則集合確定出高風險的業務請求事件和高風險用戶,然後基於人群關係圖譜,對高風險用戶進行擴散,如此,從單一的業務請求事件,可以確定出多個高風險用戶,極大提高識別效率。進一步地,在擴散到更多高風險用戶的情況下,用新識別的高風險用戶,來更新異常規則集合,從而對異常規則集合進行最佳化,使得異常規則集合在後續的判斷中,進一步提高判斷準確度。According to one embodiment, judging whether a service request event is a high-risk event based on the set of abnormal rules specifically includes: comparing the user information of the first user with the plurality of judging rules; The above business request events are high-risk events. In a possible design, judging whether the service request event is a high-risk event further includes: when further receiving a first verification result, determining that the service request event is a high-risk event, wherein the first verification result It is a manual verification result for verifying the business request event as a high-risk event. Or, when the second verification result is further received, it is determined that the business request event is a non-high-risk event, wherein the second verification result is a manual verification of the business request event as a non-high-risk event Result; in this case, the method further includes, according to the second verification result, updating the exception rule set. According to a possible design, the crowd relationship graph is established based on one or more of the following relationships: transaction relationship, equipment relationship, capital relationship, and social relationship. In one embodiment, based on the crowd relationship graph, determining the second user who has a specific relationship with the first user specifically includes: determining at least one group containing the first user from the crowd relationship graph; A high-risk group is determined from the at least one group according to the proportion of high-risk users in each group, wherein the proportion of high-risk users in each group is the intersection of the group and the set of high-risk users The ratio of the number M of users of the group to the total number N of users of the group; A user in the high-risk group is determined as the second user. In a possible design, the method further includes, based on the group relationship graph, determining a third user associated with the second user, and adding the third user to the high-risk user set. In one embodiment, updating the abnormal rule set based on the high-risk user set specifically includes: updating the multiple user features and/or the multiple decision rules based on the statistics of the user features of each user in the high-risk user set . According to a second aspect, an apparatus for determining a high-risk user is provided, comprising: An event acquiring unit configured to acquire event information of a service request event to be evaluated, where the event information includes user information of the first user involved in the service request event; The event judging unit is configured to judge whether the service request event is a high-risk event based at least on the exception rule set and the user information of the first user; The user determining unit is configured to determine the second user who has a specific association relationship with the first user based on the crowd relationship graph when the service request event is determined to be a high-risk event, and associate the first user with the first user The second user is added to the high-risk user set; The first updating unit is configured to update the abnormal rule set based on the high-risk user set. According to a third aspect, there is provided a computer-readable storage medium on which a computer program is stored, and when the computer program is executed in the computer, the computer is made to execute the method of the first aspect. According to a fourth aspect, there is provided a computing device, including a memory and a processor, wherein executable codes are stored in the memory, and when the processor executes the executable codes, the first state is realized. kind of method. Through the method and device provided by the embodiment of this specification, firstly, high-risk business request events and high-risk users are determined based on the set of abnormal rules, and then high-risk users are diffused based on the crowd relationship map. In this way, from a single business request event , multiple high-risk users can be identified, greatly improving identification efficiency. Furthermore, in the case of spreading to more high-risk users, the newly identified high-risk users are used to update the abnormal rule set, so as to optimize the abnormal rule set, so that the abnormal rule set can be further improved in subsequent judgments. Improve judgment accuracy.

下面結合圖式,對本說明書提供的方案進行描述。 圖1為本說明書披露的一個實施例的實施場景示意圖。在該實施場景中,某個用戶向計算平臺請求業務事件,例如申請保險理賠。計算平臺則針對本次事件,首先確定該用戶是否為高風險用戶,如果是的話,基於該用戶的關係網進行風險“擴散”,發掘出其他的高風險用戶。相應地,計算平臺中包含有異常規則引擎和擴散引擎,異常規則引擎根據預先設定的異常規則,對用戶的業務申請事件進行初步判斷。在一些情況下,還可以輔助以人工審核。一旦確定目前業務申請事件為高風險事件,也就將目前用戶確定為高風險用戶。進一步地,利用擴散引擎,基於目前用戶的關係網進行高風險用戶的擴散。這是基於這樣的觀察和統計:許多高風險事件都呈現“團夥”特徵,也就是,需要多人配合,共同完成。如此,在認定某個用戶為高風險用戶的情況下,可以對該用戶的關係網進行進一步分析,從中挖掘出具有“團夥”特徵的群體,從而確定出相關聯的其他高風險用戶。如此,從單一的業務請求事件,可以確定出多個高風險用戶,極大提高識別效率。進一步地,在擴散到更多高風險用戶的情況下,可以將新識別的高風險用戶,回饋到異常規則引擎,從而對異常規則引擎進行最佳化,使得異常規則引擎在後續的判斷中,進一步提高判斷準確度。下面描述上述場景的具體執行過程。 圖2示出根據一個實施例的確定高風險用戶的方法流程圖。該方法的執行主體可以是任何具有計算、處理能力的系統、設備、裝置、平臺或伺服器,例如圖1所示的計算平臺,更具體地,例如是需要對業務風險進行分析管控的各種後台伺服器,比如支付寶伺服器、保險業務伺服器、金融審批伺服器等。如圖2所示,該方法包括以下步驟:步驟21,獲取業務請求事件的相關資訊,所述相關資訊包括所述業務請求事件所涉及的第一用戶的用戶資訊;步驟22,至少基於異常規則集合和所述用戶資訊,判斷所述業務請求事件是否為高風險事件;步驟23,在確定所述業務請求事件為高風險事件的情況下,基於人群關係圖譜,確定與所述第一用戶存在特定關聯關係的第二用戶,將所述第一用戶和所述第二用戶添加到高風險用戶集;步驟24,基於所述高風險用戶集,更新所述異常規則集合。下面描述以上各個步驟的執行方式。 首先,在步驟21,獲取待評估的業務請求事件的相關資訊。可以理解,待評估的業務請求事件可以是針對各種有可能存在風險的業務進行請求的事件,例如,申請貸款、申請保險理賠等。為了清楚和區分起見,下文將該業務請求事件涉及的用戶稱為第一用戶。一般地,第一用戶可以是上述業務請求事件的請求人。 根據一個實施例,在步驟21中可以獲取與業務請求事件相關的各種資訊,包括與事件本身相關的事件資訊,以及與該業務請求事件所涉及的用戶(即第一用戶)相關的用戶資訊。上述事件資訊例如包括,請求的業務類型、請求金額、請求的發生時間、地點等,而用戶資訊可以進一步包括多方面的特徵。 在一個實施例中,用戶資訊包括用戶基本屬性特徵,例如:性別、年齡、註冊時長、聯繫方式等等基本資訊。 在一個實施例中,用戶資訊包括用戶行為特徵。更具體地,用戶行為特徵可以包括與用戶的業務操作相關的行為資訊,例如,交易次數、平均交易金額、申請理賠次數、理賠獲批次數、平均理賠金額等等。在一個實施例中,用戶行為特徵可以是動態改變的特徵,並且基於上述事件資訊而更新。例如,在第一用戶發出申請理賠的本次業務請求事件時,需要更新其用戶行為特徵,例如更新其中的申請理賠次數等參數。 在一個實施例中,用戶資訊還包括用戶關係特徵,例如,資金往來超過一定額度的連絡人的數目、交易頻率超過一定數目的連絡人名單等等。 在一個實施例中,用戶資訊還包括用戶位置特徵,例如各項交易發生的位置、位置改變的範圍、等等。 在更多實施例中,用戶資訊還可以包含更多方面的用戶特徵。 可以理解,相應地,在步驟21,可以獲取上述業務請求事件所涉及的第一用戶的用戶資訊,該用戶資訊包括上述各方面的用戶特徵中的一部分或全部。 接著,在步驟22,確定所述業務請求事件是否為高風險事件。確定的過程至少包括步驟221,在其中基於異常規則集合和上述第一用戶的用戶資訊,判斷上述業務請求事件是否為高風險事件。 異常規則集合是預先設定的規則集合,其中,包含若干條規則,這些規則用以對業務申請事件和/或涉及的用戶是否存在異常風險進行判斷。初始地,異常規則集合可以由業務人員根據實踐經驗而設定;隨著實施例的方法的推進,會不斷進行更新和調整。 一般地,異常規則集合包括多個用戶特徵和針對多個用戶特徵設定的多個判定規則。其中,與前述類似的,多個用戶特徵包括以下中的一項或多項:用戶基本屬性特徵、用戶行為特徵、用戶關係特徵、用戶位置特徵等。圖3示出異常規則集合的一個具體例子。如圖3所示,異常規則集合至少包括以下用戶特徵:年齡、註冊時長(這兩項特徵屬於用戶基本屬性特徵),平均理賠金額、申請理賠次數(這兩項特徵屬於用戶行為特徵),資金往來超過1000元的連絡人數目(該特徵屬於用戶關係特徵)等。針對上述用戶特徵,分別設定了判定規則。具體地,針對用戶特徵“年齡”,設定的判定規則為30至40歲;針對用戶特徵“註冊時長”,設定的判定規則為小於3個月;針對申請理賠次數,設定的判定規則為大於3次;針對平均理賠金額,設定的判定規則為大於1萬元;等等。 基於這樣的異常規則集合,可以對步驟21獲取的業務請求事件是否為高風險事件進行初步判斷。具體地,可以將第一用戶的用戶資訊中的各項對應用戶特徵與所述多個判定規則進行比較;當比較結果符合預定條件的情況下,判斷業務請求事件為高風險事件。上述預定條件例如可以是,異常規則集合包含的多個判定規則中,預定數目或預定比例的判定規則得到滿足。例如,在一個具體例子中,異常規則集合包含10條用戶特徵和相應的判定規則,那麼可以將預定條件設定為,當其中的任意8條判定規則得到滿足,就認為目前的用戶為高風險用戶,目前的業務請求事件是高風險事件。或者,上述預定條件可以被設定為更複雜的規則運算式,例如假定異常規則集合包含A,B,C,D,E至少5項判定規則,那麼預定條件可以為例如A AND(B OR C OR D)AND E的邏輯運算式。 在一個實施例中,直接基於步驟221中第一用戶的用戶資訊與異常規則集合的比較結果,來確定上述業務請求事件是否為高風險事件。 在另一實施例中,在步驟221基於異常規則集合對上述業務請求事件進行初步判斷之後,還包括步驟222(如圖2中虛線示出),在其中結合人工核驗結果,最終確定上述業務請求事件是否為高風險事件。也就是說,如果步驟221基於異常規則集合判斷上述業務請求事件為高風險事件,那麼將該事件發送到人工審核模組,並從人工審核模組接收針對該事件的核驗結果。在步驟222,如果接收到的核驗結果為,所述業務請求事件被人工核驗為高風險事件,那麼確定該業務請求事件為高風險事件。另一方面,如果接收到的核驗結果為,所述業務請求事件被人工核驗為非高風險事件,那麼,確定所述業務請求事件為非高風險事件,並且,在步驟223,根據這樣的核驗結果,更新異常規則集合。可以理解,出現步驟223的情況意味著,異常規則集合的判斷出現了偏差。因此,需要根據人工核驗結果,也就是人工矯正的結果,來更新異常規則集合,避免後續出現同樣的偏差。 在一個實施例中,對於基於異常規則集合被確定為高風險的業務請求事件,從中選擇一部分發送到人工審核模組,從而減輕人工審核的工作量。在一個實施例中,統計人工核驗結果與基於異常規則集合的判斷結果的一致性比例,根據該比例確定後續發送到人工審核模組進行核驗的事件比例。例如,人工核驗結果與基於異常規則集合的判斷結果的一致性越高,那麼可以將更少的業務請求事件發送到人工審核模組進行核驗。當人工核驗結果與基於異常規則集合的判斷結果的一致性達到一定高比例閾值,例如98%,那麼可以省略人工核驗,直接根據異常規則集合,確定業務請求事件是否為高風險事件。 綜合以上,在步驟22,至少基於異常規則集合(可選地,還基於人工核驗的覆核),確定步驟21獲取的業務請求事件是否為高風險事件。如果該事件被確定為高風險事件,那麼相應地,第一用戶會被確定為高風險用戶,於是,在步驟23,基於人群關係圖譜,確定與第一用戶存在特定關聯關係的第二用戶,並將第一用戶和第二用戶都添加到高風險用戶集。換言之,如果確定第一用戶為高風險用戶,則基於人群關係圖譜,對高風險用戶進行“擴散”,找到與第一用戶緊密關聯的其他潛在的高風險用戶。 以上高風險用戶的擴散要基於預先建立的人群關係圖譜來進行。人群關係圖譜可以採用多種方式來預先建立。 在一個實施例中,人群關係圖譜基於人群的交易關係而建立。例如,兩個用戶之間達成商品購買交易,則在這兩個用戶之間建立交易關聯。可以透過獲取並分析大量用戶的交易記錄而確定用戶之間的交易關係,進而建立人群關係圖譜。 在一個實施例中,人群關係圖譜基於人群的設備關係而建立。例如,當兩個或多個用戶帳戶利用同一台終端設備進行登錄時,可以確定這兩個或多個用戶帳戶之間存在設備關聯。存在設備關聯的兩個或多個用戶帳戶,有可能是同一個實體用戶註冊的多個帳戶,也可以是存在緊密關聯(例如家人、同事等)的多個用戶所對應的帳戶。設備關係可以透過獲取用戶登錄其帳戶時所對應的實體終端資訊而確定。 在一個實施例中,人群關係圖譜基於資金關係而建立。例如,當兩個用戶之間存在轉帳、收款等資金轉移操作時,則在這兩個用戶之間建立資金關聯。可以透過獲取並分析用戶利用電子錢包進行資金操作的記錄而確定用戶之間的資金關係,進而基於資金關係來建立人群關係圖譜。 在一個實施例中,人群關係圖譜基於社交關係而建立。如今人們越來越多地使用社交應用進行互動,例如,兩個用戶可以透過社交應用來進行聊天、發紅包、文件傳送等互動,那麼可以在這兩個用戶之間建立社交關聯。可以基於社交應用捕獲的大量社交互動來確定人群之間的社交關係,進而建立人群關係圖譜。 儘管以上給出了若干例子,但是可以理解,還可以基於更多種人群關聯關係來建立人群關係圖譜。並且,人群關係圖譜可以同時基於若干種人群關聯關係而建立。 在一個實施例中,人群關係圖譜可以形成為節點網路的形式。在該形式下,人群關係圖譜包括多個節點,每個節點對應一個用戶,存在關聯關係的節點之間會彼此連接。在一個實施例中,節點之間的連接可以具有多種屬性,例如連接類型,連接強度等,其中,連接類型又包括,例如資金連接(基於資金關係的連接),社交連接(基於社互動動的連接等),連接強度又可以包括,例如強連接,弱連接等。 圖4示出根據一個實施例的人群關係圖譜的例子。如圖4所示,在該例子中,人群關係圖譜中包括多個節點,每個節點對應一個用戶。節點之間的連接表示用戶之間具有關聯關係。假定圖4的人群關係圖譜是基於人群的資金關係和社交關係而建立。相應地,節點之間的連接可以是資金連接或社交連接。在圖4的例子中,以不同的線型示出不同的連接類型,即以虛線示出節點之間的社交連接,以實線示出節點之間的資金連接。並且,以連接線的粗細示出連接的強度。例如,粗線示出強連接,細線示出弱連接。更具體地,粗實線可以示出較強的資金連接(例如資金互動超過一金額閾值,例如1萬元),細實線示出較弱的資金連接(例如資金互動不超過上述金額閾值);粗虛線可以示出較強的社交連接(例如,互動頻率超過一頻率閾值,例如每天10次),細虛線示出較弱的社交連接(例如,互動頻率不超過上述頻率閾值)。 可以理解,人群關係圖譜還可以形成為其他形式,例如表格形式、圖表形式等。一張人群關係圖譜可以基於一種單一的人群關係而建立,也可以基於多種人群關係而建立(例如,圖4中基於兩種關係)。在此,對人群關係圖譜的形式、形成過程等均不作限定。 基於這樣的人群關係圖譜,在步驟23,在確定第一用戶為高風險用戶的情況下,在人群關係圖譜中確定與第一用戶存在特定關聯關係的第二用戶,將第二用戶也作為高風險用戶。 在一個實施例中,上述特定關聯關係包括,特定類型的關聯關係,例如,資金關聯關係。在一個實施例中,上述特定關聯關係包括特定強度的關聯關係,例如強關聯關係。當然,特定關聯關係還可以是,特定類型且特定強度的關聯關係。此外,本領域技術人員還可以基於對採集到的樣本中,高風險用戶之間的關係特點,對上述特定關聯關係進行其他限定。 在一個實施例中,考慮到在許多業務場景中,高風險用戶之間呈現出的“團夥”特徵,因此,首先從人群關係圖譜中提取出具有一定特徵的群組為高風險群組,將包含第一用戶的高風險群組中的其他用戶,確定為高風險的第二用戶。 圖5示出根據一個實施例的確定第二用戶的步驟流程,即步驟23的子步驟。如圖5所示,為了基於第一用戶將風險擴散到其他用戶,在步驟51,從人群關係圖譜中確定出包含第一用戶的至少一個群組。 在不同實施例中,群組可以具有不同的定義方式。例如,在社交應用中,一些用戶可以自主地形成社群。那麼在基於社交關係的人群圖譜中,可以基於用戶自主形成的社群確定出群組。在另一實施例中,可以將包含一定用戶數目,且用戶之間具有一定連接關係的多個用戶作為一個群組。例如,可以將群組設定為包含3至20個用戶,且這些用戶兩兩之間均具有關聯關係;或者,在另一例子中,將群組設定為兩兩之間具有強資金關聯關係的若干用戶。 可以理解,根據群組的定義方式的不同,同一個用戶可以歸屬於多個群組。在步驟51,從人群關係圖譜中,確定出具有高風險的第一用戶所歸屬的所有可能的群組。然而,這些群組並不必然都是高風險群組。因此,接下來,在步驟52,對步驟51確定出的群組進行進一步分析,從中選擇出高風險群組。 在一個實施例中,根據一個群組中高風險用戶的比例,來確定該群組是否為高風險群組。具體地,某個群組的高風險用戶比例為,該群組中已經被確定為高風險用戶的用戶數目M與該群組的用戶總數N的比例。實踐中,根據一個實施例,採用高風險用戶集來記錄已經確定出的高風險用戶。在這樣的情況下,上述用戶數目M即為,上述群組與高風險用戶集的交集中的用戶數目。在確定出群組中高風險用戶的比例的情況下,可以將該比例與預先設定的判定閾值,例如70%,來比較,根據比較結果而確定該群組是否為高風險群組,例如將高風險用戶的比例高於上述判定閾值的群組確定為高風險群組。 在此基礎上,在步驟53,將第一用戶所屬的高風險群組中的其他用戶確定為第二用戶,即高風險用戶,將第一用戶和第二用戶均添加到高風險用戶集中。 圖6示出基於人群關係圖譜從第一用戶擴散到第二用戶的具體例子的示意圖。如圖6所示,假定在步驟51,從人群關係圖譜中確定出第一用戶所屬的3個群組:群組A、群組B和群組C。接下來,在步驟52,確定這3個群組中各個群組的高風險用戶比例。在一個例子中,採用“染色”的方式,標記群組中之前已經確定的高風險用戶。換言之,在之前的處理中,一旦將某個用戶添加到高風險用戶集,同時在人群關係圖譜中對該用戶進行染色。如此,在步驟52,判斷各個群組中高風險用戶的比例,即判斷群組中被染色的用戶的濃度。在圖6的例子中,群組A包含10名用戶,只有第一用戶自身是已經確定為高風險的用戶,高風險用戶比例為10%。群組B包含8名用戶,其中,包含第一用戶在內有6名用戶被染色,高風險用戶比例為75%。群組C包含12名用戶,其中,被染色的用戶數為3名,高風險用戶比例為25%。如果比例閾值被設定為70%,那麼可以確定,群組B為高風險群組。接著,在步驟53,將群組B中的其他用戶,特別是尚未被染色(尚未被識別為高風險)的用戶,即用戶10和用戶20,確定為第二用戶。在確定出第二用戶的基礎上,將第一用戶和第二用戶均添加到高風險用戶集中。在一個例子中,在人群關係圖譜中對第一用戶和第二用戶進行染色,從而便於後續的擴散分析。 在一個實施例中,在基於高風險業務請求事件確定出第一用戶,然後基於第一用戶擴散到第二用戶之後,還基於第二用戶進行再次擴散。也就是說,在一個實施例中,在確定出第二用戶的基礎上,基於上述人群關係圖譜,確定與第二用戶存在特定關聯關係的第三用戶,將第三用戶也添加到高風險用戶集中。基於第二用戶,確定與之存在特定關聯關係的第三用戶的過程,與以上描述的基於第一用戶,確定第二用戶的過程一致,不再贅述其細節。 需要理解的是,上述擴散過程可以反復不斷進行,也就是,確定出第三用戶之後,再基於第三用戶尋找到與之關聯的第四用戶,等等,直到不再出現新的高風險用戶為止。 此時,高風險用戶集已經得到擴散和更新,除了包含經由步驟21的業務請求事件所確定的高風險的第一用戶之外,還包含了基於第一用戶擴散的其他高風險用戶,即第二用戶。因此,回到圖2,在步驟24,基於高風險用戶集,更新前述的異常規則集合。如前所述,異常規則集合可以包含多個用戶特徵,以及針對這些用戶特徵設定的多個判定規則。在一個實施例中,在步驟24,可以基於高風險用戶集中各個用戶的用戶特徵的統計,更新所述多個用戶特徵,和/或所述多個判定規則。 具體地,在一個例子中,原有的異常規則集合例如如圖3所示,其中,針對平均理賠金額設定的判定規則為大於1萬元。假定如圖6所示,基於第一用戶將高風險用戶擴散到了用戶10和用戶20,將用戶10和20都添加到了高風險用戶集中。新增的高風險用戶(用戶10和用戶20),對於該項用戶特徵,即平均理賠金額,的統計值為8000元。據此,可以將針對平均理賠金額的判定規則修改為大於8000元。 在另一例子中,原有的異常規則集合例如包含10項用戶特徵和對應判定規則。假定新增的高風險用戶在上述10項用戶特徵之外的某項用戶特徵上體現出較強的規律性,例如資金流動頻率超過一定閾值,那麼可以將該項用戶特徵,以及對應閾值,添加到異常規則集合中,從而更新異常規則集合。 在一個實施例中,對於擴散後的高風險用戶集,可以反過來採用異常規則集合與人工核驗結合的方式來進行抽樣檢測。例如選擇高風險用戶集中5%的高風險用戶,利用異常規則集合和人工核驗,確定其是否真的屬於高風險用戶。在抽樣檢測的準確率低於一定閾值的情況下,調整基於人群關係圖譜進行擴散的演算法過程,例如調整高風險群組的比例判定閾值等,使得高風險用戶的擴散過程更加準確。 回顧以上過程,首先基於異常規則集合確定出高風險的業務請求事件和高風險用戶,然後基於人群關係圖譜,對高風險用戶進行擴散,如此,從單一的業務請求事件,可以確定出多個高風險用戶,極大提高識別效率。進一步地,在擴散到更多高風險用戶的情況下,用新識別的高風險用戶來更新異常規則集合,從而對異常規則集合進行最佳化,使得異常規則集合在後續的判斷中,進一步提高判斷準確度。 根據另一態樣的實施例,還提供一種確定高風險用戶的裝置。圖7示出根據一個實施例的用以確定高風險用戶的裝置的示意性方塊圖。如圖7所示,用以確定高風險用戶的裝置700包括:事件獲取單元710,配置成獲取待評估的業務請求事件的事件資訊,所述事件資訊包括,所述業務請求事件所涉及的第一用戶的用戶資訊;事件判斷單元720,配置成至少基於異常規則集合和所述第一用戶的用戶資訊,判斷所述業務請求事件是否為高風險事件;用戶確定單元730,配置成在確定所述業務請求事件為高風險事件的情況下,基於人群關係圖譜,確定與所述第一用戶存在特定關聯關係的第二用戶,將所述第一用戶和所述第二用戶添加到高風險用戶集;第一更新單元740,配置成基於所述高風險用戶集,更新所述異常規則集合。 在一個實施例中,異常規則集合包括多個用戶特徵,和針對所述多個用戶特徵設定的多個判定規則。 進一步地,在一個實施例中,上述多個用戶特徵包括以下中的一項或多項:用戶基本屬性特徵、用戶行為特徵、用戶關係特徵、用戶位置特徵。 根據一種實施方式,事件判斷單元720配置成:將第一用戶的用戶資訊與上述多個判定規則進行比較;當比較結果符合預定條件的情況下,判斷所述業務請求事件為高風險事件。 進一步地,在一個實施例中,裝置700還包括人工審核單元(未示出),或者,與一外部的人工審核單元相連接。在這樣的情況下,事件判斷單元720還配置成,在基於異常規則集合,判斷所述業務請求事件為高風險事件的情況下,還將上述業務請求事件發送給人工審核單元,並從人工審核單元接收核驗結果。具體地,當事件判斷單元720進一步接收到第一核驗結果的情況下,確定所述業務請求事件為高風險事件,其中,所述第一核驗結果為將所述業務請求事件核驗為高風險事件的人工核驗結果。 另一方面,當事件判斷單元720進一步接收到第二核驗結果的情況下,確定所述業務請求事件為非高風險事件,其中,所述第二核驗結果為將所述業務請求事件核驗為非高風險事件的人工核驗結果。與此對應地,裝置700還包括第二更新單元750,配置成根據所述第二核驗結果,更新所述異常規則集合。 根據一種實施方式,用戶確定單元730所基於的人群關係圖譜是根據以下一種或多種關係而建立:交易關係、設備關係、資金關係、社交關係。 在一個實施例中,用戶確定單元730進一步包括:群組確定模組731,配置成從人群關係圖譜中確定出包含所述第一用戶的至少一個群組;群組選擇模組732,配置成根據各個群組的高風險用戶比例,從所述至少一個群組中選擇出高風險群組,其中,各個群組的高風險用戶比例為,該群組與所述高風險用戶集的交集中的用戶數目M與該群組的用戶總數N的比例;以及確定模組733,配置成將所述高風險群組中的用戶確定為所述第二用戶。 根據一個實施例,用戶確定單元730還配置成,基於所述人群關係圖譜,確定與所述第二用戶相關聯的第三用戶,將所述第三用戶添加到所述高風險用戶集中。 根據一種實施方式,第一更新單元740配置成:基於所述高風險用戶集中各個用戶的用戶特徵的統計,更新所述多個用戶特徵,和/或所述多個判定規則。 透過以上裝置,可以從單一的業務請求事件,確定出多個高風險用戶,極大提高識別效率。並且,還可以用新識別的高風險用戶,來更新和最佳化異常規則集合,使得異常規則集合在後續的判斷中,進一步提高判斷準確度。 根據另一態樣的實施例,還提供一種電腦可讀儲存媒體,其上儲存有電腦程式,當所述電腦程式在電腦中執行時,令電腦執行結合圖2所描述的方法。 根據再一態樣的實施例,還提供一種計算設備,包括記憶體和處理器,所述記憶體中儲存有可執行碼,所述處理器執行所述可執行碼時,實現結合圖2所述的方法。 本領域技術人員應該可以意識到,在上述一個或多個示例中,本發明所描述的功能可以用硬體、軟體、韌體或它們的任意組合來實現。當使用軟體來實現時,可以將這些功能儲存在電腦可讀媒體中或者作為電腦可讀媒體上的一個或多個指令或碼來進行傳輸。 以上所述的具體實施方式,對本發明的目的、技術方案和有益效果進行了進一步詳細說明,所應理解的是,以上所述僅為本發明的具體實施方式而已,並不用來限定本發明的保護範圍,凡在本發明的技術方案的基礎之上,所做的任何修改、等同替換、改進等,均應包括在本發明的保護範圍之內。 The solution provided in this manual will be described below with reference to the drawings. Fig. 1 is a schematic diagram of an implementation scene of an embodiment disclosed in this specification. In this implementation scenario, a user requests a business event from the computing platform, such as applying for an insurance claim. For this incident, the computing platform first determines whether the user is a high-risk user, and if so, carries out risk "diffusion" based on the user's network to discover other high-risk users. Correspondingly, the computing platform includes an exception rule engine and a diffusion engine, and the exception rule engine makes a preliminary judgment on the user's business application event according to the preset exception rules. In some cases, human review can also be assisted. Once the current service application event is determined to be a high-risk event, the current user is also determined to be a high-risk user. Further, the diffusion engine is used to diffuse high-risk users based on the current user's relationship network. This is based on the observation and statistics that many high-risk incidents have the characteristics of "gangs", that is, they require the cooperation of multiple people to complete. In this way, when a certain user is identified as a high-risk user, the user's network can be further analyzed, and groups with "gang" characteristics can be excavated from it, so as to determine other associated high-risk users. In this way, multiple high-risk users can be identified from a single service request event, greatly improving identification efficiency. Furthermore, in the case of spreading to more high-risk users, the newly identified high-risk users can be fed back to the abnormal rule engine, so as to optimize the abnormal rule engine, so that the abnormal rule engine can, in subsequent judgments, Further improve the judgment accuracy. The specific execution process of the above scenario is described below. Fig. 2 shows a flowchart of a method for determining high-risk users according to an embodiment. The subject of execution of this method can be any system, device, device, platform or server with computing and processing capabilities, such as the computing platform shown in Figure 1, more specifically, various backgrounds that need to analyze and control business risks Servers, such as Alipay servers, insurance business servers, financial approval servers, etc. As shown in Figure 2, the method includes the following steps: step 21, obtain relevant information of the service request event, the relevant information includes user information of the first user involved in the service request event; step 22, at least based on abnormal rules Gathering and the user information to determine whether the service request event is a high-risk event; step 23, in the case of determining that the service request event is a high-risk event, based on the crowd relationship map, determine whether there is a relationship with the first user Add the first user and the second user to the high-risk user set for the second user of the specific association relationship; Step 24, update the abnormal rule set based on the high-risk user set. The execution manner of each of the above steps is described below. First, in step 21, the relevant information of the service request event to be evaluated is obtained. It can be understood that the service request event to be evaluated may be a request event for various potentially risky services, for example, applying for a loan, applying for an insurance claim, and the like. For the sake of clarity and distinction, the user involved in the service request event is referred to as the first user hereinafter. Generally, the first user may be the requester of the above service request event. According to an embodiment, various information related to the service request event can be obtained in step 21, including event information related to the event itself, and user information related to the user involved in the service request event (ie, the first user). The above-mentioned event information includes, for example, the type of service requested, the requested amount, the time and location of the request, etc., and the user information may further include various features. In one embodiment, the user information includes basic user attributes, such as gender, age, registration duration, contact information and other basic information. In one embodiment, the user information includes user behavior characteristics. More specifically, the user behavior characteristics may include behavior information related to the user's business operations, such as the number of transactions, the average transaction amount, the number of claims applications, the number of approved claims, the average claim amount, and the like. In one embodiment, the user behavior feature may be a dynamically changing feature and updated based on the above event information. For example, when the first user sends out this business request event of applying for a claim, it is necessary to update its user behavior characteristics, such as updating parameters such as the number of times of applying for a claim. In one embodiment, the user information also includes user relationship characteristics, for example, the number of contacts with a fund transaction exceeding a certain amount, a list of contacts with a transaction frequency exceeding a certain number, and the like. In one embodiment, the user information also includes user location characteristics, such as the location where each transaction occurs, the range of location change, and so on. In more embodiments, the user information may also include more aspects of user characteristics. It can be understood that correspondingly, in step 21, the user information of the first user involved in the above-mentioned service request event may be obtained, and the user information includes part or all of the user features in the above-mentioned aspects. Next, in step 22, it is determined whether the service request event is a high-risk event. The determining process includes at least step 221, in which it is judged whether the above-mentioned service request event is a high-risk event based on the exception rule set and the user information of the above-mentioned first user. The exception rule set is a pre-set rule set, which includes several rules, and these rules are used to judge whether the business application event and/or the involved users have abnormal risks. Initially, the set of exception rules may be set by business personnel based on practical experience; as the method of the embodiment advances, it will be continuously updated and adjusted. Generally, the exception rule set includes multiple user characteristics and multiple determination rules set for the multiple user characteristics. Wherein, similar to the foregoing, the multiple user features include one or more of the following: user basic attribute features, user behavior features, user relationship features, user location features, and the like. Figure 3 shows a specific example of an exception rule set. As shown in Figure 3, the set of abnormal rules includes at least the following user characteristics: age, registration duration (these two characteristics belong to the basic attribute characteristics of the user), the average claim amount, and the number of claims (these two characteristics belong to the user behavior characteristics), The number of contacts whose capital transactions exceed 1,000 yuan (this feature belongs to the user relationship feature), etc. According to the above-mentioned user characteristics, judgment rules are respectively set. Specifically, for the user characteristic "age", the set judgment rule is 30 to 40 years old; for the user characteristic "registration time", the set judgment rule is less than 3 months; for the number of claims applications, the set judgment rule is greater than 3 times; for the average claim amount, the set judgment rule is greater than 10,000 yuan; and so on. Based on such a set of abnormal rules, a preliminary judgment can be made on whether the service request event acquired in step 21 is a high-risk event. Specifically, each corresponding user feature in the user information of the first user may be compared with the plurality of determination rules; when the comparison result meets a predetermined condition, it is determined that the service request event is a high-risk event. The foregoing predetermined condition may be, for example, that a predetermined number or a predetermined proportion of the determination rules among the plurality of determination rules included in the exception rule set are satisfied. For example, in a specific example, the abnormal rule set contains 10 user characteristics and corresponding judgment rules, then the predetermined condition can be set as, when any 8 judgment rules are satisfied, the current user is considered to be a high-risk user , the current business request event is a high-risk event. Alternatively, the above-mentioned predetermined condition can be set as a more complex rule expression, for example, assuming that the exception rule set contains at least 5 determination rules of A, B, C, D, E, then the predetermined condition can be, for example, A AND (B OR C OR D) The logical operation formula of AND E. In one embodiment, it is determined directly based on the comparison result between the user information of the first user and the exception rule set in step 221 whether the above-mentioned service request event is a high-risk event. In another embodiment, after step 221 makes a preliminary judgment on the above-mentioned business request event based on the set of abnormal rules, step 222 (as shown by the dotted line in FIG. 2 ) is also included, in which the above-mentioned business request is finally determined in combination with the result of manual verification. Whether the event is a high-risk event. That is to say, if step 221 judges that the above-mentioned service request event is a high-risk event based on the exception rule set, then send the event to the manual review module, and receive a verification result for the event from the manual review module. In step 222, if the received verification result is that the service request event is manually verified as a high-risk event, then it is determined that the service request event is a high-risk event. On the other hand, if the verification result received is that the business request event is manually verified as a non-high-risk event, then it is determined that the business request event is a non-high-risk event, and, in step 223, according to such verification As a result, the set of exception rules is updated. It can be understood that the occurrence of step 223 means that there is a deviation in the judgment of the abnormal rule set. Therefore, it is necessary to update the exception rule set according to the result of manual verification, that is, the result of manual correction, so as to avoid the same deviation in the future. In one embodiment, for the business request events determined to be high risk based on the exception rule set, a part of them is selected and sent to the manual review module, thereby reducing the workload of manual review. In one embodiment, the consistency ratio between the manual verification result and the judgment result based on the abnormal rule set is counted, and the ratio of events sent to the manual verification module for verification is determined according to the ratio. For example, the higher the consistency between the manual verification result and the judgment result based on the exception rule set, the fewer business request events can be sent to the manual verification module for verification. When the consistency between the manual verification result and the judgment result based on the abnormal rule set reaches a certain high percentage threshold, such as 98%, then manual verification can be omitted, and whether the business request event is a high-risk event can be determined directly based on the abnormal rule set. Based on the above, in step 22, at least based on the set of abnormal rules (optionally also based on manual verification), it is determined whether the service request event acquired in step 21 is a high-risk event. If the event is determined to be a high-risk event, then correspondingly, the first user will be determined to be a high-risk user, and then, in step 23, based on the crowd relationship map, determine the second user who has a specific relationship with the first user, And both the first user and the second user are added to the high-risk user set. In other words, if it is determined that the first user is a high-risk user, based on the crowd relationship graph, the high-risk users are "diffused" to find other potential high-risk users closely related to the first user. The diffusion of the above high-risk users should be based on the pre-established crowd relationship map. The crowd relationship graph can be pre-established in various ways. In one embodiment, the crowd relationship graph is established based on the transaction relationship of the crowd. For example, if a commodity purchase transaction is reached between two users, a transaction association is established between the two users. The transaction relationship between users can be determined by obtaining and analyzing the transaction records of a large number of users, and then a crowd relationship map can be established. In one embodiment, the crowd relationship graph is established based on the device relationships of the crowd. For example, when two or more user accounts use the same terminal device to log in, it can be determined that there is a device association between the two or more user accounts. Two or more user accounts associated with devices may be multiple accounts registered by the same entity user, or may be accounts corresponding to multiple users that are closely related (such as family members, colleagues, etc.). The device relationship can be determined by obtaining the corresponding physical terminal information when the user logs into his account. In one embodiment, the crowd relationship graph is built based on financial relationships. For example, when there are fund transfer operations such as transfer and receipt between two users, a fund association is established between the two users. The financial relationship between users can be determined by obtaining and analyzing the records of users' capital operations using electronic wallets, and then a crowd relationship map can be established based on the financial relationship. In one embodiment, the group relationship graph is established based on social relationships. Nowadays, people increasingly use social applications for interaction. For example, two users can interact with each other through chatting, sending red envelopes, file transfers, etc. through social applications, so a social relationship can be established between the two users. The social relationship between groups of people can be determined based on a large number of social interactions captured by social applications, and then a group relationship graph can be established. Although several examples have been given above, it can be understood that the group relationship graph can also be established based on more kinds of group association relationships. Moreover, the crowd relationship graph can be established based on several kinds of crowd associations at the same time. In one embodiment, the group relationship graph can be formed in the form of a node network. In this form, the crowd relationship graph includes a plurality of nodes, each node corresponds to a user, and the nodes in the relationship are connected to each other. In one embodiment, the connection between nodes can have various attributes, such as connection type, connection strength, etc., wherein the connection type includes, for example, financial connection (connection based on financial relationship), social connection (connection based on social interaction), etc. connection, etc.), connection strength can include, for example, strong connection, weak connection, etc. Fig. 4 shows an example of a crowd relationship graph according to one embodiment. As shown in FIG. 4 , in this example, the group relationship graph includes multiple nodes, and each node corresponds to a user. The connection between the nodes indicates that there is an association relationship between the users. Assume that the crowd relationship graph in Figure 4 is established based on the financial and social relationships of the crowd. Correspondingly, the connections between nodes can be financial connections or social connections. In the example in FIG. 4 , different connection types are shown in different line styles, that is, social connections between nodes are shown in dotted lines, and financial connections between nodes are shown in solid lines. Also, the strength of the connection is shown by the thickness of the connection line. For example, thick lines show strong connections and thin lines show weak connections. More specifically, the thick solid line can show a strong financial connection (for example, the financial interaction exceeds a certain amount threshold, such as 10,000 yuan), and the thin solid line shows a weak financial connection (for example, the financial interaction does not exceed the above-mentioned amount threshold) The thick dashed line can show a strong social connection (for example, the interaction frequency exceeds a frequency threshold, such as 10 times a day), and the thin dashed line shows a weak social connection (for example, the interaction frequency does not exceed the above frequency threshold). It can be understood that the group relationship graph can also be formed in other forms, such as table form, graph form and so on. A crowd relationship graph can be established based on a single crowd relationship, or based on multiple crowd relationships (for example, based on two relationships in Figure 4). Here, the form and formation process of the group relationship map are not limited. Based on such a crowd relationship map, in step 23, when it is determined that the first user is a high-risk user, a second user who has a specific relationship with the first user is determined in the crowd relation map, and the second user is also identified as a high-risk user. risky users. In an embodiment, the above-mentioned specific relationship includes a specific type of relationship, for example, a fund relationship. In an embodiment, the above-mentioned specific association relationship includes an association relationship of a specific strength, such as a strong association relationship. Certainly, the specific association relationship may also be an association relationship of a specific type and a specific strength. In addition, those skilled in the art may also make other limitations on the above specific association relationship based on the characteristics of the relationship between high-risk users in the collected samples. In one embodiment, considering the characteristics of "groups" among high-risk users in many business scenarios, firstly, groups with certain characteristics are extracted from the crowd relationship graph as high-risk groups, and Other users in the high-risk group including the first user are determined as high-risk second users. Fig. 5 shows the flow of steps for determining the second user, that is, the sub-steps of step 23, according to an embodiment. As shown in FIG. 5 , in order to spread the risk to other users based on the first user, at step 51 , at least one group including the first user is determined from the crowd relationship graph. In different embodiments, groups can be defined in different ways. For example, in social applications, some users can form communities autonomously. Then, in the crowd map based on social relations, groups can be determined based on the communities formed by users themselves. In another embodiment, multiple users including a certain number of users and having a certain connection relationship among users may be regarded as a group. For example, a group can be set to contain 3 to 20 users, and these users have an association relationship between each other; or, in another example, the group can be set to have a strong financial relationship between each several users. It can be understood that, according to different ways of defining groups, the same user may belong to multiple groups. In step 51, all possible groups to which the high-risk first user belongs are determined from the crowd relationship graph. However, these groups are not necessarily all high-risk groups. Therefore, next, in step 52, the groups determined in step 51 are further analyzed, and a high-risk group is selected from them. In one embodiment, according to the proportion of high-risk users in a group, it is determined whether the group is a high-risk group. Specifically, the high-risk user ratio of a certain group is the ratio of the number M of users in the group that have been determined as high-risk users to the total number N of users in the group. In practice, according to one embodiment, a high-risk user set is used to record identified high-risk users. In this case, the number of users M is the number of users in the intersection of the above-mentioned group and the high-risk user set. When the proportion of high-risk users in the group is determined, the proportion can be compared with a preset judgment threshold, such as 70%, to determine whether the group is a high-risk group according to the comparison result, for example, the high-risk group A group whose proportion of risky users is higher than the above-mentioned decision threshold is determined as a high-risk group. On this basis, in step 53, other users in the high-risk group to which the first user belongs are determined as second users, that is, high-risk users, and both the first user and the second user are added to the set of high-risk users. FIG. 6 shows a schematic diagram of a specific example of spreading from a first user to a second user based on a crowd relationship graph. As shown in FIG. 6 , it is assumed that in step 51 , three groups to which the first user belongs are determined from the group relationship graph: group A, group B and group C. Next, in step 52, the proportion of high-risk users in each of the three groups is determined. In one example, a "coloring" method is used to mark previously identified high-risk users in the group. In other words, in the previous processing, once a user is added to the high-risk user set, the user is colored in the crowd relationship graph at the same time. In this way, in step 52, the proportion of high-risk users in each group is judged, that is, the concentration of dyed users in the group is judged. In the example shown in FIG. 6 , group A includes 10 users, and only the first user has been identified as a high-risk user, and the proportion of high-risk users is 10%. Group B contains 8 users, of which 6 users including the first user are dyed, and the proportion of high-risk users is 75%. Group C contains 12 users, of which 3 are dyed, and the proportion of high-risk users is 25%. If the ratio threshold is set to 70%, it can be determined that group B is a high-risk group. Next, in step 53, other users in group B, especially users who have not been dyed (not yet identified as high risk), namely user 10 and user 20, are determined as the second users. After the second user is determined, both the first user and the second user are added to the high-risk user set. In one example, the first user and the second user are colored in the crowd relationship graph, so as to facilitate subsequent diffusion analysis. In an embodiment, after the first user is determined based on the high-risk service request event, and then diffused to the second user based on the first user, further diffusion is performed based on the second user. That is to say, in one embodiment, on the basis of determining the second user, based on the above group relationship map, determine the third user who has a specific relationship with the second user, and add the third user to the high-risk user concentrated. The process of determining the third user who has a specific relationship with the second user based on the second user is consistent with the above-described process of determining the second user based on the first user, and the details will not be repeated here. It should be understood that the above diffusion process can be repeated continuously, that is, after the third user is determined, the fourth user associated with it is found based on the third user, and so on, until no new high-risk users appear until. At this time, the high-risk user set has been diffused and updated. In addition to the high-risk first user determined by the service request event in step 21, it also includes other high-risk users based on the diffusion of the first user, that is, the first user Second user. Therefore, returning to FIG. 2 , in step 24 , based on the high-risk user set, the aforementioned exception rule set is updated. As mentioned above, the exception rule set may include multiple user characteristics, and multiple determination rules set for these user characteristics. In one embodiment, at step 24, the plurality of user characteristics and/or the plurality of determination rules may be updated based on statistics of user characteristics of each user in the high-risk user set. Specifically, in an example, the original set of abnormal rules is shown in FIG. 3 , where the determination rule set for the average claim amount is greater than 10,000 yuan. Assume that as shown in FIG. 6 , based on the first user spreading high-risk users to user 10 and user 20 , both users 10 and 20 are added to the high-risk user set. The newly added high-risk users (user 10 and user 20) have a statistical value of 8,000 yuan for this user characteristic, that is, the average claim amount. Accordingly, the judgment rule for the average claim amount can be modified to be greater than 8,000 yuan. In another example, the original exception rule set includes, for example, 10 user characteristics and corresponding determination rules. Assuming that the newly added high-risk users show strong regularity in a user characteristic other than the above 10 user characteristics, for example, the frequency of capital flow exceeds a certain threshold, then this user characteristic and the corresponding threshold can be added to the exception rule set, thereby updating the exception rule set. In one embodiment, for the diffused high-risk user set, sampling detection can be performed by using a combination of abnormal rule set and manual verification in reverse. For example, select 5% of high-risk users in the high-risk user concentration, and use abnormal rule sets and manual verification to determine whether they are really high-risk users. When the accuracy rate of sampling detection is lower than a certain threshold, adjust the algorithm process of diffusion based on the crowd relationship map, such as adjusting the threshold for determining the proportion of high-risk groups, etc., to make the diffusion process of high-risk users more accurate. Looking back on the above process, first determine high-risk business request events and high-risk users based on the set of abnormal rules, and then spread high-risk users based on the crowd relationship graph. In this way, multiple high-risk users can be identified from a single business request event. Risk users, greatly improving the identification efficiency. Furthermore, in the case of spreading to more high-risk users, the newly identified high-risk users are used to update the abnormal rule set, so as to optimize the abnormal rule set, so that the abnormal rule set can be further improved in subsequent judgments. Judgment accuracy. According to another embodiment, an apparatus for determining high-risk users is also provided. Fig. 7 shows a schematic block diagram of an apparatus for determining high-risk users according to an embodiment. As shown in FIG. 7 , the device 700 for determining high-risk users includes: an event acquiring unit 710 configured to acquire event information of a service request event to be evaluated, the event information including the first The user information of a user; the event judging unit 720 is configured to judge whether the service request event is a high-risk event based on at least the abnormal rule set and the user information of the first user; the user determining unit 730 is configured to determine the In the case that the service request event is a high-risk event, based on the crowd relationship map, determine the second user who has a specific relationship with the first user, and add the first user and the second user to the high-risk user list set; a first updating unit 740 configured to update the abnormal rule set based on the high-risk user set. In one embodiment, the exception rule set includes multiple user characteristics, and multiple determination rules set for the multiple user characteristics. Further, in an embodiment, the above-mentioned multiple user features include one or more of the following: user basic attribute features, user behavior features, user relationship features, and user location features. According to one embodiment, the event judging unit 720 is configured to: compare the user information of the first user with the above-mentioned multiple judging rules; when the comparison result meets a predetermined condition, judge the service request event as a high-risk event. Further, in one embodiment, the device 700 further includes a manual review unit (not shown), or is connected to an external manual review unit. In such a case, the event judging unit 720 is further configured to, when judging that the business request event is a high-risk event based on the exception rule set, also send the above business request event to the manual review unit, and from the manual review The unit receives verification results. Specifically, when the event judging unit 720 further receives the first verification result, it determines that the business request event is a high-risk event, wherein the first verification result is that the business request event is verified as a high-risk event manual verification results. On the other hand, when the event judging unit 720 further receives the second verification result, it determines that the business request event is not a high-risk event, wherein the second verification result is that the business request event is verified as a non-high-risk event. Manual verification results for high-risk events. Correspondingly, the apparatus 700 further includes a second updating unit 750 configured to update the exception rule set according to the second verification result. According to one embodiment, the group relationship graph based on the user determining unit 730 is established according to one or more of the following relationships: transaction relationship, equipment relationship, capital relationship, and social relationship. In one embodiment, the user determination unit 730 further includes: a group determination module 731 configured to determine at least one group including the first user from the group relationship graph; a group selection module 732 configured to According to the proportion of high-risk users in each group, select a high-risk group from the at least one group, wherein the proportion of high-risk users in each group is the intersection of the group and the set of high-risk users The ratio of the number M of users in the group to the total number N of users in the group; and a determining module 733 configured to determine users in the high-risk group as the second users. According to an embodiment, the user determining unit 730 is further configured to determine a third user associated with the second user based on the group relationship graph, and add the third user to the high-risk user set. According to an implementation manner, the first updating unit 740 is configured to: update the plurality of user characteristics and/or the plurality of determination rules based on statistics of user characteristics of each user in the high-risk user set. Through the above devices, multiple high-risk users can be identified from a single service request event, greatly improving the identification efficiency. Moreover, the newly identified high-risk users can also be used to update and optimize the abnormal rule set, so that the abnormal rule set can further improve the judgment accuracy in subsequent judgments. According to another embodiment, there is also provided a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed in the computer, the computer is made to execute the method described in conjunction with FIG. 2 . According to yet another aspect of the embodiment, a computing device is also provided, including a memory and a processor, wherein executable codes are stored in the memory, and when the processor executes the executable codes, the implementation described in conjunction with FIG. 2 is implemented. described method. Those skilled in the art should be aware that, in the above one or more examples, the functions described in the present invention may be implemented by hardware, software, firmware or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. The specific implementation manners described above have further described the purpose, technical solutions and beneficial effects of the present invention in detail. It should be understood that the above descriptions are only specific implementation modes of the present invention and are not intended to limit the scope of the present invention. Protection scope, any modification, equivalent replacement, improvement, etc. made on the basis of the technical solution of the present invention shall be included in the protection scope of the present invention.

700‧‧‧用以確定高風險用戶的裝置 710‧‧‧事件獲取單元 720‧‧‧事件判斷單元 730‧‧‧用戶確定單元 731‧‧‧群組確定模組 732‧‧‧群組選擇模組 733‧‧‧確定模組 740‧‧‧第一更新單元 750‧‧‧第二更新單元700‧‧‧Devices used to identify high-risk users 710‧‧‧event acquisition unit 720‧‧‧event judgment unit 730‧‧‧user determination unit 731‧‧‧Group determination module 732‧‧‧Group selection module 733‧‧‧Determine the module 740‧‧‧The first update unit 750‧‧‧Second update unit

為了更清楚地說明本發明實施例的技術方案,下面將對實施例描述中所需要使用的圖式作簡單地介紹,顯而易見地,下面描述中的圖式僅僅是本發明的一些實施例,對於本領域普通技術人員來講,在不付出創造性勞動的前提下,還可以根據這些圖式而獲得其它的圖式。 圖1示出本說明書披露的一個實施例的實施場景示意圖; 圖2示出根據一個實施例的確定高風險用戶的方法流程圖; 圖3示出異常規則集合的一個具體例子; 圖4示出根據一個實施例的人群關係圖譜的例子; 圖5示出根據一個實施例的確定第二用戶的步驟流程; 圖6示出基於人群關係圖譜從第一用戶擴散到第二用戶的具體例子的示意圖; 圖7示出根據一個實施例的用於確定高風險用戶的裝置的示意性方塊圖。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that need to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following descriptions are only some embodiments of the present invention. For Those of ordinary skill in the art can also obtain other drawings based on these drawings without making creative efforts. Figure 1 shows a schematic diagram of an implementation scenario of an embodiment disclosed in this specification; FIG. 2 shows a flowchart of a method for determining high-risk users according to an embodiment; Figure 3 shows a specific example of an exception rule set; Figure 4 shows an example of a crowd relationship graph according to one embodiment; FIG. 5 shows a flow of steps for determining a second user according to an embodiment; FIG. 6 shows a schematic diagram of a specific example of spreading from a first user to a second user based on a crowd relationship graph; Fig. 7 shows a schematic block diagram of an apparatus for determining high-risk users according to an embodiment.

Claims (18)

一種確定高風險用戶的方法,該方法包括:獲取待評估的業務請求事件的相關資訊,該相關資訊包括該業務請求事件所涉及的第一用戶的用戶資訊;至少基於異常規則集合和該第一用戶的用戶資訊,判斷該業務請求事件是否為高風險事件,其中,該異常規則集合包括多個用戶特徵,和針對該多個用戶特徵設定的多個判定規則;在確定該業務請求事件為高風險事件的情況下,將該第一用戶確定為高風險用戶,並且基於人群關係圖譜,確定與該第一用戶存在特定關聯關係的第二用戶,將該第一用戶和該第二用戶添加到高風險用戶集,其中,該人群關係圖譜包括多個節點,每個節點對應一個用戶,存在關聯關係的節點之間彼此連接;以及基於該高風險用戶集中各個用戶的用戶特徵的統計,更新該多個用戶特徵,和/或該多個判定規則。 A method for determining a high-risk user, the method comprising: acquiring relevant information of a service request event to be evaluated, the relevant information including user information of a first user involved in the service request event; at least based on an abnormal rule set and the first The user information of the user determines whether the business request event is a high-risk event, wherein the abnormal rule set includes multiple user characteristics, and multiple judgment rules set for the multiple user characteristics; when the business request event is determined to be a high-risk event In the case of a risk event, determine the first user as a high-risk user, and based on the crowd relationship graph, determine the second user who has a specific relationship with the first user, and add the first user and the second user to the A high-risk user set, wherein the group relationship graph includes a plurality of nodes, each node corresponds to a user, and nodes with associated relationships are connected to each other; and based on the statistics of user characteristics of each user in the high-risk user set, update the A plurality of user characteristics, and/or the plurality of decision rules. 如請求項1所述的方法,其中,該多個用戶特徵包括以下中的一項或多項:用戶基本屬性特徵、用戶行為特徵、用戶關係特徵、用戶位置特徵。 The method according to claim 1, wherein the plurality of user features include one or more of the following: user basic attribute features, user behavior features, user relationship features, and user location features. 如請求項1所述的方法,其中,至少基於異常規則集合和該第一用戶的用戶資訊,判斷該業務請求事件是否為高風險事件包括:將該第一用戶的用戶資訊與該多個判定規則進行比 較;以及當比較結果符合預定條件的情況下,判斷該業務請求事件為高風險事件。 The method according to claim 1, wherein, based at least on the exception rule set and the user information of the first user, judging whether the service request event is a high-risk event includes: combining the user information of the first user with the plurality of judgments rules for comparison and when the comparison result meets the predetermined condition, it is judged that the service request event is a high-risk event. 如請求項3所述的方法,其中,至少基於異常規則集合和該第一用戶的用戶資訊,判斷該業務請求事件是否為高風險事件還包括:當進一步接收到第一核驗結果的情況下,確定該業務請求事件為高風險事件,其中,該第一核驗結果為將該業務請求事件核驗為高風險事件的人工核驗結果。 The method according to claim 3, wherein, at least based on the set of abnormal rules and the user information of the first user, judging whether the service request event is a high-risk event further includes: when further receiving the first verification result, It is determined that the service request event is a high-risk event, wherein the first verification result is a manual verification result of verifying the service request event as a high-risk event. 如請求項3所述的方法,其中,至少基於異常規則集合和該第一用戶的用戶資訊,判斷該業務請求事件是否為高風險事件還包括:當進一步接收到第二核驗結果的情況下,確定該業務請求事件為非高風險事件,其中,該第二核驗結果為將該業務請求事件核驗為非高風險事件的人工核驗結果;該方法還包括,根據該第二核驗結果,更新該異常規則集合。 The method according to claim 3, wherein, based at least on the exception rule set and the user information of the first user, judging whether the service request event is a high-risk event further includes: when the second verification result is further received, Determining that the business request event is a non-high-risk event, wherein the second verification result is a manual verification result of verifying the business request event as a non-high-risk event; the method also includes updating the abnormality according to the second verification result collection of rules. 如請求項1所述的方法,其中,該人群關係圖譜基於以下一種或多種關係而建立:交易關係、設備關係、資金關係、社交關係。 The method according to claim 1, wherein the group relationship graph is established based on one or more of the following relationships: transaction relationship, equipment relationship, capital relationship, and social relationship. 如請求項1或6所述的方法,其中,該基於人群關係圖譜,確定與該第一用戶存在特定關聯關係的第二用戶包括:從人群關係圖譜中確定出包含該第一用戶的至少一個 群組;根據各個群組的高風險用戶比例,從該至少一個群組中選擇出高風險群組,其中,各個群組的高風險用戶比例為,該群組與該高風險用戶集的交集中的用戶數目M與該群組的用戶總數N的比例;以及將該高風險群組中的用戶確定為該第二用戶。 The method according to claim 1 or 6, wherein, based on the crowd relationship graph, determining the second user who has a specific relationship with the first user includes: determining at least one user that includes the first user from the crowd relationship graph Groups; according to the proportion of high-risk users in each group, select a high-risk group from the at least one group, wherein the proportion of high-risk users in each group is, the interaction between the group and the high-risk user set the ratio of the number M of concentrated users to the total number N of users in the group; and determining the users in the high-risk group as the second users. 如請求項1所述的方法,還包括,基於該人群關係圖譜,確定與該第二用戶相關聯的第三用戶,將該第三用戶添加到該高風險用戶集中。 The method according to claim 1, further comprising, based on the group relationship graph, determining a third user associated with the second user, and adding the third user to the high-risk user set. 一種確定高風險用戶的裝置,該裝置包括:事件獲取單元,配置成獲取待評估的業務請求事件的事件資訊,該事件資訊包括該業務請求事件所涉及的第一用戶的用戶資訊;事件判斷單元,配置成至少基於異常規則集合和該第一用戶的用戶資訊,判斷該業務請求事件是否為高風險事件,其中,該異常規則集合包括多個用戶特徵,和針對該多個用戶特徵設定的多個判定規則;用戶確定單元,配置成在確定該業務請求事件為高風險事件的情況下,將該第一用戶確定為高風險用戶,並且基於人群關係圖譜,確定與該第一用戶存在特定關聯關係的第二用戶,將該第一用戶和該第二用戶添加到高風險用戶集,其中,該人群關係圖譜包括多個節點,每個節點對應一個用戶,存在關聯關係的節點之間彼此連接;以及 第一更新單元,配置成基於該高風險用戶集中各個用戶的用戶特徵的統計,更新該多個用戶特徵,和/或該多個判定規則。 A device for determining a high-risk user, the device comprising: an event acquiring unit configured to acquire event information of a service request event to be evaluated, the event information including user information of a first user involved in the service request event; an event judging unit , configured to determine whether the service request event is a high-risk event based at least on the basis of an abnormal rule set and the user information of the first user, wherein the abnormal rule set includes a plurality of user characteristics, and multiple user characteristics set for the plurality of user characteristics a determination rule; the user determination unit is configured to determine the first user as a high-risk user when the service request event is determined to be a high-risk event, and determine that there is a specific association with the first user based on the crowd relationship graph The second user of the relationship, the first user and the second user are added to the high-risk user set, wherein the group relationship graph includes a plurality of nodes, each node corresponds to a user, and the nodes in the relationship are connected to each other ;as well as The first updating unit is configured to update the plurality of user characteristics and/or the plurality of determination rules based on statistics of user characteristics of each user in the high-risk user set. 如請求項9所述的裝置,其中,該多個用戶特徵包括以下中的一項或多項:用戶基本屬性特徵、用戶行為特徵、用戶關係特徵、用戶位置特徵。 The device according to claim 9, wherein the plurality of user features include one or more of the following: user basic attribute features, user behavior features, user relationship features, and user location features. 如請求項9所述的裝置,其中,該事件判斷單元配置成:將該第一用戶的用戶資訊與該多個判定規則進行比較;以及當比較結果符合預定條件的情況下,判斷該業務請求事件為高風險事件。 The device as described in claim 9, wherein the event judging unit is configured to: compare the user information of the first user with the plurality of judging rules; and when the comparison result meets a predetermined condition, judge the service request The event is a high risk event. 如請求項11所述的裝置,其中,該事件判斷單元還配置成:當進一步接收到第一核驗結果的情況下,確定該業務請求事件為高風險事件,其中,該第一核驗結果為將該業務請求事件核驗為高風險事件的人工核驗結果。 The device according to claim 11, wherein the event judging unit is further configured to: when further receiving the first verification result, determine that the service request event is a high-risk event, wherein the first verification result is the The business request event is verified as a manual verification result of a high-risk event. 如請求項11所述的裝置,其中,該事件判斷單元還配置成:當進一步接收到第二核驗結果的情況下,確定該業務請求事件為非高風險事件,其中,該第二核驗結果為將該業務請求事件核驗為非高風險事件的人工核驗結果;該裝置還包括第二更新單元,配置成根據該第二核驗結果,更新該異常規則集合。 The device according to claim 11, wherein the event judging unit is further configured to: when further receiving a second verification result, determine that the service request event is a non-high-risk event, wherein the second verification result is A manual verification result of verifying that the service request event is not a high-risk event; the device further includes a second updating unit configured to update the exception rule set according to the second verification result. 如請求項9所述的裝置,其中,該人群關係圖譜基於以下一種或多種關係而建立:交易關係、設備關係、資金關係、社交關係。 The device according to claim 9, wherein the group relationship graph is established based on one or more of the following relationships: transaction relationship, equipment relationship, capital relationship, and social relationship. 如請求項9或14所述的裝置,其中,該用戶確定單元包括:群組確定模組,配置成從人群關係圖譜中確定出包含該第一用戶的至少一個群組;群組選擇模組,配置成根據各個群組的高風險用戶比例,從該至少一個群組中選擇出高風險群組,其中,各個群組的高風險用戶比例為,該群組與該高風險用戶集的交集中的用戶數目M與該群組的用戶總數N的比例;以及確定模組,配置成將該高風險群組中的用戶確定為該第二用戶。 The device according to claim 9 or 14, wherein the user determination unit includes: a group determination module configured to determine at least one group containing the first user from the crowd relationship graph; a group selection module , configured to select a high-risk group from the at least one group according to the high-risk user ratio of each group, wherein the high-risk user ratio of each group is, the intersection of the group and the high-risk user set The ratio of the number M of concentrated users to the total number N of users in the group; and a determination module configured to determine the users in the high-risk group as the second users. 如請求項9所述的裝置,該用戶確定單元還配置成,基於該人群關係圖譜,確定與該第二用戶相關聯的第三用戶,將該第三用戶添加到該高風險用戶集中。 In the device according to claim 9, the user determining unit is further configured to determine a third user associated with the second user based on the group relationship graph, and add the third user to the high-risk user set. 一種電腦可讀儲存媒體,其上儲存有電腦程式,當該電腦程式在電腦中執行時,令電腦執行如請求項1至8中任一項所述的方法。 A computer-readable storage medium, on which a computer program is stored, and when the computer program is executed in the computer, the computer is made to perform the method described in any one of claims 1-8. 一種計算設備,包括記憶體和處理器,其特徵在於,該記憶體中儲存有可執行碼,該處理器執行該可執行碼時,實現如請求項1至8中任一項所述的方法。 A computing device, comprising a memory and a processor, characterized in that executable code is stored in the memory, and when the processor executes the executable code, the method as described in any one of claims 1 to 8 is implemented .
TW108104910A 2018-04-12 2019-02-14 Method and apparatus, computer readable storage medium, and computing device for identifying high-risk users TWI804575B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN201810327338.6A CN108805391A (en) 2018-04-12 2018-04-12 Determine the method and device of high risk user
CN201810327338.6 2018-04-12
??201810327338.6 2018-04-12

Publications (2)

Publication Number Publication Date
TW201944306A TW201944306A (en) 2019-11-16
TWI804575B true TWI804575B (en) 2023-06-11

Family

ID=64095609

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108104910A TWI804575B (en) 2018-04-12 2019-02-14 Method and apparatus, computer readable storage medium, and computing device for identifying high-risk users

Country Status (3)

Country Link
CN (1) CN108805391A (en)
TW (1) TWI804575B (en)
WO (1) WO2019196549A1 (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108805391A (en) * 2018-04-12 2018-11-13 阿里巴巴集团控股有限公司 Determine the method and device of high risk user
CN109816397B (en) * 2018-12-03 2021-05-25 北京奇艺世纪科技有限公司 Fraud discrimination method, device and storage medium
CN110069923A (en) * 2019-03-13 2019-07-30 咪咕文化科技有限公司 A kind of method and relevant apparatus identifying risk subscribers
CN111028083B (en) * 2019-12-11 2024-05-17 北京知道创宇信息技术股份有限公司 Block chain wallet address evaluation method, device, system and storage medium
CN111127026A (en) * 2019-12-13 2020-05-08 深圳中兴飞贷金融科技有限公司 Method, device, storage medium and electronic equipment for determining user fraud behavior
CN112231720B (en) * 2020-09-18 2022-11-22 苏州浪潮智能科技有限公司 Positioning method for forced access control rule hiding formulator
CN112333085B (en) * 2020-10-30 2023-02-03 维沃移动通信有限公司 Social method and electronic device
CN113011887B (en) * 2021-03-10 2023-11-24 腾讯科技(深圳)有限公司 Data processing method, device, computer equipment and storage medium
CN113222736A (en) * 2021-05-24 2021-08-06 北京城市网邻信息技术有限公司 Abnormal user detection method and device, electronic equipment and storage medium
CN113393244B (en) * 2021-05-25 2024-06-18 中国银联股份有限公司 Abnormal account identification method, device, equipment and medium
CN113538051A (en) * 2021-07-16 2021-10-22 广州电力交易中心有限责任公司 Electric power transaction platform safety early warning method based on user behaviors
CN117808597A (en) * 2024-02-26 2024-04-02 支付宝(杭州)信息技术有限公司 Method and device for generating risk rule

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101930585A (en) * 2010-09-01 2010-12-29 中国建设银行股份有限公司 Credit business risk monitoring system and method thereof
TWI521451B (en) * 2009-07-29 2016-02-11 Danal Taiwan Co Ltd To assess the risk of online consumption of trading control methods, systems and online transactions to pay methods
US20160042355A1 (en) * 2014-08-06 2016-02-11 Alibaba Group Holding Limited Method and Apparatus of Identifying a Transaction Risk
CN106355405A (en) * 2015-07-14 2017-01-25 阿里巴巴集团控股有限公司 Method and device for identifying risks and system for preventing and controlling same
CN107153847A (en) * 2017-05-31 2017-09-12 北京知道创宇信息技术有限公司 Predict method and computing device of the user with the presence or absence of malicious act

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101470887A (en) * 2007-12-24 2009-07-01 阿里巴巴集团控股有限公司 Credit early-warning system and method
CN101388104A (en) * 2008-10-15 2009-03-18 中国工商银行股份有限公司 System and method for evaluating financing risk based on relationship between customers
CN105404947A (en) * 2014-09-02 2016-03-16 阿里巴巴集团控股有限公司 User quality detection method and device
CN107292424B (en) * 2017-06-01 2020-01-21 四川新网银行股份有限公司 Anti-fraud and credit risk prediction method based on complex social network
CN108805391A (en) * 2018-04-12 2018-11-13 阿里巴巴集团控股有限公司 Determine the method and device of high risk user

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI521451B (en) * 2009-07-29 2016-02-11 Danal Taiwan Co Ltd To assess the risk of online consumption of trading control methods, systems and online transactions to pay methods
CN101930585A (en) * 2010-09-01 2010-12-29 中国建设银行股份有限公司 Credit business risk monitoring system and method thereof
US20160042355A1 (en) * 2014-08-06 2016-02-11 Alibaba Group Holding Limited Method and Apparatus of Identifying a Transaction Risk
CN106355405A (en) * 2015-07-14 2017-01-25 阿里巴巴集团控股有限公司 Method and device for identifying risks and system for preventing and controlling same
CN107153847A (en) * 2017-05-31 2017-09-12 北京知道创宇信息技术有限公司 Predict method and computing device of the user with the presence or absence of malicious act

Also Published As

Publication number Publication date
WO2019196549A1 (en) 2019-10-17
TW201944306A (en) 2019-11-16
CN108805391A (en) 2018-11-13

Similar Documents

Publication Publication Date Title
TWI804575B (en) Method and apparatus, computer readable storage medium, and computing device for identifying high-risk users
US20240045989A1 (en) Systems and methods for secure data aggregation and computation
US12003393B2 (en) Parallel computational framework and application server for determining path connectivity
US11138300B2 (en) Multi-factor profile and security fingerprint analysis
WO2020211491A1 (en) Block chain-based project auditing system and method, computing device and storage medium
US11144928B2 (en) Authentication and fraud prevention in provisioning a mobile wallet
US11062294B2 (en) Cognitive blockchain for customized interchange determination
JP2020522832A (en) System and method for issuing a loan to a consumer determined to be creditworthy
US20160071108A1 (en) Enhanced automated anti-fraud and anti-money-laundering payment system
US20120296804A1 (en) System and Methods for Producing a Credit Feedback Loop
WO2021155053A1 (en) Systems and methods for identifying synthetic identities
CN110442712B (en) Risk determination method, risk determination device, server and text examination system
WO2022134466A1 (en) Data processing method and related device
WO2021201918A1 (en) Distributed and blockchain-based ledgers for data cloud services
WO2021254027A1 (en) Method and apparatus for identifying suspicious community, and storage medium and computer device
CN111367965B (en) Target object determining method, device, electronic equipment and storage medium
WO2020177450A1 (en) Information merging method, transaction query method and apparatus, computer and storage medium
CN110851485B (en) Social relation mining method and device, computer equipment and readable medium
CN111784516A (en) Method and device for determining service path and electronic equipment
WO2022257731A1 (en) Method, device and system for performing algorithm negotiation on privacy computation
CN111275391A (en) Online asset intelligent distribution system and method
CN114240060A (en) Risk control method, risk processing system, risk processing device, server, and storage medium
WO2014043360A1 (en) Multi-factor profile and security fingerprint analysis
US20230012460A1 (en) Fraud Detection and Prevention System
US20210357942A1 (en) Method and apparatus for identifying risky vertices