WO2011050813A1 - Computer system for determining fraud in e-commerce - Google Patents

Computer system for determining fraud in e-commerce Download PDF

Info

Publication number
WO2011050813A1
WO2011050813A1 PCT/DK2010/050290 DK2010050290W WO2011050813A1 WO 2011050813 A1 WO2011050813 A1 WO 2011050813A1 DK 2010050290 W DK2010050290 W DK 2010050290W WO 2011050813 A1 WO2011050813 A1 WO 2011050813A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
computer system
transaction
data field
fraud
Prior art date
Application number
PCT/DK2010/050290
Other languages
French (fr)
Inventor
Poul Thyregod
Original Assignee
Idtack A/S
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Idtack A/S filed Critical Idtack A/S
Publication of WO2011050813A1 publication Critical patent/WO2011050813A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions

Definitions

  • the present invention relates to a computer system and a method for determining fraud in commercial transactions which computer system is connected via e.g. the internet to a number of shops, which computer system comprising means for nonreversible conversion of said transaction data, said computer system comprises connection means to at least one database, said computer system comprises data analysing means, and said analysing means generates an output dependent of risk of fraud.
  • Fraud in E-commerce is an increasing problem world-wide.
  • Some countries like in the USA e.g., web-shops and other businesses dealing with online transactions, share transaction information in large databases. These databases are often used as look-up tables in fraud-detecting schemes.
  • a Neural Network is used in detection of possible fraud in transactions.
  • the model is built based on past transaction data, residing for instance in a shared database.
  • the Neural Network computes a possibility of the transaction being fraudulent. The result can be used to flag ac- counts, warn retailers, or even cancel the transaction.
  • the model uses a database of past transactions and compares these transactions directly to the transaction currently being processed.
  • the model uses weighted Event Scoring Parameters to determine whether the transaction is fraudulent.
  • the Event Scoring Parameters can include number of time card which has been used within a certain time limit, number of purchases over a certain amount, geographic information etc. Each event will have a corresponding weight determining the importance of tlie event. Based on the events, the model will output an analysis of whetlier tlie transaction is deemed fraudulent or not.
  • WO 2004/044640 concerns a system and method for storing and accessing secure data where non-secure data needs to be exchanged between entities without exposing un- derlying or related secure data which is already known to those entities and which must also be communicated to identify or otherwise contextualize the non-secure data.
  • a Hashing Facility is provided that uses a Hash Function to create a unique Hash Value from a secure data value. The Hash Value may then be communicated along with the related non-secure data.
  • tl e shop generates at least a first and a second data field, which data field comprises data that has to be non-re ver si bly converted because information is related to personal data, which data field comprises data related to the purchased product and data which is not to be non-reversibly converted, which shop performs a transmission of the personal data field and the non-personal data field over transmission lines into the computer system which computer system performs a conversion of the personal data field into non-re versibly converted data field by a non-reversible data conversion, which converted data field and the non-personal data field are sent to the analysing system where the data are compared with existing data placed in a database for performing a status check, after performing the status check the result of that status check is transmitted over the line into the computer system and further by the line into the shop computer into a data field.
  • transaction data can be converted and stored on one or more databases that multiple transaction servers have access to, without compromising user privacy.
  • the non-reversible conversion can be implemented in different ways.
  • a well-linown and well-documented method for conversion of data is the cryptographic hash functions.
  • a cryptographic hash function is an algoritlim that converts a block of data of arbitrary size into a fixed-size bit string, the hash value.
  • Many different cryptographic hash functions exist, some more secure than others.
  • the MD5 hash function was developed in 1992 as a successor to MD4, and has for many years been used in security applications, like storing passwords in Unix systems. In recent years breakthroughs in the analysis of the MD5 algorithm has made it less secure, and it is no longer considered to be safe enough for high security applications.
  • the hash function commonly known as SHA-1 was developed to replace older functions like MD5.
  • the SHA-1 algoritlim is implemented in a wide array of applications, such as digital signatures, secure transport protocols like SSH/SSL/TSL.
  • the successor to SHA-1 the SHA-2 family has already been developed, and is slowly being integrated into security products.
  • Hash values cannot be reverse engineered into their original form. And as such any of the mentioned algorithms is usable for protecting the privacy of the user data in commercial transactions. It is, however, still useful to use cryptographic hash functions with high security in a fraud determining system. If the security is low, there is a small risk that different data will result in the same hash value. And if that is the case, a perpetrator could construct transaction data that in encoded form would look legitimate to the system, and thus fraud the defraud system!
  • the transaction data can comprise several lines of information, often connected to an identifier.
  • Common identifiers include; date, name, shipping address, credit card num- ber, billing address, phone number, e-mail, age, birthday, cash amount used, etc.
  • Conversion of data can preferably be done on each line of data associated with an identifier.
  • a converted block of transaction data includes a number of identifiers, with each identifier having an associated hash value. For a few identifiers like for instance the date and cash amount spent, encoding the value will sometimes make it useless. Therefore, the system can have options not to encode certain identifiers as long as user privacy is still upheld.
  • Blocks of transaction data with different amount and types of identifiers can still be shared in the same databases.
  • the transaction data analysing means can be implemented in many ways. Some business types are more susceptible to fraud attempts than others and may require an advanced model, while some businesses only require simple models. The model can therefore range from an advanced non-reversible cryptographic data conversion to a simple algorithm checking whether the credit card has been used at more than one address or whether multiple transactions with a high cash amount has occurred recently.
  • the analysing means will output whether or not the current transaction is deemed fraudulent or legitimate.
  • the analyzing means will have more than two possible outputs. In cases where ile current transaction is suspicious, but not enough to judge it fraudulent, the analysing means can issue a warning to the system administrator, it will then be up to the administrator to judge if the transaction is ok or not, or if a third action like calling the user is necessary.
  • the analyzing means can, in addition to the converted transaction data in the databases, use local non-converted transaction data. For instance, if a loyal costumer is flagged as a potential fraudster by use of the converted data in the database due to many purchases within a small amount of time, the analysing means can overrule the warning because the local database shows that the costumer is trustworthy and the transaction data is equal to past transactions by the same user.
  • the computer system according to the invention is peculiar in, that the analysing output is chosen amongst: fraud probability, fraud probability including cause, similarities with existing data, and dissimilarities with existing data. It is herewith achieved that analysing means can be optimised for different fraud detection schemes.
  • the analysing means can be implemented as a search algorithm finding similarities or dissimilarities between the current transaction data, and the past transaction data in the database(s).
  • the output can be one or more of the following (but is not limi ted hereto); number of times card has been used, number of address changes, number of transactions over a certain threshold, number of e-mail changes, number of different cards used as same address, number of purchases at high-risk stores (for instance jewellery and electronic stores), all of the previous within a speci- fied time -frame.
  • the computer system according to the invention is peculiar in that the transaction server comprising means for rejecting, accepting or postponing a commercial transaction based on the output of the analysing means.
  • the computer system performs a safety rating of the output of the analysing means and places a transaction in at least the following groups:
  • the system generates and transmits a safety warning, - High risk, a sprinter deals at many different E-shops in a short time period, high risk for fraud, the system generates and transmit safety warning,
  • the current transaction is accepted, rejected or postponed based on the output of the analysing means.
  • the decision can either be automatic or manual. In a manual setting, an administrator of the transaction server must individually go through the outputs of the analyser and make a decision on whether the transaction is ok or fraudulent. Manual decision may be advantageous in a setting where only a few transactions occur daily.
  • a decision based on non-probability is slightly different.
  • a set of rules needs to be developed based on the types of output chosen from the analyser. Different set of rules may need to be implemented for different type of stores, or different geographic loca- tions.
  • An example of a rule could be that if the address has been changed at least once within the past 12 hours and more than 5 credit card transactions have occurred within the same time frame, the transaction is rejected.
  • a different rule could be to reject any card that has had more than 3 high value purchases within the past 3 hours.
  • rules that put the current transaction on hold can be implemented similar to when probability based decisions are made.
  • a different decision process can be a score based decision.
  • a score based decision is similar to a probability based decision; since the score reflects likely it is a certain event that indicates fraud.
  • Each output (number of times card has been used, number of address changes, etc.) is assigned a weighted score, and the scores are accumulated to create the total score. The decision is then based on the total score just like with the probability.
  • the scores are weighted because some things like a change in address may have a higher importance in a decision process than for instance the number of times the card has been used.
  • the computer system according to the invention is peculiar in that the transaction server comprises means of sending a message to at least one of the parties involved in the commercial transaction.
  • the computer system according to the invention is peculiar in, that the non-reversible conversion is a hash encoding algorithm. It is herewith achieved that the non-reversible conversion can easily be implemented using well-known and well-documented techniques and software applications.
  • the metliod concerns the following activities, receive a first personal data field from a shop, and receive a second non-personal data field, the method perform a conversion of the personal data field into non-reversibly converted data field by a non-reversible data conversion, further the method transmit converted data field and the non-personal data field to an analysing system, which analysing system compared the converted data field and the non-personal data field with existing data in a database, where the analysing system perform a status check in the database, where the analysing system transmit the result of that status check over the line into the computer system and further by the line into the web-shop computer into a data field.
  • the method is peculiar in that the transaction data is received in a system, by which method the data is converted by a non-reversible algoritlim, where the converted data is stored in at least one database, by which metliod the database (s) is searched for similar converted transaction data in the database(s), where an analysis of similar converted transaction data is performed, where the method accept or reject the transaction.
  • the method is peculiar in that upon a rejected transaction the similar converted transaction data will be marked with a reason why the data has been used in rejecting a transaction.
  • the markings also serve as a way to increase system performance.
  • Figure 1 shows a system comprising a computer system
  • Figure 2 shows a flow chart indicating the process that takes place in the computer system.
  • Figure 1 shows a system 2 comprising a computer system 4 and 6.
  • the computer system 4 is connected via e.g. the internet to a number of web-shops 8, 10 and 12. But the number is not to be limited to the number indicated as the number could be extremely high.
  • the web-shop 8 delivers two data fields 20 and 22.
  • the data fields 20 and 22 contain data related to a new transaction.
  • the data segment 20 comprises data that has to be non-re versibly converted because information is related to a person where the data field 22 comprises data related to the purchased product and data which is not to be non-reversibly converted.
  • the contents of die data segment 20 and 22 are transmit- ted over transmission lines 24 and 26 into the computer system 4.
  • the non-reversibly converted data 20 are sent in to a receiving section of the computer system 28 and the non-converted data are sent into a data segment 30 in the computer system.
  • the personal data in the field 28 are immediately converted to be non-reversibly converted data 32 by a non-reversible data conversion.
  • Both sets of data 30 and 32 are sent to the analysing system 6 where the data are compared with existing data placed in a database 40 for performing a status check.
  • the result of that status check is transmitted over the line 42 into the computer system 4 indicated by 44 and further by the line 46 into the web-shop computer 8 into the field 48. In that way it should be possible for a web-shop in a few seconds to get a reply into the field 48 indicating if there is any security risk by continuing the transaction.
  • the data field 20 contains e.g. the following data: company, if company exists, mail, family name, address, house number, postal code, city, telephone number and email address. At least these data have to be non-reversibly converted. It is not allowed to store these data in a way in which the personal data can be generated later.
  • the data field 22 comprises ordinary data such as order number, delivering country, the total cost of the purchase, products related to the purchase and the price, information related to the goods, e.g. pin code, IP number, ordering country, time for the transaction and the method of payment.
  • the data field 22 can comprise data from the web-shop, e.g. name on the web-shop and data related to an electronic payment system.
  • Figure 2 shows a flow chart 102 indicating the process that takes place in the computer system 4 and 6 shown at figure 1.
  • Figure 2 shows by 108 data received from a web- shop. Two sets of data are transmitted 124 and 126. The data transmitted by the line 124 is the personal data that are to be non-reversibly converted. In the line 126 is transmitted the public data. These two sets of data are by the line 124 placed in the computer system 128 and the public data in the line 126 is transmitted into the block 130. In the block, 128 is performed a non-reversal data conversion which could be a hash transformation. The converted data is by line 134 transmitted into block 140 and the non-converted data are from the block 130 transmitted by line 136 into the block 140.
  • the data are stored in a database.
  • the combined data 154 is sent to the block 156 where a first data corporation is performed.
  • the block 156 is performed fast check of existence of data related to the same customer or order. If no then by line 158, the status 160 which contains status word no match is transmitted to the web-shop, e.g. into the data field 48 at figure 1. If yes in the block 156, then line 162 leads to the next check block 164 which checks if the data exists on a positive list. If yes by line 166 into the line 168 is sent a go which is transmitted to the web-shop. If no in the block 164, line 170 leads to the next decision block 172 which checks if mis- leading data exists.
  • line 174 leads into block 176 which contains the status risfy which from line 176 is transmitted to the web-shop. If no in the block 172 line 178, leads to a block 182 which checks if the transaction is a sprinter. If the block 180 indicates it is a sprinter, then line 182 lead to the block 184 defining that the transaction has a high risk which is then sent as information to the web-shop. If no in the block 180, then line 186 leads to block 188 which defines 100 percent possibility for fraud and the yes is transmitted over line 1 0 to the line 192 giving the status blacklisted. This piece of information is also sent to the web-shop e.g. placed in the field 48 shown in the figure 1.
  • the computer system 102 as seen at figure 2 performs different outputs by analysing a new order. But also other outputs are possible. It is possible by means of a web-service to indicate if a customer has changed his status. It is also possible to deliver a graphic representation concerning status on the web-shop orders which have been received.
  • the system can generate an output in the form of an email or push XML over HTTP or FTP to client server. And in situations where there is a high risk of fraud, the computer system can generate a text message (SMS).
  • SMS text message
  • the computer system 102 can generate statistics over running transactions. Furthermore, the system can send data to banks and credit card administrators indicating a statistics over indicated fraud. It is also possible to show to the banks or credit card administrators fast growing order tree.
  • An order tree is a link of orders of incoming data as well as non-converted data and the data that has been non-reversibly converted.
  • This invention further concerns a computer system for determining fraud in commer- cial transactions
  • a transaction server receiving and analysing transaction data
  • said transaction server comprising means for non-reversible conversion of said transaction data
  • said server comprising connection means to at least one database
  • said server comprising data analysing means, and said analysing means generates an output.
  • Method for preventing fraud in commercial transactions where the transaction data is received in a computer system, whereby the data is converted by a non-reversible algorithm, whereby the converted data is stored in at least one database, and whereby the database(s) that an analysis of similar converted transaction data in the database(s). where an analysis of similar converted transaction data is performed, and that the method accepts or rejects the transaction.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention relates to a computer system and a method for determining fraud in commercial transactions comprising by letting a transaction server receive and analysing transaction data. It is the object of the invention to provide a system for determining fraudulent activity in commercial transactions mat does not compromise the privacy of the parties involved in said transactions. According to the present invention, this is achieved by a computer system for determining fraud in commercial transactions comprising, a transaction server receiving transaction data, said transaction server comprising means for non-reversible conversion of said transaction data, said server comprising connection means to at least one database, said server comprising data analysing means, and said analysing means generates an output. It is herewith achieved that transaction data can be converted and stored on one or more databases that multiple transaction servers has access to, without compromising user privacy. The non-reversible conversion can be implemented in different ways. A well-known and well-documented method for conversion of data is the cryptographic hash functions. A cryptographic hash function is an algorithm that that converts a block of data of arbitrary size into a fixed-size bit string, the hash value.

Description

Computer system for determining fraud in E-commerce
Field of the Invention
The present invention relates to a computer system and a method for determining fraud in commercial transactions which computer system is connected via e.g. the internet to a number of shops, which computer system comprising means for nonreversible conversion of said transaction data, said computer system comprises connection means to at least one database, said computer system comprises data analysing means, and said analysing means generates an output dependent of risk of fraud.
Background of the Invention
Fraud in E-commerce is an increasing problem world-wide. In some countries, like in the USA e.g., web-shops and other businesses dealing with online transactions, share transaction information in large databases. These databases are often used as look-up tables in fraud-detecting schemes.
In the European Union, the directives 95/46/EC and 2002/58/EC concerning protection of privacy in electronic communications eliminating the possibility of using databases like in the USA, since it is forbidden to share infonnation about customers.
In US patent 5,819,226, a Neural Network is used in detection of possible fraud in transactions. The model is built based on past transaction data, residing for instance in a shared database. Upon receiving new transaction data, the Neural Network computes a possibility of the transaction being fraudulent. The result can be used to flag ac- counts, warn retailers, or even cancel the transaction.
In US patent 6,094,643, a different method for detecting fraudulent transactions is proposed. The model uses a database of past transactions and compares these transactions directly to the transaction currently being processed. The model uses weighted Event Scoring Parameters to determine whether the transaction is fraudulent. The Event Scoring Parameters can include number of time card which has been used within a certain time limit, number of purchases over a certain amount, geographic information etc. Each event will have a corresponding weight determining the importance of tlie event. Based on the events, the model will output an analysis of whetlier tlie transaction is deemed fraudulent or not.
In US patent 2002/0122554 Al a one-way cryptographic hash encoding algorithm is presented. The algorithm is an improvement over tl e commonly known hash encoding SHA-1, used in digital signatures, SSH/SSL/TSL. The algorithms proposed in the patent are commonly known as the SHA-2 family, or SHA-224, SHA-256, SHA-384, and SHA-512, and has been released on a royalty free license by the National Security Agency of the United States.
WO 2004/044640 concerns a system and method for storing and accessing secure data where non-secure data needs to be exchanged between entities without exposing un- derlying or related secure data which is already known to those entities and which must also be communicated to identify or otherwise contextualize the non-secure data. A Hashing Facility is provided that uses a Hash Function to create a unique Hash Value from a secure data value. The Hash Value may then be communicated along with the related non-secure data.
Object of the Invention
It is tl e object of tlie invention to provide a system for determining fraudulent activity in commercial transactions that do not compromise the privacy of tlie parties involved in said transactions.
Description of the Invention
According to the present invention, this is achieved by a computer system where tl e shop generates at least a first and a second data field, which data field comprises data that has to be non-re ver si bly converted because information is related to personal data, which data field comprises data related to the purchased product and data which is not to be non-reversibly converted, which shop performs a transmission of the personal data field and the non-personal data field over transmission lines into the computer system which computer system performs a conversion of the personal data field into non-re versibly converted data field by a non-reversible data conversion, which converted data field and the non-personal data field are sent to the analysing system where the data are compared with existing data placed in a database for performing a status check, after performing the status check the result of that status check is transmitted over the line into the computer system and further by the line into the shop computer into a data field.
It is herewith achieved that transaction data can be converted and stored on one or more databases that multiple transaction servers have access to, without compromising user privacy. The non-reversible conversion can be implemented in different ways. A well-linown and well-documented method for conversion of data is the cryptographic hash functions. A cryptographic hash function is an algoritlim that converts a block of data of arbitrary size into a fixed-size bit string, the hash value. Many different cryptographic hash functions exist, some more secure than others. The MD5 hash function was developed in 1992 as a successor to MD4, and has for many years been used in security applications, like storing passwords in Unix systems. In recent years breakthroughs in the analysis of the MD5 algorithm has made it less secure, and it is no longer considered to be safe enough for high security applications.
The hash function commonly known as SHA-1 was developed to replace older functions like MD5. The SHA-1 algoritlim is implemented in a wide array of applications, such as digital signatures, secure transport protocols like SSH/SSL/TSL. The successor to SHA-1 the SHA-2 family has already been developed, and is slowly being integrated into security products. Hash values cannot be reverse engineered into their original form. And as such any of the mentioned algorithms is usable for protecting the privacy of the user data in commercial transactions. It is, however, still useful to use cryptographic hash functions with high security in a fraud determining system. If the security is low, there is a small risk that different data will result in the same hash value. And if that is the case, a perpetrator could construct transaction data that in encoded form would look legitimate to the system, and thus fraud the defraud system!
Furthermore, using a high security hash encoding algorithm ensures that false posi- tives are kept to a minimum, since there is a very low chance that a legitimate transaction is converted into a hash value associated with possible fraud.
All systems handling commercial transactions involving network transfers already include the means to perform cryptographic hash encoding like MD5 and SHA-1. Thus choosing a secure hash function like SHA-1 will not impede with system performance. Therefore, it is preferred that the present invention uses at least SHA-1 as the means for non-reversib!e conversion of transaction data.
The transaction data can comprise several lines of information, often connected to an identifier. Common identifiers include; date, name, shipping address, credit card num- ber, billing address, phone number, e-mail, age, birthday, cash amount used, etc. Conversion of data can preferably be done on each line of data associated with an identifier. Thus a converted block of transaction data includes a number of identifiers, with each identifier having an associated hash value. For a few identifiers like for instance the date and cash amount spent, encoding the value will sometimes make it useless. Therefore, the system can have options not to encode certain identifiers as long as user privacy is still upheld.
Blocks of transaction data with different amount and types of identifiers can still be shared in the same databases.
When the transaction data has been converted, it can be stored in databases without compromising user-data privacy. The databases can be shared by many online retailers, thus increasing overall system performance, by accumulating more data. Some retailers already have internal databases with past user transaction data. These data can of course be converted and stored in said shared databases. The transaction data analysing means can be implemented in many ways. Some business types are more susceptible to fraud attempts than others and may require an advanced model, while some businesses only require simple models. The model can therefore range from an advanced non-reversible cryptographic data conversion to a simple algorithm checking whether the credit card has been used at more than one address or whether multiple transactions with a high cash amount has occurred recently.
Regardless of the analysing complexity, the analysing means will output whether or not the current transaction is deemed fraudulent or legitimate.
In an advanced form, the analyzing means will have more than two possible outputs. In cases where ile current transaction is suspicious, but not enough to judge it fraudulent, the analysing means can issue a warning to the system administrator, it will then be up to the administrator to judge if the transaction is ok or not, or if a third action like calling the user is necessary.
The analyzing means can, in addition to the converted transaction data in the databases, use local non-converted transaction data. For instance, if a loyal costumer is flagged as a potential fraudster by use of the converted data in the database due to many purchases within a small amount of time, the analysing means can overrule the warning because the local database shows that the costumer is trustworthy and the transaction data is equal to past transactions by the same user.
According to a further embodiment, the computer system according to the invention is peculiar in, that the analysing output is chosen amongst: fraud probability, fraud probability including cause, similarities with existing data, and dissimilarities with existing data. It is herewith achieved that analysing means can be optimised for different fraud detection schemes.
Depending on the implementation of the analysing means, different types of output is either required or best suited.
Some types of analysing implementations are ill-suited for a probability output. The analysing means can be implemented as a search algorithm finding similarities or dissimilarities between the current transaction data, and the past transaction data in the database(s). In such an implementation, the output can be one or more of the following (but is not limi ted hereto); number of times card has been used, number of address changes, number of transactions over a certain threshold, number of e-mail changes, number of different cards used as same address, number of purchases at high-risk stores (for instance jewellery and electronic stores), all of the previous within a speci- fied time -frame.
According to a further embodiment, the computer system according to the invention is peculiar in that the transaction server comprising means for rejecting, accepting or postponing a commercial transaction based on the output of the analysing means.
It is herewith achieved that the system can stop detected fraudulent transactions.
The computer system performs a safety rating of the output of the analysing means and places a transaction in at least the following groups:
- Blacklisted, 100% probability for fraud, the system generates and transmits a safety warning, - High risk, a sprinter deals at many different E-shops in a short time period, high risk for fraud, the system generates and transmit safety warning,
- Risky, misleading data, high risk for fraud, - Go, the customer has performed transaction before without any problem,
- No match, no match in the database, probably a new customer.
Hereby it can be achieved that fraud by e.g. stolen or false credit cards can be stopped after a few transactions. If the knowledge of fraud will be stopped after a few transactions, criminal persons will stop the fraud because of less benefit and maybe a higher risk that the transaction is brought to the light fast after a false transaction.
Based on the output of the analysing means, the current transaction is accepted, rejected or postponed based on the output of the analysing means. The decision can either be automatic or manual. In a manual setting, an administrator of the transaction server must individually go through the outputs of the analyser and make a decision on whether the transaction is ok or fraudulent. Manual decision may be advantageous in a setting where only a few transactions occur daily.
If several transactions occur, manual decision is not suited, and an automated process is necessary. The decision process is of course different for different types of analysing outputs. If the only output is a probability, the decision is easily implemented as a threshold. Probabilities under a certain threshold are accepted as non-fraudulent, and probabilities over the threshold are accepted as fraudulent, and thus rejected. Alternatively, the thresholds may differ and the probabilities between these thresholds results in the transaction being put on hold. On hold transactions must be rejected or accepted by an administrator as in the manual setting.
A decision based on non-probability is slightly different. A set of rules needs to be developed based on the types of output chosen from the analyser. Different set of rules may need to be implemented for different type of stores, or different geographic loca- tions. An example of a rule could be that if the address has been changed at least once within the past 12 hours and more than 5 credit card transactions have occurred within the same time frame, the transaction is rejected. A different rule could be to reject any card that has had more than 3 high value purchases within the past 3 hours.
These two rules could both be implemented as a rule set in the decision process. Additionally, rules that put the current transaction on hold can be implemented similar to when probability based decisions are made.
A different decision process can be a score based decision. A score based decision is similar to a probability based decision; since the score reflects likely it is a certain event that indicates fraud. Each output (number of times card has been used, number of address changes, etc.) is assigned a weighted score, and the scores are accumulated to create the total score. The decision is then based on the total score just like with the probability.
The scores are weighted because some things like a change in address may have a higher importance in a decision process than for instance the number of times the card has been used.
According to a further embodiment, the computer system according to the invention is peculiar in that the transaction server comprises means of sending a message to at least one of the parties involved in the commercial transaction.
It is herewith achieved that the user can be informed that the transaction has been declined or put on hold, and that the administrator of the transaction server can get notified of rejections and pending on hold decisions.
According to a further embodiment, the computer system according to the invention is peculiar in, that the non-reversible conversion is a hash encoding algorithm. It is herewith achieved that the non-reversible conversion can easily be implemented using well-known and well-documented techniques and software applications.
According to a method for preventing fraud in commercial transactions, the metliod concerns the following activities, receive a first personal data field from a shop, and receive a second non-personal data field, the method perform a conversion of the personal data field into non-reversibly converted data field by a non-reversible data conversion, further the method transmit converted data field and the non-personal data field to an analysing system, which analysing system compared the converted data field and the non-personal data field with existing data in a database, where the analysing system perform a status check in the database, where the analysing system transmit the result of that status check over the line into the computer system and further by the line into the web-shop computer into a data field. The method is peculiar in that the transaction data is received in a system, by which method the data is converted by a non-reversible algoritlim, where the converted data is stored in at least one database, by which metliod the database (s) is searched for similar converted transaction data in the database(s), where an analysis of similar converted transaction data is performed, where the method accept or reject the transaction.
It is herewith achieved that fraudulent attempts in a commercial transaction system can be detected and stopped before any money changes hands.
According to a further method for preventing fraud in commercial transactions, the method is peculiar in that upon a rejected transaction the similar converted transaction data will be marked with a reason why the data has been used in rejecting a transaction.
It is herewith achieved that the system can give reasons for rejections. The markings also serve as a way to increase system performance.
Description of the Drawings Figure 1 shows a system comprising a computer system, and
Figure 2 shows a flow chart indicating the process that takes place in the computer system. Detailed Description of the Invention
Figure 1 shows a system 2 comprising a computer system 4 and 6. The computer system 4 is connected via e.g. the internet to a number of web-shops 8, 10 and 12. But the number is not to be limited to the number indicated as the number could be extremely high. The web-shop 8 delivers two data fields 20 and 22. The data fields 20 and 22 contain data related to a new transaction. The data segment 20 comprises data that has to be non-re versibly converted because information is related to a person where the data field 22 comprises data related to the purchased product and data which is not to be non-reversibly converted. The contents of die data segment 20 and 22 are transmit- ted over transmission lines 24 and 26 into the computer system 4. The non-reversibly converted data 20 are sent in to a receiving section of the computer system 28 and the non-converted data are sent into a data segment 30 in the computer system. The personal data in the field 28 are immediately converted to be non-reversibly converted data 32 by a non-reversible data conversion. Both sets of data 30 and 32 are sent to the analysing system 6 where the data are compared with existing data placed in a database 40 for performing a status check. The result of that status check is transmitted over the line 42 into the computer system 4 indicated by 44 and further by the line 46 into the web-shop computer 8 into the field 48. In that way it should be possible for a web-shop in a few seconds to get a reply into the field 48 indicating if there is any security risk by continuing the transaction.
The data field 20 contains e.g. the following data: company, if company exists, mail, family name, address, house number, postal code, city, telephone number and email address. At least these data have to be non-reversibly converted. It is not allowed to store these data in a way in which the personal data can be generated later. The data field 22 comprises ordinary data such as order number, delivering country, the total cost of the purchase, products related to the purchase and the price, information related to the goods, e.g. pin code, IP number, ordering country, time for the transaction and the method of payment. Furthermore, the data field 22 can comprise data from the web-shop, e.g. name on the web-shop and data related to an electronic payment system.
Figure 2 shows a flow chart 102 indicating the process that takes place in the computer system 4 and 6 shown at figure 1. Figure 2 shows by 108 data received from a web- shop. Two sets of data are transmitted 124 and 126. The data transmitted by the line 124 is the personal data that are to be non-reversibly converted. In the line 126 is transmitted the public data. These two sets of data are by the line 124 placed in the computer system 128 and the public data in the line 126 is transmitted into the block 130. In the block, 128 is performed a non-reversal data conversion which could be a hash transformation. The converted data is by line 134 transmitted into block 140 and the non-converted data are from the block 130 transmitted by line 136 into the block 140. In the block 140, the data are stored in a database. The combined data 154 is sent to the block 156 where a first data corporation is performed. In the block 156 is performed fast check of existence of data related to the same customer or order. If no then by line 158, the status 160 which contains status word no match is transmitted to the web-shop, e.g. into the data field 48 at figure 1. If yes in the block 156, then line 162 leads to the next check block 164 which checks if the data exists on a positive list. If yes by line 166 into the line 168 is sent a go which is transmitted to the web-shop. If no in the block 164, line 170 leads to the next decision block 172 which checks if mis- leading data exists. If yes to misleading data, line 174 leads into block 176 which contains the status risfy which from line 176 is transmitted to the web-shop. If no in the block 172 line 178, leads to a block 182 which checks if the transaction is a sprinter. If the block 180 indicates it is a sprinter, then line 182 lead to the block 184 defining that the transaction has a high risk which is then sent as information to the web-shop. If no in the block 180, then line 186 leads to block 188 which defines 100 percent possibility for fraud and the yes is transmitted over line 1 0 to the line 192 giving the status blacklisted. This piece of information is also sent to the web-shop e.g. placed in the field 48 shown in the figure 1. The computer system 102 as seen at figure 2 performs different outputs by analysing a new order. But also other outputs are possible. It is possible by means of a web-service to indicate if a customer has changed his status. It is also possible to deliver a graphic representation concerning status on the web-shop orders which have been received.
The system can generate an output in the form of an email or push XML over HTTP or FTP to client server. And in situations where there is a high risk of fraud, the computer system can generate a text message (SMS).
The computer system 102 can generate statistics over running transactions. Furthermore, the system can send data to banks and credit card administrators indicating a statistics over indicated fraud. It is also possible to show to the banks or credit card administrators fast growing order tree. An order tree is a link of orders of incoming data as well as non-converted data and the data that has been non-reversibly converted.
In this way it is possible to send the status on the different orders by web, email or SMS. It is also possible to have a net connection between other E-shops. Furthermore, it is possible to contact the police automatically if fraud is detected. This can be per- formed by sending all relevant information to the police. As soon as the police have sent a journal number that journal number is used as an input to the computer system and a link of orders is performed and all information is sent for the police.
This invention further concerns a computer system for determining fraud in commer- cial transactions comprising a transaction server receiving and analysing transaction data, said transaction server comprising means for non-reversible conversion of said transaction data, said server comprising connection means to at least one database, said server comprising data analysing means, and said analysing means generates an output.
Method for preventing fraud in commercial transactions, where the transaction data is received in a computer system, whereby the data is converted by a non-reversible algorithm, whereby the converted data is stored in at least one database, and whereby the database(s) that an analysis of similar converted transaction data in the database(s). where an analysis of similar converted transaction data is performed, and that the method accepts or rejects the transaction.

Claims

1. Computer system (4) for determining fraud in commercial transactions is connected via e.g. the internet to a number of shops (8, 10,12), which computer system (4) com- prises means for non-reversible conversion of said transaction data, said computer system (4) comprises connection means to at least one database, said computer system comprises data analysing means, and said analysing means generates an output dependent of risk of fraud characterized in that the shop (8,10,12) generates at least a first and a second data field (20,22), which data field (20) comprises data that has to be non-reversibly converted because information is related to personal data, which data field (22) comprises data related to the purchased product and data which is not to be non-reversibly converted, which shop (8,10,12) performs a transmission of the personal data field (20) and the non-personal data field (22) over transmission lines (24) and (26) into the computer system (4) which computer system performs a conversion of the personal data field (20) into non-reversibly converted data field (32) by a nonreversible data conversion, which converted data field (32) and the non-personal data field (22,30) are sent to the analysing system (6) where the data are compared with existing data placed in a database (40) for perfomiing a status check, after performing the status check the result of that status check is transmitted over the line (42) into the computer system (4) and further by the line (46) into the web-shop computer (8) into a data field (48).
2. Computer system according to claim 1, characterized in, that the analysing output is chosen amongst: fraud probability, fraud probability including cause, similarities with existing data, and dissimilarities with existing data.
3. Computer system according to claim 1 or 2, characterized in, that the computer system comprising means for rejecting or accepting a commercial transaction based on the output of the analysing means.
4. Computer system according to anyone of the claims 1 to 3, characterized in the output of the analysing means performs a safety rating, places a transaction in at least one of the following groups: - Blacklisted, 100% probability for fraud, the system generates and transmits a safety warning,
- High risk, a sprinter deals at many different E-shops, high risk for fraud, the system generates and transmit safety warning,
- Risky, misleading data, high risk for fraud,
- Go, the customer has performed transaction before without any problem, or
- No match, no match in the database, probably a new customer.
5. Computer system according to anyone of the claims 1- 4, characterized in, that the transaction server comprises means of sending a message to at least one of the parties involved in the commercial transaction.
6. Computer system according to claim 4, characterized in, that the non-reversible conversion is a hash encoding algorithm.
7. Computer system according to any of the preceding claims, characterized is, that the analysing means operates based on a set of pre-defined parameters.
8. Metliod for preventing fraud in commercial transactions, where the transaction data is received in a computer system, characterized in the following steps,
a: receive a first personal data field (20) from a shop,
b: receive a second non-personal data field (22),
c: perform a conversion of the personal data field (20) into non-reversibly converted data field (32) by a non-reversible data conversion,
d: transmit converted data field (32) and the non-personal data field (22,30) to an analysing system (6), e: compare the converted data field (32) and the non-personal data field (22,30) with existing data in a database (40),
f: perform a status check in the database (40)
g: transmit the result of that status check over the line (42) into the computer system (4) and further by the line (46) into the web-shop computer (8) into a data Field (48).
9. Method for preventing fraud in commercial transactions according to claim 8, char- acterised in, that upon a rejected transaction the similar converted transaction data will be marked with a reason why the data has been used in rejecting a transaction.
10. Use of a system as described in any one of the claims 1 to 7 or a method as described in any one of the claims 8-9 to prevent or detect fraud in internet transactions between a user and an E-shop.
PCT/DK2010/050290 2009-10-30 2010-10-29 Computer system for determining fraud in e-commerce WO2011050813A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DKPA200970182 2009-10-30
DKPA200970182 2009-10-30

Publications (1)

Publication Number Publication Date
WO2011050813A1 true WO2011050813A1 (en) 2011-05-05

Family

ID=43921369

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/DK2010/050290 WO2011050813A1 (en) 2009-10-30 2010-10-29 Computer system for determining fraud in e-commerce

Country Status (1)

Country Link
WO (1) WO2011050813A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109284371A (en) * 2018-09-03 2019-01-29 平安证券股份有限公司 Anti- fraud method, electronic device and computer readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004055640A2 (en) * 2002-12-12 2004-07-01 Access Business Group International Llc System and method for storing and accessing secure data
US20040128274A1 (en) * 2000-08-21 2004-07-01 Snapp Robert F Delivery point validation system
US20050044059A1 (en) * 2003-08-22 2005-02-24 Vipin Samar Method and apparatus for protecting private information within a database
US20050131826A1 (en) * 1999-10-27 2005-06-16 Zix Corporation Centralized authorization and fraud-prevention system for network-based transactions
JP2006244095A (en) * 2005-03-02 2006-09-14 Takaaki Ito Personal identification system avoiding leakage of personal information
WO2008113085A2 (en) * 2007-03-15 2008-09-18 Secure Symbology, Inc. Method for managing a globally accessable operational data warehouse system with improved security and consumer response

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050131826A1 (en) * 1999-10-27 2005-06-16 Zix Corporation Centralized authorization and fraud-prevention system for network-based transactions
US20040128274A1 (en) * 2000-08-21 2004-07-01 Snapp Robert F Delivery point validation system
WO2004055640A2 (en) * 2002-12-12 2004-07-01 Access Business Group International Llc System and method for storing and accessing secure data
US20050044059A1 (en) * 2003-08-22 2005-02-24 Vipin Samar Method and apparatus for protecting private information within a database
JP2006244095A (en) * 2005-03-02 2006-09-14 Takaaki Ito Personal identification system avoiding leakage of personal information
WO2008113085A2 (en) * 2007-03-15 2008-09-18 Secure Symbology, Inc. Method for managing a globally accessable operational data warehouse system with improved security and consumer response

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109284371A (en) * 2018-09-03 2019-01-29 平安证券股份有限公司 Anti- fraud method, electronic device and computer readable storage medium
CN109284371B (en) * 2018-09-03 2023-04-18 平安证券股份有限公司 Anti-fraud method, electronic device, and computer-readable storage medium

Similar Documents

Publication Publication Date Title
US20230344869A1 (en) Detecting phishing attempts
US11595336B2 (en) Detecting of business email compromise
Franklin et al. An inquiry into the nature and causes of the wealth of internet miscreants.
US7346927B2 (en) System and method for storing and accessing secure data
US9325730B2 (en) Collaborative phishing attack detection
US9058607B2 (en) Using network security information to detection transaction fraud
US8661545B2 (en) Classifying a message based on fraud indicators
JP5026527B2 (en) Fraud detection by analysis of user interaction
US8918891B2 (en) Identity manipulation detection system and method
US20060282270A1 (en) Identity verification noise filter systems and methods
Button et al. Technology and Fraud: The ‘Fraudogenic’consequences of the Internet revolution
CN111709603A (en) Service request processing method, device and system based on wind control
JP6534255B2 (en) Fraudulent transaction detection system
US20100017844A1 (en) Associating a unique identifier and a heirarchy code with a record
CN107526823B (en) Logistics suspicion information verification and analysis method and system
WO2011050813A1 (en) Computer system for determining fraud in e-commerce
CN114363839B (en) Fraud data early warning method, device, equipment and storage medium
CN115037542A (en) Abnormal mail detection method and device
CN104202318A (en) Method, client and system for keeping away a phishing behavior
JP6534256B2 (en) Name identification program
Faluyi et al. Impact of ICT-facilitated fraud on Sustainable Socio-economic Development in Nigeria
WO2004055640A2 (en) System and method for storing and accessing secure data
Alla et al. What Is Anomaly Detection?
CN105577663A (en) Reporting information authentication method and device
Blazek THE NEW FORMS OF DIGITAL CRIMINALITY IN SLOVAKIA AND FIGHT AGAINST THEM

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10826126

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 090812)

122 Ep: pct application non-entry in european phase

Ref document number: 10826126

Country of ref document: EP

Kind code of ref document: A1