WO2020057300A1

WO2020057300A1 - Transaction monitoring method, device, and apparatus

Info

Publication number: WO2020057300A1
Application number: PCT/CN2019/100680
Authority: WO
Inventors: 罗马慧; 王子廷; 李白昱
Original assignee: 阿里巴巴集团控股有限公司
Priority date: 2018-09-20
Filing date: 2019-08-15
Publication date: 2020-03-26
Also published as: CN109376999A; TW202013290A

Abstract

Embodiments of the present specification disclose a transaction monitoring method, device, and apparatus. The method comprises: acquiring transaction data corresponding to a transaction request; identifying, according to the transaction data, a risk monitoring category to which a target transaction corresponding to the transaction request belongs, and obtaining a first risk monitoring category to which the target transaction belongs; generating, on the basis of the first risk monitoring category to which the target transaction belongs, an interaction-based monitoring strategy corresponding to the transaction request, wherein the interaction-based monitoring strategy is a strategy for performing transaction risk monitoring by means of data interaction; and implementing the interaction-based monitoring strategy, and obtaining a transaction result of the target transaction.

Description

Method, device and equipment for controlling transaction

Technical field

This specification relates to the field of computer technology, and in particular, to a method, device, and device for controlling transactions.

Background technique

With the continuous development of network technology and terminal technology, service providers provide users with various services through servers, and users can use terminals to request corresponding services from corresponding servers through the network. With the continuous growth of network services, the number of network transactions is also increasing, and fraudulent transactions will be included in them. The identification and management of fraudulent transactions has always been a difficult point in the field of risk prevention and control.

In recent years, the situation of telecommunication fraud risks has been severe, the black industry specialization and fraud methods have been upgraded, and people's security awareness has formed a gap with the high-speed popularity of the Internet. Therefore, higher requirements have been put forward for fraud risk prevention and control. Due to the closer interaction between fraudsters and users, and users' limited awareness of transaction risks, it is often necessary to repeatedly engage in risk prevention and control strategies to achieve anti-fraud effects, but for those who have not encountered fraud risks, For users, the above-mentioned repeated risk prevention and control strategy intervention has a greater impact on the user's operating experience. In order to effectively address the damage caused by fraud risks to users and improve their security perceptions, it is necessary to provide a solution that can balance the user experience and awaken the user's security awareness, in order to manage the fraud risks of user transactions and reduce the loss of user resources.

Summary of the Invention

The purpose of the embodiments of the present specification is to provide a method, device, and device for transaction control, so as to provide a solution that can balance the user experience and awaken the security awareness of the user, so as to control the fraud risk of the user's transaction and reduce the loss of user resources. .

To solve the above technical problems, the embodiments of the present specification are implemented as follows:

A method for managing and controlling transactions provided by the embodiments of this specification, the method includes:

Get the transaction data corresponding to the transaction request;

Identifying the risk management and control category to which the target transaction corresponding to the transaction request belongs according to the transaction data, and obtaining the first risk management and control category to which the target transaction belongs;

Generating a management and control interaction strategy corresponding to the transaction request based on the first risk management and control category to which the target transaction belongs, where the management and control interaction strategy is a strategy for performing transaction risk management and control through data interaction;

The management and control interaction strategy is executed to obtain a transaction result of the target transaction.

Optionally, the risk management and control category to which the target transaction belongs includes first identifying the transaction risk within a predetermined time period and re-identifying the transaction risk within a predetermined time period.

Optionally, the first risk management category is the first time that transaction risk is identified within a predetermined period of time,

The generating a management and control interaction strategy corresponding to the transaction request based on the first risk management and control category to which the target transaction belongs includes:

Acquiring scene information of the target transaction, and information of buyers and sellers in the target transaction, and determining the type of fraud to which the target transaction belongs;

Based on the first risk management category to which the target transaction belongs and the type of fraud to which the target transaction belongs, a corresponding management and control interaction strategy is generated.

Optionally, the management and control interaction strategy includes a risk guidance strategy for guiding the buyer to identify risks existing in the target transaction.

Optionally, the risk guiding strategy includes a risk revealing strategy and a risk exhausting guiding strategy.

Optionally, the scenario information includes a transfer to a resource card, a transfer to a resource account or a resource package, and the buyer information in the target transaction includes the buyer's account dimension information, transaction dimension information, and operation behavior information. The seller information in the transaction includes account dimension information of the seller.

Optionally, the first risk management category is to re-identify transaction risks within a predetermined period of time,

Based on the first risk management category to which the target transaction belongs and the type of fraud to which the target transaction belongs, corresponding security awareness test information is generated.

Optionally, the method further includes:

When a report instruction for the target transaction is received, collecting report information based on the target transaction;

The collected report information is stored to record the target transaction between the buyer and the seller, and the risks associated with the transaction with the seller.

Optionally, the method further includes:

If it is determined that the target transaction has transaction risk, the target transaction is stopped, and a notification message of the target transaction failure is output.

A transaction management device provided in the embodiments of the present specification, the device includes:

A data acquisition module for acquiring transaction data corresponding to a transaction request;

A risk category determination module, configured to identify, according to the transaction data, a risk management and control category to which a target transaction corresponding to the transaction request belongs, and obtain a first risk management and control category to which the target transaction belongs;

An interaction strategy generating module is configured to generate a management interaction strategy corresponding to the transaction request based on a first risk management category to which the target transaction belongs, where the management interaction strategy is a strategy for performing transaction risk management and control through data interaction;

An execution module is configured to execute the management and control interaction strategy to obtain a transaction result of the target transaction.

The interaction strategy generation module includes:

A first fraud type determining unit, configured to obtain scene information of the target transaction, and information of buyers and sellers in the target transaction, and determine a fraud type to which the target transaction belongs;

A first interaction strategy generating unit is configured to generate a corresponding management and interaction strategy based on a first risk management category to which the target transaction belongs and a fraud type to which the target transaction belongs.

The interaction strategy generation module includes:

A second fraud type determining unit, configured to obtain scene information of the target transaction and information of buyers and sellers in the target transaction, and determine a fraud type to which the target transaction belongs;

A second interaction strategy generating unit is configured to generate corresponding security awareness test information based on a first risk management category to which the target transaction belongs and a fraud type to which the target transaction belongs.

Optionally, the apparatus further includes:

A report information collection module, configured to collect report information based on the target transaction when a report instruction for the target transaction is received;

The report information storage module is configured to store collected report information to record the target transaction between the buyer and the seller, and the risks existing in the transaction with the seller.

Optionally, the apparatus further includes:

The transaction stopping module is configured to stop the target transaction if it is determined that the target transaction has transaction risks, and output a notification message that the target transaction fails.

An embodiment of this specification provides a transaction management and control device. The target transaction management and control device includes:

Processor; and

A memory arranged to store computer-executable instructions which, when executed, cause the processor to:

Get the transaction data corresponding to the transaction request;

Generating a management and control interaction strategy corresponding to the transaction request based on a first risk management and control category to which the target transaction belongs, where the management and control interaction strategy is a strategy for performing transaction risk management and control through data interaction;

It can be seen from the technical solutions provided by the embodiments of the present specification that the embodiments of the present specification obtain transaction data corresponding to the transaction request, and according to the transaction data, identify the risk management and control category to which the target transaction corresponding to the transaction request belongs, and obtain the target transaction. Based on the first risk management category of the target transaction, and then a management and control interaction strategy corresponding to the transaction request can be generated based on the first risk management and control category to which the target transaction belongs. Manage and control the interaction strategy to obtain the transaction results of the target transaction. In this way, whenever a user creates or executes a transaction (that is, the target transaction), the server first determines the risk control category to which the target transaction belongs through the corresponding transaction data, and based on the obtained risk control The category generates corresponding management and control interaction strategies, so that the user's security awareness can be determined based on the risk management and control category, and differentiated and interactive transaction risk management and control based on the degree of risk, awakening users with different security awareness to the security awareness of the target transaction. L operation of the user experience, and improves the success rate of pay, reduce the capital loss resulting from fraud.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to more clearly explain the embodiments of the present specification or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly introduced below. Obviously, the drawings in the following description are merely These are some of the embodiments described in this specification. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without paying creative labor.

FIG. 1 is an embodiment of a transaction management method of this specification;

FIG. 2 is a schematic structural diagram of a transaction management system in this specification;

FIG. 3 is another embodiment of a method for controlling transactions in this specification;

FIG. 4 is a schematic diagram of a logical process of a transaction management method in this specification;

FIG. 5 is an embodiment of a transaction control device of this specification;

FIG. 6 is an embodiment of a transaction management and control device of this specification.

detailed description

The embodiments of the present specification provide a method, a device, and a device for controlling transactions.

In order to enable those skilled in the art to better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described with reference to the accompanying drawings in the embodiments of the present specification. Obviously, the described The examples are only a part of examples of this specification, but not all examples. Based on the embodiments in this specification, all other embodiments obtained by a person of ordinary skill in the art without creative efforts should fall within the protection scope of this specification.

Example one

As shown in FIG. 1, an embodiment of the present specification provides a method for managing and controlling transactions. The execution subject of the method may be a terminal device or a server, and the terminal device may be a device such as a personal computer. The server can be an independent server or a server cluster composed of multiple servers, and the server can be a background server for a certain business (such as financial services), or a website (such as an online shopping website or Payment applications, etc.). This method can be used for risk management and control of arbitrary transactions, and differentiated and interactive risk management and control based on user security awareness and risk level. In order to improve the efficiency of transaction risk management and control, in this embodiment, the execution subject is the server As an example for description, the situation of the terminal device can be processed according to the following related content, which is not repeated here. The method may specifically include the following steps:

In step S102, the transaction data corresponding to the transaction request is acquired.

Among them, the transaction request may be a request for a buyer and a seller to trigger a transaction based on an arbitrary transaction, for example, a transaction request triggered based on a transfer, or a transaction request triggered based on scanning a QR code for payment. The transaction data may include data related to the transaction corresponding to the above transaction request, such as relevant information of the seller, relevant information of the buyer, and relevant information of the transaction scenario, etc., which can be specifically determined according to the actual situation, which is not limited in the embodiments of this specification. .

In the implementation, with the continuous development of network technology and terminal technology, service providers provide users with various services through servers, and users can use terminals to request corresponding services from corresponding servers through the network. With the continuous growth of network services, the number of network transactions is also increasing, and fraudulent transactions will be included. The identification and management of fraudulent transactions has always been a difficult point in the field of risk prevention and control. In recent years, the situation of telecommunication fraud risks has been severe, the black industry specialization and fraud methods have been upgraded, and people's security awareness has formed a gap with the high-speed popularity of the Internet, which has put forward higher requirements for fraud risk prevention and control. In order to effectively solve the damage caused by fraud risks to users and improve user security awareness, it is necessary to conduct fraud risk management and control on user transactions in a certain way to reduce user funds loss.

Due to the closer interaction between fraudsters and users, and users' limited awareness of transaction risks, it is often necessary to repeatedly engage in risk prevention and control strategies to achieve anti-fraud effects, but for users who have not encountered fraud risks In terms of the above-mentioned repeated risk prevention and control strategy intervention, the user's operation experience has a greater impact. And how to more effectively reduce the user's loss of fraudulent resources, at the same time can effectively reduce user interruptions and reduce the amount of business loss, it is necessary to design a scheme that can balance the user experience and wake up the user's security awareness. To this end, the embodiments of the present specification provide a feasible processing method, which may specifically include the following:

As shown in Figure 2, a transaction usually requires the user's terminal device and server to complete together. The user's terminal device can be installed with an application for performing the above transaction. When the user needs to perform the above transaction, the application can be started. The terminal The device can launch the application, and send a data acquisition request to the background server of the application, and can present the data acquired by the data acquisition request through the application. The user can provide data provided by the application, and related information provided by the seller. Information (such as a transaction link or graphic code) triggers the terminal device to generate a transaction request. The terminal device may send the transaction request to the server. After the server receives the transaction request, the server may obtain relevant data (that is, transaction data) of the transaction corresponding to the transaction request, such as buyer account information and seller account information.

For example, a payment application is installed in the user's terminal device. When the user needs to make a payment or transfer to a seller, the payment application can be launched. The payment application can include the option of scanning the graphic code for payment, and the user can click the option. The terminal device can start the camera. At the same time, the payment application can display the scanning interface. The user can move the scanning interface to the location of the graphic code provided by the seller. The terminal device can obtain the relevant information of the seller by scanning the graphic code (such as The seller's account information, etc.), and can display the relevant information of the seller and the resource input box. The user can enter the resource value (such as the transaction amount, etc.) in the resource input box. After the input is completed, he can click the payment button. The terminal device can generate a transaction request and send it to the server. After receiving the transaction request, the server can obtain the relevant transaction data (that is, transaction data) according to the transaction request, such as the buyer (that is, the user's account). Information, seller's account information and transaction scenario information (i.e. transfer to A given account) and so on.

In step S104, according to the transaction data, the risk management control category to which the target transaction corresponding to the transaction request belongs is identified, and the first risk management control category to which the target transaction belongs is obtained.

The risk management and control category may be a category for risks that may exist in the transaction. The risk management and control category may include multiple types, and may be specifically set according to actual conditions, which is not limited in the embodiments of the present specification. In this implementation, the risk management and control category may include two types of transaction risk identification for the first time within a predetermined time period and re-identification of transaction risk within a predetermined time period, such as the first identification of transaction risk within a day and the re-identification of transaction risk within a day. The first risk management and control category may be any of the risk management and control categories, such as first identifying a transaction risk within a predetermined period of time or re-identifying a transaction risk within a predetermined period of time.

In the implementation, the server may be provided with a risk prevention and control mechanism. The risk prevention and control mechanism may be provided with multiple risk prevention and control strategies, and store relevant data of the buyer and the seller, as well as relevant information of the seller who is reported as having a risk. Information, etc. In order to prevent users' transactions from losing resources to users due to fraudulent transactions, you can use the above-mentioned risk prevention and control mechanism to determine whether the transactions submitted by users are risky or which type of risk control they belong to before the buyers and sellers conduct transactions. After the server obtains the transaction data corresponding to the transaction request, it can extract the seller's account information, the buyer's account information, and the transaction scenario information from the transaction data, and then analyze the above information through the risk prevention and control mechanism. If the risk prevention and control mechanism determines that the currently stored information does not include the buyer's account information within a predetermined period of time, it can be determined that the user or the buyer first identified the transaction risk. At this time, the transaction corresponding to the transaction request (that is, the target transaction) can be determined. The first risk management and control category belongs to identifying transaction risks for the first time. If the risk prevention and control mechanism determines that the currently stored information includes the buyer's account information for a predetermined period of time, the user or buyer can be identified to identify the risk again. At this time, it can be determined The target corresponding to this transaction request The first category of risk management and control transaction belongs to identify transaction risk again.

It should be noted that in addition to determining the first risk management category to which the target transaction belongs in the above manner, it can also be implemented in other ways. For example, the risk management category can also be based on the user's first identification of transaction risks and Identify transaction risks. At this time, the risk prevention and control mechanism can determine whether the currently stored information includes the buyer's account information for a predetermined period of time in the scenario of transferring to a predetermined account. If it includes, it can determine the first risk management control of the target transaction. The category is to identify risks again. If it is not included, it can be determined that the first risk management category to which the target transaction belongs is the first identification of risks.

In step S106, a management and control interaction strategy corresponding to the above transaction request is generated based on the first risk management and control category to which the target transaction belongs, and the management and control interaction strategy is a strategy for performing transaction risk management and control through data interaction.

Among them, the management and control interaction strategy may be an interactive risk prevention and control strategy, which can remind the user to identify whether a transaction is a risk strategy in a timely manner through data interaction with the user. The management and control interaction strategy may include multiple types, which may be set according to different risk management and control categories, and the content of different management and control interaction strategies may be set according to actual conditions, which are not limited in the embodiments of this specification.

In the implementation, the server may store management and control interaction modes corresponding to different risk management and control categories. The management and control interaction mode may be a composition structure of management and control interaction strategies, such as a risk guidance mode (that is, a mode for guiding users to identify risks through step-by-step information prompts) Risk test mode (that is, a mode for reminding the user to identify risks by providing the user with test information) and the like. The above correspondence can be stored in the form of a table, as shown in Table 1.

Table 1

风险管控类别Risk management category	管控交互模式Regulatory interaction mode
第一风险管控类别First risk management category	交互模式AInteraction Mode A
第二风险管控类别Second risk management category	交互模式BInteractive Mode B
第三风险管控类别Third risk management category	交互模式CInteractive Mode C

After the server obtains the first risk management and control category to which the target transaction belongs, it can find the management and control interaction mode corresponding to the first risk management and control category based on Table 1 above, that is, interaction mode A. Because the management interaction mode is only the composition of the management interaction strategy, it does not include the content of the management interaction strategy. Therefore, the server can obtain the transaction scenario information, the user's account information, the user's account information, and the buyer and seller transaction information. , Transaction behavior information, the seller's historical complaint record and the seller's historical punishment record, etc., and can analyze the above information to determine the type of fraud that the target transaction may correspond to, and can obtain from the database based on the determined type of fraud. The content of the control interaction strategy corresponding to this type of fraud. Then, the server can combine the content of the above control interaction strategy with the interaction mode A to generate the control interaction strategy corresponding to the above transaction request. For example, in the name of a government agency, request you The transaction to pay a certain fee usually belongs to () -A, fraudulent transaction, B, normal transaction.

In step S108, the above-mentioned interactive control strategy is executed to obtain the transaction result of the target transaction.

In implementation, after the server obtains the management and control interaction strategy corresponding to the above transaction request, it can send related data in the management and control interaction strategy to the terminal device. After receiving the data sent by the server, the terminal device can display the data, and the user can Fill in the corresponding information or select the corresponding option, and then send the filled information or the selected option information to the server, and the server can set the corresponding data according to the user feedback information to send to the user to fill in or select the information. Through the data interaction between the terminal device and the server, the user can know in time whether the target transaction is risky. If there is a risk, the user can stop the target transaction. If the user determines that there is no risk, the user can continue the target transaction, that is, continue to pay until Payment is complete. For example, the target transaction is when a user receives a transaction in the name of a government agency that asks you to pay a fee, and the user sees: In the name of a government agency, a transaction that asks you to pay a fee usually belongs to () —After the contents of the interactive control strategies such as A, fraudulent transactions, B, and normal transactions, users will pay more attention to whether the target transaction is fraudulent, thereby reminding the user that the target transaction may have risks and avoiding the loss of user resources.

The embodiment of the specification provides a method for managing and controlling a transaction. By acquiring transaction data corresponding to a transaction request, and identifying the risk management and control category to which the target transaction corresponding to the transaction request belongs based on the transaction data, a first risk to which the target transaction belongs is obtained. The management and control category can then generate the management and control interaction strategy corresponding to the transaction request based on the first risk management and control category to which the target transaction belongs. The management and control interaction strategy is a strategy for performing transaction risk management and control through data interaction, and execute the management and control interaction strategy. Get the transaction result of the target transaction. In this way, whenever a user creates or executes a transaction (ie, the target transaction), the server first determines the risk management category to which the target transaction belongs through the corresponding transaction data, and generates a corresponding risk management category based on the obtained risk management category. Manage and control interactive strategies, which can determine the strength of users' security awareness based on risk management and control categories, and conduct differentiated and interactive transaction risk management and control based on the degree of risk, awaken users with different security awareness to the security awareness of target transactions, and improve the user's operating Experience, and to enhance the success rate of pay, reduce the capital loss resulting from fraud.

Example two

As shown in FIG. 3, an embodiment of the present specification provides a method for managing and controlling transactions. The execution subject of the method may be a terminal device or a server, and the terminal device may be a device such as a personal computer. The server can be an independent server or a server cluster composed of multiple servers, and the server can be a background server for a certain business (such as financial services), or a website (such as an online shopping website or Payment applications, etc.). This method can be used for risk management and control of arbitrary transactions, and differentiated and interactive risk management and control based on user security awareness and risk level. In order to improve the efficiency of transaction risk management and control, in this embodiment, the execution subject is the server As an example for description, the situation of the terminal device can be processed according to the following related content, which is not repeated here. The method may specifically include the following steps:

In step S302, the transaction data corresponding to the transaction request is acquired.

The transaction data may include information such as the seller's account information, buyer's account information, and transaction scenario information. The transaction scenario information may include transfer to a resource card, transfer to a resource account or resource package, and the resource card may include a bank card or a transportation card. Such as cards with stored resource data, resource accounts can be Alipay accounts, bank accounts, etc., resource packs can be red envelopes, etc.

In practical applications, the transaction created by the user for the first time can be used to remind the user of the risk through the page reminder. If the user determines to continue the target transaction, the transaction data corresponding to the transaction request can be obtained.

In step S304, according to the transaction data, the risk management control category to which the target transaction corresponding to the transaction request belongs is identified, and a first risk management control category to which the target transaction belongs is obtained.

The risk management and control category to which the target transaction belongs may include the first identification of transaction risk within a predetermined period of time and the identification of transaction risk again within a predetermined period of time. The predetermined duration can be set according to the actual situation, such as 12 hours or 1 day.

In implementation, as shown in FIG. 4, considering that the user who first identified the transaction risk within a predetermined period of time and the user who re-identified the transaction risk within a predetermined period of time, because the two have different perceptions of whether a risk exists in a transaction, , Can provide differentiated fraud and scam reminders and operation guidelines, so that users can more easily identify the scam and terminate the fraudulent operation by combining the reminder content. In the implementation of this manual, the risk management and control categories can be divided into two categories, that is, the predetermined duration The transaction risk is identified for the first time within a period of time and the transaction risk is identified again within a predetermined time period.

A risk prevention and control mechanism (which can be a risk data system) can be set in the server. The risk prevention and control mechanism can be set with multiple risk prevention and control strategies, and store relevant data of buyers and sellers, as well as those reported as risky. Information about the seller, etc. After the server obtains the transaction data corresponding to the transaction request, it can extract the seller's account information, the buyer's account information, and the transaction scenario information from the transaction data. Then, the above information can be analyzed separately through the risk prevention and control mechanism. The prevention and control mechanism determines that the currently stored information does not include the buyer's account information for a predetermined period of time, so that it can be determined that the user or buyer first identified the transaction risk. At this time, the first risk management category to which the target transaction belongs can be determined as the first identified transaction. Risk, if the risk prevention and control mechanism determines that the currently stored information includes the buyer's account information for a predetermined period of time, it can be determined that the user or the buyer recognizes the transaction risk again. At this time, the first risk control category to which the target transaction belongs can be determined as Recognize transaction risk again.

If it is determined through the processing of step S304 that the first risk management and control category is the first time that transaction risk is identified within a predetermined period of time, the server may perform the processing of steps S306 and S308 described below.

In step S306, scene information of the target transaction and information of buyers and sellers in the target transaction are acquired, and the type of fraud to which the target transaction belongs is determined.

The scenario information may include transfer to a resource card, transfer to a resource account or resource package, and the buyer information in the target transaction may include the buyer's account dimension information, transaction dimension information, and operation behavior information. The seller information in the target transaction may include the seller Account dimension information. The buyer's account dimension information can include the buyer's account registration information, the buyer's account funds (which can include the income and expenditure of funds, etc.), and the common place of the buyer's account (which can include the area or location of the buyer's account, etc.) Wait. The transaction dimension information of the buyer may include transaction information between the buyer and the seller, the transaction behavior of the buyer, and the like. The buyer's operating behavior information may include debits and invalidity of resource cards. The seller's account dimension information may include the historical complaint record of the seller's account and the historical punishment record of the buyer's account. In practical applications, it may not be limited to the above information, and may also include, for example, resource transactions (such as capital transactions) between the buyer and the seller, and the degree of connection (such as friendship or kinship) between the buyer and the seller. There are many types of fraud, such as the type of fraud corresponding to requesting a user to perform a transaction in the name of an organization, or the type of fraud corresponding to requesting a user to perform a transaction in the name of a friend or relative of the user, or by clicking on a malicious link. The type of fraud that triggers a transaction can be specifically set according to the actual situation, which is not limited in the embodiments of this specification.

In the implementation, the server may be provided with multiple types of fraud, and the identification mechanism and reminder mechanism corresponding to each type of fraud. For example, if the type of fraud is to request the user to perform a transaction in the name of an organization, the server An identification mechanism and a reminder mechanism for identifying the above-mentioned types of fraud may be set therein. If the server determines that the first risk management category to which the target transaction belongs is the first time that transaction risk is identified within a predetermined period of time, the server can obtain the scene information of the target transaction, as well as the buyer and seller information in the target transaction, and can extract the corresponding information from the above information. Features, which can include the characteristics of registration information of the buyer's account, the characteristics of the income and expenditure of the buyer's account, the characteristics of the common location of the buyer's account, the characteristics of the transaction information between the buyer and the seller, the characteristics of the buyer's transaction behavior, and the history of the seller's account. The characteristics and the historical punishment characteristics of the buyer's account can be combined with the above characteristics through the variables in the risk prevention and control mechanism. Finally, the type of fraud that may be involved in the target transaction is obtained.

In step S308, a corresponding management and control interaction strategy is generated based on the first risk control category to which the target transaction belongs and the fraud type to which the target transaction belongs.

In the implementation, according to the risk management and control category to which the target transaction belongs, the transaction risk is identified for the first time within a predetermined time period, and the management interaction mode corresponding to the first identification of transaction risk within a predetermined time period can be determined, such as risk disclosure and / or risk exclusion guidelines, and risk disclosure. It can be used to reveal the possible risks of the target transaction to the user to remind the user to proceed with the target transaction with caution. The risk exclusion guidelines can be used to instruct the user to point and guide to exclude a certain risk, etc., and determine the management and control interaction required for the target transaction through the above methods. After the framework (that is, the interactive mode of management and control), specific content can be added to the above framework. Therefore, the server can obtain relevant information and risk exclusion guidelines for risk disclosure corresponding to the type of fraud according to the type of fraud that may be involved in the target transaction. Relevant information can be set into the framework of risk disclosure and risk exclusion guidance, so as to generate corresponding management and control interaction strategies. Among them, the management and control interaction strategy includes a risk guidance strategy for guiding the buyer to identify the risks existing in the target transaction. The risk guidance strategy may include a prevention and control guidance strategy for the risks corresponding to different types of fraud, which can help users identify the current transaction (i.e. the target Transactions), and guide users to stop target transactions in a timely manner.

Based on the above, risk guidance strategies can include risk disclosure strategies and risk exclusion guidance strategies. The risk disclosure strategy can include the disclosure of relevant characteristics or characteristics of different types of fraud. For example, the types of fraud that may be involved in target transactions are fraud type 1 and fraud type 2. Common characteristics or characteristics of fraud type 1 can be used. Show to the user (or buyer), the user can view the above-mentioned common characteristics or features. If the user believes that the target transaction meets the above-mentioned common characteristics or features, the user will determine that the target transaction may have transaction risks. At this time, the user can further decide whether to follow up For transactions, if the user believes that the target transaction does not meet the above common characteristics or characteristics, the risk disclosure strategy will guide the user to check the common characteristics or characteristics of the fraud type 2. The user can continue to determine whether the target transaction meets the above common characteristics or characteristics until it is determined Whether the target transaction is risky. As shown in FIG. 4, the server may set multiple optional processes for the target transaction. Specifically, if the strategy is disclosed through the risks corresponding to the fraud types 1 and 2 described above, the user determines that there is no transaction risk or transaction risk in the target transaction. Small, at this time, the user can continue the target transaction. If the user determines that the target transaction has transaction risk or the transaction risk is large, at this time, the user can ignore the target transaction through the "back" button provided in the terminal device. If the user is not sure of the target The size of the transaction risk of the transaction. At this time, the user can obtain more relevant information from the server through the buttons such as "more security education" provided in the terminal device to further determine the size of the transaction risk of the target transaction. If the user determines the target transaction If there is transaction risk, you can report the target transaction and the seller. For details, please refer to the following related content, which will not be repeated here.

The risk exclusion guidance strategy may be a strategy in which the user provides the user with the transaction risk that the target transaction may have in the process of determining whether the target transaction has transaction risk, and asks the user for confirmation. For example, the target transaction may involve fraud type 1 and fraud type 2. The server can determine the target transaction as a transaction corresponding to fraud type 1 and provide it to the user for confirmation. If the user determines that the target transaction corresponds to fraud type 1 Transaction, you can ignore the target transaction by pressing the "Back" button provided in the terminal device or report the target transaction and the seller. If the user determines that the target transaction is not a transaction corresponding to fraud type 1, the server can send the target transaction The transaction determined to be fraud type 2 is provided to the user for confirmation.

If it is determined through the processing of step S304 that the first risk management category is to identify the transaction risk again within a predetermined period of time, the server may perform the processing of steps S310 and S312 described below.

In step S310, scene information of the target transaction and information of buyers and sellers in the target transaction are acquired, and the type of fraud to which the target transaction belongs is determined.

The content of the step S310 is the same as the content of the step S306. For the specific processing of the step S310, refer to the related content of the step S306, and details are not described herein again.

In step S312, the corresponding security awareness test information is generated based on the first risk control category to which the target transaction belongs and the type of fraud to which the target transaction belongs.

The security awareness test information may be test information composed of one or more test questions and corresponding optional answers, and may also be test information composed of one or more test questions and information input boxes.

In implementation, the server can collect the transaction information of the target transaction, and can perform feature extraction and other processing on the above information to obtain corresponding characteristics. The above-mentioned characteristics can be fused through the variables in the risk prevention and control mechanism, and finally the type of fraud that the target transaction may involve. Based on the first risk control category to which the target transaction belongs, the transaction risk can be identified again within a predetermined period of time, and the management and control interaction strategy corresponding to the transaction risk can be identified again within a predetermined period of time, that is, the security awareness test information. Awaken the user's security awareness of the target transaction and prevent the loss of user resources.

For example, if the type of fraud that may be involved in the target transaction includes fraud type 3 and fraud type 4, based on each type of fraud, you can select security awareness test information corresponding to the type of fraud from a predetermined test database, that is, you can The security awareness test information corresponding to fraud type 3 and fraud type 4 is selected from a predetermined test database. The security awareness test information corresponding to each fraud type may be one or multiple. For example, the fraud type 3 is telecommunications. For fraud, the corresponding security awareness test information can be: In the name of Organization A, the transaction that asks you to pay a fee usually belongs to () -A, fraudulent transaction, B, normal transaction, etc. The server can judge through the above method The strength of the user (or buyer) in the security awareness of the transaction, and based on this, it can be further determined whether the user needs to be educated or awakened in security awareness to prevent the loss of user resources.

It should be noted that in addition to testing the security awareness of the user (or buyer), the user can also be reminded of exemption from liability, etc., which can be specifically set according to actual business requirements, which is not limited in this embodiment.

In step S314, the above-mentioned interactive control strategy is executed to obtain the transaction result of the target transaction.

In implementation, as shown in FIG. 4, the server may set a plurality of optional processes for the target transaction. Specifically, if the user determines that the target transaction does not exist after the above steps S306 and S308 or steps S310 and S312 are processed The transaction risk or transaction risk is small. At this time, the user can continue the target transaction. If the user determines that the target transaction has transaction risk or the transaction risk is large, at this time, the user can ignore the target transaction through the "back" button provided in the terminal device. If the user is not sure about the transaction risk of the target transaction, at this time, the user can obtain more relevant information from the server through the buttons such as "more security education" provided in the terminal device to further determine the magnitude of the transaction risk of the target transaction. If the user determines that there is transaction risk in the target transaction, the target transaction and the seller can be reported and processed. For details, please refer to the following related content, which will not be repeated here.

In step S316, when a report instruction for a target transaction is received, report information based on the target transaction is collected.

Wherein, the report information may include relevant information of the seller (such as the account information of the seller, the use location information of the seller's account, the seller's fraud method, etc.), relevant information of the buyer (such as the buyer's account information, the use of the buyer's account, etc. ).

In step S318, the collected report information is stored to record the target transaction between the buyer and the seller, and the risks existing in the transaction with the seller.

In implementation, the server can store the collected report information in the relevant database of the above-mentioned risk prevention and control mechanism (or risk data system). In this way, by setting a report entrance, it is convenient for users to feedback the risk situation of the transaction in real time, instead of waiting until After the transaction is successful, the user reports again. By using the fast information return application, not only can the user's resource loss be reduced, but also the management and control capabilities of the fraud strategy can be greatly improved to prevent fraudulent fraud.

Based on the above-mentioned related content, for example, when a user enters a payment password for a target transaction for the first time, the server can warn the user of the risk. When the user enters a payment password for the target transaction for the first time, the server can continuously output a transaction failure to allow the user to Be aware of the fraud risks reminded in the above-mentioned interactive control strategy to awaken the security awareness of users and protect users' resources from loss.

In step S320, if it is determined that the target transaction has transaction risk, the target transaction is stopped, and a notification message of the target transaction failure is output.

Based on the above-mentioned processing methods, by integrating user (or buyer) operation behavior information, user's transaction dimension information, and seller account information, etc. into the characterization of features, through strategies in the risk prevention and control mechanism (or risk prevention and control system) Describe the characteristics of the variables, accurately determine the risk level of the user's transaction, and the risk level of the user and the payee, and recommend the most suitable interactive risk exclusion process for the user. The transaction control scheme in this embodiment increases the interaction design with the user, and incorporates more common-sense scam content into the interactive content. By improving the user's security awareness, it is easier to wake up the user. In addition, the transaction control scheme in this embodiment fully considers the difference in the level of user security awareness, and adopts different levels of wake-up mechanisms for users with different levels of security awareness (that is, risk management and control categories). Disturb heavy reminder "goal. In addition, the added information return mechanism of the transaction control scheme can collect more user-side information and enhance the accuracy of the user's actual situation judgment. The real-time reporting mechanism can also effectively prevent the fraudulent secondary fraud and increase the risk of fraud. Control capabilities.

Example three

The above is the transaction management method provided by the embodiment of the present specification. Based on the same thinking, the embodiment of the specification also provides a transaction management and control device, as shown in FIG. 5.

The transaction control device includes a data acquisition module 501, a risk category determination module 502, an interaction strategy generation module 503, and an execution module 504, of which:

A data acquisition module 501, configured to acquire transaction data corresponding to a transaction request;

A risk category determination module 502, configured to identify, according to the transaction data, a risk management and control category to which a target transaction corresponding to the transaction request belongs, and obtain a first risk management and control category to which the target transaction belongs;

An interaction policy generating module 503 is configured to generate a management and control interaction strategy corresponding to the transaction request based on a first risk management and control category to which the target transaction belongs, where the management and control interaction strategy is a strategy for performing transaction risk management and control through data interaction;

The execution module 504 is configured to execute the management and control interaction strategy to obtain a transaction result of the target transaction.

In the embodiment of the present specification, the risk management and control category to which the target transaction belongs includes first identifying the transaction risk within a predetermined period and re-identifying the transaction risk within a predetermined period.

In the embodiment of the present specification, the first risk control category is the first time that transaction risk is identified within a predetermined period of time,

The interaction policy generation module 503 includes:

In the embodiment of the present specification, the management and control interaction strategy includes a risk guidance strategy for guiding the buyer to identify risks existing in the target transaction.

In the embodiment of the present specification, the risk guidance strategy includes a risk disclosure strategy and a risk discharge guidance strategy.

In the embodiment of the present specification, the scenario information includes a transfer to a resource card, a transfer to a resource account or a resource package, and the buyer information in the target transaction includes the buyer's account dimension information, transaction dimension information, and operation behavior information. The seller information in the target transaction includes account dimension information of the seller.

In the embodiment of the present specification, the first risk control category is to identify the transaction risk again within a predetermined period of time,

The interaction policy generation module 503 includes:

In the embodiment of the present specification, the device further includes:

The embodiment of the present specification provides a transaction management and control device. By acquiring transaction data corresponding to a transaction request, and according to the transaction data, identifying a risk management control category to which the target transaction corresponding to the transaction request belongs, to obtain a first risk to which the target transaction belongs. The management and control category can then generate the management and control interaction strategy corresponding to the transaction request based on the first risk management and control category to which the target transaction belongs. Get the transaction result of the target transaction. In this way, whenever a user creates or executes a transaction (ie, the target transaction), the server first determines the risk management category to which the target transaction belongs through the corresponding transaction data, and generates a corresponding Manage and control interactive strategies, which can determine the strength of users' security awareness based on risk management and control categories, and conduct differentiated and interactive transaction risk management and control based on the degree of risk, awaken users with different security awareness to the security awareness of target transactions, and improve the user operating Experience, and to enhance the success rate of pay, reduce the capital loss resulting from fraud.

Embodiment 4

The above is the transaction management and control device provided by the embodiment of the present specification. Based on the same idea, the embodiment of the specification also provides a transaction management and control device, as shown in FIG. 6.

The target transaction management and control device may be a server provided in the foregoing embodiment.

The transaction management and control equipment may have relatively large differences due to different configurations or performance, and may include one or more processors 601 and memory 602. The memory 602 may store one or more storage applications or data. The memory 602 may be a temporary storage or a persistent storage. The application program stored in the memory 602 may include one or more modules (not shown), and each module may include a series of computer-executable instructions in a transaction control device. Furthermore, the processor 601 may be configured to communicate with the memory 602 and execute a series of computer-executable instructions in the memory 602 on a transaction management device. The transaction management equipment may also include one or more power sources 603, one or more wired or wireless network interfaces 604, one or more input / output interfaces 605, and one or more keyboards 606.

Specifically in this embodiment, the transaction management and control device includes a memory and one or more programs. One or more programs are stored in the memory, and one or more programs may include one or more modules. Each module may include a series of computer-executable instructions in a transaction control device, and configured to be executed by one or more processors. The one or more programs include computer-executable instructions for:

Get the transaction data corresponding to the transaction request;

The embodiments of the present specification further include:

The collected report information is stored to record the target transaction between the buyer and the seller, and the risks existing in the transaction with the seller.

The embodiments of the present specification further include:

The embodiment of the present specification provides a transaction management and control device. By acquiring transaction data corresponding to a transaction request, and according to the transaction data, identifying a risk management and control category to which the target transaction corresponding to the transaction request belongs, to obtain a first risk to which the target transaction belongs. The management and control category can then generate the management and control interaction strategy corresponding to the transaction request based on the first risk management and control category to which the target transaction belongs. The management and control interaction strategy is a strategy for performing transaction risk management and control through data interaction, and execute the management and control interaction strategy. Get the transaction result of the target transaction. In this way, whenever a user creates or executes a transaction (ie, the target transaction), the server first determines the risk management category to which the target transaction belongs through the corresponding transaction data, and generates a corresponding risk management category based on the obtained risk management category. Manage and control interactive strategies, which can determine the strength of users' security awareness based on risk management and control categories, and conduct differentiated and interactive transaction risk management and control based on the degree of risk, awaken users with different security awareness to the security awareness of target transactions, and improve the user's operating Experience, and to enhance the success rate of pay, reduce the capital loss resulting from fraud.

The specific embodiments of the present specification have been described above. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and the desired result may still be achieved. In addition, the processes depicted in the figures do not necessarily require the particular order shown or sequential order to achieve the desired results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.

In the 1990s, for a technical improvement, it can be clearly distinguished whether it is an improvement in hardware (for example, the improvement of circuit structures such as diodes, transistors, switches, etc.) or an improvement in software (for the improvement of method flow). However, with the development of technology, the improvement of many methods and processes can be regarded as a direct improvement of the hardware circuit structure. Designers almost always get the corresponding hardware circuit structure by programming the improved method flow into the hardware circuit. Therefore, it cannot be said that the improvement of a method flow cannot be realized by hardware entity modules. For example, a programmable logic device (Programmable Logic Device (PLD)) (such as a Field Programmable Gate Array (FPGA)) is such an integrated circuit whose logic function is determined by the user programming the device. Designers can program themselves to "integrate" a digital system on a PLD, without having to ask a chip manufacturer to design and produce a dedicated integrated circuit chip. Moreover, nowadays, instead of making integrated circuit chips manually, this programming is mostly implemented by "logic compiler" software, which is similar to the software compiler used in program development and writing, but before compilation The original code must also be written in a specific programming language, which is called Hardware Description Language (HDL), and HDL is not the only one, but there are many types, such as ABEL (Advanced Boolean ExpressionLanguage) , AHDL (Altera, Hardware, Description, Language), Confluence, CUPL (Cornell, University Programming, Language), HDCal, JHDL (Java, Hardware, Description, Language), Lava, Lola, MyHDL, PALASM, RHDL (Ruby, Hardware, Description), etc. VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog. Those skilled in the art should also be clear that as long as the method flow is logically programmed and integrated into the integrated circuit using the above-mentioned several hardware description languages, a hardware circuit that implements the logic method flow can be easily obtained.

The controller may be implemented in any suitable manner, for example, the controller may take the form of a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor. , Logic gates, switches, Application Specific Integrated Circuits (ASICs), programmable logic controllers, and embedded microcontrollers. Examples of controllers include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, With the Microchip PIC18F26K20 and Silicone Labs C8051F320, the memory controller can also be implemented as part of the control logic of the memory. Those skilled in the art also know that, in addition to implementing the controller in a purely computer-readable program code manner, it is entirely possible to make the controller logic gates, switches, application-specific integrated circuits, programmable logic controllers, and embedded controllers by logic programming the method steps Microcontrollers, etc. to achieve the same function. Therefore, such a controller can be regarded as a hardware component, and a device included in the controller for implementing various functions can also be regarded as a structure within the hardware component. Or even, the means for implementing various functions can be regarded as a structure that can be both a software module implementing the method and a hardware component.

The system, device, module, or unit described in the foregoing embodiments may be specifically implemented by a computer chip or entity, or a product with a certain function. A typical implementation device is a computer. Specifically, the computer may be, for example, a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or A combination of any of these devices.

For the convenience of description, when describing the above device, the functions are divided into various units and described separately. Of course, when implementing one or more embodiments of the present specification, the functions of each unit may be implemented in the same software or software.

Those skilled in the art should understand that the embodiments of the present specification may be provided as a method, a system, or a computer program product. Therefore, one or more embodiments of this specification may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Moreover, one or more embodiments of the present specification may adopt a computer program implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code therein. The form of the product.

Embodiments of the present specification are described with reference to flowcharts and / or block diagrams of methods, devices (systems), and computer program products according to the embodiments of the present specification. It should be understood that each process and / or block in the flowcharts and / or block diagrams, and combinations of processes and / or blocks in the flowcharts and / or block diagrams can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing device to produce a machine, so that the instructions generated by the processor of the computer or other programmable data processing device are used to generate instructions Means for implementing the functions specified in one or more flowcharts and / or one or more blocks of the block diagrams.

These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing device to work in a particular manner such that the instructions stored in the computer-readable memory produce a manufactured article including an instruction device, the instructions The device implements the functions specified in one or more flowcharts and / or one or more blocks of the block diagram.

These computer program instructions can also be loaded on a computer or other programmable data processing device, so that a series of steps can be performed on the computer or other programmable device to produce a computer-implemented process, which can be executed on the computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more flowcharts and / or one or more blocks of the block diagrams.

In a typical configuration, a computing device includes one or more processors (CPUs), input / output interfaces, network interfaces, and memory.

Memory may include non-persistent memory, random access memory (RAM), and / or non-volatile memory in computer-readable media, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media includes both permanent and non-persistent, removable and non-removable media. Information can be stored by any method or technology. Information may be computer-readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), and read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, read-only disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission media may be used to store information that can be accessed by computing devices. As defined herein, computer-readable media does not include temporary computer-readable media, such as modulated data signals and carrier waves.

It should also be noted that the terms "including," "including," or any other variation thereof are intended to encompass non-exclusive inclusion, so that a process, method, product, or device that includes a range of elements includes not only those elements, but also Other elements not explicitly listed, or those that are inherent to such a process, method, product, or device. Without more restrictions, the elements defined by the sentence "including a ..." do not exclude the existence of other identical elements in the process, method, product or equipment including the elements.

Those skilled in the art should understand that the embodiments of the present specification may be provided as a method, a system, or a computer program product. Therefore, one or more embodiments of the present specification may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Moreover, one or more embodiments of the present specification may adopt a computer program implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code therein. The form of the product.

One or more embodiments of the specification may be described in the general context of computer-executable instructions executed by a computer, such as program modules. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types. One or more embodiments of the present specification may also be practiced in distributed computing environments in which tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules may be located in local and remote computer storage media, including storage devices.

Each embodiment in this specification is described in a progressive manner, and the same or similar parts between the various embodiments can be referred to each other. Each embodiment focuses on the differences from other embodiments. In particular, for the system embodiment, since it is basically similar to the method embodiment, the description is relatively simple. For the relevant part, refer to the description of the method embodiment.

The above descriptions are merely examples of the present specification and are not intended to limit the present specification. For those skilled in the art, this specification may have various modifications and changes. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this specification shall be included in the scope of claims of this specification.

Claims

A method for managing and controlling transactions, the method includes:

Get the transaction data corresponding to the transaction request;

Identifying the risk management and control category to which the target transaction corresponding to the transaction request belongs according to the transaction data, and obtaining the first risk management and control category to which the target transaction belongs;

Generating a management and control interaction strategy corresponding to the transaction request based on a first risk management and control category to which the target transaction belongs, where the management and control interaction strategy is a strategy for performing transaction risk management and control through data interaction;

The management and control interaction strategy is executed to obtain a transaction result of the target transaction.
The method according to claim 1, wherein the risk management category to which the target transaction belongs includes first identifying a transaction risk within a predetermined period of time and re-identifying a transaction risk within a predetermined period of time.
The method according to claim 2, wherein the first risk management category is the first time that transaction risk is identified within a predetermined period of time,

The generating a management and control interaction strategy corresponding to the transaction request based on the first risk management and control category to which the target transaction belongs includes:

Acquiring scene information of the target transaction, and information of buyers and sellers in the target transaction, and determining the type of fraud to which the target transaction belongs;

Based on the first risk management category to which the target transaction belongs and the type of fraud to which the target transaction belongs, a corresponding management and control interaction strategy is generated.
The method according to claim 3, wherein the management interaction strategy comprises a risk guidance strategy for guiding the buyer to identify risks existing in the target transaction.
The method according to claim 4, wherein the risk guiding strategy comprises a risk revealing strategy and a risk exhausting guiding strategy.
The method according to claim 3, wherein the scene information includes transfer to a resource card, transfer to a resource account or a resource package, and the buyer information in the target transaction includes account dimension information, transaction dimension information, and operation behavior of the buyer Information, and the seller information in the target transaction includes account dimension information of the seller.
The method according to claim 2, wherein the first risk management category is to identify the transaction risk again within a predetermined period of time,

The generating a management and control interaction strategy corresponding to the transaction request based on the first risk management and control category to which the target transaction belongs includes:

Acquiring scene information of the target transaction, and information of buyers and sellers in the target transaction, and determining the type of fraud to which the target transaction belongs;

Based on the first risk management category to which the target transaction belongs and the type of fraud to which the target transaction belongs, corresponding security awareness test information is generated.
The method according to any one of claims 3-7, further comprising:

When a report instruction for the target transaction is received, collecting report information based on the target transaction;

The collected report information is stored to record the target transaction between the buyer and the seller, and the risks existing in the transaction with the seller.
The method according to claim 8, further comprising:

If it is determined that the target transaction has transaction risk, the target transaction is stopped, and a notification message of the target transaction failure is output.
A transaction management and control device, the device includes:

A data acquisition module for acquiring transaction data corresponding to a transaction request;

A risk category determination module, configured to identify, according to the transaction data, a risk management and control category to which a target transaction corresponding to the transaction request belongs, and obtain a first risk management and control category to which the target transaction belongs;

An interaction strategy generating module is configured to generate a management interaction strategy corresponding to the transaction request based on a first risk management category to which the target transaction belongs, where the management interaction strategy is a strategy for performing transaction risk management and control through data interaction;

An execution module is configured to execute the management and control interaction strategy to obtain a transaction result of the target transaction.
The device according to claim 10, wherein the risk management category to which the target transaction belongs includes first identifying a transaction risk within a predetermined time period and re-identifying the transaction risk within a predetermined time period.
The device according to claim 11, wherein the first risk management category is the first time a transaction risk is identified within a predetermined period of time,

The interaction strategy generation module includes:

A first fraud type determining unit, configured to obtain scene information of the target transaction, and information of buyers and sellers in the target transaction, and determine a fraud type to which the target transaction belongs;

A first interaction strategy generating unit is configured to generate a corresponding management and interaction strategy based on a first risk management category to which the target transaction belongs and a fraud type to which the target transaction belongs.
The apparatus according to claim 12, wherein the management interaction strategy comprises a risk guidance strategy for guiding the buyer to identify risks existing in the target transaction.
The apparatus according to claim 13, wherein the risk guiding strategy comprises a risk revealing strategy and a risk exhausting guiding strategy.
The device according to claim 12, wherein the scene information includes a transfer to a resource card, a transfer to a resource account or a resource package, and the buyer information in the target transaction includes the buyer's account dimension information, transaction dimension information, and operation behavior Information, and the seller information in the target transaction includes account dimension information of the seller.
The device according to claim 11, wherein the first risk management category is re-identification of a transaction risk within a predetermined time period,

The interaction strategy generation module includes:

A second fraud type determining unit, configured to obtain scene information of the target transaction and information of buyers and sellers in the target transaction, and determine a fraud type to which the target transaction belongs;

A second interaction strategy generating unit is configured to generate corresponding security awareness test information based on a first risk management category to which the target transaction belongs and a fraud type to which the target transaction belongs.
The device according to any one of claims 12 to 16, further comprising:

A report information collection module, configured to collect report information based on the target transaction when a report instruction for the target transaction is received;

The report information storage module is configured to store collected report information to record the target transaction between the buyer and the seller, and the risks existing in the transaction with the seller.
The apparatus according to claim 17, further comprising:

The transaction stopping module is configured to stop the target transaction if it is determined that the target transaction has transaction risks, and output a notification message that the target transaction fails.
A transaction management and control device. The target transaction management and control device includes:

Processor; and

A memory arranged to store computer-executable instructions which, when executed, cause the processor to:

Get the transaction data corresponding to the transaction request;

Identifying the risk management and control category to which the target transaction corresponding to the transaction request belongs according to the transaction data, and obtaining the first risk management and control category to which the target transaction belongs;

Generating a management and control interaction strategy corresponding to the transaction request based on a first risk management and control category to which the target transaction belongs, where the management and control interaction strategy is a strategy for performing transaction risk management and control through data interaction;

The management and control interaction strategy is executed to obtain a transaction result of the target transaction.