WO2021103701A1 - Transaction risk identification method and apparatus - Google Patents

Transaction risk identification method and apparatus Download PDF

Info

Publication number
WO2021103701A1
WO2021103701A1 PCT/CN2020/111779 CN2020111779W WO2021103701A1 WO 2021103701 A1 WO2021103701 A1 WO 2021103701A1 CN 2020111779 W CN2020111779 W CN 2020111779W WO 2021103701 A1 WO2021103701 A1 WO 2021103701A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
information
payment
trust identifier
payment code
Prior art date
Application number
PCT/CN2020/111779
Other languages
French (fr)
Chinese (zh)
Inventor
汪志阳
Original Assignee
支付宝(杭州)信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝(杭州)信息技术有限公司 filed Critical 支付宝(杭州)信息技术有限公司
Publication of WO2021103701A1 publication Critical patent/WO2021103701A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Definitions

  • This manual relates to the field of Internet technology, and in particular to a method and device for identifying transaction risks.
  • offline payment the payer only needs to show the payment code to the payee, and the payee scans the payment code and initiates a deduction request to the server.
  • the payee cannot obtain the payer's device information, which causes the server to be unable to conduct risk assessment of the transaction payment from the device information dimension, thereby increasing the payer's payment risk.
  • At least one embodiment of this specification provides a transaction risk identification method, so that the server can accurately identify the transaction risk and reduce the payment risk of the payer.
  • a transaction risk identification method includes: receiving transaction information of the current transaction to be recognized, the transaction information including user information corresponding to the transaction and a device trust identifier; the device The trust identifier is used to uniquely correspond to the device where the transaction occurred; send the device trust identifier to the device center, and receive the device query result corresponding to the device trust identifier returned by the device center; according to the device query result , Perform risk identification on the transaction information.
  • a payment processing method which is applied to a client of a payer, and the method includes: receiving a payment code generation request; obtaining a payment code based on user information and a device trust identifier; the device trust identifier is used to uniquely Corresponding to the device where the transaction occurred; the payment code includes the user information and the device trust identifier;
  • the payment code is displayed, so that the payee executes this payment transaction according to the payment code.
  • a payment processing method comprising: receiving a payment request for this transaction, the payment request carrying: a payment code and payment information for this transaction; and obtaining information included in the payment code User information and device trust identifier, the device trust identifier is used to uniquely correspond to the device where this transaction occurs; the transaction information of this transaction is sent to the payment system, and the transaction information carries: the user information, the device The trust mark and the payment information.
  • a transaction risk identification device in a fourth aspect, includes: a receiving module for receiving transaction information of this transaction to be identified, the transaction information including user information and equipment trust corresponding to this transaction ID; the device trust ID is used to uniquely correspond to the device where the transaction occurs; the processing module is used to send the device trust ID to the device center, and receive the device trust ID returned by the device center corresponding to the device trust ID Equipment query result; a risk identification module for risk identification on the transaction information according to the equipment query result.
  • a payment processing device which is applied to a client of a payer.
  • the device includes: a request receiving module, configured to receive a payment code generation request; and an acquiring module, configured to obtain Payment code; the device trust identifier is used to uniquely correspond to the device where this transaction occurs; the payment code includes the user information and the device trust identifier; the display module is used to display the payment code to enable payment The party executes this payment transaction according to the payment code.
  • a payment processing device includes: a payment request receiving module for receiving a payment request for this transaction, the payment request carrying: a payment code and payment information for this transaction;
  • the second acquiring module is used to acquire the user information and the device trust identifier included in the payment code, and the device trust identifier is used to uniquely correspond to the device where the transaction occurs;
  • the second sending module is used to send this to the payment system Transaction information of the second transaction, where the transaction information carries: the user information, the device trust identifier, and the payment information.
  • a computer device including a memory, a processor, and a computer program stored in the memory and capable of running on the processor.
  • the processor executes the program, the program described in any of the embodiments of this specification is implemented.
  • a computer-readable storage medium on which a computer program is stored.
  • the program is executed by a processor, the transaction risk identification method described in any of the embodiments of this specification is implemented, or any one of the embodiments of this specification is implemented.
  • an embodiment of this specification realizes that the server can query the device information of the payer device in the current transaction according to the device trust identifier, so as to accurately identify the risk in the device information dimension and reduce the payment risk of the payer.
  • Fig. 1 is a flow chart showing a method for identifying transaction risks according to an exemplary embodiment.
  • Fig. 2 is a flow chart showing a payment processing method according to an exemplary embodiment.
  • Fig. 3 is a flow chart showing another payment processing method according to an exemplary embodiment.
  • Fig. 4 is a flow chart showing a transaction payment according to an exemplary embodiment.
  • Fig. 5 is a schematic diagram showing a transaction risk identification device according to an exemplary embodiment.
  • Fig. 6 is a schematic diagram showing a payment processing device according to an exemplary embodiment.
  • Fig. 7 is a schematic diagram showing another payment processing device according to an exemplary embodiment.
  • Fig. 8 is a schematic diagram showing yet another payment processing device according to an exemplary embodiment.
  • first, second, third, etc. may be used in this specification to describe various information, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • first information may also be referred to as second information, and similarly, the second information may also be referred to as first information.
  • word “if” as used herein can be interpreted as "when” or “when” or "in response to determination”.
  • At least one embodiment of this specification provides a transaction risk identification method:
  • the server When the server performs risk identification on the current transaction, it queries the corresponding device information from the device center according to the unique device trust identifier of the payer device in the current transaction, and returns according to the device center The results of the equipment query to identify the risk of the current transaction. Since the device trust identifier can uniquely correspond to the device information in the current transaction, the server can accurately obtain the device information of the payer of the current transaction, and identify the risk of the current transaction from the device information dimension, reducing the payment risk of the payer.
  • Fig. 1 is a flowchart of a method for identifying transaction risks according to an embodiment provided in this specification. This method is applied to a risk control system. It is understandable that all systems with risk identification and control functions can be regarded as “risk control systems", and there is no restriction here.
  • the process includes step 101 to step 103.
  • Step 101 Receive transaction information of this transaction to be identified, where the transaction information includes user information and device trust identifier corresponding to this transaction; the device trust identifier is used to uniquely correspond to the device where the transaction occurs.
  • the payment system Before the payment system performs a corresponding payment operation for this transaction, it needs to check the risk of the transaction with the risk control system, and decide whether to perform the payment operation based on the risk feedback of the risk control system. This step is when the payment system sends a "query request" to the risk control system, and the risk control system receives the user information and device trust identifier of the payer in this transaction.
  • the device trust identifier can uniquely correspond to the device used by the payer in the current transaction.
  • the device trust identifier can be the international mobile device identity code of the payer's device in the current transaction, and the "code" that can uniquely correspond to a device can be used as the above device trust identifier, which is not limited in this manual.
  • the device trust identifier may also be a unique identifier generated based on an international mobile device identity code, an international mobile subscriber identity code, a client random number, and a server random number-a device trust identifier (Trust ID, TID).
  • TID is the unique identification of the same user and the same device in this transaction.
  • the risk control system can query all the information of the device where the payer’s client is located through TID, thereby identifying risks in this transaction from different dimensions.
  • Step 102 Send the device trust identifier to the device center, and receive the device query result corresponding to the device trust identifier returned by the device center.
  • the device center pre-stores the mapping relationship between the device information and the device trust identifier.
  • the risk control system sends the equipment trust mark to the equipment center for query, and accepts the query result fed back by the equipment center. For example, if the equipment center queries the equipment information corresponding to the same equipment trust identifier as equipment A, it will feed back the equipment query result-equipment A to the risk control system; if the equipment center queries the same equipment trust identifier, the equipment query result-no The existence of the same equipment trust mark is fed back to the risk control system.
  • Step 103 Perform risk identification on the transaction information according to the device query result.
  • the risk control system Based on the historical transaction information of the equipment, the risk control system has carried out multi-dimensional data accumulation and factual judgment. In this step, the risk control system performs risk identification on the transaction information of this transaction based on the results of the device query and combined with the user's historical transaction information in this transaction. For example, the device query result shows that the device information is device A, and the risk control system obtains that the user has been using device A to conduct transactions through historical transaction information, and then the transaction can be identified as risk-free in the device information dimension; if the risk control system passes the history The transaction information query obtains that the user has been using device B for transactions, and the high risk of this transaction can be identified in the device information dimension.
  • the risk control system can also comprehensively identify the risk of this transaction in combination with other dimensions. For example, by judging whether the transaction location is consistent with the historical transaction location, the current transaction risk can be identified; Whether the transaction object of the transaction and the historical transaction object are of the same type, identify the current transaction risk. For example, after the risk control system obtains all the information of the payer's device in this transaction based on the TID value, it performs risk identification from the SIM card dimension, and finds that the SIM card of the payer in this transaction has multiple logins with the SIM card, and it can be identified based on the number of logins.
  • the risk of this transaction Perform risk identification from the device dimension and find that the device of the payer of this transaction has multiple account logins with the same device, and then identify the risk of this transaction based on the number of logged-in accounts.
  • the aforementioned user historical transaction information may also include: transaction time, transaction object type, transaction corresponding commodity type or transaction amount, etc.
  • the performing risk identification on the transaction information according to the device query result includes: if the device query result returned by the device center includes: there is no device information corresponding to the device trust identifier, then Confirm that this transaction is a risky transaction.
  • the equipment center determines through query that there is no identical equipment trust identifier (that is, no corresponding equipment information), and it can identify the high risk of the current transaction in the dimension of equipment information.
  • A has been using device A for payment transactions, criminal B illegally obtained A’s user information and logged in on device B for offline payment (called illegal transactions), and intercepted the device sent to the device center during offline payment
  • the data packet of information (device B) and user information causes the device center to fail to store the mapping relationship between device B and device trust identifier b.
  • the risk control system identifies this illegal transaction, after sending the device trust mark b to the equipment center, the device center query returns the result that there is no device information corresponding to the device trust mark b, and the risk control system can confirm that the illegal transaction is a risk Transaction, thereby preventing this transaction.
  • the performing risk identification on the transaction information according to the device query result includes: if the device query result returned by the device center includes: device information corresponding to the device trust identifier, and confirming all The device information is different from the device where the history of the user information is located, and it is confirmed that the current transaction is a risky transaction. For example: A has been using device A for payment transactions, criminal B illegally obtained A’s user information and logged in on device B for offline payment (known as illegal transactions), and sent device information (device B) during offline payment And user information to the device center, the device center stores the mapping relationship between device B and device trust identifier b.
  • the risk control system When the risk control system recognizes this illegal transaction, it sends the device trust mark b to the equipment center, and the equipment center queries and returns the device information corresponding to the device trust mark b is equipment B.
  • the risk control system finds equipment B and the equipment in the historical transaction information If the equipment information of A is inconsistent, the illegal transaction is confirmed as a risky transaction, so as to prevent the illegal transaction in time.
  • the transaction information of this transaction obtains the user information of this transaction and the device trust identifier uniquely corresponding to the payer device in this transaction .
  • the device trust mark query the corresponding device information from the device center, so as to identify the risk of this transaction in the device information dimension, thereby reducing the payment risk of the payer. Since the device trust ID can uniquely correspond to the payer's device in the current transaction, it is ensured that the device information queried by the risk control system based on the device trust ID is the device information of the payer's device in the current transaction, so that accurate risk identification is performed in the device information dimension and reduces Payer’s payment risk.
  • Fig. 2 is a flowchart of a payment processing method shown in an embodiment of this specification. This method is applied to the client of the payer.
  • the process of this embodiment includes the following steps 201 to 203.
  • Step 201 Receive a payment code generation request.
  • the user uses the payer's client to make a payment, he will input a command to display the payment code to the payer's client. For example, the user clicks the "Payment Code” button on the payer's client. In this step, the payer client receives the payment code generation request (corresponding to the user inputting a command to display the payment code to the payment client).
  • the method before the receiving the payment code generation request, further includes: sending the device information of the device where the client is located and the device trust identifier to the device center, so that the device center stores The mapping relationship between the device information and the device trust identifier.
  • the payer client directly or indirectly sends the device information and the device trust identifier to the device center, for example, through a number of intermediate devices and finally sent to the device center.
  • the device center has related management functions such as viewing, deleting, and storing device information, as well as features such as high stability and maintainability.
  • the storage and management of the mapping relationship between the device information and the device trust mark in the device center is more reliable and manageable than the temporary storage of device information in the risk control system.
  • the sending the device information of the device where the payment client is located and the device trust identifier to the device center includes: when the client login is detected, the device information and the device trust Identification, sent to the equipment center.
  • the payer client detects that the user logs in to the client, it will automatically send the device information and device trust identifier to the device center.
  • the above-mentioned "user login client” includes the automatic login of the client based on the saved account information after the user opens the client.
  • the method before receiving the payment code generation request, the method further includes: storing a device trust identifier, the device trust identifier being an identifier generated by the server according to device association parameters, and the device association parameters include: International Mobile Device identification code, international mobile user identification code, random number generated by the client and random number generated by the server.
  • the server When the user enters user information (such as account number and password) when logging in to the payer’s client for the first time, the server will use the international mobile device identification code of the device where the current payer’s client is located, the international mobile user identification code in the device where the payer is located, and the current payer
  • the random number generated by the client and the random number generated by the server are four device-related parameters to generate the device trust ID (Trust ID, abbreviated as TID), and the TID is used to uniquely correspond to the device where the payer client is located, and the payer client stores the TID .
  • the server will generate a device trust identifier and store it in the payer's client; and the record is recorded on the payer's client for the first login After the login information, when the client automatically logs in when the user uses it again, the server will not regenerate a new device trust identifier.
  • the server will regenerate the device trust identifier; log out of A’s account in a and log in to B’s account, then the server will regenerate the device trust identifier; when logging in to user A’s account in a, change the mobile SIM card, the device trust mark is regenerated.
  • Step 202 Obtain a payment code according to the user information and the device trust identifier; the device trust identifier is used to uniquely correspond to the device where the transaction occurs; the payment code includes the user information and the device trust identifier.
  • the payer client goes to the decoding center to obtain the payment code according to the user information and the device trust identifier.
  • the obtaining the payment code according to the user information and the device trust identifier includes: sending a payment code obtaining request to a decoding center, and the payment code obtaining request includes: the user information and the device trust identifier; receiving the Decoding the payment code returned by the center, where the payment code is generated by the decoding center according to the user information and the device trust identifier.
  • the payer client sends a payment code request containing the user information and the device trust identifier to the decoding center, and the decoding center generates the payment code based on the user information and the device trust identifier and returns it to the payer client.
  • Step 203 Display the payment code so that the payee executes the current payment transaction according to the payment code.
  • the payer client displays the payment code to the payee client so that the payee can obtain the payment code and execute the payment transaction.
  • the payer client obtains and displays the payment code according to the user information and the device trust identifier uniquely corresponding to the device where the transaction occurs, so that the payee client obtains the user information and device through the payment code Trust the ID, so that the payee client can initiate a payment request for this transaction based on the user information and the device trust ID.
  • Fig. 3 is a flowchart of a payment processing method shown in an embodiment of this specification. This method is applied to the receiver's server.
  • the process of this embodiment includes the following steps 301 to 303.
  • Step 301 Receive a payment request for this transaction, where the payment request carries: a payment code and payment information for this transaction.
  • the payee client After obtaining the payment code, the payee client sends a payment request for this transaction to the payee server.
  • the payment request carries the payment code and payment information.
  • the payment information may include: payee account, transaction amount, product information, transaction time, etc.
  • Step 302 Obtain the user information and the device trust identifier included in the payment code, where the device trust identifier is used to uniquely correspond to the device where the transaction occurs.
  • the payee server sends the payment code to the decoding center for analysis, and obtains the user information and the device trust identifier from the analysis result.
  • the device trust identifier uniquely corresponds to the device where the payer client is located in this transaction.
  • the obtaining the user information and the device trust identifier included in the payment code includes: sending an analysis request to a decoding center, where the analysis request includes: the payment code; and receiving the payment code returned by the decoding center The user information and device trust identifier obtained by analyzing the payment code.
  • Step 303 Send transaction information of this transaction to the payment system, where the transaction information carries: the user information, the device trust identifier, and the payment information.
  • the payee server sends the transaction information of this transaction to the payment system, so that the payment system performs the payment operation for this transaction.
  • the payee server obtains the user information of the transaction in the payment code and the device trust identifier uniquely corresponding to the device where the transaction occurs, and combines the user information and device trust identifier of the transaction And the payment information is sent to the payment system, so that the payment system will perform the payment operation for this transaction according to the risk identification result of the risk control system.
  • Figure 4 illustrates a complete transaction payment process, describing the process of applying the transaction risk identification method shown in the embodiment of this specification to carry out risk control on the payment of this transaction. As shown in Figure 4, the process can include steps 401 to 416.
  • step 401 when the payer client logs in to the current account for the first time (when the user enters the account password to log in), the device trust identifier generated by the server is stored.
  • the device trust identifier is a unique identifier generated by the server according to the four influencing factors of the international mobile device identification code, the international mobile subscriber identification code, the client random number and the server random number of the device where the payer’s client is located, so the device trusts The identification uniquely corresponds to the device where the payer's client is located.
  • the device information and the device trust identifier are sent to the device center to store the corresponding mapping relationship.
  • the device information is information that can indicate the device where the current payer's client is located, for example, it may be an international mobile device identity code.
  • step 403 the payment code acquisition request carrying the user information and the device trust identifier is sent to In the decoding center, the decoding center generates a payment code according to the user information and the device trust identifier and returns (step 404) to the payer client.
  • step 405 the payer client displays the payment code to the payee client, so that the payee scans the code in step 406 and obtains the payment code.
  • the payment code displayed by the payer client in step 405 can be time-limited, for example, the payment code is valid within 3 minutes after it is generated; if the payment code becomes invalid after 3 minutes, the payment code needs to be regenerated in the decoding center and returned to the payer client .
  • the payee client sends a payment request carrying the payment code and payment information to the payee server.
  • the payment information may include: payee account, transaction amount, product information, and transaction time.
  • the payee server After receiving the payment request, the payee server sends a payment request carrying the payment code to the decoding center in step 408, and the decoding center parses the payment code and returns the user information and device trust identifier to the payee server in step 409.
  • the payee server sends the complete transaction information of this transaction to the payment system, so that the payment system performs the payment operation for this transaction.
  • the transaction information includes: user information, device trust identifier, and payment information.
  • the payment system Before the payment system performs payment operations on this transaction, it first consults with the risk control system whether there is any risk in this transaction.
  • the payment system sends transaction information carrying user information and device trust identification to the risk control system.
  • the risk control system sends the equipment trust mark to the equipment center, and the equipment center obtains the equipment query result according to the stored mapping relationship and returns it to the risk control system.
  • the device query result includes: there is no device information corresponding to the device trust identifier or device information corresponding to the device trust identifier.
  • the risk control system performs risk identification of the equipment information dimension on the transaction information of this transaction in step 414. For example, if the device query result is that there is no device information corresponding to the device trust mark, the transaction is high risk; if the device query result is that the device information corresponding to the device trust mark is device B, and it is confirmed that the user’s commonly used device in this transaction is Device A identifies that this transaction is a high risk; if the device query result is that the device information corresponding to the device trust mark is device B, and it is confirmed that the user's commonly used device in this transaction is device B, then it is identified that this transaction is risk-free.
  • step 414 risk identification, the risk control system is based on the risk identification of the equipment information dimension, and integrates other kinds of historical information, carries out risk identification of this transaction from multiple dimensions, and finally comprehensively obtains the risk identification result of this transaction, as The risk control result is returned to the payment system in step 415.
  • a variety of historical information includes, the user's historical transaction location, transaction time, transaction object type, transaction commodity type and transaction amount in this transaction.
  • the payment system completes the payment operation for this transaction according to the risk control result (step 416); or, abandons the payment operation for this transaction.
  • This implementation describes a complete transaction payment process.
  • the payer client stores the device information and the device trust identifier uniquely corresponding to the device where the payer client is located in the device center in advance, and the payee server uses the payment code displayed by the payer client.
  • Obtain the equipment information and the equipment trust mark so that when the risk control system identifies the risk of this transaction, it can query the corresponding equipment information from the equipment center according to the equipment trust mark, and identify the risk of principal and interest transactions in the equipment information dimension. Since the device trust identifier uniquely corresponds to the device where the payer's client is located in this transaction, the risk control system can accurately obtain the device information of the payer of this transaction, and perform risk identification in the device information dimension, which reduces the payment risk of the payer.
  • this specification provides a transaction risk identification device, which can execute the transaction risk identification method of any embodiment of this specification.
  • the device may include a receiving module 501, a processing module 502, and a risk identification module 503.
  • the receiving module 501 is used to receive the transaction information of this transaction to be identified, the transaction information includes the user information corresponding to this transaction and the device trust identifier; the device trust identifier is used to uniquely correspond to the occurrence of this transaction The device where it is located; processing module 502, used to send the device trust identifier to the device center, and receive the device query results corresponding to the device trust identifier returned by the device center; risk identification module 503, used to As a result of the equipment query, risk identification is performed on the transaction information.
  • the risk identification module 503 is configured to perform risk identification on the transaction information according to the device query result, including: when the device query result returned by the device center includes: the device query result does not exist The device information corresponding to the device trust identifier confirms that the current transaction is a risky transaction.
  • the risk identification module 503 is configured to perform risk identification on the transaction information according to the device query result, including: when the device query result returned by the device center includes: the device trust Identify the corresponding device information, confirm that the device information is different from the device where the history of the user information is located, and confirm that the current transaction is a risky transaction.
  • the device may include a request receiving module 601, an obtaining module 602, and a display module 603.
  • the request receiving module 601 is used to receive the payment code generation request
  • the obtaining module 602 is used to obtain the payment code according to the user information and the device trust identifier
  • the device trust identifier is used to uniquely correspond to the device where the transaction occurred
  • the payment code includes the user information and the device trust identifier
  • the display module 603 is configured to display the payment code so that the payee can execute the current payment transaction according to the payment code.
  • the obtaining module 602 is configured to obtain the payment code according to the user information and the device trust identifier, including: sending a payment code obtaining request to the decoding center, and the payment code obtaining request includes: the user information And a device trust identifier; receiving the payment code returned by the decoding center, where the payment code is generated by the decoding center according to the user information and the device trust identifier.
  • the apparatus further includes: a sending module 701, configured to send the device information of the device where the payer client is located and the device trust identifier to the device center, so that The device center stores the mapping relationship between the device information and the device trust identifier.
  • a sending module 701 configured to send the device information of the device where the payer client is located and the device trust identifier to the device center, so that The device center stores the mapping relationship between the device information and the device trust identifier.
  • the sending module 701 is configured to send the device information of the device where the payer client is located and the device trust identifier to the device center, including: when the client login is detected, sending The device information and the device trust identifier are sent to the device center.
  • the apparatus further includes: a storage module 702, configured to store a device trust identifier, the device trust identifier being an identifier generated by the server according to device associated parameters, and the device associated parameters include : International Mobile Equipment Identity Code, International Mobile User Identity Code, random number generated by the client and random number generated by the server.
  • a storage module 702 configured to store a device trust identifier, the device trust identifier being an identifier generated by the server according to device associated parameters, and the device associated parameters include : International Mobile Equipment Identity Code, International Mobile User Identity Code, random number generated by the client and random number generated by the server.
  • the device may include a payment request receiving module 801, a second obtaining module 802, and a second sending module 803.
  • the payment request receiving module 801 is used to receive the payment request of this transaction, and the payment request carries: the payment code and the payment information of this transaction
  • the second obtaining module 802 is used to obtain the payment code including
  • the user information and the device trust identifier of the device are used to uniquely correspond to the device where the transaction occurs
  • the second sending module 803 is used to send the transaction information of this transaction to the payment system, and the transaction information carries : The user information, the device trust identifier, and the payment information.
  • the second obtaining module 802 when used to obtain the user information and the device trust identifier included in the payment code, it includes: sending a resolution request to a decoding center, and the resolution request includes: the payment Code; receiving the user information and device trust identifier returned by the decoding center from the analysis of the payment code.
  • the relevant part can refer to the part of the description of the method embodiment.
  • the device embodiments described above are merely illustrative, where the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in One place, or it can be distributed to multiple network units. Some or all of the modules may be selected according to actual needs to achieve the objectives of at least one embodiment of the specification. Those of ordinary skill in the art can understand and implement without creative work.
  • This specification also provides a computer device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor.
  • the processor executes the program, the transaction in any embodiment of this specification can be realized.
  • This specification also provides a computer-readable storage medium on which a computer program is stored. When the program is executed by a processor, it can implement the transaction risk identification method of any embodiment of this specification, or implement any embodiment of this specification. Payment processing method.
  • non-transitory computer-readable storage medium may be ROM, random access memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc., which is not limited in this specification.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Emergency Alarm Devices (AREA)

Abstract

A transaction risk identification method and apparatus. The method comprises: receiving transaction information of a current transaction to be identified, the transaction information comprising user information and a device trust identifier corresponding to the current transaction, and the device trust identifier uniquely corresponding to a device where the current transaction occurs (101); sending the device trust identifier to a device center, and receiving a device query result corresponding to the device trust identifier and returned by the device center (102); and according to the device query result, performing risk identification on the transaction information (103).

Description

一种交易风险识别方法及装置Method and device for identifying transaction risk 技术领域Technical field
本说明书涉及互联网技术领域,尤其涉及一种交易风险识别方法及装置。This manual relates to the field of Internet technology, and in particular to a method and device for identifying transaction risks.
背景技术Background technique
随着互联网业务的不断丰富,基于互联网的支付方式深入发展,其中离线支付逐渐成为一种重要的支付方式。离线支付中,付款方只需要向收款方出示付款码,由收款方扫描付款码后主动向服务端发起扣款请求。但是,收款方无法获取付款方的设备信息,导致服务端无法从设备信息维度对此次交易支付进行风险评估,从而增加了付款方的支付风险。With the continuous enrichment of Internet services, Internet-based payment methods have developed in depth, and offline payment has gradually become an important payment method. In offline payment, the payer only needs to show the payment code to the payee, and the payee scans the payment code and initiates a deduction request to the server. However, the payee cannot obtain the payer's device information, which causes the server to be unable to conduct risk assessment of the transaction payment from the device information dimension, thereby increasing the payer's payment risk.
发明内容Summary of the invention
本说明书至少一个实施例提供了一种交易风险识别方法,以使得服务端能够准确对交易进行风险识别,降低付款方的支付风险。At least one embodiment of this specification provides a transaction risk identification method, so that the server can accurately identify the transaction risk and reduce the payment risk of the payer.
第一方面,提供了一种交易风险识别方法,所述方法包括:接收待识别的本次交易的交易信息,所述交易信息中包括本次交易对应的用户信息和设备信任标识;所述设备信任标识用于唯一对应本次交易发生所在的设备;将所述设备信任标识发送至设备中心,并接收所述设备中心返回的所述设备信任标识对应的设备查询结果;根据所述设备查询结果,对所述交易信息进行风险识别。In a first aspect, a transaction risk identification method is provided, the method includes: receiving transaction information of the current transaction to be recognized, the transaction information including user information corresponding to the transaction and a device trust identifier; the device The trust identifier is used to uniquely correspond to the device where the transaction occurred; send the device trust identifier to the device center, and receive the device query result corresponding to the device trust identifier returned by the device center; according to the device query result , Perform risk identification on the transaction information.
第二方面,提供了一种支付处理方法,应用于付款方客户端,所述方法包括:接收付款码生成请求;根据用户信息和设备信任标识,获取付款码;所述设备信任标识用于唯一对应本次交易发生所在的设备;所述付款码中包括所述用户信息和设备信任标识;In a second aspect, a payment processing method is provided, which is applied to a client of a payer, and the method includes: receiving a payment code generation request; obtaining a payment code based on user information and a device trust identifier; the device trust identifier is used to uniquely Corresponding to the device where the transaction occurred; the payment code includes the user information and the device trust identifier;
显示所述付款码,以使得收款方根据所述付款码执行本次支付交易。The payment code is displayed, so that the payee executes this payment transaction according to the payment code.
第三方面,提供了一种支付处理方法,所述方法包括:接收本次交易的支付请求,所述支付请求中携带:付款码和本次交易的支付信息;获取所述付款码中包括的用户信息和设备信任标识,所述设备信任标识用于唯一对应本次交易发生所在的设备;向支付系统发送本次交易的交易信息,所述交易信息中携带:所述用户信息、所述设备信任标识和所述支付信息。In a third aspect, a payment processing method is provided, the method comprising: receiving a payment request for this transaction, the payment request carrying: a payment code and payment information for this transaction; and obtaining information included in the payment code User information and device trust identifier, the device trust identifier is used to uniquely correspond to the device where this transaction occurs; the transaction information of this transaction is sent to the payment system, and the transaction information carries: the user information, the device The trust mark and the payment information.
第四方面,提供了一种交易风险识别装置,所述装置包括:接收模块,用于接收待识别的本次交易的交易信息,所述交易信息中包括本次交易对应的用户信息和设备信任标识;所述设备信任标识用于唯一对应本次交易发生所在的设备;处理模块,用于将所述设备信任标识发送至设备中心,并接收所述设备中心返回的所述设备信任标识对应的设备查询结果;风险识别模块,用于根据所述设备查询结果,对所述交易信息进行风险识别。In a fourth aspect, a transaction risk identification device is provided. The device includes: a receiving module for receiving transaction information of this transaction to be identified, the transaction information including user information and equipment trust corresponding to this transaction ID; the device trust ID is used to uniquely correspond to the device where the transaction occurs; the processing module is used to send the device trust ID to the device center, and receive the device trust ID returned by the device center corresponding to the device trust ID Equipment query result; a risk identification module for risk identification on the transaction information according to the equipment query result.
第五方面,提供了一种支付处理装置,应用于付款方客户端,所述装置包括:请求接收模块,用于接收付款码生成请求;获取模块,用于根据用户信息和设备信任标识,获取付款码;所述设备信任标识用于唯一对应本次交易发生所在的设备;所述付款码中包括所述用户信息和设备信任标识;显示模块,用于显示所述付款码,以使得收款方根据所述付款码执行本次支付交易。In a fifth aspect, a payment processing device is provided, which is applied to a client of a payer. The device includes: a request receiving module, configured to receive a payment code generation request; and an acquiring module, configured to obtain Payment code; the device trust identifier is used to uniquely correspond to the device where this transaction occurs; the payment code includes the user information and the device trust identifier; the display module is used to display the payment code to enable payment The party executes this payment transaction according to the payment code.
第六方面,提供了一种支付处理装置,所述装置包括:支付请求接收模块,用于接收本次交易的支付请求,所述支付请求中携带:付款码和本次交易的支付信息;第二获取模块,用于获取所述付款码中包括的用户信息和设备信任标识,所述设备信任标识用于唯一对应本次交易发生所在的设备;第二发送模块,用于向支付系统发送本次交易的交易信息,所述交易信息中携带:所述用户信息、所述设备信任标识和所述支付信息。In a sixth aspect, a payment processing device is provided. The device includes: a payment request receiving module for receiving a payment request for this transaction, the payment request carrying: a payment code and payment information for this transaction; The second acquiring module is used to acquire the user information and the device trust identifier included in the payment code, and the device trust identifier is used to uniquely correspond to the device where the transaction occurs; the second sending module is used to send this to the payment system Transaction information of the second transaction, where the transaction information carries: the user information, the device trust identifier, and the payment information.
第七方面,提供了一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现本说明书任一实施例所述的交易风险识别方法,或者实现本说明书任一实施例所述的支付处理方法。In a seventh aspect, a computer device is provided, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor. When the processor executes the program, the program described in any of the embodiments of this specification is implemented. The transaction risk identification method, or the payment processing method described in any embodiment of this specification.
第八方面,提供了一种计算机可读存储介质,其上存储有计算机程序,所述程序被处理器执行时实现本说明书任一实施例所述的交易风险识别方法,或者实现本说明书任一实施例所述的支付处理方法。In an eighth aspect, a computer-readable storage medium is provided, on which a computer program is stored. When the program is executed by a processor, the transaction risk identification method described in any of the embodiments of this specification is implemented, or any one of the embodiments of this specification is implemented. The payment processing method described in the embodiment.
由以上技术方案可以看出,本说明书一个实施例实现了,服务端根据设备信任标识查询到当前交易中付款方设备的设备信息,从而在设备信息维度进行准确风险识别,降低付款方支付风险。It can be seen from the above technical solutions that an embodiment of this specification realizes that the server can query the device information of the payer device in the current transaction according to the device trust identifier, so as to accurately identify the risk in the device information dimension and reduce the payment risk of the payer.
应当理解的是,以上的一般描述和后文的细节描述仅是示例性和解释性的,并不能限制本说明书。It should be understood that the above general description and the following detailed description are only exemplary and explanatory, and cannot limit this specification.
附图说明Description of the drawings
图1是根据一示例性实施例示出的一种交易风险识别方法流程图。Fig. 1 is a flow chart showing a method for identifying transaction risks according to an exemplary embodiment.
图2是根据一示例性实施例示出的一种支付处理方法流程图。Fig. 2 is a flow chart showing a payment processing method according to an exemplary embodiment.
图3是根据一示例性实施例示出的另一种支付处理方法流程图。Fig. 3 is a flow chart showing another payment processing method according to an exemplary embodiment.
图4是根据一示例性实施例示出的一种交易支付流程图。Fig. 4 is a flow chart showing a transaction payment according to an exemplary embodiment.
图5是根据一示例性实施例示出的一种交易风险识别装置示意图。Fig. 5 is a schematic diagram showing a transaction risk identification device according to an exemplary embodiment.
图6是根据一示例性实施例示出的一种支付处理装置示意图。Fig. 6 is a schematic diagram showing a payment processing device according to an exemplary embodiment.
图7是根据一示例性实施例示出的另一种支付处理装置示意图。Fig. 7 is a schematic diagram showing another payment processing device according to an exemplary embodiment.
图8是根据一示例性实施例示出的又一种支付处理装置示意图。Fig. 8 is a schematic diagram showing yet another payment processing device according to an exemplary embodiment.
具体实施方式Detailed ways
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本说明书相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本说明书的一些方面相一致的装置和方法的例子。The exemplary embodiments will be described in detail here, and examples thereof are shown in the accompanying drawings. When the following description refers to the accompanying drawings, unless otherwise indicated, the same numbers in different drawings represent the same or similar elements. The implementation manners described in the following exemplary embodiments do not represent all implementation manners consistent with this specification. Rather, they are merely examples of devices and methods consistent with some aspects of this specification as detailed in the appended claims.
在本说明书使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本说明书。在本说明书和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terms used in this specification are only for the purpose of describing specific embodiments, and are not intended to limit the specification. The singular forms of "a", "said" and "the" used in this specification and appended claims are also intended to include plural forms, unless the context clearly indicates other meanings. It should also be understood that the term "and/or" as used herein refers to and includes any or all possible combinations of one or more associated listed items.
应当理解,尽管在本说明书可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本说明书范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that although the terms first, second, third, etc. may be used in this specification to describe various information, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of this specification, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information. Depending on the context, the word "if" as used herein can be interpreted as "when" or "when" or "in response to determination".
本说明书至少一个实施例,提供了一种交易风险识别方法:服务端对当前交易进行风险识别时,根据当前交易中付款方设备的唯一设备信任标识从设备中心查询对应设备信息,根据设备中心返回的设备查询结果对当前交易进行风险识别。由于设备信任标识 能唯一对应当前交易中的设备信息,从而服务端可以准确获得当前交易的付款方设备信息,并从设备信息维度对当前交易进行风险识别,降低付款方的支付风险。At least one embodiment of this specification provides a transaction risk identification method: When the server performs risk identification on the current transaction, it queries the corresponding device information from the device center according to the unique device trust identifier of the payer device in the current transaction, and returns according to the device center The results of the equipment query to identify the risk of the current transaction. Since the device trust identifier can uniquely correspond to the device information in the current transaction, the server can accurately obtain the device information of the payer of the current transaction, and identify the risk of the current transaction from the device information dimension, reducing the payment risk of the payer.
为了使本说明书提供的交易风险识别方案更加清楚,下面结合附图和具体实施例对本说明书提供的方案执行过程进行详细描述。In order to make the transaction risk identification solution provided in this specification clearer, the following describes the execution process of the solution provided in this specification in detail with reference to the accompanying drawings and specific embodiments.
参见图1,图1是本说明书提供的实施例示出的一种交易风险识别方法流程图。该方法应用于风控系统,可以理解的是,具有风险识别控制功能的系统均可以视为“风控系统”,在此不做限制。Refer to Fig. 1, which is a flowchart of a method for identifying transaction risks according to an embodiment provided in this specification. This method is applied to a risk control system. It is understandable that all systems with risk identification and control functions can be regarded as "risk control systems", and there is no restriction here.
如图1所示,该流程包括步骤101至步骤103。As shown in Figure 1, the process includes step 101 to step 103.
步骤101,接收待识别的本次交易的交易信息,所述交易信息中包括本次交易对应的用户信息和设备信任标识;所述设备信任标识用于唯一对应本次交易发生所在的设备。Step 101: Receive transaction information of this transaction to be identified, where the transaction information includes user information and device trust identifier corresponding to this transaction; the device trust identifier is used to uniquely correspond to the device where the transaction occurs.
支付系统对本次交易进行对应支付操作前,需要先向风控系统查询本次交易的风险,根据风控系统的风险反馈决定是否进行支付操作。本步骤正是支付系统向风控系统发送“查询请求”时,风控系统接收本次交易中付款方的用户信息和设备信任标识。Before the payment system performs a corresponding payment operation for this transaction, it needs to check the risk of the transaction with the risk control system, and decide whether to perform the payment operation based on the risk feedback of the risk control system. This step is when the payment system sends a "query request" to the risk control system, and the risk control system receives the user information and device trust identifier of the payer in this transaction.
其中,设备信任标识是能够唯一对应当前交易中付款方所使用的设备。例如,设备信任标识可以是当前交易中付款方设备的国际移动设备身份码,可以唯一对应一台设备的“码”均可以作为上述设备信任标识,本说明书不作限制。例如,设备信任标识也可以是基于国际移动设备身份码、国际移动用户识别码、客户端随机数和服务端随机数而生成的唯一标识-设备信任标识(Trust ID,简记TID)。TID是本次交易中同用户同设备的唯一标识,风控系统可以通过TID查询到付款方客户端所在设备的全部信息,从而从不同维度对本次交易进行风险识别。Among them, the device trust identifier can uniquely correspond to the device used by the payer in the current transaction. For example, the device trust identifier can be the international mobile device identity code of the payer's device in the current transaction, and the "code" that can uniquely correspond to a device can be used as the above device trust identifier, which is not limited in this manual. For example, the device trust identifier may also be a unique identifier generated based on an international mobile device identity code, an international mobile subscriber identity code, a client random number, and a server random number-a device trust identifier (Trust ID, TID). TID is the unique identification of the same user and the same device in this transaction. The risk control system can query all the information of the device where the payer’s client is located through TID, thereby identifying risks in this transaction from different dimensions.
步骤102,将所述设备信任标识发送至设备中心,并接收所述设备中心返回的所述设备信任标识对应的设备查询结果。Step 102: Send the device trust identifier to the device center, and receive the device query result corresponding to the device trust identifier returned by the device center.
设备中心预先存储了设备信息和设备信任标识的映射关系。本步骤中,风控系统将设备信任标识发送至设备中心进行查询,并且接受设备中心反馈的查询结果。例如,设备中心查询相同设备信任标识对应的设备信息是设备A,则将设备查询结果-设备A,反馈至风控系统;设备中心查询不存在相同的设备信任标识,则将设备查询结果-不存在相同设备信任标识,反馈至风控系统。The device center pre-stores the mapping relationship between the device information and the device trust identifier. In this step, the risk control system sends the equipment trust mark to the equipment center for query, and accepts the query result fed back by the equipment center. For example, if the equipment center queries the equipment information corresponding to the same equipment trust identifier as equipment A, it will feed back the equipment query result-equipment A to the risk control system; if the equipment center queries the same equipment trust identifier, the equipment query result-no The existence of the same equipment trust mark is fed back to the risk control system.
步骤103,根据所述设备查询结果,对所述交易信息进行风险识别。Step 103: Perform risk identification on the transaction information according to the device query result.
风控系统基于设备的历史交易信息,已经进行了多维度的数据累计和事实判断。本步骤中风控系统根据设备查询结果,结合本次交易中用户历史交易信息,对本次交易的交易信息进行风险识别。例如,设备查询结果显示设备信息是设备A,风控系统通过历史交易信息查询得到该用户一直在使用设备A进行交易,则可以在设备信息维度识别本次交易无风险;如果风控系统通过历史交易信息查询得到该用户一直在使用设备B进行交易,则可以在设备信息维度识别本次交易高风险。Based on the historical transaction information of the equipment, the risk control system has carried out multi-dimensional data accumulation and factual judgment. In this step, the risk control system performs risk identification on the transaction information of this transaction based on the results of the device query and combined with the user's historical transaction information in this transaction. For example, the device query result shows that the device information is device A, and the risk control system obtains that the user has been using device A to conduct transactions through historical transaction information, and then the transaction can be identified as risk-free in the device information dimension; if the risk control system passes the history The transaction information query obtains that the user has been using device B for transactions, and the high risk of this transaction can be identified in the device information dimension.
风控系统在设备维度进行风险识别的基础上,还可以结合其他维度综合识别本次交易的风险,例如,通过判断本次交易地点与历史交易地点是否一致,识别当前交易风险;通过判断本次交易的交易对象与历史交易对象是否类型相同,识别当前交易风险。例如,风控系统根据TID值获取本次交易付款方设备的全部信息后,从SIM卡维度进行风险识别,发现本次交易付款方的SIM存在同SIM卡多账户登录,则可以根据登录次数识别本次交易的风险;从设备维度进行风险识别,发现本次交易付款方设备存在同设备多账户登录,则根据登录账户数量识别本次交易的风险。上述用户历史交易信息还可以包括:交易时间、交易对象类型、交易对应商品类型或交易金额大小等。Based on the risk identification of the equipment dimension, the risk control system can also comprehensively identify the risk of this transaction in combination with other dimensions. For example, by judging whether the transaction location is consistent with the historical transaction location, the current transaction risk can be identified; Whether the transaction object of the transaction and the historical transaction object are of the same type, identify the current transaction risk. For example, after the risk control system obtains all the information of the payer's device in this transaction based on the TID value, it performs risk identification from the SIM card dimension, and finds that the SIM card of the payer in this transaction has multiple logins with the SIM card, and it can be identified based on the number of logins. The risk of this transaction: Perform risk identification from the device dimension and find that the device of the payer of this transaction has multiple account logins with the same device, and then identify the risk of this transaction based on the number of logged-in accounts. The aforementioned user historical transaction information may also include: transaction time, transaction object type, transaction corresponding commodity type or transaction amount, etc.
在一个例子中,所述根据所述设备查询结果,对所述交易信息进行风险识别,包括:若所述设备中心返回的设备查询结果包括:不存在所述设备信任标识对应的设备信息,则确认所述本次交易是风险交易。设备中心通过查询确定不存在相同的设备信任标识(也就没有对应的设备信息),则可以在设备信息维度识别当前交易高风险。举例说明:甲一直使用设备A进行支付交易,不法人员乙非法获取了甲的用户信息并在设备B上登录进行离线支付(称为不法交易),并且在离线支付时拦截发送至设备中心的设备信息(设备B)和用户信息的数据包,导致设备中心未能存储设备B和设备信任标识b的映射关系。风控系统对这次不法交易进行识别时,发送设备信任标识b至设备中心后,设备中心查询返回不存在设备信任标识b对应的设备信息的结果,风控系统可以确认这次不法交易是风险交易,从而阻止此次交易。In an example, the performing risk identification on the transaction information according to the device query result includes: if the device query result returned by the device center includes: there is no device information corresponding to the device trust identifier, then Confirm that this transaction is a risky transaction. The equipment center determines through query that there is no identical equipment trust identifier (that is, no corresponding equipment information), and it can identify the high risk of the current transaction in the dimension of equipment information. For example: A has been using device A for payment transactions, criminal B illegally obtained A’s user information and logged in on device B for offline payment (called illegal transactions), and intercepted the device sent to the device center during offline payment The data packet of information (device B) and user information causes the device center to fail to store the mapping relationship between device B and device trust identifier b. When the risk control system identifies this illegal transaction, after sending the device trust mark b to the equipment center, the device center query returns the result that there is no device information corresponding to the device trust mark b, and the risk control system can confirm that the illegal transaction is a risk Transaction, thereby preventing this transaction.
在一个例子中,所述根据所述设备查询结果,对所述交易信息进行风险识别,包括:若所述设备中心返回的设备查询结果包括:所述设备信任标识对应的设备信息,且确认所述设备信息与所述用户信息的历史所在设备不同,确认所述本次交易为风险交易。举例说明:甲一直使用设备A进行支付交易,不法人员乙非法获取了甲的用户信息并在设备B上登录进行离线支付(称为不法交易),并且在离线支付时发送设备信息(设备B)和用户信息至设备中心,设备中心存储设备B和设备信任标识b的映射关系。风控系统 对这次不法交易进行识别时,发送设备信任标识b至设备中心后,设备中心查询返回设备信任标识b对应的设备信息是设备B,风控系统发现设备B与历史交易信息中设备A的设备信息不一致,则确认这次不法交易为风险交易,从而及时阻止此次不法交易。In an example, the performing risk identification on the transaction information according to the device query result includes: if the device query result returned by the device center includes: device information corresponding to the device trust identifier, and confirming all The device information is different from the device where the history of the user information is located, and it is confirmed that the current transaction is a risky transaction. For example: A has been using device A for payment transactions, criminal B illegally obtained A’s user information and logged in on device B for offline payment (known as illegal transactions), and sent device information (device B) during offline payment And user information to the device center, the device center stores the mapping relationship between device B and device trust identifier b. When the risk control system recognizes this illegal transaction, it sends the device trust mark b to the equipment center, and the equipment center queries and returns the device information corresponding to the device trust mark b is equipment B. The risk control system finds equipment B and the equipment in the historical transaction information If the equipment information of A is inconsistent, the illegal transaction is confirmed as a risky transaction, so as to prevent the illegal transaction in time.
本实施例的交易风险识别方法,风控系统在对本次交易进行风险识别时,通过本次交易的交易信息获取本次交易的用户信息和唯一对应本次交易中付款方设备的设备信任标识,根据设备信任标识从设备中心查询对应的设备信息,从而在设备信息维度对本次交易进行风险识别,从而降低付款方的支付风险。由于设备信任标识能够唯一对应当前交易中付款方设备,保证了风控系统根据设备信任标识查询到的设备信息是当前交易中付款方设备的设备信息,从而在设备信息维度进行准确风险识别,降低付款方支付风险。In the transaction risk identification method of this embodiment, when the risk control system performs risk identification of this transaction, the transaction information of this transaction obtains the user information of this transaction and the device trust identifier uniquely corresponding to the payer device in this transaction , According to the device trust mark, query the corresponding device information from the device center, so as to identify the risk of this transaction in the device information dimension, thereby reducing the payment risk of the payer. Since the device trust ID can uniquely correspond to the payer's device in the current transaction, it is ensured that the device information queried by the risk control system based on the device trust ID is the device information of the payer's device in the current transaction, so that accurate risk identification is performed in the device information dimension and reduces Payer’s payment risk.
参见图2,图2是本说明书实施例示出的一种支付处理方法流程图。该方法应用于付款方客户端。Refer to Fig. 2, which is a flowchart of a payment processing method shown in an embodiment of this specification. This method is applied to the client of the payer.
如图2所示,本实施例流程包括以下步骤201至步骤203。As shown in FIG. 2, the process of this embodiment includes the following steps 201 to 203.
步骤201,接收付款码生成请求。Step 201: Receive a payment code generation request.
用户在使用付款方客户端进行支付时,会向付款方客户端输入显示付款码的命令,例如,用户点击付款方客户端的“付款码”按钮。本步骤中,付款方客户端接收到付款码生成请求(对应用户向付款客户端输入显示付款码的命令)。When the user uses the payer's client to make a payment, he will input a command to display the payment code to the payer's client. For example, the user clicks the "Payment Code" button on the payer's client. In this step, the payer client receives the payment code generation request (corresponding to the user inputting a command to display the payment code to the payment client).
在一个例子中,在所述接收付款码生成请求之前,所述方法还包括:将所述客户端所在设备的设备信息和所述设备信任标识,发送至设备中心,以使得所述设备中心存储所述设备信息和所述设备信任标识的映射关系。付款方客户端以直接或间接形式发送设备信息和设备信任标识至设备中心,例如,中间经过若干中间设备最终发送至设备中心。设备中心作为支付系统中的后台微服务应用,具有查看、删除、存储设备信息等相关管理功能,并且具有高稳定性和可维护性等特性。在设备中心存储和管理设备信息与设备信任标识的映射关系,相比于风控系统临时存储设备信息,可靠性和可管理性更高。In an example, before the receiving the payment code generation request, the method further includes: sending the device information of the device where the client is located and the device trust identifier to the device center, so that the device center stores The mapping relationship between the device information and the device trust identifier. The payer client directly or indirectly sends the device information and the device trust identifier to the device center, for example, through a number of intermediate devices and finally sent to the device center. As the back-end microservice application in the payment system, the device center has related management functions such as viewing, deleting, and storing device information, as well as features such as high stability and maintainability. The storage and management of the mapping relationship between the device information and the device trust mark in the device center is more reliable and manageable than the temporary storage of device information in the risk control system.
在一个例子中,所述将所述支付客户端所在设备的设备信息和所述设备信任标识,发送至设备中心,包括:在检测到客户端登录时,将所述设备信息和所述设备信任标识,发送至设备中心。付款方客户端检测到用户登录客户端时,自动将设备信息和设备信任标识发送至设备中心。上述“用户登录客户端”包括用户打开客户端后,客户端基于保存的账户信息的自动登录。In an example, the sending the device information of the device where the payment client is located and the device trust identifier to the device center includes: when the client login is detected, the device information and the device trust Identification, sent to the equipment center. When the payer client detects that the user logs in to the client, it will automatically send the device information and device trust identifier to the device center. The above-mentioned "user login client" includes the automatic login of the client based on the saved account information after the user opens the client.
在一个例子中,在所述接收付款码生成请求之前,所述方法还包括:存储设备信任标识,所述设备信任标识是服务器根据设备关联参数生成的标识,所述设备关联参数包括:国际移动设备身份码、国际移动用户识别码、客户端生成的随机数和服务端生成的随机数。用户输入用户信息(如账号和密码)在第一次登录付款方客户端时,服务端根据当前付款方客户端所在设备的国际移动设备身份码、所在设备中国际移动用户识别码、当前付款方客户端生成的随机数和服务端生成的随机数四个设备关联参数生成设备信任标识(Trust ID,简记TID),用TID来唯一对应付款方客户端所在的设备,付款方客户端存储TID。In an example, before receiving the payment code generation request, the method further includes: storing a device trust identifier, the device trust identifier being an identifier generated by the server according to device association parameters, and the device association parameters include: International Mobile Device identification code, international mobile user identification code, random number generated by the client and random number generated by the server. When the user enters user information (such as account number and password) when logging in to the payer’s client for the first time, the server will use the international mobile device identification code of the device where the current payer’s client is located, the international mobile user identification code in the device where the payer is located, and the current payer The random number generated by the client and the random number generated by the server are four device-related parameters to generate the device trust ID (Trust ID, abbreviated as TID), and the TID is used to uniquely correspond to the device where the payer client is located, and the payer client stores the TID .
上述“用户输入用户信息(如账号和密码)在第一次登录付款方客户端时”,服务端会对应生成设备信任标识存储在付款方客户端;而在第一次登录付款方客户端记录登录信息后,用户再次使用时客户端自动登录时,服务端不会重新生成新的设备信任标识。针对上述“用户输入用户信息(如账号和密码)在第一次登录付款方客户端时”的理解,举例如下:设备A中付款方客户端a中登录了用户甲的账号,在a中退出并重新登录甲的账号,则服务端重新生成设备信任标识;在a中退出甲的账号后登录乙的账号,则服务端重新生成设备信任标识;在a中登录用户甲的账号时,更换移动SIM卡,则重新生成设备信任标识。The above "user enters user information (such as account number and password) when logging in to the payer's client for the first time", the server will generate a device trust identifier and store it in the payer's client; and the record is recorded on the payer's client for the first login After the login information, when the client automatically logs in when the user uses it again, the server will not regenerate a new device trust identifier. Regarding the above understanding of "the user enters user information (such as account number and password) when logging in to the payer's client for the first time", an example is as follows: in device A, the payer's client a logs in to user A's account, and log out in a And re-login to A’s account, the server will regenerate the device trust identifier; log out of A’s account in a and log in to B’s account, then the server will regenerate the device trust identifier; when logging in to user A’s account in a, change the mobile SIM card, the device trust mark is regenerated.
步骤202,根据用户信息和设备信任标识,获取付款码;所述设备信任标识用于唯一对应本次交易发生所在的设备;所述付款码中包括所述用户信息和设备信任标识。Step 202: Obtain a payment code according to the user information and the device trust identifier; the device trust identifier is used to uniquely correspond to the device where the transaction occurs; the payment code includes the user information and the device trust identifier.
本步骤中,付款方客户端根据用户信息和设备信任标识去解码中心获取付款码。In this step, the payer client goes to the decoding center to obtain the payment code according to the user information and the device trust identifier.
在一个例子中,所述根据用户信息和设备信任标识,获取付款码,包括:向解码中心发送付款码获取请求,所述付款码获取请求包括:所述用户信息和设备信任标识;接收所述解码中心返回的所述付款码,所述付款码是所述解码中心根据所述用户信息和设备信任标识生成。付款方客户端将包含用户信息和设备信任标识的付款码请求发送至解码中心,解码中心根据用户信息和设备信任标识生成付款码并返回付款方客户端。In an example, the obtaining the payment code according to the user information and the device trust identifier includes: sending a payment code obtaining request to a decoding center, and the payment code obtaining request includes: the user information and the device trust identifier; receiving the Decoding the payment code returned by the center, where the payment code is generated by the decoding center according to the user information and the device trust identifier. The payer client sends a payment code request containing the user information and the device trust identifier to the decoding center, and the decoding center generates the payment code based on the user information and the device trust identifier and returns it to the payer client.
步骤203,显示所述付款码,以使得收款方根据所述付款码执行本次支付交易。Step 203: Display the payment code so that the payee executes the current payment transaction according to the payment code.
付款方客户端向收款方客户端显示付款码,以使收款方获取付款码并执行本次支付交易。The payer client displays the payment code to the payee client so that the payee can obtain the payment code and execute the payment transaction.
本实施例的支付处理方法中,付款方客户端根据用户信息和唯一对应本次交易发生所在设备的设备信任标识获取付款码并显示,以使得收款方客户端通过付款码获取用户 信息和设备信任标识,从而收款方客户端可以基于用户信息和设备信任标识发起本次交易的支付请求。In the payment processing method of this embodiment, the payer client obtains and displays the payment code according to the user information and the device trust identifier uniquely corresponding to the device where the transaction occurs, so that the payee client obtains the user information and device through the payment code Trust the ID, so that the payee client can initiate a payment request for this transaction based on the user information and the device trust ID.
参见图3,图3是本说明书实施例示出的一种支付处理方法流程图。该方法应用于收款方服务端。Refer to Fig. 3, which is a flowchart of a payment processing method shown in an embodiment of this specification. This method is applied to the receiver's server.
如图3所示,本实施例流程包括以下步骤301至步骤303。As shown in FIG. 3, the process of this embodiment includes the following steps 301 to 303.
步骤301,接收本次交易的支付请求,所述支付请求中携带:付款码和本次交易的支付信息。Step 301: Receive a payment request for this transaction, where the payment request carries: a payment code and payment information for this transaction.
收款方客户端获取付款码后,向收款方服务端发送本次交易的支付请求,支付请求中携带付款码和支付信息。其中支付信息可以包括:收款方账户、交易金额、商品信息和交易时间等。After obtaining the payment code, the payee client sends a payment request for this transaction to the payee server. The payment request carries the payment code and payment information. The payment information may include: payee account, transaction amount, product information, transaction time, etc.
步骤302,获取所述付款码中包括的用户信息和设备信任标识,所述设备信任标识用于唯一对应本次交易发生所在的设备。Step 302: Obtain the user information and the device trust identifier included in the payment code, where the device trust identifier is used to uniquely correspond to the device where the transaction occurs.
收款方服务端将付款码发送至解码中心进行解析,并从解析结果中获取用户信息和设备信任标识。其中,设备信任标识唯一对应本次交易中付款方客户端所在设备。The payee server sends the payment code to the decoding center for analysis, and obtains the user information and the device trust identifier from the analysis result. Among them, the device trust identifier uniquely corresponds to the device where the payer client is located in this transaction.
在一个例子中,所述获取所述付款码中包括的用户信息和设备信任标识,包括:向解码中心发送解析请求,所述解析请求包括:所述付款码;接收所述解码中心返回的由所述付款码解析得到的所述用户信息和设备信任标识。In an example, the obtaining the user information and the device trust identifier included in the payment code includes: sending an analysis request to a decoding center, where the analysis request includes: the payment code; and receiving the payment code returned by the decoding center The user information and device trust identifier obtained by analyzing the payment code.
步骤303,向支付系统发送本次交易的交易信息,所述交易信息中携带:所述用户信息、所述设备信任标识和所述支付信息。Step 303: Send transaction information of this transaction to the payment system, where the transaction information carries: the user information, the device trust identifier, and the payment information.
收款方服务端将本次交易的交易信息发送至支付系统,以由支付系统为本次交易进行支付操作。The payee server sends the transaction information of this transaction to the payment system, so that the payment system performs the payment operation for this transaction.
本实施例的支付处理方法中,收款方服务端获取付款码中本次交易的用户信息和唯一对应本次交易发生所在设备的设备信任标识,并将本次交易的用户信息、设备信任标识和支付信息发送至支付系统,以由支付系统根据风控系统的风险识别结果对本次交易进行支付操作。In the payment processing method of this embodiment, the payee server obtains the user information of the transaction in the payment code and the device trust identifier uniquely corresponding to the device where the transaction occurs, and combines the user information and device trust identifier of the transaction And the payment information is sent to the payment system, so that the payment system will perform the payment operation for this transaction according to the risk identification result of the risk control system.
图4示例了一个完整交易支付过程,描述了应用本说明书实施例示出的交易风险识别方法来对本次交易的支付进行风险控制的过程,如图4所示,该过程可以包括步骤401至步骤416。Figure 4 illustrates a complete transaction payment process, describing the process of applying the transaction risk identification method shown in the embodiment of this specification to carry out risk control on the payment of this transaction. As shown in Figure 4, the process can include steps 401 to 416.
在步骤401中,付款方客户端在第一次登录当前账户时(用户输入账号密码进行登录时),存储服务端生成的设备信任标识。该设备信任标识是服务端根据付款方客户端所在设备的国际移动设备身份码、国际移动用户识别码及客户端随机数和服务端随机数四个影响因子而生成的唯一标识,所以该设备信任标识唯一对应付款方客户端所在设备。In step 401, when the payer client logs in to the current account for the first time (when the user enters the account password to log in), the device trust identifier generated by the server is stored. The device trust identifier is a unique identifier generated by the server according to the four influencing factors of the international mobile device identification code, the international mobile subscriber identification code, the client random number and the server random number of the device where the payer’s client is located, so the device trusts The identification uniquely corresponds to the device where the payer's client is located.
付款方客户端自动登录当前账户时(用户打开付款方客户端且客户端自动登录当前账户时),如步骤402,将设备信息和设备信任标识发送至设备中心存储对应的映射关系。其中设备信息是能够表示当前付款方客户端所在设备的信息,例如可以是国际移动设备身份码。When the payer client automatically logs in to the current account (when the user opens the payer client and the client automatically logs in to the current account), in step 402, the device information and the device trust identifier are sent to the device center to store the corresponding mapping relationship. The device information is information that can indicate the device where the current payer's client is located, for example, it may be an international mobile device identity code.
付款方客户端接收到付款码生成请求时(用户输入付款码生成指令,例如点击客户端“付款码”按钮时),在步骤403中,发送携带用户信息和设备信任标识的付款码获取请求至解码中心,由解码中心根据用户信息和设备信任标识生成付款码并返回(步骤404)至付款方客户端。When the payer client receives the payment code generation request (the user enters the payment code generation instruction, for example, when clicking the "Payment Code" button on the client side), in step 403, the payment code acquisition request carrying the user information and the device trust identifier is sent to In the decoding center, the decoding center generates a payment code according to the user information and the device trust identifier and returns (step 404) to the payer client.
步骤405,付款方客户端向收款方客户端显示付款码,以由收款方在步骤406扫码并获取付款码。其中,步骤405中付款方客户端显示付款码可以有时效限制,例如付款码生成后3分钟内有效;如果超过3分钟付款码作废,需要在解码中心重新生成付款码并返回至付款方客户端。In step 405, the payer client displays the payment code to the payee client, so that the payee scans the code in step 406 and obtains the payment code. Among them, the payment code displayed by the payer client in step 405 can be time-limited, for example, the payment code is valid within 3 minutes after it is generated; if the payment code becomes invalid after 3 minutes, the payment code needs to be regenerated in the decoding center and returned to the payer client .
收款方客户端在步骤407,发送携带付款码和支付信息的支付请求至收款方服务端,其中,支付信息中可以包括:收款方账户、交易金额、商品信息和交易时间等。In step 407, the payee client sends a payment request carrying the payment code and payment information to the payee server. The payment information may include: payee account, transaction amount, product information, and transaction time.
收款方服务端收到支付请求后,如步骤408,发送携带付款码的支付请求至解码中心,由解码中心解析付款码后在步骤409返回用户信息和设备信任标识至收款方服务端。收款方服务端将本次交易的完整的交易信息发送至支付系统,以由支付系统对本次交易执行支付操作。其中,步骤410中,交易信息包括:用户信息、设备信任标识和支付信息。After receiving the payment request, the payee server sends a payment request carrying the payment code to the decoding center in step 408, and the decoding center parses the payment code and returns the user information and device trust identifier to the payee server in step 409. The payee server sends the complete transaction information of this transaction to the payment system, so that the payment system performs the payment operation for this transaction. Wherein, in step 410, the transaction information includes: user information, device trust identifier, and payment information.
支付系统在对本次交易执行支付操作前,先向风控系统咨询本次交易是否存在风险。如步骤411,支付系统发送携带用户信息和设备信任标识的交易信息至风控系统。如步骤412和步骤413,风控系统发送设备信任标识至设备中心,由设备中心根据存储的映射关系得到设备查询结果并返回至风控系统。其中,设备查询结果包括:不存在设备信任标识对应的设备信息或设备信任标识对应的设备信息。Before the payment system performs payment operations on this transaction, it first consults with the risk control system whether there is any risk in this transaction. In step 411, the payment system sends transaction information carrying user information and device trust identification to the risk control system. In steps 412 and 413, the risk control system sends the equipment trust mark to the equipment center, and the equipment center obtains the equipment query result according to the stored mapping relationship and returns it to the risk control system. The device query result includes: there is no device information corresponding to the device trust identifier or device information corresponding to the device trust identifier.
风控系统根据设备查询结果,在步骤414对本次交易的交易信息进行设备信息维度 的风险识别。例如,设备查询结果是不存在设备信任标识对应的设备信息,则识别本次交易高风险;若设备查询结果是设备信任标识对应的设备信息是设备B,且确认本次交易中用户常用设备是设备A,则识别本次交易是高风险;若设备查询结果是设备信任标识对应的设备信息是设备B,且确认本次交易中用户常用设备是设备B,则识别本次交易无风险。在步骤414风险识别中,风控系统基于设备信息维度的风险识别,综合其他多种历史信息,从多个维度对本次交易进行风险识别,最后综合得出本次交易的风险识别结果,作为风控结果在步骤415中返回至支付系统。其中,多种历史信息包括,本次交易中用户历史交易的地点、交易时间、交易对象类型、交易商品类型和交易金额大小等。According to the result of the equipment query, the risk control system performs risk identification of the equipment information dimension on the transaction information of this transaction in step 414. For example, if the device query result is that there is no device information corresponding to the device trust mark, the transaction is high risk; if the device query result is that the device information corresponding to the device trust mark is device B, and it is confirmed that the user’s commonly used device in this transaction is Device A identifies that this transaction is a high risk; if the device query result is that the device information corresponding to the device trust mark is device B, and it is confirmed that the user's commonly used device in this transaction is device B, then it is identified that this transaction is risk-free. In step 414 risk identification, the risk control system is based on the risk identification of the equipment information dimension, and integrates other kinds of historical information, carries out risk identification of this transaction from multiple dimensions, and finally comprehensively obtains the risk identification result of this transaction, as The risk control result is returned to the payment system in step 415. Among them, a variety of historical information includes, the user's historical transaction location, transaction time, transaction object type, transaction commodity type and transaction amount in this transaction.
最后支付系统,根据风控结果,完成本次交易的支付操作(步骤416);或,放弃本次交易的支付操作。Finally, the payment system completes the payment operation for this transaction according to the risk control result (step 416); or, abandons the payment operation for this transaction.
本实施描述了一个完整交易支付过程,付款方客户端预先将设备信息和唯一对应付款方客户端所在设备的设备信任标识存储在设备中心,收款方服务端通过付款方客户端显示的付款码获得设备信息和设备信任标识,从而风控系统在对本次交易进行风险识别时,可以根据设备信任标识从设备中心查询到对应的设备信息,在设备信息维度对本息交易进行风险识别。由于设备信任标识唯一对应本次交易付款方客户端所在设备,从而风控系统能够准确得到本次交易付款方的设备信息,在设备信息维度进行风险识别,降低了付款方的支付风险。This implementation describes a complete transaction payment process. The payer client stores the device information and the device trust identifier uniquely corresponding to the device where the payer client is located in the device center in advance, and the payee server uses the payment code displayed by the payer client. Obtain the equipment information and the equipment trust mark, so that when the risk control system identifies the risk of this transaction, it can query the corresponding equipment information from the equipment center according to the equipment trust mark, and identify the risk of principal and interest transactions in the equipment information dimension. Since the device trust identifier uniquely corresponds to the device where the payer's client is located in this transaction, the risk control system can accurately obtain the device information of the payer of this transaction, and perform risk identification in the device information dimension, which reduces the payment risk of the payer.
图5所示,本说明书提供了一种交易风险识别装置,该装置可以执行本说明书任一实施例的交易风险识别方法。该装置可以包括接收模块501、处理模块502和风险识别模块503。其中:接收模块501,用于接收待识别的本次交易的交易信息,所述交易信息中包括本次交易对应的用户信息和设备信任标识;所述设备信任标识用于唯一对应本次交易发生所在的设备;处理模块502,用于将所述设备信任标识发送至设备中心,并接收所述设备中心返回的所述设备信任标识对应的设备查询结果;风险识别模块503,用于根据所述设备查询结果,对所述交易信息进行风险识别。As shown in Figure 5, this specification provides a transaction risk identification device, which can execute the transaction risk identification method of any embodiment of this specification. The device may include a receiving module 501, a processing module 502, and a risk identification module 503. Wherein: the receiving module 501 is used to receive the transaction information of this transaction to be identified, the transaction information includes the user information corresponding to this transaction and the device trust identifier; the device trust identifier is used to uniquely correspond to the occurrence of this transaction The device where it is located; processing module 502, used to send the device trust identifier to the device center, and receive the device query results corresponding to the device trust identifier returned by the device center; risk identification module 503, used to As a result of the equipment query, risk identification is performed on the transaction information.
在一个实施例中,所述风险识别模块503,用于根据所述设备查询结果,对所述交易信息进行风险识别时,包括:当所述设备中心返回的设备查询结果包括:不存在所述设备信任标识对应的设备信息,确认所述本次交易是风险交易。In one embodiment, the risk identification module 503 is configured to perform risk identification on the transaction information according to the device query result, including: when the device query result returned by the device center includes: the device query result does not exist The device information corresponding to the device trust identifier confirms that the current transaction is a risky transaction.
在一个实施例中,所述风险识别模块503,用于根据所述设备查询结果,对所述交 易信息进行风险识别时,包括:当所述设备中心返回的设备查询结果包括:所述设备信任标识对应的设备信息,且确认所述设备信息与所述用户信息的历史所在设备不同,确认所述本次交易为风险交易。In one embodiment, the risk identification module 503 is configured to perform risk identification on the transaction information according to the device query result, including: when the device query result returned by the device center includes: the device trust Identify the corresponding device information, confirm that the device information is different from the device where the history of the user information is located, and confirm that the current transaction is a risky transaction.
图6所示,本说明书提供了一种支付处理装置,该装置可以执行本说明书任一实施例的支付处理方法。该装置可以包括请求接收模块601、获取模块602和显示模块603。其中:请求接收模块601,用于接收付款码生成请求;获取模块602,用于根据用户信息和设备信任标识,获取付款码;所述设备信任标识用于唯一对应本次交易发生所在的设备;所述付款码中包括所述用户信息和设备信任标识;显示模块603,用于显示所述付款码,以使得收款方根据所述付款码执行本次支付交易。As shown in Figure 6, this specification provides a payment processing device that can execute the payment processing method of any embodiment of this specification. The device may include a request receiving module 601, an obtaining module 602, and a display module 603. Wherein: the request receiving module 601 is used to receive the payment code generation request; the obtaining module 602 is used to obtain the payment code according to the user information and the device trust identifier; the device trust identifier is used to uniquely correspond to the device where the transaction occurred; The payment code includes the user information and the device trust identifier; the display module 603 is configured to display the payment code so that the payee can execute the current payment transaction according to the payment code.
在一个实施例中,所述获取模块602,用于根据用户信息和设备信任标识,获取付款码时,包括:向解码中心发送付款码获取请求,所述付款码获取请求包括:所述用户信息和设备信任标识;接收所述解码中心返回的所述付款码,所述付款码是所述解码中心根据所述用户信息和设备信任标识生成。In one embodiment, the obtaining module 602 is configured to obtain the payment code according to the user information and the device trust identifier, including: sending a payment code obtaining request to the decoding center, and the payment code obtaining request includes: the user information And a device trust identifier; receiving the payment code returned by the decoding center, where the payment code is generated by the decoding center according to the user information and the device trust identifier.
在一个实施例中,如图7所示,所述装置还包括:发送模块701,用于将所述付款方客户端所在设备的设备信息和所述设备信任标识,发送至设备中心,以使得所述设备中心存储所述设备信息和所述设备信任标识的映射关系。In one embodiment, as shown in FIG. 7, the apparatus further includes: a sending module 701, configured to send the device information of the device where the payer client is located and the device trust identifier to the device center, so that The device center stores the mapping relationship between the device information and the device trust identifier.
在一个实施例中,所述发送模块701,用于将所述付款方客户端所在设备的设备信息和所述设备信任标识,发送至设备中心时,包括:在检测到客户端登录时,将所述设备信息和所述设备信任标识,发送至设备中心。In one embodiment, the sending module 701 is configured to send the device information of the device where the payer client is located and the device trust identifier to the device center, including: when the client login is detected, sending The device information and the device trust identifier are sent to the device center.
在一个实施例中,如图7所示,所述装置还包括:存储模块702,用于存储设备信任标识,所述设备信任标识是服务器根据设备关联参数生成的标识,所述设备关联参数包括:国际移动设备身份码、国际移动用户识别码、客户端生成的随机数和服务端生成的随机数。In one embodiment, as shown in FIG. 7, the apparatus further includes: a storage module 702, configured to store a device trust identifier, the device trust identifier being an identifier generated by the server according to device associated parameters, and the device associated parameters include : International Mobile Equipment Identity Code, International Mobile User Identity Code, random number generated by the client and random number generated by the server.
图8所示,本说明书提供了另一种支付处理装置,该装置可以执行本说明书任一实施例的支付处理方法。该装置可以包括支付请求接收模块801、第二获取模块802和第二发送模块803。其中:支付请求接收模块801,用于接收本次交易的支付请求,所述支付请求中携带:付款码和本次交易的支付信息;第二获取模块802,用于获取所述付款码中包括的用户信息和设备信任标识,所述设备信任标识用于唯一对应本次交易发生所在的设备;第二发送模块803,用于向支付系统发送本次交易的交易信息,所述交易 信息中携带:所述用户信息、所述设备信任标识和所述支付信息。As shown in Figure 8, this specification provides another payment processing device, which can execute the payment processing method of any embodiment of this specification. The device may include a payment request receiving module 801, a second obtaining module 802, and a second sending module 803. Wherein: the payment request receiving module 801 is used to receive the payment request of this transaction, and the payment request carries: the payment code and the payment information of this transaction; the second obtaining module 802 is used to obtain the payment code including The user information and the device trust identifier of the device are used to uniquely correspond to the device where the transaction occurs; the second sending module 803 is used to send the transaction information of this transaction to the payment system, and the transaction information carries : The user information, the device trust identifier, and the payment information.
在一个实施例中,所述第二获取模块802,用于获取所述付款码中包括的用户信息和设备信任标识时,包括:向解码中心发送解析请求,所述解析请求包括:所述付款码;接收所述解码中心返回的由所述付款码解析得到的所述用户信息和设备信任标识。In one embodiment, when the second obtaining module 802 is used to obtain the user information and the device trust identifier included in the payment code, it includes: sending a resolution request to a decoding center, and the resolution request includes: the payment Code; receiving the user information and device trust identifier returned by the decoding center from the analysis of the payment code.
上述装置中各个模块的功能和作用的实现过程具体详见上述方法中对应步骤的实现过程,在此不再赘述。For the implementation process of the functions and roles of each module in the above-mentioned device, please refer to the implementation process of the corresponding steps in the above-mentioned method for details, which will not be repeated here.
对于装置实施例而言,由于其基本对应于方法实施例,所以相关之处参见方法实施例的部分说明即可。以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本说明书至少一个实施例方案的目的。本领域普通技术人员在不付出创造性劳动的情况下,即可以理解并实施。For the device embodiment, since it basically corresponds to the method embodiment, the relevant part can refer to the part of the description of the method embodiment. The device embodiments described above are merely illustrative, where the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in One place, or it can be distributed to multiple network units. Some or all of the modules may be selected according to actual needs to achieve the objectives of at least one embodiment of the specification. Those of ordinary skill in the art can understand and implement without creative work.
本说明书还提供了一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时能够实现本说明书任一实施例的交易风险识别方法,或者实现本说明书任一实施例的支付处理方法。This specification also provides a computer device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor. When the processor executes the program, the transaction in any embodiment of this specification can be realized. Risk identification method, or the payment processing method that implements any embodiment of this specification.
本说明书还提供了一种计算机可读存储介质,其上存储有计算机程序,所述程序被处理器执行时能够实现本说明书任一实施例的交易风险识别方法,或者实现本说明书任一实施例的支付处理方法。This specification also provides a computer-readable storage medium on which a computer program is stored. When the program is executed by a processor, it can implement the transaction risk identification method of any embodiment of this specification, or implement any embodiment of this specification. Payment processing method.
其中,所述非临时性计算机可读存储介质可以是ROM、随机存取存储器(RAM)、CD-ROM、磁带、软盘和光数据存储设备等,本说明书并不对此进行限制。Wherein, the non-transitory computer-readable storage medium may be ROM, random access memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc., which is not limited in this specification.
本领域技术人员在考虑说明书及实践这里申请的发明后,将容易想到本说明书的其它实施方案。本说明书旨在涵盖本说明书的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本说明书的一般性原理并包括本说明书未申请的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本说明书的真正范围和精神由下面的权利要求指出。Those skilled in the art will easily think of other embodiments of this specification after considering the specification and practicing the invention applied here. This specification is intended to cover any variations, uses, or adaptive changes of this specification. These variations, uses, or adaptive changes follow the general principles of this specification and include common knowledge or customary technical means in the technical field not applied for in this specification. . The description and the embodiments are only regarded as exemplary, and the true scope and spirit of the description are pointed out by the following claims.
应当理解的是,本说明书并不局限于上面已经描述并在附图中示出的精确结构,并且可以在不脱离其范围进行各种修改和改变。本说明书的范围仅由所附的权利要求来限制。It should be understood that this specification is not limited to the precise structure that has been described above and shown in the drawings, and various modifications and changes can be made without departing from its scope. The scope of this specification is only limited by the appended claims.
以上所述仅为本说明书的较佳实施例而已,并不用于限制本说明书,凡在本说明书的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本说明书保护的范围之内。The above are only the preferred embodiments of this specification and are not used to limit this specification. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this specification shall be included in this specification. Within the scope of protection.

Claims (22)

  1. 一种交易风险识别方法,所述方法包括:A method for identifying transaction risks, the method comprising:
    接收待识别的本次交易的交易信息,所述交易信息中包括本次交易对应的用户信息和设备信任标识;所述设备信任标识用于唯一对应本次交易发生所在的设备;Receiving transaction information of the current transaction to be identified, the transaction information including the user information corresponding to the transaction and the device trust identifier; the device trust identifier is used to uniquely correspond to the device where the transaction occurs;
    将所述设备信任标识发送至设备中心,并接收所述设备中心返回的所述设备信任标识对应的设备查询结果;Sending the device trust identifier to the device center, and receiving the device query result corresponding to the device trust identifier returned by the device center;
    根据所述设备查询结果,对所述交易信息进行风险识别。Perform risk identification on the transaction information according to the result of the device query.
  2. 根据权利要求1所述的方法,所述根据所述设备查询结果,对所述交易信息进行风险识别,包括:The method according to claim 1, wherein the performing risk identification on the transaction information according to the device query result includes:
    若所述设备中心返回的设备查询结果包括:不存在所述设备信任标识对应的设备信息,则确认所述本次交易是风险交易。If the device query result returned by the device center includes: there is no device information corresponding to the device trust identifier, it is confirmed that the current transaction is a risky transaction.
  3. 根据权利要求1所述的方法,所述根据所述设备查询结果,对所述交易信息进行风险识别,包括:The method according to claim 1, wherein the performing risk identification on the transaction information according to the device query result includes:
    若所述设备中心返回的设备查询结果包括:所述设备信任标识对应的设备信息,且确认所述设备信息与所述用户信息的历史所在设备不同,则确认所述本次交易是风险交易。If the device query result returned by the device center includes: device information corresponding to the device trust identifier, and it is confirmed that the device information is different from the device where the history of the user information is located, then it is confirmed that the current transaction is a risky transaction.
  4. 一种支付处理方法,应用于付款方客户端,所述方法包括:A payment processing method applied to a client of a payer, the method comprising:
    接收付款码生成请求;Receive payment code generation request;
    根据用户信息和设备信任标识,获取付款码;所述设备信任标识用于唯一对应本次交易发生所在的设备;所述付款码中包括所述用户信息和设备信任标识;Obtain the payment code according to the user information and the device trust identifier; the device trust identifier is used to uniquely correspond to the device where the transaction occurs; the payment code includes the user information and the device trust identifier;
    显示所述付款码,以使得收款方根据所述付款码执行本次支付交易。The payment code is displayed, so that the payee executes this payment transaction according to the payment code.
  5. 根据权利要求4所述的方法,所述根据用户信息和设备信任标识,获取付款码,包括:The method according to claim 4, wherein the obtaining the payment code according to the user information and the device trust identifier includes:
    向解码中心发送付款码获取请求,所述付款码获取请求包括:所述用户信息和设备信任标识;Sending a payment code acquisition request to the decoding center, where the payment code acquisition request includes: the user information and the device trust identifier;
    接收所述解码中心返回的所述付款码,所述付款码是所述解码中心根据所述用户信息和设备信任标识生成。Receiving the payment code returned by the decoding center, where the payment code is generated by the decoding center according to the user information and the device trust identifier.
  6. 根据权利要求4所述的方法,在所述接收付款码生成请求之前,所述方法还包括:The method according to claim 4, before the receiving the payment code generation request, the method further comprises:
    将所述付款方客户端所在设备的设备信息和所述设备信任标识,发送至设备中心, 以使得所述设备中心存储所述设备信息和所述设备信任标识的映射关系。The device information of the device where the payer client is located and the device trust identifier are sent to the device center, so that the device center stores the mapping relationship between the device information and the device trust identifier.
  7. 根据权利要求6所述的方法,所述将所述付款方客户端所在设备的设备信息和所述设备信任标识,发送至设备中心,包括:The method according to claim 6, wherein the sending the device information of the device where the payer client is located and the device trust identifier to the device center includes:
    在检测到客户端登录时,将所述设备信息和所述设备信任标识,发送至设备中心。When the client login is detected, the device information and the device trust identifier are sent to the device center.
  8. 根据权利要求4所述的方法,在所述接收付款码生成请求之前,所述方法还包括:The method according to claim 4, before the receiving the payment code generation request, the method further comprises:
    存储设备信任标识,所述设备信任标识是服务器根据设备关联参数生成的标识,所述设备关联参数包括:国际移动设备身份码、国际移动用户识别码、客户端生成的随机数和服务端生成的随机数。Stores the device trust identifier, the device trust identifier is an identifier generated by the server according to device associated parameters, and the device associated parameters include: International Mobile Equipment Identity, International Mobile Subscriber Identity, random numbers generated by the client, and generated by the server random number.
  9. 一种支付处理方法,所述方法包括:A payment processing method, the method comprising:
    接收本次交易的支付请求,所述支付请求中携带:付款码和本次交易的支付信息;Receive a payment request for this transaction, where the payment request carries: a payment code and payment information for this transaction;
    获取所述付款码中包括的用户信息和设备信任标识,所述设备信任标识用于唯一对应本次交易发生所在的设备;Acquiring the user information and the device trust identifier included in the payment code, where the device trust identifier is used to uniquely correspond to the device where the transaction occurred;
    向支付系统发送本次交易的交易信息,所述交易信息中携带:所述用户信息、所述设备信任标识和所述支付信息。Send transaction information of this transaction to the payment system, where the transaction information carries: the user information, the device trust identifier, and the payment information.
  10. 根据权利要求9所述的方法,所述获取所述付款码中包括的用户信息和设备信任标识,包括:The method according to claim 9, wherein said obtaining the user information and the device trust identifier included in the payment code includes:
    向解码中心发送解析请求,所述解析请求包括:所述付款码;Sending a parsing request to the decoding center, where the parsing request includes: the payment code;
    接收所述解码中心返回的由所述付款码解析得到的所述用户信息和设备信任标识。Receiving the user information and the device trust identifier that are obtained by analyzing the payment code and returned by the decoding center.
  11. 一种交易风险识别装置,所述装置包括:A transaction risk identification device, the device comprising:
    接收模块,用于接收待识别的本次交易的交易信息,所述交易信息中包括本次交易对应的用户信息和设备信任标识;所述设备信任标识用于唯一对应本次交易发生所在的设备;The receiving module is used to receive the transaction information of this transaction to be identified, the transaction information includes the user information corresponding to this transaction and the device trust identifier; the device trust identifier is used to uniquely correspond to the device where the transaction occurs ;
    处理模块,用于将所述设备信任标识发送至设备中心,并接收所述设备中心返回的所述设备信任标识对应的设备查询结果;A processing module, configured to send the device trust identifier to the device center, and receive the device query result corresponding to the device trust identifier returned by the device center;
    风险识别模块,用于根据所述设备查询结果,对所述交易信息进行风险识别。The risk identification module is used to perform risk identification on the transaction information according to the device query result.
  12. 根据权利要求11所述的装置,所述风险识别模块,用于根据所述设备查询结果,对所述交易信息进行风险识别时,包括:The apparatus according to claim 11, wherein the risk identification module is configured to perform risk identification on the transaction information according to the device query result, comprising:
    当所述设备中心返回的设备查询结果包括:不存在所述设备信任标识对应的设备信息,确认所述本次交易是风险交易。When the device query result returned by the device center includes: there is no device information corresponding to the device trust identifier, it is confirmed that the current transaction is a risky transaction.
  13. 根据权利要求11所述的装置,所述风险识别模块,用于根据所述设备查询结果,对所述交易信息进行风险识别时,包括:The apparatus according to claim 11, wherein the risk identification module is configured to perform risk identification on the transaction information according to the device query result, comprising:
    当所述设备中心返回的设备查询结果包括:所述设备信任标识对应的设备信息,且确认所述设备信息与所述用户信息的历史所在设备不同,确认所述本次交易是风险交易。When the device query result returned by the device center includes: the device information corresponding to the device trust identifier, and it is confirmed that the device information is different from the device where the history of the user information is located, it is confirmed that the current transaction is a risky transaction.
  14. 一种支付处理装置,应用于付款方客户端,所述装置包括:A payment processing device applied to a client of a payer, the device comprising:
    请求接收模块,用于接收付款码生成请求;The request receiving module is used to receive the payment code generation request;
    获取模块,用于根据用户信息和设备信任标识,获取付款码;所述设备信任标识用于唯一对应本次交易发生所在的设备;所述付款码中包括所述用户信息和设备信任标识;The obtaining module is configured to obtain a payment code based on user information and a device trust identifier; the device trust identifier is used to uniquely correspond to the device where the transaction occurs; the payment code includes the user information and the device trust identifier;
    显示模块,用于显示所述付款码,以使得收款方根据所述付款码执行本次支付交易。The display module is used to display the payment code so that the payee can execute the payment transaction according to the payment code.
  15. 根据权利要求14所述的装置,所述获取模块,用于根据用户信息和设备信任标识,获取付款码时,包括:The apparatus according to claim 14, wherein the obtaining module is configured to obtain the payment code according to the user information and the device trust identifier, including:
    向解码中心发送付款码获取请求,所述付款码获取请求包括:所述用户信息和设备信任标识;Sending a payment code acquisition request to the decoding center, where the payment code acquisition request includes: the user information and the device trust identifier;
    接收所述解码中心返回的所述付款码,所述付款码是所述解码中心根据所述用户信息和设备信任标识生成。Receiving the payment code returned by the decoding center, where the payment code is generated by the decoding center according to the user information and the device trust identifier.
  16. 根据权利要求14所述的装置,所述装置还包括:The device according to claim 14, further comprising:
    发送模块,用于将所述付款方客户端所在设备的设备信息和所述设备信任标识,发送至设备中心,以使得所述设备中心存储所述设备信息和所述设备信任标识的映射关系。The sending module is configured to send the device information of the device where the payer client is located and the device trust identifier to the device center, so that the device center stores the mapping relationship between the device information and the device trust identifier.
  17. 根据权利要求16所述的装置,所述发送模块,用于将所述付款方客户端所在设备的设备信息和所述设备信任标识,发送至设备中心时,包括:The apparatus according to claim 16, wherein the sending module is configured to send the device information of the device where the payer client is located and the device trust identifier to the device center, including:
    在检测到客户端登录时,将所述设备信息和所述设备信任标识,发送至设备中心。When the client login is detected, the device information and the device trust identifier are sent to the device center.
  18. 根据权利要求14所述的装置,所述装置还包括:The device according to claim 14, further comprising:
    存储模块,用于存储设备信任标识,所述设备信任标识是服务器根据设备关联参数生成的标识,所述设备关联参数包括:国际移动设备身份码、国际移动用户识别码、客户端生成的随机数和服务端生成的随机数。The storage module is used to store the device trust identifier. The device trust identifier is an identifier generated by the server according to device associated parameters. The device associated parameters include: International Mobile Equipment Identity, International Mobile User Identity, and random numbers generated by the client And the random number generated by the server.
  19. 一种支付处理装置,所述装置包括:A payment processing device, the device comprising:
    支付请求接收模块,用于接收本次交易的支付请求,所述支付请求中携带:付款码和本次交易的支付信息;The payment request receiving module is used to receive the payment request of this transaction, and the payment request carries: the payment code and the payment information of this transaction;
    第二获取模块,用于获取所述付款码中包括的用户信息和设备信任标识,所述设备信任标识用于唯一对应本次交易发生所在的设备;The second obtaining module is configured to obtain the user information and the device trust identifier included in the payment code, where the device trust identifier is used to uniquely correspond to the device where the transaction occurs;
    第二发送模块,用于向支付系统发送本次交易的交易信息,所述交易信息中携带:所述用户信息、所述设备信任标识和所述支付信息。The second sending module is configured to send transaction information of this transaction to the payment system, where the transaction information carries: the user information, the device trust identifier, and the payment information.
  20. 根据权利要求19所述的装置,所述第二获取模块,用于获取所述付款码中包括的用户信息和设备信任标识时,包括:The apparatus according to claim 19, when the second obtaining module is configured to obtain the user information and the device trust identifier included in the payment code, the method includes:
    向解码中心发送解析请求,所述解析请求包括:所述付款码;Sending a parsing request to the decoding center, where the parsing request includes: the payment code;
    接收所述解码中心返回的由所述付款码解析得到的所述用户信息和设备信任标识。Receiving the user information and the device trust identifier that are obtained by analyzing the payment code and returned by the decoding center.
  21. 一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现权利要求1-3任一所述的方法,或者实现权利要求4-8任一所述的方法,或者实现权利要求9-10任一所述的方法。A computer device, comprising a memory, a processor, and a computer program stored in the memory and running on the processor. The processor implements the method according to any one of claims 1 to 3 when the program is executed, or implements The method of any one of claims 4-8, or the method of any one of claims 9-10.
  22. 一种计算机可读存储介质,其上存储有计算机程序,所述程序被处理器执行时实现权利要求1-3任一所述的方法,或者实现权利要求4-8任一所述的方法,或者实现权利要求9-10任一所述的方法。A computer-readable storage medium with a computer program stored thereon, which when executed by a processor implements the method described in any one of claims 1-3, or implements the method described in any one of claims 4-8, Or implement the method of any one of claims 9-10.
PCT/CN2020/111779 2019-11-26 2020-08-27 Transaction risk identification method and apparatus WO2021103701A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911171021.9A CN111080302A (en) 2019-11-26 2019-11-26 Transaction risk identification method and device
CN201911171021.9 2019-11-26

Publications (1)

Publication Number Publication Date
WO2021103701A1 true WO2021103701A1 (en) 2021-06-03

Family

ID=70311669

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/111779 WO2021103701A1 (en) 2019-11-26 2020-08-27 Transaction risk identification method and apparatus

Country Status (3)

Country Link
CN (1) CN111080302A (en)
TW (1) TWI807185B (en)
WO (1) WO2021103701A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111080302A (en) * 2019-11-26 2020-04-28 支付宝(杭州)信息技术有限公司 Transaction risk identification method and device
CN112598513B (en) * 2020-12-07 2024-04-05 深圳价值在线信息科技股份有限公司 Method and device for identifying stockholder risk transaction behaviors

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181714A (en) * 2016-03-09 2017-09-19 阿里巴巴集团控股有限公司 Verification method and device, the generation method of service code and device based on service code
US20180082301A1 (en) * 2016-09-19 2018-03-22 Early Warning Services, Llc Authentication and fraud prevention in provisioning a mobile wallet
CN109118189A (en) * 2018-06-25 2019-01-01 阿里巴巴集团控股有限公司 A kind of method and apparatus paid using smart machine
CN109741065A (en) * 2019-01-28 2019-05-10 广州虎牙信息科技有限公司 A kind of payment risk recognition methods, device, equipment and storage medium
CN109741066A (en) * 2018-11-30 2019-05-10 广东康美通信息服务有限公司 Method, electronic equipment, storage medium and the system of automatic stay customer account
CN109993521A (en) * 2018-11-09 2019-07-09 阿里巴巴集团控股有限公司 Method of mobile payment and device and electronic equipment
CN111080302A (en) * 2019-11-26 2020-04-28 支付宝(杭州)信息技术有限公司 Transaction risk identification method and device

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10783565B2 (en) * 2014-10-30 2020-09-22 Ebay Inc. Method, manufacture, and system of transferring authenticated sessions and states between electronic devices
CN105844526A (en) * 2015-01-14 2016-08-10 阿里巴巴集团控股有限公司 Networked transaction risk identification method and networked transaction risk identification device based on computer system
CN105117905A (en) * 2015-07-21 2015-12-02 北京邮电大学 Wireless Key payment system based on visible light communications and payment method
US10366378B1 (en) * 2016-06-30 2019-07-30 Square, Inc. Processing transactions in offline mode
CN109345230B (en) * 2018-08-02 2021-07-30 创新先进技术有限公司 Payment two-dimensional code generation method and device
CN109102301A (en) * 2018-08-20 2018-12-28 阿里巴巴集团控股有限公司 A kind of payment air control method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181714A (en) * 2016-03-09 2017-09-19 阿里巴巴集团控股有限公司 Verification method and device, the generation method of service code and device based on service code
US20180082301A1 (en) * 2016-09-19 2018-03-22 Early Warning Services, Llc Authentication and fraud prevention in provisioning a mobile wallet
CN109118189A (en) * 2018-06-25 2019-01-01 阿里巴巴集团控股有限公司 A kind of method and apparatus paid using smart machine
CN109993521A (en) * 2018-11-09 2019-07-09 阿里巴巴集团控股有限公司 Method of mobile payment and device and electronic equipment
CN109741066A (en) * 2018-11-30 2019-05-10 广东康美通信息服务有限公司 Method, electronic equipment, storage medium and the system of automatic stay customer account
CN109741065A (en) * 2019-01-28 2019-05-10 广州虎牙信息科技有限公司 A kind of payment risk recognition methods, device, equipment and storage medium
CN111080302A (en) * 2019-11-26 2020-04-28 支付宝(杭州)信息技术有限公司 Transaction risk identification method and device

Also Published As

Publication number Publication date
TWI807185B (en) 2023-07-01
TW202121290A (en) 2021-06-01
CN111080302A (en) 2020-04-28

Similar Documents

Publication Publication Date Title
US11962577B2 (en) Resource transfer setup and verification
US9350739B2 (en) Recovery from rolling security token loss
AU2017215589B2 (en) Electronic payment service processing method and device, and electronic payment method and device
KR102179152B1 (en) Client authentication using social relationship data
EP3242455A1 (en) Method and device for identifying user identity
US20130054433A1 (en) Multi-Factor Identity Fingerprinting with User Behavior
CN106302308B (en) Trust login method and device
US20130239173A1 (en) Computer program and method for administering secure transactions using secondary authentication
WO2018228036A1 (en) Verification method and device, server, and readable storage medium
WO2021103701A1 (en) Transaction risk identification method and apparatus
US20230015258A1 (en) Data verification in a distributed data processing system
US20240143832A1 (en) Methods and systems for leveraging existing user data to verify user credentials
CN107483477B (en) Account management method and account management system
US20190066012A1 (en) Enterprise customer website
CN117375986A (en) Application access method, device and server
CN109040056B (en) User verification method based on server
CN110610071A (en) Privileged account management method and device based on screen identification
US20190012669A1 (en) Security System Using Communication Channel-Based Authorization
CN113962700A (en) Bank business auditing method and system
WO2020072745A1 (en) Systems and methods for obtaining anonymized information derived from data obtained from external data providers
CN113010365A (en) System running state monitoring method, system running state detection device, electronic equipment and storage medium
WO2018232667A1 (en) Network payment method and system
CN116471328A (en) Multi-tenant-based data processing method and device and electronic equipment
CN116452309A (en) Account information monitoring method, system, electronic equipment and storage medium
CN113689214A (en) Enterprise security authentication certificate activation method, terminal and server

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20893937

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20893937

Country of ref document: EP

Kind code of ref document: A1