Detailed Description
The embodiment of the description provides a new transaction-based service control method, which comprises the steps of forming an N (N is a natural number) level associated event set by historical transaction events which can be directly or indirectly associated with current transaction events through medium attributes, and obtaining characteristic quantities of the current transaction events by the service attributes of the historical transaction events in the N level associated event set for service control; therefore, the current transaction event is depicted by summarizing the historical transaction event, the service characteristics of the current transaction event can be comprehensively reflected in real time, and the high-risk transaction event can be more quickly and accurately identified when the method is used for risk control, so that the transaction safety is improved.
Embodiments of the present description may be implemented on any device with computing and storage capabilities, such as a mobile phone, a tablet Computer, a PC (Personal Computer), a notebook, a server, and so on; the functions in the embodiments of the present specification may also be implemented by a logical node operating in two or more devices.
In the embodiment of the present specification, each transaction event may be described by using several attributes, and the attributes may include various information related to the transaction event, for example, information such as occurrence time of the transaction, accounts of both parties of the transaction, payment methods, payment card or payment account of a third party for payment, transaction amount, transaction target, and the like, or evaluation information of the transaction event (whether the transaction event belongs to a trusted transaction, and the like) without limitation.
In the embodiment of the present specification, the flow of the transaction-based service control method is shown in fig. 1.
In step 110, in the historical trading events meeting the first predetermined condition, an N-level associated event set of the current trading events is generated. The 1-level associated event set comprises historical transaction events with at least one same medium attribute as a current transaction event, and the M (M is a natural number greater than 1) -level associated event set comprises the historical transaction events in the (M-1) level associated event set and other historical transaction events with at least one same medium attribute as the historical transaction events in the (M-1) level associated event set.
The media attributes are used as a medium for correlating transaction events when constructing the set of correlated events. One or more transaction event attributes can be selected as the medium attributes according to factors such as the service field of the transaction event in the actual application scene, the purpose of performing service control on the transaction event and the like. When two transaction events have one to more of the same media attributes (i.e., have one to more media attributes of the same value), the two transaction events exhibit some commonality for purposes of traffic control.
For example, if the purpose of service control is mainly to prevent malicious transaction initiated by black-generation group, several attributes capable of representing the identity information of the transaction initiator may be used as the medium attributes, such as one or more of the attributes of the transaction initiator's account, receiving mobile phone, mailbox, device fingerprint, etc.; thus, if one transaction event is the same as the other transaction event in the media attributes described above, the initiators of the two transaction events are likely to have a close relationship.
In an embodiment of the present specification, all historical transaction events that satisfy the first predetermined condition are taken as a scope of transaction events that generate the associated event set. The first predetermined condition may be set by comprehensively considering factors such as requirements of an actual application scenario, service continuity, and the like, without limitation. In one example, the first predetermined condition may be set according to the occurrence time of the transaction event (e.g., the occurrence time of the historical transaction event is within a predetermined time period before the occurrence of the current transaction event); in another example, the first predetermined condition may be set based on a transaction amount of the transaction event (e.g., the transaction amount of the historical transaction event exceeds some predetermined threshold).
The set of associated events may be generated in a step-wise fashion. Specifically, each medium attribute value is extracted from the attributes of the current transaction event, and for convenience, the medium attribute value of the current transaction event is referred to as a level 1 associated medium attribute value; for each historical transaction event meeting a first predetermined condition, if one or more media attribute values of the historical transaction event are the same as the level 1 associated media attribute values, classifying the historical transaction event into a level 1 associated event set; and obtaining a 1-level associated event set after traversing all the historical transaction events meeting the first preset condition.
In the level 1 associated event set, the media attribute values of some historical transaction events are different from the media attribute values of the current transaction events, and the media attribute values can be used for the next level of extension of the associated event set, and for convenience, the media attribute values are referred to as level 2 associated media attribute values. After all historical transaction events in the level 1 associated event set are taken as elements of the level 2 associated event set (namely, the level 2 associated event set comprises all historical transaction events in the level 1 associated event set), for each historical transaction event which does not belong to the level 1 associated event set and meets a first preset condition, if one or more medium attribute values of the historical transaction event are the same as those of the level 2 associated medium attribute values, the historical transaction event is classified into the level 2 associated event set; and obtaining the 2-level associated event set after traversing all the historical transaction events which do not belong to the 1-level associated event set and meet the first preset condition. By analogy, a 3-level correlated event set, a 4-level correlated event set, and so on may be obtained.
It can be seen that the historical transaction events belonging to the M-level associated event set but not the (M-1) -level associated event set have one or more of the same media attributes as the historical transaction events in at least one (M-1) -level associated event set. In other words, the set of M-level associated events includes historical transaction events in each set of (M-1) level associated events, as well as other historical transaction events having at least one same media property as the historical transaction events in the set of (M-1) level associated events.
In one implementation, a bipartite graph technique may be employed to generate the N-level correlated event set. And establishing a bipartite graph with 1-level association by taking each medium attribute of the current transaction event as a node on one side, taking the historical transaction events with the same medium attribute and meeting a first preset condition as nodes on the other side, and taking the medium attributes of the transaction events as edges, wherein the historical transaction event node subset in the bipartite graph with 1-level association is a set of the 1-level association events. And establishing an M-level associated bipartite graph by taking the media attributes of all historical transaction events in the historical transaction event node subset in the (M-1) level associated bipartite graph as one-side nodes, taking the historical transaction events with the same media attributes and meeting a first preset condition as the other-side nodes and taking the transaction events with the media attributes as edges, wherein the historical transaction event node subset in the M-level associated bipartite graph is an M-level associated event set.
The following description will be further made with reference to a specific example. Assume that the initiator account and the receiving handset of the transaction are used as the media attributes in this example, and the initiator account of the current transaction event is "user 00
The receiving handset is "1880000". The historical transaction events that meet the first predetermined condition are shown in table 1:
TABLE 1
Among the historical transaction events satisfying the first predetermined condition, those having the same media attribute as the current transaction event are transaction event 1 ("user 00" with the originator account of the current transaction event) and transaction event 2 ("1880000" with the receiving cell phone of the current transaction event). With the media properties of the current transaction event: the initiator account is "user 00", the receiving handset is "1880000" as one side node, the transaction event 1 and the transaction event 2 are another side node, the transaction event has a media attribute as an edge, and the established level 1 association bipartite graph is shown in fig. 2. Transaction event 1 and transaction event 2 constitute a level 1 set of associated events.
In the level 1 associated event set, all media attributes of transaction event 1 and transaction event 2 are: initiator account "user 00", initiator account "user 01", receiving cell phone "1880000", receiving cell phone "1880001". The four media attributes are used as one-side nodes, the historical transaction event with the one to multiple media attribute values in the historical transaction events meeting the first preset condition is used as another node, the transaction event has the media attributes as edges, and the established 2-level association bipartite graph is shown in fig. 3. From fig. 3, a 2-level correlated event set consisting of transaction event 1, transaction event 2, transaction event 3, transaction event 4, and transaction event 5 may be obtained.
It should be noted that the bipartite graph is only one optional technical means for generating the associated event set, and other algorithms may also be used to obtain the associated event set, which is not limited.
It can be seen that the historical transaction events in the set of correlated events can be directly or indirectly correlated with the current transaction event by the media attributes. As the level of the set of correlated events increases, the number of historical transaction events in the set of correlated events increases. When the historical transaction events in the associated event set are adopted to reflect the characteristics of the current transaction event, if the number of the historical transaction events is too small, the common characteristics with the current transaction event may not be sufficiently and accurately reflected, but the number of the historical transaction events is too large, and the response speed to the service is influenced because the computation amount is increased rapidly. For most service control application scenarios, better balance can be achieved by adopting a 2-level associated event set.
Returning to fig. 1, step 120, at least one characteristic quantity of the current transaction event is determined according to the service attribute of the historical transaction event in the N-level associated event set.
As previously mentioned, current transaction events have some commonality with historical transaction events in the N-level set of associated events for purposes of traffic control. In this way, some characteristics of the current transaction event can be embodied by the N-level correlated event centralized historical transaction event, and specifically, a plurality of characteristic quantities of the current transaction event can be generated after a plurality of attributes of the N-level correlated event centralized historical transaction event are subjected to operations such as screening and statistics. That is, the feature quantity of the current transaction event may be defined by several attributes of the historical transaction event in the N-level associated event set, which are referred to as business attributes.
It can be determined which attributes of the transaction event are used as service attributes and how to define the feature quantity by using the service attributes according to the purpose of service control in the actual application scenario, and the embodiments of the present specification are not limited. It should be noted that a certain attribute of a transaction event may be used as a medium attribute, or may be simultaneously used as a service attribute.
In one example, where the goal of traffic control is to decide whether to continue the transaction process for security reasons, one or more of the following may be used as a traffic attribute: whether the historical transaction event is credible, the transaction amount, the mailbox, the account, the bank card and the equipment identifier; the characteristic amount may include one to more of the following: the total amount of the trusted transactions in the N-level associated event set, the total amount of the untrusted transactions in the N-level associated event set, the number of the trusted transactions in the N-level associated event set, the number of the untrusted transactions in the N-level associated event set, the number of the credit cards of the trusted transactions in the N-level associated event set, the number of the devices of the untrusted transactions in the N-level associated event set, the number of the accounts of the trusted transactions in the N-level associated event set, the number of the accounts of the untrusted transactions in the N-level associated event set, the number of the mailboxes of the trusted transactions in the N-level associated event set, and the number of the mailboxes of the untrusted transactions in the N-level associated event. In this example, the statistical information of the trusted transaction event and the untrusted transaction event in the N-level associated event set is used as the feature quantity of the current transaction event, and the security degree of the current transaction event is reflected by the feature quantity.
In the above example, the attribute value of whether the transaction event is authentic may be obtained by using a method of determining whether the transaction event is authentic in the prior art. For example, some attributes of transaction events that have been validated as secure transactions may be credited to a trusted list, and a transaction event may be a trusted transaction if its attributes can match records of the trusted list. For another example, a machine learning model may be constructed by using a plurality of attributes of the transaction event as input variables, and whether the transaction event is reliable or not may be determined by using the trained machine learning model and an attribute value of a certain transaction event. In addition, for transactions that use credit card payments, it may also be determined whether the transaction event is authentic based on whether the credit card payment was declined by the bank.
And step 130, performing service processing on the current transaction event according to the characteristic quantity.
After the feature quantity of the current transaction event is obtained, the service control of the current transaction event can be performed according to the feature quantity, for example, the risk control is performed on the current transaction event. The specific service processing method (i.e., the service control measure) may be determined according to the requirements of the actual application scenario, and is not limited.
In one implementation, the feature quantity may be used as all or part of the input variable to construct a machine learning model, and after the machine learning model completes training, the feature quantity of the current transaction event is input into the trained machine learning model, so that the current transaction event can be subjected to business processing according to the output of the machine learning model. The specific algorithm and the training mode of the machine learning model are not limited.
In another implementation, the corresponding business process may be applied to the current transaction event according to whether the feature quantity satisfies the second predetermined condition. Such an implementation may be used when one or more characteristic quantities are sufficient to embody the characteristics required for traffic control by themselves.
In the embodiment of the present specification, historical transaction events that can be directly or indirectly associated with the current transaction event through a medium attribute form an N-level associated event set, the service attribute of the N-level associated event set is used to determine the feature quantity of the current transaction event, and service control is performed according to the feature quantity. The embodiment of the specification can reflect the business characteristics of the current transaction event in real time and comprehensively, is suitable for a real-time business control process, can identify the high-risk transaction event more quickly and accurately when used for risk control, and improves the security of transaction.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
In one example application of the present specification, a third party payment platform is to risk control network transactions that effect payment through the platform. In the application example, a receiving mobile phone, a bill mailbox, a device fingerprint and an account of a transaction event are used as medium attributes, the medium attributes can represent the identity of a transaction initiator to a certain extent, and the transaction events sharing the medium attributes have great commonality in terms of safety.
For a currently occurring transaction event (current transaction event), the occurrence time of the current transaction event is calculated forward by one month, and historical transaction events of all occurrence times within the time period are extracted from a database recording the transaction events.
The method comprises the steps of establishing a level 1 association bipartite graph by taking a receiving mobile phone, a bill mailbox, an equipment fingerprint and an account of a current transaction event as nodes on one side, taking extracted historical transaction events with the same receiving mobile phone, the same bill mailbox, the same equipment fingerprint and/or the same account as nodes on the other side, and taking the transaction event with a medium attribute as an edge, wherein a historical transaction event node subset in the level 1 association bipartite graph is a level 1 association event set.
And establishing a 2-level association bipartite graph by taking all the media attributes of all the historical transaction events in the 1-level association event set as one side node, taking the extracted historical transaction events with the same media attributes as the other side node and taking the transaction events with the media attributes as edges, and taking the historical transaction event node subset in the 2-level association bipartite graph as the 2-level association event set.
In the present application example, whether the transaction event is trusted, the transaction amount, the mailbox, the account, the bank card and the device identification are taken as business attributes, and taking the total amount of the trusted transactions in the level 2 associated event set, the total amount of the untrusted transactions in the level 2 associated event set, the number of the trusted transactions in the level 2 associated event set, the number of the untrusted transactions in the level 2 associated event set, the number of credit cards of the trusted transactions in the level 2 associated event set, the number of devices of the untrusted transactions in the level 2 associated event set, the number of accounts of the trusted transactions in the level 2 associated event set, the number of accounts of the untrusted transactions in the level 2 associated event set, the number of mailboxes of the trusted transactions in the level 2 associated event set, and the number of mailboxes of the untrusted transactions in the level 2 associated event set as the characteristic quantities of the current transaction event.
After the 2-level associated event set is obtained, the historical transaction events serving as the event set elements are screened and counted, and the values of the 12 characteristic quantities of the current transaction event can be obtained.
And a machine learning model with input variables including the 12 characteristic quantities and output variables as transaction risk degree evaluation values is maintained on the third-party payment platform. And inputting the 12 characteristic quantities of the current transaction event into a machine learning model to obtain a model output value. And when the risk degree evaluation value output by the model exceeds a certain set threshold value, the third party payment platform refuses the payment request of the current transaction event.
Corresponding to the above flow implementation, the embodiments of the present specification further provide a transaction-based service control device. The apparatus may be implemented by software, or by hardware, or by a combination of hardware and software. Taking a software implementation as an example, the logical device is formed by reading a corresponding computer program instruction into a memory for running through a Central Processing Unit (CPU) of the device. In terms of hardware, the device in which the transaction-based service control apparatus is located generally includes other hardware such as a chip for transmitting and receiving wireless signals and/or other hardware such as a board for implementing a network communication function, in addition to the CPU, the memory, and the storage shown in fig. 4.
Fig. 5 is a diagram illustrating a transaction-based service control apparatus provided in an embodiment of the present specification, and the apparatus includes an N-level associated event set unit, a feature quantity determination unit, and a service processing unit, where: the N-level associated event set unit is used for generating an N-level associated event set of the current transaction event in the historical transaction events meeting the first preset condition, wherein N is a natural number; the 1-level associated event set comprises historical transaction events with at least one same medium attribute as a current transaction event, the M-level associated event set comprises the historical transaction events in the (M-1) level associated event set and other historical transaction events with at least one same medium attribute as the historical transaction events in the (M-1) level associated event set, and M is a natural number greater than 1; the characteristic quantity determining unit is used for determining at least one characteristic quantity of the current transaction event according to the service attribute of the historical transaction event in the N-level associated event set; and the service processing unit is used for carrying out service processing on the current transaction event according to the characteristic quantity.
Optionally, the N-level associated event set unit includes a 1-level associated bipartite graph subunit and an M-level associated bipartite graph subunit, where: the level 1 association bipartite graph subunit is used for establishing a level 1 association bipartite graph by taking each medium attribute of the current transaction event as a node on one side, taking the historical transaction events which have the same medium attribute and meet a first preset condition as nodes on the other side, taking the transaction events as edges with the medium attribute, and taking the historical transaction event node subset in the level 1 association bipartite graph as a level 1 association event set; the M-level associated bipartite graph subunit is used for establishing an M-level associated bipartite graph by taking the media attributes of all historical transaction events in the historical transaction event node subsets in the (M-1) -level associated bipartite graph as one-side nodes, taking the historical transaction events which have the same media attributes and meet the first preset condition as the other-side nodes, taking the transaction events as edges and taking the historical transaction event node subsets in the M-level associated bipartite graph as an M-level associated event set.
Optionally, N is equal to 2.
Optionally, the service processing unit is specifically configured to: inputting the characteristic quantity of the current transaction event into the trained machine learning model, and performing service processing on the current transaction event according to the output of the machine learning model; the machine learning model takes the characteristic quantity as an input variable; or, according to whether the characteristic quantity meets a second preset condition, applying a corresponding business process to the current transaction event.
Optionally, the media attribute includes one or more of: account, receiving mobile phone, mailbox, equipment fingerprint.
Optionally, the service attribute includes one or more of the following: whether the transaction event is credible, the transaction amount, the mailbox, the account, the bank card and the equipment identifier; the characteristic quantities include one to more of the following: the total amount of the trusted transactions in the N-level associated event set, the total amount of the untrusted transactions in the N-level associated event set, the number of the trusted transactions in the N-level associated event set, the number of the untrusted transactions in the N-level associated event set, the number of the credit cards of the trusted transactions in the N-level associated event set, the number of the device identifications of the untrusted transactions in the N-level associated event set, the number of the accounts of the trusted transactions in the N-level associated event set, the number of the accounts of the untrusted transactions in the N-level associated event set, the number of the mailboxes of the trusted transactions in the N-level associated event set, and the number of the mailboxes of the untrusted transactions in the N-level associated.
Optionally, the service processing unit is specifically configured to: and performing risk control on the current transaction event according to the characteristic quantity.
Optionally, the first predetermined condition includes: the historical transaction event occurs within a predetermined time period prior to the occurrence of the current transaction event.
Embodiments of the present description provide a computer device that includes a memory and a processor. Wherein the memory has stored thereon a computer program executable by the processor; the processor, when executing the stored computer program, performs the steps of the transaction based service control method of the embodiments of the present specification. For a detailed description of the steps of the transaction-based traffic control method, reference is made to the preceding contents, which are not repeated.
Embodiments of the present description provide a computer-readable storage medium having stored thereon computer programs which, when executed by a processor, perform the steps of the transaction-based traffic control method of embodiments of the present description. For a detailed description of the steps of the transaction-based traffic control method, reference is made to the preceding contents, which are not repeated.
The above description is only exemplary of the present invention and should not be taken as limiting the scope of the present invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer readable media does not include transitory computer readable media (transmyedia) such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.