CN111582868B

CN111582868B - Transaction request processing method, device and equipment

Info

Publication number: CN111582868B
Application number: CN202010454445.2A
Authority: CN
Inventors: 姚军伟; 刘丁峰
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2020-05-26
Filing date: 2020-05-26
Publication date: 2023-08-04
Anticipated expiration: 2040-05-26
Also published as: CN116934340A; CN111582868A

Abstract

The embodiment of the specification discloses a transaction request processing mode, a device and equipment, wherein the scheme comprises the following steps: acquiring a transaction request sent by a first terminal; determining a first position corresponding to the position identifier; transmitting information to be positioned including at least a mobile phone number corresponding to a user identifier to a communication carrier server; receiving a first positioning result returned by the communication carrier server; judging whether the first position is consistent with the second position or not based on a first positioning result; if the two verification flows are consistent, starting a primary verification flow; if not, a secondary verification process is started.

Description

Transaction request processing method, device and equipment

Technical Field

The present disclosure relates to the field of computer technologies, and in particular, to a method, an apparatus, and a device for processing a transaction request.

Background

With the development of computer technology, more and more tasks can be handled in mobile terminals. In recent years, users who perform task processing through mobile banking or mobile payment application terminals have a rapid trend, and meanwhile, because a network is required as a carrier when the users transact tasks through mobile terminals, security risk problems are inevitably generated in the task processing process, for example, a fraudster falsifies user information to perform improper task processing, and certain resource loss may be brought to the users.

Therefore, how to identify the risk in task processing more comprehensively and accurately and reduce the user resource loss is a technical problem to be solved in the field.

Disclosure of Invention

The embodiment of the specification provides a processing method, a device and equipment for transaction requests, which can more comprehensively and accurately identify risks in transactions.

In order to solve the above technical problems, the embodiments of the present specification are implemented as follows:

the method for processing the transaction request provided by the embodiment of the specification comprises the following steps:

the method comprises the steps that a server obtains a transaction request sent by a first terminal; the transaction request carries a user identifier and a position identifier of the first terminal;

determining a first position corresponding to the position identifier;

transmitting information to be positioned including at least a mobile phone number corresponding to the user identification to a communication carrier server, wherein the information to be positioned is used for determining a second position of a terminal using a user identification card corresponding to the mobile phone number;

receiving a first positioning result returned by the communication carrier server;

judging whether the first position is consistent with the second position or not based on the first positioning result;

if the two verification flows are consistent, starting a primary verification flow;

If the two verification flows are inconsistent, a second-level verification flow is started; the security level of the secondary verification process is higher than that of the primary verification process.

The processing device for transaction request provided in the embodiment of the present specification includes:

the transaction request acquisition module is used for acquiring a transaction request sent by the first terminal; the transaction request carries a user identifier and a position identifier of the first terminal;

the first position determining module is used for determining a first position corresponding to the position identifier;

the information to be positioned sending module is used for sending information to be positioned at least comprising a mobile phone number corresponding to the user identification to a communication carrier server, wherein the information to be positioned is used for determining a second position of a terminal using a user identification card corresponding to the mobile phone number;

the positioning result receiving module is used for receiving a first positioning result returned by the communication carrier server; the first positioning result is a result indicating whether the first position is consistent with the second position;

the position judging module is used for judging whether the first position is consistent with the second position or not based on the first positioning result;

the first-stage verification starting module is used for starting a first-stage verification process if the first position is consistent with the second position;

The second-level verification starting module is used for starting a second-level verification process if the first position is inconsistent with the second position; the security level of the secondary verification process is higher than that of the primary verification process.

at least one processor; the method comprises the steps of,

a memory communicatively coupled to the at least one processor; wherein,,

the memory stores instructions executable by the at least one processor to enable the at least one processor to:

acquiring a transaction request sent by a first terminal; the transaction request carries a user identifier and a position identifier of the first terminal;

determining a first position corresponding to the position identifier;

Embodiments of the present disclosure provide a computer readable medium having stored thereon computer readable instructions executable by a processor to implement a method of processing a transaction request as described above.

One embodiment of the present specification achieves the following advantageous effects:

according to the position information corresponding to the transaction request, the mobile phone number is utilized to position the terminal by means of the communication carrier, so that users sending the transaction request can be covered more comprehensively, the transaction request is verified through the position information of the users, and the comprehensiveness of the transaction request verification is guaranteed. In addition, in the embodiment of the specification, the transaction request can be processed by adopting different levels of verification processes according to different positioning results, the transaction request with abnormal positions can be subjected to high-level security verification, the verification of the same standard is not required for all users, the cost can be reduced, and the user experience is improved.

Drawings

In order to more clearly illustrate the embodiments of the present description or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present application, and that other drawings may be obtained according to these drawings without inventive effort to a person skilled in the art.

Fig. 1 is a schematic diagram of an overall architecture involved in a practical application scenario of a transaction request processing method provided in an embodiment of the present disclosure;

fig. 2 is a flow chart of a transaction request processing method according to an embodiment of the present disclosure;

fig. 3 is a flow chart of a transaction request processing method according to an embodiment of the present disclosure;

FIG. 4 is a schematic structural diagram of a processing device corresponding to the transaction request of FIG. 2 according to an embodiment of the present disclosure;

fig. 5 is a schematic structural diagram of a processing device corresponding to the transaction information of fig. 2 according to an embodiment of the present disclosure.

Detailed Description

For the purposes of making the objects, technical solutions and advantages of one or more embodiments of the present specification more clear, the technical solutions of one or more embodiments of the present specification will be clearly and completely described below in connection with specific embodiments of the present specification and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present specification. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without undue burden, are intended to be within the scope of one or more embodiments herein.

The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings.

In recent years, retail banking tasks become an important engine for creating bank income gradually, commercial banks perform retail transformation in a dispute, retail tasks are developed greatly, and mobile interconnection changes living and consumption habits of people deeply, so that mobile phone banking becomes one of main channels for retail banking clients, and in recent years, the mobile phone banking transaction scale and the client number of domestic commercial banks are kept to be rapidly increased.

The existence of the mobile banking enables financial services to be more convenient and lower in cost, but because the mobile banking task has stronger internetworking compared with the traditional banking task, meanwhile, each commercial banking is continuously pursuing task innovation and extremely user experience, and various security holes and task holes are inevitably generated in the process. On the other hand, while the country strives to combat internet fraud, the fraud industry tends to specialize and partner with benefit driven, which presents a great challenge to the security of mobile banking tasks.

The inventor researches and discovers that the internet fraud is characterized by different places, namely that the large probability of a fraudster and a fraudster user are in different cities, so that how to accurately identify the position information of each account transaction of a mobile phone bank and effectively apply the position information to a wind control system is an important part of wind control of the mobile phone bank.

IP address is an abbreviation of internet protocol (internet protocol) and is a digital label assigned to a device of the internet protocol used by a user to surf the internet, and is typically composed of four segments, such as 192.168.0.1.IP location refers to identifying user location information by a digital tag assigned when a user is surfing the internet.

GPS positioning is known as Global positioning System (Global Positioning System), which is a positioning system for high-precision radio navigation based on airborne satellites.

Operator location authentication: the authentication service for real-time positioning by mobile phone number provided by the communication carrier is usually input as mobile phone number and city information, and output is consistent, inconsistent or null. The communication operator can determine the position of the terminal using the mobile phone number according to the mobile phone number, and when the input city information is consistent with the position determined by the mobile phone number, the communication operator can output information representing the consistent position; when the input city information is inconsistent with the position determined by the mobile phone number, information indicating the inconsistent position can be output; when the terminal using the mobile phone number is in a shutdown or flight mode, the output result is null.

The communication carrier adopts base station positioning according to the mobile phone number. Because each base station has its unique base station number, when SIM (Subscriber Identity Module ) card is inserted into the terminal, the current network system and network state of the terminal, the mobile phone hardware parameters and its provider, the mobile phone application details, the battery service condition, the recovery mobile phone factory setting, etc. information is stored in the specific area of the host memory of the terminal at the same time of starting up and network access each time. Through base station positioning, some parameters such as a base station number corresponding to a terminal can be obtained through a specific program, the base station number corresponds to the area where the base station is located, and finally the purpose of mobile base station positioning is achieved.

Roaming access: roaming location access is one of access modes of a communication carrier when a user accesses a mobile network, namely, when the mobile user accesses the internet by using the carrier network, the mobile user accesses the mobile network of the current location. In colloquial terms, when the mobile user is currently using the mobile network in the a province, the allocated IP address is the IP to which the a province belongs, and when the mobile user is currently using the mobile network in the B province, the allocated IP address is the IP to which the B province belongs.

Home access: home access is one of access modes of a communication operator when a user accesses a mobile network, that is, no matter where the user is located when using the mobile network to access the internet, the operator can allocate mobile network resources of a city to which the user belongs when accessing the network for the user to access. In colloquial terms, when a mobile user accessing to the network a currently uses the mobile network in the province B, the allocated IP address is the IP to which the province a belongs, and when the mobile user currently uses the mobile network in the province C, the allocated IP address is still the IP to which the province a belongs.

In order to more fully and accurately identify the risk in a transaction, the present solution provides the following embodiments:

fig. 1 is a schematic diagram of an overall architecture involved in a practical application scenario in a transaction request processing method according to an embodiment of the present disclosure.

As shown in fig. 1, the overall architecture mainly includes a user 1, a terminal 2, a server 3, and a communication carrier server 4. The user 1 initiates a transaction through a certain transaction APP (application program) in the terminal 2, the server 3 obtains a transaction request sent by the user terminal, the operation position of the terminal 2 can be determined according to a terminal position identifier carried in the transaction request, the operation position can be understood as a position for initiating the transaction request, the server 3 can also determine a mobile phone number corresponding to a registration account number used by the user according to the user identifier carried in the transaction request, the registration account number can be an account number which the user registers as the APP user before using the APP for transaction, the server 3 can send the determined mobile phone number and the operation position to the communication carrier server 4, the communication carrier server 4 can determine the current position of the terminal using the mobile phone number according to the mobile phone number and compare with the operation position, the result of whether the current position is consistent with the operation position is fed back to the server 3, for example, when receiving feedback information indicating that the current position is consistent with the operation position, the server 3 can start a first-level verification process, for example, prompt the user to input a transaction password; when receiving feedback information indicating that the current position is inconsistent with the operation position, the server 3 may start a secondary verification process with a higher security level than the primary verification, for example, prompt the user to perform face recognition, so as to perform hierarchical processing on the transaction request.

Next, a method for processing a transaction request provided for an embodiment of the specification will be specifically described with reference to the accompanying drawings:

fig. 2 is a flow chart of a transaction request processing method according to an embodiment of the present disclosure. From the program perspective, the execution subject of the flow may be a program or an application client that is installed on an application server.

As shown in fig. 2, the process may include the steps of:

step 202: the method comprises the steps that a server obtains a transaction request sent by a first terminal; the transaction request carries a user identifier and a location identifier of the first terminal.

In the embodiment of the specification, the user can initiate a transaction request through an application program installed in the terminal, and the server can acquire the transaction request and analyze various information carried in the transaction request. The terminal may include, but is not limited to, the following: cell phones, tablet computers, smart watches, car phones, personal computers, etc.

In general, when a user initiates a transaction request through an application program, the user needs to register the user of the application program, the transaction request received by the server can carry the identifier of the registered user, for example, the user performs a transaction through a mobile banking APP, the user of the mobile banking APP needs to register the user through a mobile phone number or a mailbox, and when the transaction is initiated, the transaction request acquired by the server can carry the user identifier of the registered user. . In practical applications, the user identifier may be an identifier generated by the server according to the registration information of the user and used for distinguishing other registered users, and the server may also determine information associated with the registered user according to the user identifier, such as a registration account number, user information, login information, transaction information, and the like.

Because the request initiated by the user through the terminal is a transaction performed through the network, the transaction request can also carry a location identifier for identifying the location of the terminal, for example, the transaction request can carry an IP address, GPS information and the like.

Step 204: and determining a first position corresponding to the position identifier.

The server may determine, according to the location identifier carried in the transaction request, a first location corresponding to the location identifier. For example, the server may determine the location corresponding to the IP address by analyzing the IP address carried in the transaction request; for another example, the server may also determine the GPS located position via GPS information.

Step 206: and sending information to be positioned including at least the mobile phone number corresponding to the user identification to a communication carrier server, wherein the information to be positioned is used for determining a second position of a terminal using a user identification card corresponding to the mobile phone number.

In practical application, when a user registers as a user of a certain APP, the user will usually use a mobile phone number to register, or there will be a mobile phone number of the user in the user profile in the APP, and the server may determine the mobile phone number corresponding to the user identifier according to the user identifier, where the user identifier may also be the mobile phone number of the user. The server may include the determined mobile phone number in the information to be located and send the information to the communication carrier server, and the communication carrier server may determine the location of the terminal using the user identification card, such as the SIM card, of the mobile phone number according to the mobile phone number.

When a user registers as a user of an APP, a user protocol is usually signed with the APP platform, the protocol can contain content allowing the APP platform to perform operator position authentication, and a server can perform operator position authentication on the user using the APP.

A communication carrier may refer to a provider that provides network communication services, such as three major communication carriers in China: china mobile, china Unicom, china telecommunications. The communication carrier server may be a server providing a network communication service corresponding to the communication carrier.

Step 208: and receiving a first positioning result returned by the communication carrier server.

In practical application, the communication carrier can determine the position of the terminal using the mobile phone number according to the mobile phone number provided by the server, and feed back the positioning result to the server.

Step 210: and judging whether the first position is consistent with the second position or not based on the first positioning result.

The server may receive a positioning result fed back by the communication carrier server, wherein the positioning result may represent a result of whether the first location and the second location are consistent. In the implementation application, the server may send the first location and the user mobile phone number to the communication carrier server, and ask the communication carrier server to confirm whether the current location of the user mobile phone number is consistent with the first location. The communication carrier server can determine the second position of the terminal using the mobile phone number through the base station positioning according to the mobile phone number of the user, and when the first position is consistent with the second position, the information indicating the consistent position can be fed back to the server, such as 'consistent' information is fed back to the server; when the first location is inconsistent with the second location, information indicative of the location inconsistency may be fed back to the server, such as "inconsistent" feedback to the server.

It should be noted that, in the embodiment of the present disclosure, the consistent positions may mean that the first position and the second position belong to the same preset range. For example, the first position is a city, and the second position is B city belonging to a city, and the first position and the second position may be considered to coincide.

Step 212: if the two verification flows are consistent, a primary verification flow is started.

Step 214: if the two verification flows are inconsistent, a second-level verification flow is started; the security level of the secondary verification process is higher than that of the primary verification process.

The server can start verification processes of different grades according to different feedback results, when the feedback positioning result shows that the first position is consistent with the second position, the transaction is considered to be safer, and a primary verification process with lower security grade can be started, for example, if the transaction verification mode set by the user is password verification, when the feedback positioning result shows that the first position is consistent with the second position, a process for prompting the user to input the password verification can be started; when the feedback positioning result indicates that the first position is inconsistent with the second position, the transaction is considered to have risk, and a secondary verification process with higher security level needs to be started, for example, a process for prompting the user to perform face recognition verification is started, so that the security of the transaction can be ensured, and in consideration of the fact that the secondary verification needs to be complicated in operation of the user or a verification mode with higher cost needs to be provided by a transaction platform, the step verification mode in the embodiment of the specification can also reduce cost and improve user experience.

According to the position information corresponding to the transaction request, the mobile phone number is utilized to position the terminal by means of the communication carrier, so that users sending the transaction request can be covered more comprehensively, the transaction request is verified through the position information of the users, and the comprehensiveness of the transaction request verification is guaranteed.

In addition, in the embodiment of the specification, the transaction request can be processed by adopting different levels of verification processes according to different positioning results, the transaction request with abnormal positions can be subjected to high-level security verification, verification of the same standard is not required for all users, and in consideration of the fact that the two-level verification requires more complicated operation of the users or a verification mode requiring higher cost of a transaction platform, the cost can be reduced and the user experience is improved by adopting the hierarchical verification mode in the embodiment of the specification.

It should be understood that the method according to one or more embodiments of the present disclosure may include the steps in which some of the steps are interchanged as needed, or some of the steps may be omitted or deleted.

Based on the foregoing, the method for processing a transaction request in the embodiment of the present disclosure may further include, before sending the information to be located including at least the mobile phone number corresponding to the user identifier to the communication carrier server:

Acquiring a trusted position corresponding to the user identifier; the trusted location is used for representing a common location of the user terminal carrying the user identifier;

judging whether the first position is consistent with the trusted position or not to obtain a second positioning result;

the sending the information to be located including at least the mobile phone number corresponding to the user identifier to the communication operator server specifically includes:

and if the second positioning result indicates that the first position is inconsistent with the trusted position, sending information to be positioned including at least the mobile phone number corresponding to the user identifier to a communication carrier server.

In practical application, before the position authentication is performed by using the communication carrier, the server may further determine whether the transaction based on the first position is at risk according to the trusted position determined according to the preset condition. The trusted location is used to represent a common location of the user terminal carrying the user identifier, and may also be understood as a common location of a user performing a transaction using a registered account.

The server may obtain a location where a transaction occurs according to transaction information of a user, for example, through IP address information carried in the transaction information, and determine an address corresponding to the IP address as a transaction address; for another example, when the user authorizes the transaction platform to use the GPS positioning function, the address obtained by the GPS positioning function may be determined as the transaction address; as another example, when a user logs into an APP to conduct an offline transaction, the user's transaction address may be determined by obtaining the location of the counterparty, and so on.

Since the trusted location may be a common address for user transactions, a risk may be present for a transaction when the first location of the transaction request does not coincide with the trusted location. In practical application, the user may leave the usual position of the transaction for some reasons, for example, the place where the user works daily is the city a, and because the user is required to go from business to city B, when the user initiates the transaction request in city B, the server obtains the address information carried in the transaction request, and obtains that the first position of the transaction request is different from the trusted position of the user, so as to further determine whether the transaction is normally initiated by the user, the position determination can be performed by means of the communication carrier. When the feedback result of the communication operator shows that the first position is consistent with the second position corresponding to the mobile phone number, starting a primary verification process; and when the first position is inconsistent with the second position corresponding to the mobile phone number, starting a secondary verification process. Therefore, the user is prevented from being disturbed due to the normal position movement of the user, and the user experience can be improved while the transaction safety is ensured.

In practical applications, the location authentication service provided by the communication carrier is usually a fee-based service, and the comparison between the first location and the trusted location is performed before the location authentication by the communication carrier, and when the first location and the trusted location are inconsistent, the information to be located including at least the mobile phone number corresponding to the user identifier is sent to the communication carrier server, so that the cost can be reduced.

Based on the above judgment whether the first position is consistent with the trusted position, a second positioning result is obtained, and after the second positioning result is obtained, the method may further include:

and if the second positioning result indicates that the first position is consistent with the trusted position, starting the primary verification process.

In the embodiment of the present disclosure, when the server determines that the first location is consistent with the trusted location, the risk of existence of the transaction may be considered to be low, the primary authentication procedure may be started, or the location may no longer be performed by means of the communications carrier. Thus, the disturbance to the normal user can be reduced, and the cost of risk control can be reduced.

In practical applications, the network access manner provided by the communication carrier for the user is different, for example, home access, roaming access, etc. When the network mode provided by the communication carrier is home access, the IP address acquired by the server is the network access address of the user, and the location corresponding to the mobile phone number located by the communication carrier through the base station is usually the actual location of the user, where the location determined by the server may be different from the location determined by the communication carrier. In this embodiment of the present disclosure, the trusted address may be a common address determined by the server according to the IP address of the user, and when the IP address of the user is the IP address of the home location, the first location obtained by the server may be different from the second location located by the communication carrier through the mobile phone number, but the first location is a common transaction location of the user.

When a user uses an APP to conduct transactions, the user of the APP needs to be registered first, after the user is registered or in the process of registering the user, a server can inquire whether the user authorizes the server to use the GPS positioning function, and after the user agrees to authorization, the server can acquire the GPS positioning information of the user when the user uses the APP.

In this embodiment of the present disclosure, the location identifier may include an identifier that indicates GPS positioning information, where the first location may specifically be a GPS positioning location determined by the GPS positioning information of the first terminal, and determining a first location corresponding to the location identifier may specifically include:

acquiring authority information of the first terminal;

judging whether the server has the authority to use the GPS positioning function of the first terminal or not based on the authority information;

and if the server has the authority of using the GPS positioning function of the first terminal, determining the GPS positioning position of the first terminal according to the GPS positioning information of the first terminal.

In the embodiment of the specification, the GPS positioning position of the user can be compared with the trusted position, whether the transaction position is abnormal or not is judged to start different verification processes, and the transaction safety can be improved.

In this embodiment of the present disclosure, the location identifier may further include an identifier indicating IP address information, where the first location may specifically be an IP location corresponding to the IP address information of the first terminal, and after determining whether the server has authority to use a GPS positioning function of the first terminal, the method may further include:

and if the server does not have the authority to use the GPS positioning function of the first terminal, determining the IP position of the first terminal according to the identification of the IP address information.

In practical application, because the user is sensitive to the position information, there may be users who do not agree with the APP to start the GPS positioning function of the user terminal, so that the proportion of the GPS information which can be successfully collected by the server of the APP is low, and further the wind control effect of the transaction is greatly affected. In the embodiment of the specification, when the user does not authorize the use of the GPS function of the terminal, the server can also determine the transaction position according to the IP address information carried in the transaction request, and perform abnormal judgment on the transaction position, so that more users can be covered, and the safety of the users is improved.

In the embodiment of the specification, the IP position can be compared with the trusted position, false IP can be identified to a certain extent, the transaction risk can be effectively identified, and the transaction safety is improved.

In order to further effectively identify the risk in the transaction and improve the security of the transaction, in this embodiment of the present disclosure, before the first-level verification process is started, the method may further include:

if the first position is consistent with the second position, acquiring equipment information and transaction counter-party information related to the transaction request;

judging whether the transaction corresponding to the transaction request hits the weak wind control strategy according to the equipment information and the transaction counter-party information, and obtaining a first judgment result;

if the first judgment result is negative, the primary verification process is started;

and if the first judgment result is yes, starting the secondary verification process.

The primary verification flow in the embodiment of the specification can be a verification mode with simple processing procedure and lower security level, or a verification mode which can be completed by the server without other third party services, such as password verification, password verification and the like. For example, the user uses a certain mobile phone bank APP to conduct transactions, and the server of the mobile phone bank APP can provide a password verification mode for the user, and the password can be a password set by the user. After the user sets the password, the server can store the corresponding relation between the password and the user, and when the user performs the transaction, the user can be verified by utilizing whether the stored password is consistent with the password input by the user during the transaction.

The secondary verification process can be a verification mode with complex processing procedure and high security level, or a verification mode which can be completed by a server under the condition of needing other third party services, such as fingerprint identification, face identification, iris identification, short message dynamic verification code and the like. For example, when a user uses a certain mobile phone bank APP to conduct transactions, the user needs higher technical support because the face recognition process is complex, and the mobile phone bank APP which considers factors such as technology or cost does not have a face recognition function, and can recognize the face only by means of technical service provided by a third party.

In practical application, the secondary verification process can also be a new verification mode added on the basis of the processing mode of the primary verification process. For example, the first-level verification process may be performed by password verification, and the second-level verification process may be performed by password verification and then dynamic code verification. The specific manner of primary verification and secondary verification in the present specification is not particularly limited, as long as the actual requirements are satisfied.

The weak wind control strategy can be used for judging whether the transaction has risk under a certain condition and setting a risk judging rule.

In order to more accurately identify transaction risks and ensure the security of transactions, in the embodiment of the present disclosure, when the first position is consistent with the second position, whether the transaction is at risk or not may be further determined according to device information and transaction opponent information included in the transaction request, and when it is determined that the device initiating the transaction request or the transaction opponent is at risk, a secondary verification process with a higher security level may be started; when it is determined that the device that initiated the transaction request and the transaction adversary are not at risk, the risk of the transaction may be considered to be low, and a primary authentication process with a low security level may be initiated.

Wherein, the determining whether the transaction corresponding to the transaction request hits the weak wind control policy may specifically include:

judging whether the equipment information hits equipment information wind control conditions or whether the transaction counter-party information hits transaction counter-party information wind control conditions;

the device information wind control conditions specifically may include: the first terminal is any one of new equipment, unbound equipment and very-used equipment;

the transaction counter-party information wind control conditions specifically may include: the transaction counter-party of the transaction is any one of an untrusted transaction counter-party and an historic transaction counter-party.

In the embodiment of the specification, whether the transaction corresponding to the transaction request has risk or not can be judged from the equipment information and the transaction counter-party information.

Wherein the new device may be a terminal for which no transaction related to said user identity has occurred; for example, when a user logs in to a user account for the first time in a terminal, the terminal is a new device for the user account.

The unbound device may be a device that does not have a binding relationship with the account corresponding to the user identification. In practical application, after a user registers as a user of a certain APP, a binding device may be set in the APP, or an operating device may be set as a binding device by default, a user may set a device that is frequently logged in using the account as a binding device, and a server may store information of the binding device, for example, a device name, a model number, an IMEI (International Mobile Equipment Identity, an international mobile equipment identifier) and the like.

The common device may be a device that registers the account corresponding to the user identifier for less than a predetermined number of times in a preset time period, or may be a device that registers the account corresponding to the user identifier for less than a predetermined time in a preset time period. In practical application, the server may record the login condition of the user account, and may determine that the device that frequently logs in the user account in the last period of time is a common device, and the device different from the common device is a very common device. Wherein the server can distinguish the devices by their IMEI codes.

The exception device may be a device that has been exception processed or eliminated, such as a brushed device, a jail-broken device, an older model device, a lower operating system version device, and so forth.

The non-trusted transaction opponent can be a user who does not transact the account corresponding to the user identifier in a preset time period, or can be a transaction opponent party added to a list by the user. A non-historical trading opponent may be an account that has been traded from an account that does not correspond to a user identification. In practical application, the server can record historical transaction information of the user account, wherein the historical transaction information can contain account information of the transaction counter party, and further the server can determine whether the transaction counter party corresponding to the transaction request has risks.

In practical application, whether the weak wind control strategy is hit in the transaction can be judged according to the preset priority order, the risk of the transaction request is higher as long as any risk factor in the weak wind control strategy is hit, a secondary verification process with higher security level needs to be started, the judgment of the risk factor can be terminated, the risk determination speed can be improved, the transaction request processing speed is improved, and the server resources are saved. Table 1 below shows the priorities corresponding to the risk factors in the weak wind control strategy, and the judgment results.

Priority level	Risk factors	Judgment result
			1	New device	The equipment is at risk
2	Very common equipment	The equipment is at risk
			3	Unbound device	The equipment is at risk
4	Untrusted transaction counter-parties	Risk to counter-parties
			5	Non-historical transaction counter-parties	Risk to counter-parties

TABLE 1

Assuming that a user logs in a mobile banking APP to initiate a transaction request in a terminal, a server can acquire a terminal identification code carried in the transaction request, firstly, whether the terminal is new equipment is judged through the identification code, and when the terminal is judged to be the new equipment, a risk result of the equipment can be obtained, which means that the user is required to perform secondary verification with higher security level, and the judgment of risk factors can be ended; when the terminal is judged not to be a new device, whether the terminal is an extremely-used binding device can be continuously judged, when the terminal is judged not to be an extremely-used device, whether the terminal is an unbound device can be continuously judged, when the terminal is judged not to be an extremely-used device, whether the transaction counter party is an untrusted transaction counter party can be continuously judged through the transaction counter party information carried in the transaction request, when the transaction counter party is an untrusted transaction counter party, the fact that a user is required to perform secondary verification with higher security level is indicated, and the judgment of the risk factor can be ended. When no risk factor exists in the transaction request, the risk that the transaction exists can be determined to be low, and a primary verification process can be started; when any risk factor exists, the judgment of the risk factor can be stopped, the risk that the transaction exists can be determined to be higher, and a primary verification process can be started.

In order to improve the experience of the user, before the second-level verification process is started, the embodiment of the present disclosure may further include:

if the first position is inconsistent with the second position, acquiring equipment information, transaction counter-party information, transaction time information and transaction amount information related to the transaction request;

judging whether the transaction corresponding to the transaction request hits a strong wind control strategy or not according to the equipment information, the transaction counter-party information, the transaction time information and the transaction amount information, and obtaining a second judgment result;

if the second judgment result is negative, starting the primary verification process;

and if the second judgment result is yes, starting the secondary verification process.

In the embodiment of the present disclosure, the strong wind control policy may be used for determining, under a certain condition, whether a risk exists in a transaction, and set risk determination rules, where the risk determination rules corresponding to the strong wind control policy may be more than the risk determination rules corresponding to the weak wind control policy, so that the related determination range is wider, and accuracy and comprehensiveness of risk determination are improved by determining multiple determination conditions.

Wherein, judging whether the transaction corresponding to the transaction request hits the strong wind control strategy or not may specifically include:

Judging whether the equipment information hits equipment information wind control conditions, or whether the transaction counter party information hits transaction counter party information wind control conditions, or whether the transaction time information hits transaction time information wind control conditions, or whether the transaction amount information hits transaction amount information wind control conditions;

the equipment information wind control conditions specifically comprise: the first terminal is any one of new equipment, unbound equipment and very-used equipment;

the transaction counter-party information wind control conditions specifically comprise: the transaction counter party of the transaction is any one of an untrusted transaction counter party and an historic transaction counter party;

the trade time information wind control condition specifically comprises: the transaction time of the transaction is high-risk transaction time;

the transaction amount information wind control conditions specifically comprise: whether the transaction amount of the transaction is outside the form of the preset safe transaction amount. In the embodiment of the specification, whether the transaction corresponding to the transaction request has risk or not can be judged from the aspects of equipment information, transaction counter-party information, transaction time information, transaction amount information and the like.

In practical application, after the first position and the second position are inconsistent, whether the transaction hits the strong wind control strategy or not can be judged according to the preset priority order, the risk of the transaction request is high as long as any risk factor in the strong wind control strategy is hit, a secondary verification process with high security level needs to be started, the judgment of the risk factor can be terminated, the risk determination speed can be improved, the transaction request processing speed is improved, and the server resources are saved. Table 2 below shows the priorities corresponding to the risk factors and the judgment results.

Priority level	Risk factors	Judgment result
			1	New device	The equipment is at risk
2	Very common equipment	The equipment is at risk
			3	Unbound device	The apparatus being in the presence of windRisk of
4	Untrusted transaction counter-parties	Risk to counter-parties
			5	Non-historical transaction counter-parties	Risk to counter-parties
6	High risk transaction time	The transaction time is at risk
			7	Abnormal transaction amount	The transaction amount is at risk

TABLE 2

In practical applications, when the first location is inconsistent with the second location, in order to determine whether the transaction request actually has high risk, the risk condition in the transaction request may be further determined according to a multi-dimensional risk factor. The risk judgment rule shown in table 2 can be obtained by adding the risk judgment factors such as the high risk transaction time and the abnormal transaction amount to the above table 1. Through the multi-dimensional risk judgment, whether the transaction request has high risk or not can be accurately judged, and whether the secondary verification process is started or not can be judged, so that the safety is ensured, the disturbance to the user can be reduced as much as possible, and the user experience is improved.

Some of the contents in table 2 are referred to the description of table 1 above, and the description is not repeated here. The high-risk transaction time in table 2 may be a transaction time outside the preset time, for example, the user often transacts in the daytime, and the time of a certain transaction request is 3 a.m., which can be considered as the high-risk transaction time; the abnormal transaction amount may be a transaction amount outside of a preset amount rule, for example, a near-integer transaction amount with a transaction amount of approximately 999.99 is typically rarely performed by the user, and when the transaction amount represented in the transaction request is a near-integer amount, the transaction time of the transaction request may be considered to be an abnormal transaction amount.

In the embodiment of the present disclosure, when any risk factor exists in the transaction request, it may be determined that the transaction request has a higher risk, and a secondary verification with a higher security level is required; when any risk factor does not exist in the transaction request, the transaction request can be determined to have lower risk, and the first-level verification with lower security level can be performed.

It should be noted that the contents in table 1 and table 2 are only examples for more clearly describing the contents in the embodiments of the present disclosure, and the risk judging rule may be set according to actual needs, and is not limited herein.

Based on the foregoing, the transaction request processing method provided in the present disclosure may also be represented as a flowchart shown in fig. 3, and fig. 3 is a schematic flow chart of a transaction request processing method provided in the embodiment of the present disclosure. As shown in fig. 3, in a practical application, the method in the embodiment of the present disclosure may include:

step 301, firstly, a user logs in an APP and initiates a transaction request; after the user successfully logs in, the APP can display a message asking whether the user authorizes to use the GPS positioning function or not, and the message is used for the user to select whether the user authorizes the APP to use the GPS positioning function of the terminal or not.

Step 302: after the user logs in the APP or initiates a transaction request, the server can judge whether the user terminal has the authority to use the GPS positioning function of the user terminal.

Step 303: after the user authorizes the APP to use the GPS positioning authority, the server can acquire the GPS position for sending the transaction request.

Step 304: the server may also determine the trusted location at the time the transaction request was received based on the user's history information.

Step 305: based on the trusted location, the server may determine whether the acquired GPS location is consistent with the trusted location.

If the GPS location is consistent with the trusted location, which indicates that the risk of the transaction is low, it is further required to determine whether the transaction corresponding to the transaction request hits the weak wind control policy, as shown in step 308.

When the transaction corresponding to the transaction request does not hit the weak wind control policy, the probability that the transaction has risk is lower, and in step 310, the server may start a primary verification process to prompt the user to perform primary verification with a lower security level.

When the transaction corresponding to the transaction request hits the weak wind control policy, the probability that the transaction has risk is higher, in step 311, the server may start the secondary verification process, and prompt the user to perform the secondary verification with higher security level.

Step 306: if the GPS position is inconsistent with the trusted position, the GPS position and the mobile phone number corresponding to the user account number can be sent to a communication operator;

step 307: the communication carrier can determine the second location of the terminal using the mobile phone number according to the mobile phone number, and can feed back the result of whether the GPS location is consistent with the second location to the server.

If the feedback result received by the server indicates that the GPS position is consistent with the second position, as in step 308, it is further determined whether the transaction corresponding to the transaction request hits the weak wind control policy.

If the feedback result received by the server indicates that the GPS position is inconsistent with the second position, as shown in step 309, it is further determined whether the transaction corresponding to the transaction request hits the strong wind control policy.

If the transaction corresponding to the transaction request does not hit the strong wind control policy, the probability that the transaction has risk is lower, and the step 310 may be executed; if the transaction corresponding to the transaction request hits the strong wind control policy, the probability that the transaction has risk is high, and the step 311 may be executed.

The above-mentioned content is mainly the processing procedure of the transaction request initiated by the user when the user is authorized to use the GPS positioning authority, the method in the embodiment of the present specification can also be applied to the scenario that the user is not authorized to use the GPS positioning authority,

When the user does not authorize the APP to use the GPS positioning function of the terminal, in step 312, the server may determine the IP location corresponding to the transaction request according to the IP address information carried in the transaction request.

The server may obtain the trusted location as in step 304 above.

Step 313: based on the trusted location, the server may determine whether the acquired IP location is consistent with the trusted location.

If the IP location matches the trusted location, indicating that there is a low probability that the transaction is at risk, the step shown in step 308 may be performed, and further step 310 or step 311 may be performed.

Step 314: if the IP position is inconsistent with the trusted position, the IP position and the mobile phone number corresponding to the user account number can be sent to a communication operator;

step 315: the communication carrier can determine the second location of the terminal using the mobile phone number according to the mobile phone number, and can feed back the result of whether the IP location is consistent with the second location to the server.

If the feedback result received by the server indicates that the IP location is consistent with the second location, which indicates that the risk of the transaction is low, the step shown in step 308 may be performed, and further step 310 or step 311 may be performed.

If the feedback result received by the server indicates that the IP location is inconsistent with the second location, which indicates that the risk of the transaction is high, the step shown in step 309 may be performed, and further step 310 or step 311 may be performed.

In this embodiment of the present disclosure, the obtaining the trusted location corresponding to the user identifier may specifically include:

determining history information corresponding to the user identification based on the user identification;

obtaining a predicted trusted location set based on the history information; the estimated trusted location set comprises at least one estimated trusted location;

determining the credibility of each estimated credible position based on the historical record information;

and determining the estimated trusted location with the highest degree of reliability as the trusted location.

In practical application, the user logs in the APP for transaction, the server can log in the user's login information, transaction information and other contents, and when the user does not conduct transaction, the server can record the time and duration of account logging in the APP, browsing information in the APP and the like.

The credibility can be understood as credibility, and can be expressed as a specific numerical form according to a preset mapping relation; the set of estimated trusted locations may be understood as a set of all locations that appear in the history information corresponding to the user identification. The server can determine the credibility of each position according to a preset mapping relation, and the position with the highest credibility is determined as the credible position.

In the embodiment of the present specification, the history information may include history login information; the determining the credibility of each estimated credible position based on the history information may specifically include:

based on the historical login information, counting the historical login times of each estimated trusted location;

and determining the credibility of each estimated credible position according to the historical login times.

In practical application, the server may count the historical login times corresponding to each estimated trusted location, and determine the credibility of each estimated trusted location according to the preset relationship between the historical login times and the credibility. The historical login times may refer to the historical times of successfully logging in the user account. Assuming that the user successfully logs in a certain mobile banking APP 5 times at the first address and the same user successfully logs in the mobile banking APP 3 times at the second address, the reliability of the first address can be determined to be 5, and the reliability of the second address can be determined to be 3.

The determining the credibility of each estimated credible position based on the history information may specifically include:

Based on the historical login information, counting the accumulated historical login time length of each estimated trusted location;

and determining the credibility of each estimated credible position according to the accumulated historical login time length.

In practical application, the server may count the cumulative historical login time length corresponding to each estimated trusted location, and determine the credibility of each estimated trusted location according to the relationship between the preset cumulative historical login time length and the credibility. Assuming that the user has a length of 4 days for the first address accumulation history and a length of 2 for the second address accumulation history, the reliability of the first address may be determined to be 4 and the reliability of the second address may be determined to be 2.

Wherein, the history information may further include history transaction information; the determining the credibility of each estimated credible position based on the history information specifically comprises the following steps: based on the historical transaction information, counting historical successful transaction times of each estimated trusted location; and determining the credibility of each estimated credibility position according to the historical successful transaction times.

In practical application, the server may also count the historical successful transaction times corresponding to each estimated trusted location, and determine the credibility of each estimated trusted location according to the preset relationship between the historical successful transaction times and the credibility. Assuming that the number of successful transactions of the user is 5 days at the first address and the length of the cumulative history login time of the second address is 2, the reliability of the first address is determined to be 10, and the reliability of the second address is determined to be 4.

Based on the above method for determining the credibility, in the embodiment of the present disclosure, the credibility of each estimated credibility position may be determined by comprehensively considering the historical login times, the accumulated historical login time length, and the historical successful transaction times in the historical record information. For example, the credibility of the estimated credibility position is obtained by adding the credibility corresponding to the historical login times, the accumulated historical login time length and the historical successful transaction times respectively. The method for determining the reliability may be set according to the requirement, and is not particularly limited herein.

In practical applications, there may be no or insufficient user history information in the server, for example, when a newly registered user logs in the APP for the first time to initiate a transaction, there may be only location information of the user logged in the server, and there may be insufficient history information to determine the trusted location of the user. In order to more comprehensively ensure the safety of the user, in the embodiment of the present disclosure, the obtaining the trusted location corresponding to the user identifier specifically includes:

when the history record information corresponding to the user identification does not exist;

acquiring registration information of a user based on the user identification; the registration information is information generated when the user registers an application program corresponding to the server; the user identification is an identification distributed to the server for the user of the application program based on the registration information;

Based on the registration information, determining bank card information bound by the user in the application program;

determining a card issuing row position based on the bank card information;

and determining the card issuing row position as the trusted position.

In the implementation application, when a user registered as a user of a certain application program carries out a transaction, a bank card is usually bound first, the transaction is carried out by means of a bank card account number, and in order to effectively identify the transaction risk of a newly registered user, the card issuing bank position can be determined as a trusted position. Where an issuer may be an institution that may refer to an issuing bank card.

In this embodiment of the present disclosure, the obtaining the trusted location corresponding to the user identifier may specifically further include:

acquiring registration information of a user based on the user identification; the registration information is information generated when the user registers an application program corresponding to the server; the user identification is a specific identification allocated to the server for the user of the application program based on the registration information;

determining information of a user residence place provided by the user based on the bank card information;

The user residence is determined to be the trusted location.

In practical application, the user can fill in residence information when applying for the bank card, and when the user uses the bank card to initiate a transaction request on a certain transaction platform, the server can acquire residence information filled by the user according to a related protocol, and the residence is determined to be a trusted position.

In the embodiment of the present specification, when the first location does not coincide with the trusted location, information indicating the first location may be transmitted to the communication carrier server, and location authentication may be performed by the communication carrier. To improve accuracy of risk determination, the trusted location may also be sent to the communications carrier server so that the communications carrier server determines whether the trusted location is consistent with the second location. For example, the determined issuer location and/or the user residence may be transmitted to a communications carrier server, and the communications carrier server may feed back to the server a result of whether the issuer location and/or the user residence corresponds to the second location. When the card issuing position is consistent with the second position, the card issuing position can be determined to be a trusted position, and the credibility of the card issuing position can be correspondingly increased; when the residence is consistent with the second location, the residence may be determined to be a trusted location, and the trustworthiness of the residence may be increased accordingly.

In practical application, when the card issuing line location and the residence belong to the same county or city, the card issuing line location and the residence can be considered to be the same, and any location can be sent to the communication carrier server for location authentication.

Based on the same thought, the embodiment of the specification also provides a device corresponding to the method. Fig. 4 is a schematic structural diagram of a processing device corresponding to the transaction request of fig. 2 according to an embodiment of the present disclosure. As shown in fig. 4, the apparatus may include:

a transaction request acquisition module 402, configured to acquire a transaction request sent by a first terminal; the transaction request carries a user identifier and a position identifier of the first terminal;

a first location determining module 404, configured to determine a first location corresponding to the location identifier;

a to-be-located information sending module 406, configured to send to a communication carrier server to-be-located information including at least a mobile phone number corresponding to the user identifier, where the to-be-located information is used to determine a second location of a terminal using a subscriber identity card corresponding to the mobile phone number;

a positioning result receiving module 408, configured to receive a first positioning result returned by the communication carrier server;

A position determining module 410, configured to determine, based on the first positioning result, whether the first position is consistent with the second position;

a primary verification initiation module 412, configured to initiate a primary verification process if the first location is consistent with the second location;

a second-level verification starting module 414, configured to start a second-level verification process if the first location is inconsistent with the second location; the security level of the secondary verification process is higher than that of the primary verification process.

The device in the embodiment of the present specification may further include:

the trusted position acquisition module is used for acquiring a trusted position corresponding to the user identifier; the trusted location is used for representing a common location of the user terminal carrying the user identifier;

the position judging module is used for judging whether the first position is consistent with the trusted position or not to obtain a second positioning result;

the to-be-positioned information sending module is specifically configured to send to a communication carrier server to be positioned information including at least a mobile phone number corresponding to the user identifier if the second positioning result indicates that the first position is inconsistent with the trusted position.

Wherein, the primary verification start module 412 may be further configured to:

Wherein the location identifier may include an identifier representing GPS location information, the first location may specifically be a GPS location determined by the GPS location information of the first terminal, and the first location determining module 404 may specifically be configured to:

acquiring authority information of the first terminal;

The location identifier in this embodiment of the present disclosure may further include an identifier that indicates IP address information, where the first location may specifically be an IP location corresponding to the IP address information of the first terminal, and the first location determining module 404 may further be further configured to:

The apparatus in the embodiment of the present disclosure may further include a first risk determination module, configured to:

The apparatus in the embodiment of the present specification may further include a second risk determination module, configured to:

The trusted location obtaining module may specifically be configured to:

and determining the estimated trusted location with the highest degree of reliability as the trusted location. .

Based on the same thought, the embodiment of the specification also provides equipment corresponding to the method.

Fig. 5 is a schematic structural diagram of a processing device corresponding to the transaction information of fig. 2 according to an embodiment of the present disclosure. As shown in fig. 5, the apparatus 500 may include:

at least one processor 510; the method comprises the steps of,

a memory 530 communicatively coupled to the at least one processor; wherein,,

the memory 530 stores instructions 520 executable by the at least one processor 510, the instructions being executable by the at least one processor 510 to enable the at least one processor 510 to:

determining a first position corresponding to the position identifier;

Based on the same thought, the embodiment of the specification also provides a computer readable medium corresponding to the method. Computer readable instructions stored on a computer readable medium, the computer readable instructions being executable by a processor to perform a method of:

Determining a first position corresponding to the position identifier;

In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. For example, for the transaction request processing device shown in fig. 4, since it is substantially similar to the method embodiment, the description is relatively simple, and the relevant points are referred to in the description of the method embodiment.

In the 90 s of the 20 th century, improvements to one technology could clearly be distinguished as improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) or software (improvements to the process flow). However, with the development of technology, many improvements of the current method flows can be regarded as direct improvements of hardware circuit structures. Designers almost always obtain corresponding hardware circuit structures by programming improved method flows into hardware circuits. Therefore, an improvement of a method flow cannot be said to be realized by a hardware entity module. For example, a programmable logic device (Programmable Logic Device, PLD) (e.g., field programmable gate array (Field Programmable Gate Array, FPGA)) is an integrated circuit whose logic function is determined by the programming of the device by a user. The designer programs itself to "integrate" a digital system onto a single PLD without requiring the chip manufacturer to design and fabricate application specific integrated circuit chips. Moreover, nowadays, instead of manually manufacturing integrated circuit chips, such programming is mostly implemented by using "logic compiler" software, which is similar to the software compiler used in program development and writing, and the original code before the compiling is also written in a specific programming language, which is called hardware description language (Hardware Description Language, HDL), but not just one of the hdds, but a plurality of kinds, such as ABEL (Advanced Boolean Expression Language), AHDL (Altera Hardware Description Language), confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), lava, lola, myHDL, PALASM, RHDL (Ruby Hardware Description Language), etc., VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog are currently most commonly used. It will also be apparent to those skilled in the art that a hardware circuit implementing the logic method flow can be readily obtained by merely slightly programming the method flow into an integrated circuit using several of the hardware description languages described above.

The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer readable medium storing computer readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, application specific integrated circuits (Application Specific Integrated Circuit, ASIC), programmable logic controllers, and embedded microcontrollers, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, atmel AT91SAM, microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic of the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller may thus be regarded as a kind of hardware component, and means for performing various functions included therein may also be regarded as structures within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.

The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present application.

It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.

Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.

Claims

1. A method of processing a transaction request, comprising:

determining a first position corresponding to the position identifier;

acquiring a trusted position corresponding to the user identifier; the credibility of the credibility position is obtained by comprehensively considering the credibility corresponding to the historical login times of the historical record information, the credibility corresponding to the accumulated historical login time length of the historical record information and the credibility corresponding to the historical successful transaction times of the historical record information, wherein the historical record information is the historical record information corresponding to the user identifier;

if the first position is inconsistent with the trusted position, sending information to be positioned including at least a mobile phone number corresponding to the user identifier to a communication operator server, wherein the information to be positioned is used for determining a second position of a terminal using a user identification card corresponding to the mobile phone number; the mobile phone number is a mobile phone number used by a user to register an account number at the server;

2. The method of claim 1, before the sending the information to be located including at least the mobile phone number corresponding to the user identifier to the communication carrier server, further comprising:

3. The method of claim 2, further comprising, after the obtaining the second positioning result:

4. The method according to claim 1, the location identity comprising an identity representing GPS positioning information, the first location being in particular a GPS positioning location determined by the GPS positioning information of the first terminal, the determining the first location to which the location identity corresponds in particular comprising:

acquiring authority information of the first terminal;

5. The method according to claim 4, wherein the location identifier includes an identifier indicating IP address information, and the first location is specifically an IP location corresponding to the IP address information of the first terminal, and after the determining whether the server has the authority to use the GPS positioning function of the first terminal, further includes:

6. The method of claim 1, further comprising, prior to the initiating the primary authentication procedure:

7. The method of claim 6, wherein the determining whether the transaction corresponding to the transaction request hits the weak wind policy specifically comprises:

The transaction counter-party information wind control conditions specifically comprise: the transaction counter-party of the transaction is any one of an untrusted transaction counter-party and an historic transaction counter-party.

8. The method of claim 1, further comprising, prior to the initiating the secondary authentication procedure:

9. The method of claim 8, wherein determining whether the transaction corresponding to the transaction request hits a strong wind control policy specifically comprises:

the transaction amount information wind control conditions specifically comprise: whether the transaction amount of the transaction is outside the form of the preset safe transaction amount.

10. The method of claim 2, wherein the obtaining the trusted location corresponding to the user identifier specifically includes:

11. The method of claim 10, the history information comprising history log information; the determining the credibility of each estimated credible position based on the history information specifically comprises the following steps:

12. The method according to claim 10, wherein the history information includes history log information, and the determining the credibility of each estimated credible position based on the history information specifically includes:

13. The method of claim 10, the historic record information comprising historic transaction information; the determining the credibility of each estimated credible position based on the history information specifically comprises the following steps:

based on the historical transaction information, counting historical successful transaction times of each estimated trusted location; and determining the credibility of each estimated credibility position according to the historical successful transaction times.

14. The method of claim 2, wherein the obtaining the trusted location corresponding to the user identifier specifically includes:

determining a card issuing row position based on the bank card information;

and determining the card issuing row position as the trusted position.

15. The method of claim 2, wherein the obtaining the trusted location corresponding to the user identifier specifically includes:

the user residence is determined to be the trusted location.

16. A transaction request processing apparatus, comprising:

the trusted position acquisition module is used for acquiring a trusted position corresponding to the user identifier; the credibility of the credibility position is obtained by comprehensively considering the credibility corresponding to the historical login times of the historical record information, the credibility corresponding to the accumulated historical login time length of the historical record information and the credibility corresponding to the historical successful transaction times of the historical record information, wherein the historical record information is the historical record information corresponding to the user identifier;

the to-be-positioned information sending module is used for sending to a communication carrier server to be positioned information at least comprising a mobile phone number corresponding to the user identification if the first position is inconsistent with the trusted position, wherein the to-be-positioned information is used for determining a second position of a terminal using a user identification card corresponding to the mobile phone number; the mobile phone number is a mobile phone number used by a user to register an account number at the server;

The positioning result receiving module is used for receiving a first positioning result returned by the communication carrier server;

17. The apparatus of claim 16, further comprising:

18. The apparatus of claim 17, the primary authentication initiation module further to:

19. The apparatus according to claim 16, said location identity comprising an identity representing GPS positioning information, said first location being in particular a GPS positioning location determined by GPS positioning information of said first terminal, said first location determining module being in particular configured to:

acquiring authority information of the first terminal;

20. The apparatus of claim 19, the location identifier comprising an identifier representing IP address information, the first location being in particular an IP location corresponding to the IP address information of the first terminal, the first location determining module being further configured to:

21. The apparatus of claim 16, further comprising a first risk determination module configured to:

22. The apparatus of claim 16, further comprising a second risk determination module configured to:

23. The apparatus of claim 17, the trusted location acquisition module being specifically configured to:

24. A transaction request processing device, comprising:

at least one processor; the method comprises the steps of,

a memory communicatively coupled to the at least one processor; wherein,,

determining a first position corresponding to the position identifier;