CN118247053A - Transaction event identification method and device, processor and electronic equipment - Google Patents
Transaction event identification method and device, processor and electronic equipment Download PDFInfo
- Publication number
- CN118247053A CN118247053A CN202410423647.9A CN202410423647A CN118247053A CN 118247053 A CN118247053 A CN 118247053A CN 202410423647 A CN202410423647 A CN 202410423647A CN 118247053 A CN118247053 A CN 118247053A
- Authority
- CN
- China
- Prior art keywords
- suspicious
- feature
- transaction
- determining
- type
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 230000006399 behavior Effects 0.000 claims description 117
- 230000002159 abnormal effect Effects 0.000 claims description 43
- 238000012545 processing Methods 0.000 claims description 12
- 238000005516 engineering process Methods 0.000 abstract description 6
- 238000004590 computer program Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 8
- 238000001514 detection method Methods 0.000 description 6
- 230000000694 effects Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 238000012546 transfer Methods 0.000 description 5
- 238000000605 extraction Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 206010000117 Abnormal behaviour Diseases 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The application discloses a transaction event identification method, a transaction event identification device, a processor and electronic equipment. The application relates to the technical field of financial science and technology, which comprises the following steps: acquiring customer behavior information, customer warehouse holding information and transaction behavior information associated with a transaction event to be identified; determining a first suspicious characteristic from the customer behavior information, determining a second suspicious characteristic from the customer holding information, and determining a third suspicious characteristic from the transaction behavior information; and determining the event type of the transaction event according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic. The application solves the problem of lower accuracy of transaction event identification in the related technology.
Description
Technical Field
The application relates to the technical field of financial science and technology, in particular to a transaction event identification method, a transaction event identification device, a processor and electronic equipment.
Background
In the prior art, when transaction events are identified, related data are collected, counted and detected mainly manually. However, by identifying and detecting the transaction event manually, the working efficiency is low, and the problem of low identification accuracy of the transaction event is caused by the fact that false report and missing report are easy to occur.
Aiming at the problem of low recognition accuracy of transaction events in the related art, no effective solution is proposed at present.
Disclosure of Invention
The application mainly aims to provide a transaction event identification method, a transaction event identification device, a processor and electronic equipment, so as to solve the problem of low processing efficiency of transaction events in the related technology.
To achieve the above object, according to one aspect of the present application, there is provided a transaction event recognition method. The method comprises the following steps: acquiring customer behavior information, customer warehouse holding information and transaction behavior information associated with a transaction event to be identified; determining a first suspicious characteristic from the customer behavior information, determining a second suspicious characteristic from the customer holding information, and determining a third suspicious characteristic from the transaction behavior information; and determining the event type of the transaction event according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic.
To achieve the above object, according to another aspect of the present application, there is provided a transaction event recognition apparatus. The device comprises: the acquisition unit is used for acquiring the customer behavior information, the customer warehouse holding information and the transaction behavior information associated with the transaction event to be identified; the first determining unit is used for determining a first suspicious characteristic from the client behavior information, a second suspicious characteristic from the client warehouse-holding information and a third suspicious characteristic from the transaction behavior information; and the second determining unit is used for determining the event type of the transaction event according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic.
Optionally, in the transaction event recognition device provided in the embodiment of the present application, the second determining unit includes: the first determining module is used for determining that the transaction event is a suspicious transaction event of a target suspicious type under the condition that the suspicious feature combination belongs to the feature combination of the target suspicious type; and the second determining module is used for determining that the transaction event is a normal transaction event in the case that the suspicious feature combination does not belong to the feature combination of the target suspicious type.
Optionally, in the transaction event identifying device provided in the embodiment of the present application, the first determining module is configured to include: the system comprises a first acquisition sub-module, a second acquisition sub-module and a third acquisition sub-module, wherein the first acquisition sub-module is used for acquiring a plurality of first feature combinations of a first combination type, the first feature combinations are intersection combinations of suspicious features of customer behavior information, suspicious features of customer holding information and suspicious features of transaction behavior information, and the target suspicious feature combinations comprise the plurality of first feature combinations; and the first determining submodule is used for determining that the transaction event is a suspicious transaction event of a first suspicious type when the first feature combination of the first suspicious type matched with the suspicious feature combination is determined from a plurality of first feature combinations, wherein the target suspicious type comprises the first suspicious type.
Optionally, in the transaction event recognition device provided by the embodiment of the present application, the first determining module includes: the second obtaining submodule is used for obtaining a plurality of second feature combinations of a second combination type, wherein the second feature combinations are union combinations of suspicious features of customer behavior information, suspicious features of customer holding information and suspicious features of transaction behavior information, and the target suspicious type feature combinations comprise a plurality of second feature combinations; and the second determining submodule is used for determining that the transaction event is a suspicious transaction event of a second suspicious type when a second feature combination of the second suspicious type matched with the suspicious feature combination is determined from a plurality of second feature combinations, wherein the target suspicious type comprises the second suspicious type.
Optionally, in the transaction event recognition device provided in the embodiment of the present application, the first determining unit includes: the first acquisition module is used for determining abnormal customer behavior information conforming to a first preset rule from the customer behavior information and acquiring first suspicious characteristics matched with the abnormal customer behavior information; the first determination unit includes: the second acquisition module is used for determining abnormal bin holding behavior information conforming to a second preset rule from the client bin holding information and acquiring second suspicious characteristics matched with the abnormal bin holding behavior information; the first determination unit includes: the third acquisition module is used for determining abnormal transaction behavior information conforming to a third preset rule from the transaction behavior information and acquiring a third suspicious characteristic matched with the abnormal transaction behavior information.
Optionally, in the transaction event recognition device provided by the embodiment of the present application, the device further includes: the generation module is used for generating an identification report of the transaction event according to the suspicious characteristic combination and the event type after determining the event type of the transaction event, and sending the identification report to a business person, wherein the business person carries out event processing matched with the identification result on the transaction event according to the identification result of the identification report.
According to the application, the suspicious characteristic extraction is carried out on the client behavior information, the client warehouse holding information and the transaction behavior information associated with the transaction event, and then the event type of the transaction event is matched and determined according to the suspicious characteristic combination of the determined first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic, so that the aim of identifying and detecting the transaction time through comprehensive, comprehensive and complete suspicious characteristics in multiple dimensions is achieved, and the technical effect of improving the identification accuracy of the transaction event is realized.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application. In the drawings:
FIG. 1 is a flow chart of a transaction event recognition method provided in accordance with an embodiment of the present application;
FIG. 2 is a schematic diagram of a transaction event recognition device provided in accordance with an embodiment of the present application;
fig. 3 is a schematic diagram of a transaction event recognition electronic device provided according to an embodiment of the present application.
Detailed Description
It should be noted that, without conflict, the embodiments of the present application and features of the embodiments may be combined with each other. The application will be described in detail below with reference to the drawings in connection with embodiments.
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate in order to describe the embodiments of the application herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be noted that, related information (including, but not limited to, user equipment information, user personal information, etc.) and data (including, but not limited to, data for presentation, analyzed data, etc.) related to the present disclosure are information and data authorized by a user or sufficiently authorized by each party. For example, an interface is provided between the system and the relevant user or institution, before acquiring the relevant information, the system needs to send an acquisition request to the user or institution through the interface, and acquire the relevant information after receiving the consent information fed back by the user or institution.
The application will be described with reference to preferred implementation steps, and fig. 1 is a flowchart of a transaction event recognition method according to an embodiment of the application, as shown in fig. 1, and the method includes the following steps:
step S101, acquiring customer behavior information, customer warehouse holding information and transaction behavior information associated with a transaction event to be identified;
step S102, determining a first suspicious characteristic from the customer behavior information, determining a second suspicious characteristic from the customer holding information, and determining a third suspicious characteristic from the transaction behavior information;
Step S103, determining the event type of the transaction event according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic.
Alternatively, in the present embodiment, the transaction event recognition method described above may be, but is not limited to, applied to a detection recognition scenario of an abnormal transaction event. Under the scene, on one hand, whether abnormal detection of transaction events is lack of perfect unified standard by each fund company, so that the situation of missing report and false report occurs in the process of detecting, analyzing and reporting the transaction events; on the other hand, when identifying whether a transaction event is abnormal, the related data is collected, counted and detected mainly in a manual mode, so that the working efficiency is low, and the false alarm is easy to occur, so that the technical problem of low identification accuracy of the transaction event is caused.
For the problem of low recognition accuracy of the transaction event, by using the transaction event recognition method provided by the embodiment, suspicious characteristic extraction is performed on the client behavior information, the client warehouse holding information and the transaction behavior information related to the transaction event, and then the event type of the transaction event is matched and determined according to the suspicious characteristic combination of the determined first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic, so that the purpose of recognizing and detecting the transaction time through comprehensive, comprehensive and complete suspicious characteristics in multiple dimensions is achieved, and the technical effect of improving the recognition accuracy of the transaction event is achieved.
Optionally, in this embodiment, the customer behavior information, the customer holding information and the transaction behavior information associated with the transaction event to be identified may be obtained, but are not limited to, obtaining service transaction data (including customer and transaction data, such as natural person element information, unnatural person element information, fund account information, transaction account information and transaction detail information) from a big data platform, and determining customer behavior information (such as whether a customer has a short-term large number of transaction behaviors), customer holding information (such as whether a customer age matches an asset), and transaction behavior information (such as whether a plurality of customers with an association relationship exist in the transaction information for short-term multi-large-volume transaction).
Optionally, in this embodiment, the transaction event to be identified may be, but is not limited to, a normal transaction event of a normal type, but may also be, but is not limited to, a suspicious transaction event of an abnormal type, which may be, but is not limited to, an abnormal, improper resource transfer type, which may be, but is not limited to, a target suspicious type determined for some sort, such as a first target suspicious type indicating an attempt to acquire a property or benefit event of another person by spurious statements, hidden facts or other dishonest means, a second target suspicious type indicating a participant to bet funds or other valuable item event to win a prize, a third target suspicious type indicating a funding act involving unauthorized collection.
It should be noted that the transaction event to be identified may be, but is not limited to, a resource transfer event, such as a fund transfer, money trade, etc.
It can be understood that the transaction event identification method is utilized to accurately and efficiently identify the event type of the transaction event, so as to timely and accurately mine the potentially suspicious abnormal and illegal resource transfer behaviors, and improve the scientific basis for the detection and reporting of the resource transfer behaviors in the related fields.
Optionally, in this embodiment, the determining the first suspicious characteristic from the client behavior information may, but is not limited to, determining abnormal client behavior information that accords with the first preset rule from the client behavior information, and then obtaining the first suspicious characteristic that is matched with the abnormal client behavior information.
Optionally, in this embodiment, determining the second suspicious feature from the customer holding information may include, but is not limited to: and determining abnormal bin holding behavior information conforming to a second preset rule from the client bin holding information, and acquiring second suspicious characteristics matched with the abnormal bin holding behavior information.
Optionally, in this embodiment, determining the third suspicious characteristic from the transaction behavior information may include, but is not limited to,: and determining abnormal transaction behavior information conforming to a third preset rule from the transaction behavior information, and acquiring a third suspicious characteristic matched with the abnormal transaction behavior information.
It should be noted that, according to the suspicious feature combination of the first suspicious feature, the second suspicious feature and the third suspicious feature, determining an event type of the transaction event includes determining whether the transaction event is a normal transaction event or an abnormal transaction event, and if the transaction event is an abnormal transaction event, specifically, which abnormal type.
According to the embodiment of the application, the suspicious characteristic extraction is carried out on the client behavior information, the client warehouse holding information and the transaction behavior information associated with the transaction event, and then the event type of the transaction event is matched and determined according to the suspicious characteristic combination of the determined first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic, so that the aim of identifying and detecting the transaction time through comprehensive, comprehensive and complete suspicious characteristics in multiple dimensions is fulfilled, and the technical effect of improving the identification accuracy of the transaction event is realized.
As an alternative, determining the event type of the transaction event according to the suspicious feature combination of the first suspicious feature, the second suspicious feature and the third suspicious feature includes:
S1, under the condition that the suspicious feature combination belongs to a feature combination of a target suspicious type, determining that a transaction event is a suspicious transaction event of the target suspicious type;
S2, determining that the transaction event is a normal transaction event under the condition that the suspicious feature combination does not belong to the feature combination of the target suspicious type.
Optionally, in this embodiment, before determining the event type of the transaction event according to the suspicious feature combination of the first suspicious feature, the second suspicious feature and the third suspicious feature, the method further includes: feature combinations of a plurality of suspicious types are pre-constructed, wherein each target suspicious type corresponds to one or more feature combinations of the suspicious type.
Further by way of example, the first target suspicious type of suspicious transaction event (attempting to acquire a property or benefit event of another person by spurious statement, withholding of facts or other dishonest means) corresponds to suspicious feature a and suspicious feature B and suspicious feature C in combination, and the second target suspicious type of suspicious transaction event (participant betting funds or other valuable item event to win a prize) corresponds to suspicious feature D or (suspicious feature a and suspicious feature E).
Thus, in the case where the suspicious feature combination composed of the above-described first suspicious feature, second suspicious feature, and third suspicious feature is suspicious a and suspicious feature B and suspicious feature C, it is determined that the event type of the transaction event is the first target suspicious type.
In the process of determining suspicious characteristics based on the client behavior information, the client warehouse holding information and the transaction behavior information, if some or more pieces of information do not have suspicious characteristics, the corresponding suspicious characteristics are empty.
Therefore, under the condition that the first suspicious feature is the suspicious feature A, the second suspicious feature is empty and the third suspicious feature is the suspicious feature E, the suspicious feature combination is determined to be the suspicious feature A and the suspicious feature E is determined, and then the event type of the transaction event is determined to be the second target suspicious type.
According to the embodiment provided by the application, the event type of the transaction event is determined according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic, and the event type comprises the determination of whether the transaction event is a normal transaction event or an abnormal transaction event and, if the transaction event is an abnormal transaction event, which abnormal type is specific. The method and the device achieve the aim of identifying and detecting the transaction time through comprehensive, comprehensive and complete suspicious characteristics in multiple dimensions, thereby achieving the technical effect of improving the identification accuracy of transaction events.
As an alternative, in the case where the suspicious feature combination belongs to the feature combination of the target suspicious type, determining that the transaction event is a suspicious transaction event of the target suspicious type includes:
s1, acquiring a plurality of first feature combinations of a first combination type, wherein the first feature combinations are intersection combinations of suspicious features of customer behavior information, suspicious features of customer holding information and suspicious features of transaction behavior information, and the feature combinations of a target suspicious type comprise the plurality of first feature combinations;
S2, determining that the transaction event is a suspicious transaction event of a first suspicious type under the condition that a first feature combination of the first suspicious type matched with the suspicious feature combination is determined from a plurality of first feature combinations, wherein the target suspicious type comprises the first suspicious type.
Optionally, in this embodiment, the first combination type may be, but is not limited to, an intersection combination for indicating that the first feature combination is a suspicious feature or a plurality of suspicious feature combinations, where the suspicious feature or the plurality of suspicious features includes at least one of: suspicious characteristics of customer behavior information, suspicious characteristics of customer holding information, suspicious characteristics of transaction behavior information.
Further by way of example, the first target suspicious type of suspicious transaction event (attempting to acquire a property or benefit event of another person by spurious statement, hidden facts or other dishonest means) corresponds to a first feature combination of suspicious feature a and suspicious feature B and suspicious feature C, also corresponds to a first feature combination of suspicious feature a and suspicious feature B and suspicious feature D, and corresponds to an intersection combination (i.e., and form combination) of other suspicious features.
It should be noted that each of the determined first feature combinations corresponds to one of the determined suspicious types, and each of the determined suspicious types corresponds to one or more of the determined first feature combinations. Thus, the matching is performed according to the known suspicious feature combinations of the first suspicious feature, the second suspicious feature and the third suspicious feature, and in case of successful matching, the corresponding suspicious type is determined as the event type (i.e. the target suspicious type) of the transaction event.
As an alternative, in the case where the suspicious feature combination belongs to the feature combination of the target suspicious type, determining that the transaction event is a suspicious transaction event of the target suspicious type includes:
S1, acquiring a plurality of second feature combinations of a second combination type, wherein the second feature combinations are union combinations of suspicious features of customer behavior information, suspicious features of customer holding information and suspicious features of transaction behavior information, and the feature combinations of a target suspicious type comprise the plurality of second feature combinations;
S2, determining that the transaction event is a suspicious transaction event of a second suspicious type under the condition that a second feature combination of the second suspicious type matched with the suspicious feature combination is determined from a plurality of second feature combinations, wherein the target suspicious type comprises the second suspicious type.
Optionally, in this embodiment, the second combination type may be, but is not limited to, a union combination for indicating that the second feature combination is a suspicious feature or a plurality of suspicious feature combinations, where the suspicious feature or the plurality of suspicious features includes at least one of the following: suspicious characteristics of customer behavior information, suspicious characteristics of customer holding information, suspicious characteristics of transaction behavior information.
Further by way of example, the second target suspicious type of suspicious transaction event described above (participant betting funds or other valuable item event for the purpose of winning a prize) corresponds to a first feature combination of suspicious feature D or suspicious feature G or suspicious feature F, a second feature combination of (suspicious feature a and suspicious feature E) or (suspicious feature a and suspicious feature B), and a union combination (i.e., a combination in the form of a or) of other suspicious features.
It should be noted that each of the determined second feature combinations corresponds to one of the determined suspicious types, and each of the determined suspicious types corresponds to one or more of the determined second feature combinations. Thus, the matching is performed according to the known suspicious feature combinations of the first suspicious feature, the second suspicious feature and the third suspicious feature, and in case of successful matching, the corresponding suspicious type is determined as the event type (i.e. the target suspicious type) of the transaction event.
As an alternative, the determining the first suspicious feature from the client behavior information includes:
S1, determining abnormal customer behavior information conforming to a first preset rule from the customer behavior information, and acquiring the first suspicious characteristics matched with the abnormal customer behavior information;
the determining the second suspicious feature from the customer bin holding information includes:
S2, determining abnormal bin holding behavior information conforming to a second preset rule from the client bin holding information, and acquiring the second suspicious characteristics matched with the abnormal bin holding behavior information;
the determining a third suspicious feature from the transaction behavior information includes:
S3, determining abnormal transaction behavior information conforming to a third preset rule from the transaction behavior information, and acquiring the third suspicious characteristics matched with the abnormal transaction behavior information.
Alternatively, in the present embodiment, in the case where the sales are made after a certain amount of transaction amount is completed within several working days after the customer opens an account, it is determined that the above-described first preset rule is met, and in this case, the suspicious feature M001 is corresponding.
It should be noted that the first preset rule may also include, but is not limited to, matching the customer with a specific suspicious list (corresponding to suspicious feature M002), and frequently changing the bound bank account or other accounts (corresponding to suspicious feature M003) … … in a short period of time
It should be noted that, the first preset rule may be, but not limited to, personalized setting according to actual needs, which is not limited in the present application, and the numbering of the suspicious features is only exemplified.
Alternatively, in the present embodiment, in the case where the customer-holding resource size does not match the customer occupation, it is determined that the above-described second preset rule is satisfied, and in this case, the suspicious feature N001 is corresponding.
It should be noted that the second preset rule may also include, but is not limited to, a customer age and resource size mismatch (corresponding to suspicious feature N002) … …
It should be noted that, the second preset rule may be, but not limited to, personalized setting according to actual needs, which is not limited in the present application, and the numbering of the suspicious features is only exemplified.
Alternatively, in the present embodiment, in the case where a plurality of customers whose transaction information has an association relationship make a plurality of large transactions, it is determined that the third preset rule described above is satisfied, and in this case, the suspicious feature P001 is corresponding.
It should be noted that the second preset rule may also include, but is not limited to, a specific risk factor (corresponding to suspicious characteristic P002) … … of the transaction information
It should be noted that, the third preset rule may be, but not limited to, personalized setting according to actual needs, which is not limited in the present application, and the numbering of the suspicious features is only exemplified.
As an alternative, after determining the event type of the transaction event, the method further comprises:
S1, generating an identification report of a transaction event according to suspicious feature combinations and event types, and sending the identification report to service personnel, wherein the service personnel carries out event processing matched with the identification result on the transaction event according to the identification result of the identification report.
Optionally, in this embodiment, an identification report of the transaction event is generated according to the suspicious feature combination and the event type, and the identification report is sent to a service person, where the service person performs event processing matching with the identification result on the transaction event according to the identification result of the identification report, for example, performing processing such as transaction management and control, risk reminding, and reporting information to relevant parts on clients of the transaction event.
As an alternative scheme, the transaction event identification method is applied to a model construction scene of a feature rule for detecting abnormal behaviors, business transaction data are obtained from a large data platform, and detection of customer behavior information, customer bin holding information and transaction behavior information is carried out from the business transaction data to obtain relevant suspicious features and corresponding model numbers, and an alternative rule is shown in table 1.
TABLE 1
And according to the result of the suspicious characteristic rule hit of the client, performing model matching on the client, and determining the abnormal type of the transaction event, as shown in table 2. After the suspicious model is determined, the rest hit characteristic rules can be recombined and independent reports are generated and identified by service personnel, so that missing report is avoided.
TABLE 2
It should be noted that the contents shown in the foregoing tables 1 and 2 are only examples, and the present application is not limited to a specific suspicious feature rule matching manner and model rule matching manner, nor is it limited to more suspicious object types than the other three suspicious object types described in the foregoing examples. The method can flexibly configure indexes according to actual conditions of different regions, customer sources and the like, set parameters and thresholds, verify validity through testing, continuously debug, and improve model quality.
By the embodiment of the application, a set of general suspicious transaction rule model is formulated, rules of suspicious detection standards are enriched, and the effectiveness of the suspicious detection standards is improved. The automatic combination suspicious model greatly reduces the workload of related business personnel and provides scientific basis for supervision and report.
It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer executable instructions, and that although a logical order is illustrated in the flowcharts, in some cases the steps illustrated or described may be performed in an order other than that illustrated herein.
The embodiment of the application also provides a transaction event recognition device, and the transaction event recognition device can be used for executing the transaction event recognition method provided by the embodiment of the application. The following describes a transaction event recognition device provided by an embodiment of the present application.
Fig. 2 is a schematic diagram of a transaction event recognition device according to an embodiment of the present application. As shown in fig. 2, the apparatus includes:
An obtaining unit 201, configured to obtain customer behavior information, customer warehouse holding information, and transaction behavior information associated with a transaction event to be identified;
a first determining unit 202, configured to determine a first suspicious characteristic from the customer behavior information, determine a second suspicious characteristic from the customer holding information, and determine a third suspicious characteristic from the transaction behavior information;
a second determining unit 203, configured to determine an event type of the transaction event according to the suspicious feature combination of the first suspicious feature, the second suspicious feature and the third suspicious feature.
Optionally, in the transaction event recognition device provided in the embodiment of the present application, the second determining unit 203 includes:
the first determining module is used for determining that the transaction event is a suspicious transaction event of a target suspicious type under the condition that the suspicious feature combination belongs to the feature combination of the target suspicious type;
and the second determining module is used for determining that the transaction event is a normal transaction event in the case that the suspicious feature combination does not belong to the feature combination of the target suspicious type.
Optionally, in the transaction event recognition device provided in the embodiment of the present application, the first determining module is configured to include:
the system comprises a first acquisition sub-module, a second acquisition sub-module and a third acquisition sub-module, wherein the first acquisition sub-module is used for acquiring a plurality of first feature combinations of a first combination type, the first feature combinations are intersection combinations of suspicious features of customer behavior information, suspicious features of customer holding information and suspicious features of transaction behavior information, and the target suspicious feature combinations comprise the plurality of first feature combinations;
And the first determining submodule is used for determining that the transaction event is a suspicious transaction event of a first suspicious type when the first feature combination of the first suspicious type matched with the suspicious feature combination is determined from a plurality of first feature combinations, wherein the target suspicious type comprises the first suspicious type.
Optionally, in the transaction event recognition device provided in the embodiment of the present application, the first determining module includes:
The second obtaining submodule is used for obtaining a plurality of second feature combinations of a second combination type, wherein the second feature combinations are union combinations of suspicious features of customer behavior information, suspicious features of customer holding information and suspicious features of transaction behavior information, and the target suspicious type feature combinations comprise a plurality of second feature combinations;
And the second determining submodule is used for determining that the transaction event is a suspicious transaction event of a second suspicious type when a second feature combination of the second suspicious type matched with the suspicious feature combination is determined from a plurality of second feature combinations, wherein the target suspicious type comprises the second suspicious type.
Optionally, in the transaction event recognition device provided in the embodiment of the present application, the first determining unit 202 includes:
the first acquisition module is used for determining abnormal customer behavior information conforming to a first preset rule from the customer behavior information and acquiring first suspicious characteristics matched with the abnormal customer behavior information;
The first determining unit 202 includes:
The second acquisition module is used for determining abnormal bin holding behavior information conforming to a second preset rule from the client bin holding information and acquiring second suspicious characteristics matched with the abnormal bin holding behavior information;
The first determining unit 202 includes:
the third acquisition module is used for determining abnormal transaction behavior information conforming to a third preset rule from the transaction behavior information and acquiring a third suspicious characteristic matched with the abnormal transaction behavior information.
Optionally, in the transaction event recognition device provided by the embodiment of the present application, the device further includes:
The generation module is used for generating an identification report of the transaction event according to the suspicious characteristic combination and the event type after determining the event type of the transaction event, and sending the identification report to a business person, wherein the business person carries out event processing matched with the identification result on the transaction event according to the identification result of the identification report.
According to the transaction event identification device provided by the embodiment of the application, the suspicious characteristic extraction is carried out on the client behavior information, the client warehouse holding information and the transaction behavior information associated with the transaction event, and then the event type of the transaction event is matched and determined according to the suspicious characteristic combination of the determined first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic, so that the aim of identifying and detecting the transaction time through comprehensive, comprehensive and complete suspicious characteristics in multiple dimensions is fulfilled, and the technical effect of improving the identification accuracy of the transaction event is realized.
The transaction event recognition device comprises a processor and a memory, wherein the acquisition unit, the first determination unit, the second determination unit and the like are all stored in the memory as program units, and the processor executes the program units stored in the memory to realize corresponding functions.
The processor includes a kernel, and the kernel fetches the corresponding program unit from the memory. The kernel can be provided with one or more than one, and the kernel parameters are adjusted to train or optimize the model, so that the accuracy and the efficiency of transaction event identification are improved.
The memory may include volatile memory, random Access Memory (RAM), and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM), among other forms in computer readable media, the memory including at least one memory chip.
An embodiment of the present invention provides a computer-readable storage medium having stored thereon a program which, when executed by a processor, implements the transaction event recognition method described above.
The embodiment of the invention provides a processor for running a program, wherein the program runs to execute the transaction event identification method.
As shown in fig. 3, an embodiment of the present invention provides an electronic device, where the device includes a processor, a memory, and a program stored in the memory and executable on the processor, and when the processor executes the program, the following steps are implemented:
acquiring customer behavior information, customer warehouse holding information and transaction behavior information associated with a transaction event to be identified;
determining a first suspicious characteristic from the customer behavior information, determining a second suspicious characteristic from the customer holding information, and determining a third suspicious characteristic from the transaction behavior information;
And determining the event type of the transaction event according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic.
The device herein may be a server, PC, PAD, cell phone, etc.
The application also provides a computer program product adapted to perform, when executed on a data processing device, a program initialized with the method steps of:
acquiring customer behavior information, customer warehouse holding information and transaction behavior information associated with a transaction event to be identified;
determining a first suspicious characteristic from the customer behavior information, determining a second suspicious characteristic from the customer holding information, and determining a third suspicious characteristic from the transaction behavior information;
And determining the event type of the transaction event according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, etc., such as Read Only Memory (ROM) or flash RAM. Memory is an example of a computer-readable medium.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and variations of the present application will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. which come within the spirit and principles of the application are to be included in the scope of the claims of the present application.
Claims (10)
1. A transaction event recognition method, comprising:
acquiring customer behavior information, customer warehouse holding information and transaction behavior information associated with a transaction event to be identified;
Determining a first suspicious feature from the customer behavior information, determining a second suspicious feature from the customer holding information, and determining a third suspicious feature from the transaction behavior information;
and determining the event type of the transaction event according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic.
2. The method of claim 1, wherein determining the event type of the transaction event based on the suspicious feature combination of the first suspicious feature, the second suspicious feature, and the third suspicious feature comprises:
determining that the transaction event is a suspicious transaction event of the target suspicious type under the condition that the suspicious feature combination belongs to the feature combination of the target suspicious type;
And determining that the transaction event is a normal transaction event in the case that the suspicious feature combination does not belong to the feature combination of the target suspicious type.
3. The method of claim 2, wherein the determining that the transaction event is a suspicious transaction event of the target suspicious type if the suspicious feature combination belongs to a feature combination of the target suspicious type comprises:
acquiring a plurality of first feature combinations of a first combination type, wherein the first feature combinations are intersection combinations of suspicious features of the client behavior information, suspicious features of the client holding information and suspicious features of the transaction behavior information, and the target suspicious type feature combinations comprise the plurality of first feature combinations;
And determining that the transaction event is a suspicious transaction event of a first suspicious type if the first feature combination of the first suspicious type matched with the suspicious feature combination is determined from the plurality of first feature combinations, wherein the target suspicious type comprises the first suspicious type.
4. The method of claim 2, wherein the determining that the transaction event is a suspicious transaction event of the target suspicious type if the suspicious feature combination belongs to a feature combination of the target suspicious type comprises:
Acquiring a plurality of second feature combinations of a second combination type, wherein the second feature combinations are union combinations of suspicious features of the client behavior information, suspicious features of the client holding information and suspicious features of the transaction behavior information, and the target suspicious type feature combinations comprise the plurality of second feature combinations;
And determining that the transaction event is a suspicious transaction event of a second suspicious type if the second feature combination of the second suspicious type matched with the suspicious feature combination is determined from the plurality of second feature combinations, wherein the target suspicious type comprises the second suspicious type.
5. The method according to any one of claim 1 to 4, wherein,
The determining a first suspicious feature from the customer behavior information includes:
abnormal customer behavior information conforming to a first preset rule is determined from the customer behavior information, and the first suspicious characteristics matched with the abnormal customer behavior information are obtained;
the determining the second suspicious feature from the customer bin holding information includes:
Determining abnormal bin holding behavior information conforming to a second preset rule from the client bin holding information, and acquiring the second suspicious characteristics matched with the abnormal bin holding behavior information;
the determining a third suspicious feature from the transaction behavior information includes:
and determining abnormal transaction behavior information conforming to a third preset rule from the transaction behavior information, and acquiring the third suspicious characteristics matched with the abnormal transaction behavior information.
6. The method of any one of claims 1 to 4, wherein after said determining an event type of said transaction event, said method further comprises:
Generating an identification report of the transaction event according to the suspicious characteristic combination and the event type, and sending the identification report to a business person, wherein the business person carries out event processing matched with the identification result on the transaction event according to the identification result of the identification report.
7. A transaction event recognition device, comprising:
the acquisition unit is used for acquiring the customer behavior information, the customer warehouse holding information and the transaction behavior information associated with the transaction event to be identified;
The first determining unit is used for determining a first suspicious characteristic from the client behavior information, a second suspicious characteristic from the client warehouse-holding information and a third suspicious characteristic from the transaction behavior information;
And the second determining unit is used for determining the event type of the transaction event according to the suspicious characteristic combination of the first suspicious characteristic, the second suspicious characteristic and the third suspicious characteristic.
8. The apparatus according to claim 7, wherein the second determining unit includes:
the first determining module is used for determining that the transaction event is a suspicious transaction event of a target suspicious type under the condition that the suspicious feature combination belongs to the feature combination of the target suspicious type;
and the second determining module is used for determining that the transaction event is a normal transaction event under the condition that the suspicious feature combination does not belong to the feature combination of the target suspicious type.
9. A processor for running a program, wherein the program when run performs the method of any one of claims 1 to 6.
10. An electronic device comprising one or more processors and memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410423647.9A CN118247053A (en) | 2024-04-09 | 2024-04-09 | Transaction event identification method and device, processor and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410423647.9A CN118247053A (en) | 2024-04-09 | 2024-04-09 | Transaction event identification method and device, processor and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118247053A true CN118247053A (en) | 2024-06-25 |
Family
ID=91554393
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410423647.9A Pending CN118247053A (en) | 2024-04-09 | 2024-04-09 | Transaction event identification method and device, processor and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118247053A (en) |
-
2024
- 2024-04-09 CN CN202410423647.9A patent/CN118247053A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8751375B2 (en) | Event processing for detection of suspicious financial activity | |
| CN111178219A (en) | Bill identification management method and device, storage medium and electronic equipment | |
| CN111967779A (en) | Risk assessment method, device and equipment | |
| CN111091350A (en) | Method, device and equipment for auditing and processing service data and storage medium | |
| CN111144697A (en) | Data processing method, data processing device, storage medium and electronic equipment | |
| CN113205402A (en) | Account checking method and device, electronic equipment and computer readable medium | |
| KR102618473B1 (en) | Analyzing news contents service system of cryptocurrency using robot journalism | |
| CN114840527A (en) | Data processing method, device and computer readable storage medium | |
| Owda et al. | Financial discussion boards irregularities detection system (fdbs-ids) using information extraction | |
| CN109191101B (en) | Method, device and equipment for guaranteeing customer asset safety | |
| CN116662387A (en) | Service data processing method, device, equipment and storage medium | |
| CN116188020A (en) | Abnormal account identification method, device and storage medium | |
| CN118247053A (en) | Transaction event identification method and device, processor and electronic equipment | |
| CN107133864B (en) | Big data-based group employee account hanging auditing method and device | |
| US10235719B2 (en) | Centralized GAAP approach for multidimensional accounting to reduce data volume and data reconciliation processing costs | |
| US11647048B2 (en) | Real-time feedback service for resource access rule configuration | |
| CN114596681B (en) | Method and device for processing exception of circulator | |
| KR20210103523A (en) | Profit and Loss Calculation for Cryptocurrency Transactions | |
| CN117113965A (en) | Transaction file comparison method, device, equipment and storage medium | |
| CN113962803A (en) | Financial business data processing method and device, storage medium and electronic equipment | |
| CN116362881A (en) | Transaction backtracking method, device, equipment and storage medium based on customer dimension | |
| CN116720094A (en) | Client information clustering method and device, processor and electronic equipment | |
| CN117350839A (en) | Account checking method and device, storage medium and electronic equipment | |
| CN114328271A (en) | Test method, device, equipment and storage medium | |
| CN116385175A (en) | Recommendation method and device for financial products, processor and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination |