Search

CN-122022810-A - Payment industry risk information identification method and device

CN122022810ACN 122022810 ACN122022810 ACN 122022810ACN-122022810-A

Abstract

The invention discloses a payment industry risk information identification method and a device, wherein the method is applied to a risk prevention and control platform and comprises the steps of carrying out suspicious information identification on the total business data stored on the risk prevention and control platform to obtain identified suspicious information; the method comprises the steps of obtaining a platform risk value corresponding to suspicious information, sending the suspicious information and publicable incremental information to risk prevention and control servers of all target member institutions, receiving member risk values fed back by the risk prevention and control servers of all target member institutions, wherein the member risk values are generated after the risk prevention and control servers of all target member institutions calculate the suspicious information based on own service data and publicable incremental information, determining the risk level of the suspicious information according to the fed back member risk values, and determining the suspicious information as the risk information when the risk level of the suspicious information is a preset level. The invention can solve the problem of risk information identification when the participant business data and the risk information identification method are not completely communicated.

Inventors

  • MA WENTAO
  • ZHANG LIANG
  • HAN HONGTAO
  • LU LIN

Assignees

  • 网联清算有限公司

Dates

Publication Date
20260512
Application Date
20241111

Claims (10)

  1. 1. The utility model provides a payment trade risk information identification method which is characterized in that the method is applied to a risk prevention and control platform, wherein the risk prevention and control platform can be connected with a risk prevention and control server of each member mechanism, and the method comprises the following steps: Carrying out suspicious information identification on the total business data stored on the risk prevention and control platform to obtain identified suspicious information, wherein the total business data is the sum of business data paid by each member mechanism of the payment industry; Obtaining a platform risk value corresponding to the suspicious information; The suspicious information and the publicable incremental information are sent to a risk prevention and control server of a target member mechanism, wherein the publicable incremental information is from the risk prevention and control platform and/or the risk prevention and control server of each target member mechanism, and the publicable incremental information comprises publicable parts in auxiliary information on which suspicious information identification depends; receiving member risk values fed back by the risk prevention and control servers of all target member institutions, wherein the member risk values are generated after the risk prevention and control servers of all target member institutions calculate suspicious information based on own service data and the publicable incremental information; determining the risk level of the suspicious information according to the member risk values fed back by the risk prevention and control servers of all target member institutions; and when the risk level of the suspicious information is a preset level, determining that the suspicious information is risk information.
  2. 2. The method of claim 1, wherein the formatted message is formed using transport layer security and/or application layer security upon information interaction with a risk prevention and control server of the member institution; The transmission layer security measures comprise at least one of special line connection, trusted channels https and certificate management; the application layer security measures comprise at least one of encryption of sensitive information, digital envelope, signature verification, encryption storage of sensitive data and deletion of expiration date.
  3. 3. The method of claim 1, wherein identifying suspicious information for the full traffic data stored on the risk prevention and control platform comprises identifying suspicious information for the full traffic data stored on the risk prevention and control platform using any one of the following identification methods: Expert rules, machine learning, predefined list hit.
  4. 4. The method of claim 1, wherein the publicable delta information comprises at least one of: desensitization data obtained by desensitizing the associated data of the service data; characteristic data of the business data; Tag data of the service data; a publicly available suspicious information identification algorithm.
  5. 5. The method of claim 1, wherein determining the risk level of the suspicious information based on the member risk values fed back by the risk prevention server of each target member institution comprises: Calculating the risk value of the suspicious information according to the member risk value fed back by the risk prevention and control server of each target member mechanism; And comparing the risk level list, and determining the risk level of the suspicious information according to the risk value of the suspicious information.
  6. 6. The method of claim 5, wherein calculating the risk value of the suspicious information based on the member risk values fed back by the risk prevention server of each target member institution comprises: obtaining a specific gravity of each target member institution; And calculating the risk value of the suspicious information according to the member risk value and the corresponding specific gravity, the platform risk value and the corresponding specific gravity fed back by the risk prevention and control server of each target member mechanism.
  7. 7. The method of claim 5, wherein determining the risk level of the suspicious information based on the risk value of the suspicious information against a risk level table comprises: Comparing the risk level list, and determining the risk level of the suspicious information in the risk level list when the risk value of the suspicious information is larger than the risk value corresponding to the lowest risk level of the risk information; And when the risk value of the suspicious information is not greater than the risk value corresponding to the lowest level of the risk information, determining that the suspicious information is risk-free.
  8. 8. The method as recited in claim 1, further comprising: After suspicious information and publicable incremental information of a risk prevention and control server of a member mechanism are received, calculating the suspicious information of the member mechanism based on the total business data and the publicable incremental information of each member mechanism to obtain a member risk value, wherein the suspicious information is obtained by carrying out suspicious information identification on own business data by the risk prevention and control server of the member mechanism; Comparing the risk level list, and transmitting the suspicious information and the publicable incremental information to a risk prevention and control server of a target member mechanism when the member risk value is greater than the risk value corresponding to the lowest level of the risk information; receiving member risk values fed back by the risk prevention and control servers of all target member institutions, wherein the fed back member risk values are generated by the risk prevention and control servers of all target member institutions after calculating suspicious information based on own business data and publicable incremental information; And determining the risk level of the suspicious information according to the member risk value fed back, the member risk value of the member mechanism and the platform risk value of the suspicious information.
  9. 9. The method as recited in claim 1, further comprising: And after determining the risk level of the suspicious information, when the risk level of the suspicious information is not a preset value, the suspicious information and the publicable incremental information are sent to each target member mechanism again so as to repeatedly calculate the risk level of the suspicious information until the risk level of the suspicious information is not changed.
  10. 10. The utility model provides a payment trade risk information recognition device which characterized in that is applied to risk prevention and control platform, includes: the self identification module is used for identifying suspicious information of the total business data stored on the risk prevention and control platform to obtain identified suspicious information, wherein the total business data is the sum of business data paid by each member mechanism in the payment industry; The data receiving and transmitting module is used for transmitting the suspicious information and the publicable incremental information to the risk prevention and control servers of all target member institutions, wherein the publicable incremental information is generated by calculating the suspicious information by the risk prevention and control servers of all target member institutions based on own service data and the publicable incremental information; The risk identification module is used for determining the risk level of the suspicious information according to the member risk values fed back by the risk prevention and control servers of all target member institutions; The data receiving and transmitting module is further used for determining that the suspicious information is risk information when the risk level of the suspicious information is a preset level.

Description

Payment industry risk information identification method and device Technical Field The invention relates to the technical field of computers, in particular to a payment industry risk information identification method and device. Background This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section. At present, risk prevention and control in the payment industry is still a problem to be paid attention to, at the present stage, multiparty data are not fully utilized for breaking data islands, and the problem that risk monitoring blind spots caused by data faults cannot be solved is manifested in that data of all participants cannot be interacted in time due to the defect of an online system. In addition, at the present stage, a risk identification method is lacking, so that the risk identification capability of each participant is comprehensively utilized, suspicious information is reprocessed through a device and a member mechanism, and finally the capability of risk information is obtained. Disclosure of Invention In a first aspect, an embodiment of the present invention provides a payment industry risk information identification method, for solving a problem that risk information identification can still be performed in a situation that both participant service data and a risk information identification method are not completely intercommunicated, where the method is applied to a risk prevention and control platform, and the risk prevention and control platform can be connected with risk prevention and control servers of member institutions, where the method includes: Carrying out suspicious information identification on the total business data stored on the risk prevention and control platform to obtain identified suspicious information, wherein the total business data is the sum of business data paid by each member mechanism of the payment industry; Obtaining a platform risk value corresponding to the suspicious information; sending the suspicious information and the publicable incremental information to risk prevention and control servers of all target member institutions, wherein the publicable incremental information is from the risk prevention and control platform and/or the risk prevention and control servers of all target member institutions; receiving member risk values fed back by the risk prevention and control servers of all target member institutions, wherein the member risk values are generated after the risk prevention and control servers of all target member institutions calculate suspicious information based on own service data and the publicable incremental information; determining the risk level of the suspicious information according to the member risk values fed back by the risk prevention and control servers of all target member institutions; and when the risk level of the suspicious information is a preset level, determining that the suspicious information is risk information. In a second aspect, an embodiment of the present invention further provides a payment industry risk information identifying apparatus, configured to solve a problem that risk information identification can still be performed in a situation where both party service data and a risk information identifying method are not completely communicated, where the apparatus is applied to the risk prevention and control platform, and the risk prevention and control platform can be connected to a risk prevention and control server of each member mechanism, where the apparatus includes: the self identification module is used for identifying suspicious information of the total business data stored on the risk prevention and control platform to obtain identified suspicious information, wherein the total business data is the sum of business data paid by each member mechanism in the payment industry; The data receiving and transmitting module is used for transmitting the suspicious information and the publicable incremental information to the risk prevention and control servers of all target member institutions, wherein the publicable incremental information is generated by calculating the suspicious information by the risk prevention and control servers of all target member institutions based on own service data and the publicable incremental information; The risk identification module is used for determining the risk level of the suspicious information according to the member risk values fed back by the risk prevention and control servers of the target member institutions, and determining the suspicious information as risk information when the risk level of the suspicious information is a preset level. In a third aspect, an embodiment of the present invention further provides a computer device, including a memory, a processor, and a computer program stored in the memory and cap