CN111353892A - Transaction risk monitoring method and device - Google Patents
Transaction risk monitoring method and deviceDownload PDFInfo
- Publication number
- CN111353892A CN111353892ACN202010245839.7ACN202010245839ACN111353892ACN 111353892 ACN111353892 ACN 111353892ACN 202010245839 ACN202010245839 ACN 202010245839ACN 111353892 ACN111353892 ACN 111353892A
- Authority
- CN
- China
- Prior art keywords
- risk monitoring
- transaction
- operation information
- wind control
- transaction risk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Engineering & Computer Science (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Debugging And Monitoring (AREA)
Abstract
Description
Technical Field
The present application relates to the field of risk monitoring technologies, and in particular, to a transaction risk monitoring method and apparatus.
Background
The method is characterized in that the flash is a high-availability, high-reliability and distributed system for collecting, aggregating and transmitting massive logs, and supports various data senders customized in the log system for collecting data; at the same time, flash provides the ability to simply process data and write to various data recipients; kafka is a high-throughput distributed publish-subscribe messaging system that can handle all the action flow data of a consumer in a website; the Drools rules engine is an open source business rules engine based on Charles Forgy's RETE algorithm that is easy to access enterprise policies, easy to adjust, and easy to manage.
The network channel system under the current structure can only carry out risk control on the transaction information in a single network, and can not carry out real-time data acquisition and monitoring on the transaction water flow of a client across networks or branches.
Disclosure of Invention
Aiming at the problems in the prior art, the application provides a transaction risk monitoring method and a transaction risk monitoring device, which can improve the efficiency and accuracy of transaction risk monitoring and can realize cross-institution transaction risk monitoring.
In order to solve the technical problem, the present application provides the following technical solutions:
applying a flash log acquisition component, and sending a user operation information set to a flash data stream processing component through kafka message middleware;
generating a wind control index corresponding to the user operation information set based on the flink data stream processing component and the Drools rule engine;
and receiving a transaction request instruction, and carrying out risk monitoring on a transaction process corresponding to the transaction request instruction according to the wind control index.
Further, before the applying the flash log collecting component and sending the user operation information set to the flash data stream processing component via the kafka message middleware, the method further includes: and the application log component stores the operation information of a plurality of users into an application log to obtain the user operation information set.
Further, the kafka message middleware is distributed message middleware for caching and transmitting the user operation information set.
Further, before the receiving the transaction request instruction, the method further includes: and updating the wind control rule in the Drools rule engine according to a preset wind control adjustment rule.
In a second aspect, the present application provides a transaction risk monitoring device, comprising:
the transmission module is used for applying the flash log acquisition component and sending the user operation information set to the flash data stream processing component through the kafka message middleware;
the wind control index generation module is used for generating wind control indexes corresponding to the user operation information sets on the basis of the flink data stream processing component and the Drools rule engine;
and the risk monitoring module is used for receiving the transaction request instruction and carrying out risk monitoring on the transaction process corresponding to the transaction request instruction according to the wind control index.
Further, the transaction risk monitoring device further comprises: and the storage module is used for storing the operation information of a plurality of users into the application log by the application log component to obtain the user operation information set.
Further, the kafka message middleware is distributed message middleware for caching and transmitting the user operation information set.
Further, the transaction risk monitoring device further comprises: and the updating module is used for updating the wind control rules in the Drools rule engine according to preset wind control adjustment rules.
In a third aspect, the present application provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the transaction risk monitoring method when executing the program.
In a fourth aspect, the present application provides a computer readable storage medium having stored thereon computer instructions that, when executed, implement the transaction risk monitoring method.
According to the technical scheme, the application provides a transaction risk monitoring method and device. Wherein, the method comprises the following steps: applying a flash log acquisition component, and sending a user operation information set to a flash data stream processing component through kafka message middleware; generating a wind control index corresponding to the user operation information set based on the flink data stream processing component and the Drools rule engine; receiving a transaction request instruction, and performing risk monitoring on a transaction process corresponding to the transaction request instruction according to the wind control index, so that the efficiency and accuracy of transaction risk monitoring can be improved, and cross-institution transaction risk monitoring can be realized; specifically, risk transactions generated by the network points can be monitored in real time, the risk transactions are interrupted, and early warning is timely given out. The real-time distribution of data is realized in a distributed system, and cross-organization risk transaction can be effectively monitored.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic flow chart of a transaction risk monitoring method in an embodiment of the present application;
FIG. 2 is a schematic flow chart of a transaction risk monitoring method according to another embodiment of the present application;
FIG. 3 is a schematic structural diagram of a transaction risk monitoring device in an embodiment of the present application;
FIG. 4 is a schematic diagram of a transaction risk monitoring device according to another embodiment of the present application;
FIG. 5 is a schematic flow chart of a transaction risk monitoring method in an embodiment of the present application;
fig. 6 is a schematic block diagram of a system configuration of anelectronic device 9600 according to an embodiment of the present application.
Detailed Description
In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Based on this, in order to improve efficiency and accuracy of transaction risk monitoring and enable monitoring of cross-institution transaction risk, an embodiment of the present application provides a transaction risk monitoring apparatus, which may be a server or a client device, where the client device may include a smart phone, a tablet electronic device, a network set-top box, a portable computer, a desktop computer, a Personal Digital Assistant (PDA), a vehicle-mounted device, an intelligent wearable device, and the like. Wherein, intelligence wearing equipment can include intelligent glasses, intelligent wrist-watch and intelligent bracelet etc..
In practical applications, the transaction risk monitoring part may be performed on the server side as described above, or all operations may be performed in the client device. The selection may be specifically performed according to the processing capability of the client device, the limitation of the user usage scenario, and the like. This is not a limitation of the present application. The client device may further include a processor if all operations are performed in the client device.
The client device may have a communication module (i.e., a communication unit), and may be communicatively connected to a remote server to implement data transmission with the server. The server may include a server on the task scheduling center side, and in other implementation scenarios, the server may also include a server on an intermediate platform, for example, a server on a third party server platform communicatively linked to the task scheduling center server. The server may include a single computer device, or may include a server cluster formed by a plurality of servers, or a server structure of a distributed apparatus.
The server and the client device may communicate using any suitable network protocol, including network protocols not yet developed at the filing date of this application. The network protocol may include, for example, a TCP/IP protocol, a UDP/IP protocol, an HTTP protocol, an HTTPS protocol, or the like. Of course, the network Protocol may also include, for example, an RPC Protocol (Remote Procedure Call Protocol), a REST Protocol (Representational State Transfer Protocol), and the like used above the above Protocol.
The following examples are intended to illustrate the details.
As shown in fig. 1, in order to improve efficiency and accuracy of transaction risk monitoring and to realize monitoring of cross-institution transaction risk, the embodiment provides a transaction risk monitoring method with a transaction risk monitoring device as an execution subject, which specifically includes the following steps:
step 100: and applying a flash log acquisition component to send the user operation information set to a flash data stream processing component through kafka message middleware.
Specifically, the user operation information set includes operation information of a plurality of users, and the operation information includes: logging in json request information, employee numbers, organization numbers, secret keys and operation time information; the kafka message middleware is distributed message middleware for caching and transmitting the user operation information set; the kafka message middleware is used as distributed high-throughput message middleware and is used for buffering and transmitting the sent operation information of the front-end user.
Step 200: and generating a wind control index corresponding to the user operation information set based on the flink data stream processing component and the Drools rule engine.
Specifically, the Drools rule engine can decouple codes and business logic, support Chinese and improve the convenience of rule writing; and dynamic rule loading is supported, and the rules can be adjusted online. After the data flow reaches the flink data flow processing component through the kafka message middleware, the simple event and complex event are analyzed and accumulated according to the current Drools rule engine, and the result is fed back to the transaction risk monitoring device. For example, after the system detects that the user has input an error password for 5 times continuously, the system triggers a wind control rule for freezing account login, and meanwhile, the transaction risk monitoring device stores the relevant information of the account into a redis or hbase wind control index storage component for front-end query.
Step 300: and receiving a transaction request instruction, and carrying out risk monitoring on a transaction process corresponding to the transaction request instruction according to the wind control index.
Referring to fig. 2, in order to further improve the reliability of the data in the transaction risk monitoring process, in an embodiment of the present application, beforestep 100, the method further includes:
step 001: and the application log component stores the operation information of a plurality of users into an application log to obtain the user operation information set.
In order to improve the flexibility, accuracy and application scenario universality of the transaction risk monitoring, in an embodiment of the present application, beforestep 300, the method further includes: and updating the wind control rule in the Drools rule engine according to a preset wind control adjustment rule.
Specifically, the wind control adjustment rule includes: the external environment data adjustment rule and the manual adjustment data rule can be set according to actual needs. Before executing the transaction process corresponding to the transaction request instruction, sending the transaction request information to a transaction risk monitoring device, judging whether a wind control index corresponding to the transaction request information exists in a redis/hbase wind control index storage component by using the transaction risk monitoring device, if so, intercepting the transaction request information and judging whether the transaction process corresponding to the transaction request instruction has transaction risk according to the wind control index, and if not, continuing executing the transaction process corresponding to the transaction request instruction. For example, the last request is a login operation request, the login operation request is sent to a corresponding transaction risk monitoring device before login, the transaction risk monitoring device searches whether frozen account wind control indexes of account information in the login operation request for drinks exist in a redis/hbase wind control index storage component, if yes, interception is carried out, and if not, next operation is continued.
In terms of software, in order to improve the efficiency and accuracy of transaction risk monitoring and enable monitoring of cross-institution transaction risks, the present application provides an embodiment of a transaction risk monitoring device for implementing all or part of the contents of the transaction risk monitoring method, and referring to fig. 3, the transaction risk monitoring device specifically includes the following contents:
and thetransmission module 10 is used for applying the flash log collection component and sending the user operation information set to the flash data stream processing component through the kafka message middleware.
And a wind controlindex generation module 20, configured to generate a wind control index corresponding to the user operation information set based on the flink data stream processing component and the Drools rule engine.
And therisk monitoring module 30 is used for receiving the transaction request instruction and carrying out risk monitoring on the transaction process corresponding to the transaction request instruction according to the wind control index.
Referring to fig. 4, in an embodiment of the present application, the transaction risk monitoring device further includes: and thestorage module 40 is used for storing the operation information of the plurality of users into the application log by the application log component to obtain the user operation information set.
In an embodiment of the present application, the kafka message middleware is a distributed message middleware that caches and transmits the user operation information set.
In an embodiment of the present application, the transaction risk monitoring apparatus further includes: and the updating module is used for updating the wind control rules in the Drools rule engine according to preset wind control adjustment rules.
The embodiment of the transaction risk monitoring apparatus provided in this specification may be specifically configured to execute the processing procedure of the embodiment of the transaction risk monitoring method, and its functions are not described herein again, and refer to the detailed description of the embodiment of the transaction risk monitoring method.
In order to further explain the present solution, the present application further provides a specific application example of a transaction risk monitoring device, referring to fig. 5, in the specific application example, a website channel application cluster includes a core transaction component, a log component and an FUME log collecting component, a real-time data wind control system can achieve transaction data acquisition, wind control index judgment and Hbase/Redis wind control index storage, a wind control index analysis system can achieve external data access, and monitoring index analysis and monitoring rule optimization specifically include the following contents:
the application writes all user operation information into an application log through a log component, and a flash log acquisition component sends the user operation information to kafka message middleware; and performing rule-based engine data calculation on the data stream by the flink data stream processing component, and delivering the calculation result index to an index storage component of the real-time data wind control system according to the relevant rule to finish one-time index accumulation.
The transaction risk monitoring device needs to submit request data to the wind control system before a core transaction component makes an actual request, the wind control system judges whether the operation is released or not according to real-time wind control indexes and wind control rules generated by depending on data streams, and feeds results back to the front-end application to complete real-time wind control interception. And simultaneously, feeding the result back to the wind control index analysis system.
Specifically, for high-risk operations that need to be immediately truncated, after the data stream flows through the rule engine, a real-time wind control indicator is generated, for example, if the wind control rule explicitly corresponds to the same user, and a-B-C transactions cannot continuously occur, then after the a-B transactions are detected in the data stream, information is delivered to the wind control component to inform the target user that C transactions cannot be generated any more, and then when the C transaction request of the target user passes through the wind control component, the C transaction request is truncated. For non-essential truncated low risk operations, after the data stream flows through the rules engine, the operation information is stored in a database for subsequent data analysis. The feedback of the result to the wind control index analysis system means that the feedback to the front end is accomplished by requesting the wind control component in the transaction section of the front end.
The wind control index analysis system accesses the component through external data, and not only needs to access the judgment result of the wind control index of the current day, but also needs to access external environment data and manual adjustment data; the monitoring index analysis component can optimize the monitoring rules by integrating and analyzing the data and submit the monitoring rules to the rule engine to correct the wind control rules timely.
According to the description, the transaction risk monitoring method and the transaction risk monitoring device provided by the application improve the efficiency and the accuracy of transaction risk monitoring, and can realize cross-institution transaction risk monitoring; specifically, risk transactions generated by the network points can be monitored in real time, interrupted and early warned in time; the real-time distribution of data is realized in a distributed system, and cross-organization risk transaction can be effectively monitored.
In terms of hardware, in order to improve efficiency and accuracy of transaction risk monitoring and achieve monitoring of cross-institution transaction risk, the present application provides an embodiment of an electronic device for implementing all or part of contents in the transaction risk monitoring method, where the electronic device specifically includes the following contents:
a processor (processor), a memory (memory), a communication Interface (Communications Interface), and a bus; the processor, the memory and the communication interface complete mutual communication through the bus; the communication interface is used for realizing information transmission among the transaction risk monitoring device, the user terminal and other related equipment; the electronic device may be a desktop computer, a tablet computer, a mobile terminal, and the like, but the embodiment is not limited thereto. In this embodiment, the electronic device may be implemented with reference to the embodiments for implementing the transaction risk monitoring method and the embodiments for implementing the transaction risk monitoring apparatus, the contents of which are incorporated herein, and the repetition points are not described in detail.
Fig. 6 is a schematic block diagram of a system configuration of anelectronic device 9600 according to an embodiment of the present application. As shown in fig. 6, theelectronic device 9600 can include acentral processor 9100 and amemory 9140; amemory 9140 is coupled to thecentral processor 9100. Notably, this FIG. 6 is exemplary; other types of structures may also be used in addition to or in place of the structure to implement telecommunications or other functions.
In one or more embodiments of the present application, the transaction risk monitoring function can be integrated into thecentral processor 9100. Thecentral processor 9100 may be configured to control as follows:
step 100: and applying a flash log acquisition component to send the user operation information set to a flash data stream processing component through kafka message middleware.
Step 200: and generating a wind control index corresponding to the user operation information set based on the flink data stream processing component and the Drools rule engine.
Step 300: and receiving a transaction request instruction, and carrying out risk monitoring on a transaction process corresponding to the transaction request instruction according to the wind control index.
As can be seen from the above description, the electronic device provided in the embodiments of the present application can improve the efficiency and accuracy of transaction risk monitoring, and can implement cross-institution transaction risk monitoring.
In another embodiment, the transaction risk monitoring device may be configured separately from thecentral processor 9100, for example, the transaction risk monitoring device may be configured as a chip connected to thecentral processor 9100, and the transaction risk monitoring function is implemented by the control of the central processor.
As shown in fig. 6, theelectronic device 9600 may further include: acommunication module 9110, aninput unit 9120, anaudio processor 9130, adisplay 9160, and apower supply 9170. It is noted that theelectronic device 9600 also does not necessarily include all of the components shown in fig. 6; in addition, theelectronic device 9600 may further include components not shown in fig. 6, which may be referred to in the prior art.
As shown in fig. 6, acentral processor 9100, sometimes referred to as a controller or operational control, may include a microprocessor or other processor device and/or logic device, whichcentral processor 9100 receives input and controls the operation of various components of theelectronic device 9600.
Thememory 9140 can be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information relating to the failure may be stored, and a program for executing the information may be stored. And thecentral processing unit 9100 can execute the program stored in thememory 9140 to realize information storage or processing, or the like.
Theinput unit 9120 provides input to thecentral processor 9100. Theinput unit 9120 is, for example, a key or a touch input device.Power supply 9170 is used to provide power toelectronic device 9600. Thedisplay 9160 is used for displaying display objects such as images and characters. The display may be, for example, an LCD display, but is not limited thereto.
Thememory 9140 may be a solid state memory, e.g., Read Only Memory (ROM), Random Access Memory (RAM), a SIM card, etc. There may also be a memory that holds information even when power is off, can be selectively erased, and is provided with more data, an example of which is sometimes referred to as an EPROM or the like. Thememory 9140 could also be some other type of device.Memory 9140 includes a buffer memory 9141 (sometimes referred to as a buffer). Thememory 9140 may include an application/function storage portion 9142, the application/function storage portion 9142 being used to store application programs and functional programs or a flow for executing the operation of theelectronic device 9600 by thecentral processor 9100.
Thememory 9140 can also include adata store 9143, thedata store 9143 being used to store data, such as contacts, digital data, pictures, sounds, and/or any other data used by an electronic device. Thedriver storage portion 9144 of thememory 9140 may include various drivers for the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, contact book applications, etc.).
Thecommunication module 9110 is a transmitter/receiver 9110 that transmits and receives signals via anantenna 9111. The communication module (transmitter/receiver) 9110 is coupled to thecentral processor 9100 to supply input signals and receive output signals, which may be the same as in the case of a conventional mobile communication terminal.
Based on different communication technologies, a plurality ofcommunication modules 9110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, may be provided in the same electronic device. The communication module (transmitter/receiver) 9110 is also coupled to aspeaker 9131 and amicrophone 9132 via anaudio processor 9130 to provide audio output via thespeaker 9131 and receive audio input from themicrophone 9132, thereby implementing ordinary telecommunications functions. Theaudio processor 9130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, theaudio processor 9130 is also coupled to thecentral processor 9100, thereby enabling recording of sounds locally through themicrophone 9132 and enabling sounds stored locally to be played through thespeaker 9131.
As can be seen from the above description, the electronic device provided in the embodiment of the present application can improve the efficiency and accuracy of transaction risk monitoring, and can implement cross-institution transaction risk monitoring.
An embodiment of the present application further provides a computer-readable storage medium capable of implementing all the steps in the transaction risk monitoring method in the foregoing embodiment, where the computer-readable storage medium stores a computer program, and the computer program implements all the steps of the transaction risk monitoring method in the foregoing embodiment when executed by a processor, for example, the processor implements the following steps when executing the computer program:
step 100: and applying a flash log acquisition component to send the user operation information set to a flash data stream processing component through kafka message middleware.
Step 200: and generating a wind control index corresponding to the user operation information set based on the flink data stream processing component and the Drools rule engine.
Step 300: and receiving a transaction request instruction, and carrying out risk monitoring on a transaction process corresponding to the transaction request instruction according to the wind control index.
As can be seen from the foregoing description, the computer-readable storage medium provided in the embodiments of the present application can improve efficiency and accuracy of transaction risk monitoring, and can implement cross-institution transaction risk monitoring.
In the present application, each embodiment of the method is described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. Reference is made to the description of the method embodiments.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The principle and the implementation mode of the present application are explained by applying specific embodiments in the present application, and the description of the above embodiments is only used to help understanding the method and the core idea of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (10)
1. A transaction risk monitoring method, comprising:
applying a flash log acquisition component, and sending a user operation information set to a flash data stream processing component through kafka message middleware;
generating a wind control index corresponding to the user operation information set based on the flink data stream processing component and the Drools rule engine;
and receiving a transaction request instruction, and carrying out risk monitoring on a transaction process corresponding to the transaction request instruction according to the wind control index.
2. The transaction risk monitoring method according to claim 1, before applying the flash log collection component to send the user operation information set to the flash data stream processing component via kafka message middleware, further comprising:
and the application log component stores the operation information of a plurality of users into an application log to obtain the user operation information set.
3. The transaction risk monitoring method of claim 1, wherein the kafka message middleware is a distributed message middleware that caches and transmits the set of user operation information.
4. The transaction risk monitoring method of claim 1, further comprising, prior to said receiving a transaction request instruction:
and updating the wind control rule in the Drools rule engine according to a preset wind control adjustment rule.
5. A transaction risk monitoring device, comprising:
the transmission module is used for applying the flash log acquisition component and sending the user operation information set to the flash data stream processing component through kafka message middleware;
the wind control index generation module is used for generating wind control indexes corresponding to the user operation information sets on the basis of the flink data stream processing component and the Drools rule engine;
and the risk monitoring module is used for receiving the transaction request instruction and carrying out risk monitoring on the transaction process corresponding to the transaction request instruction according to the wind control index.
6. The transaction risk monitoring device of claim 5, further comprising:
and the storage module is used for storing the operation information of a plurality of users into the application log by the application log component to obtain the user operation information set.
7. The transaction risk monitoring device of claim 5, wherein the kafka message middleware is distributed message middleware that caches and transmits the set of user operation information.
8. The transaction risk monitoring device of claim 5, further comprising:
and the updating module is used for updating the wind control rules in the Drools rule engine according to preset wind control adjustment rules.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the transaction risk monitoring method of any of claims 1 to 4 when executing the program.
10. A computer readable storage medium having stored thereon computer instructions, wherein said instructions when executed implement the transaction risk monitoring method of any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010245839.7ACN111353892B (en) | 2020-03-31 | 2020-03-31 | Transaction risk monitoring method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010245839.7ACN111353892B (en) | 2020-03-31 | 2020-03-31 | Transaction risk monitoring method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111353892Atrue CN111353892A (en) | 2020-06-30 |
| CN111353892B CN111353892B (en) | 2024-07-30 |
Family
ID=71196243
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010245839.7AActiveCN111353892B (en) | 2020-03-31 | 2020-03-31 | Transaction risk monitoring method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111353892B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111951010A (en)* | 2020-07-26 | 2020-11-17 | 中国建设银行股份有限公司 | Business decision method and device based on rule engine, electronic equipment and readable storage medium |
| CN112434214A (en)* | 2020-11-03 | 2021-03-02 | 中国南方电网有限责任公司 | Redis-based operation event pushing method |
| CN112529528A (en)* | 2020-12-16 | 2021-03-19 | 中国南方电网有限责任公司 | Workflow monitoring and warning method, device and system based on big data flow calculation |
| CN112613717A (en)* | 2020-12-17 | 2021-04-06 | 安徽兆尹信息科技股份有限公司 | Financial data processing method and storage medium |
| CN112766975A (en)* | 2021-01-20 | 2021-05-07 | 中信银行股份有限公司 | Risk detection method and device, electronic equipment and readable storage medium |
| CN113269547A (en)* | 2021-05-31 | 2021-08-17 | 中国农业银行股份有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN114782165A (en)* | 2022-04-26 | 2022-07-22 | 中国银行股份有限公司 | Bank outlet transaction processing method and system supporting no network |
| CN114782061A (en)* | 2022-05-12 | 2022-07-22 | 中国平安财产保险股份有限公司 | Risk control method, device, equipment and storage medium |
| CN115034791A (en)* | 2022-05-10 | 2022-09-09 | 广东省机电设备招标中心有限公司 | Multi-section electronic transaction risk real-time monitoring method and system |
| CN115880067A (en)* | 2022-11-22 | 2023-03-31 | 中国银行股份有限公司 | Transaction abnormal data processing method and device |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103295155A (en)* | 2012-11-30 | 2013-09-11 | 国泰君安证券股份有限公司 | Security core service system monitoring method |
| CN103714479A (en)* | 2012-10-09 | 2014-04-09 | 四川欧润特软件科技有限公司 | Intelligent centralized monitor method and system for bank personal business fraudulent conducts |
| CN104301147A (en)* | 2014-10-24 | 2015-01-21 | 国家电网公司 | A method for monitoring business and process activities in a business application system |
| US20160234240A1 (en)* | 2015-02-06 | 2016-08-11 | Honeywell International Inc. | Rules engine for converting system-related characteristics and events into cyber-security risk assessment values |
| CN107067157A (en)* | 2017-03-01 | 2017-08-18 | 北京奇艺世纪科技有限公司 | Business risk appraisal procedure, device and air control system |
| CN107067324A (en)* | 2017-04-18 | 2017-08-18 | 上海翼翎数据信息技术有限公司 | A kind of utilization network packet capturing data realize the method and system of transaction risk control |
| CN108108973A (en)* | 2017-12-01 | 2018-06-01 | 北京三快在线科技有限公司 | Business risk control method and device |
| CN108205587A (en)* | 2017-12-28 | 2018-06-26 | 北京九章云极科技有限公司 | A kind of daily record monitoring method and system |
| CN109146381A (en)* | 2018-08-23 | 2019-01-04 | 北京顺丰同城科技有限公司 | Logistics data monitoring method, device, electronic equipment and computer storage medium |
| CN109347202A (en)* | 2018-09-06 | 2019-02-15 | 国网浙江省电力有限公司 | Typical operation identification and multi-dimensional analysis method of monitoring equipment |
| CN109377003A (en)* | 2018-09-21 | 2019-02-22 | 泰康保险集团股份有限公司 | Risk control method and device, computer readable storage medium, electronic equipment |
| CN109800221A (en)* | 2019-02-01 | 2019-05-24 | 浪潮软件集团有限公司 | A kind of mass data association relationship analysis method, apparatus and system |
| CN110262949A (en)* | 2019-04-29 | 2019-09-20 | 北京邮电大学 | Intelligent device log processing system and method |
| CN110610376A (en)* | 2019-08-01 | 2019-12-24 | 招联消费金融有限公司 | Behavior data response method and device, computer equipment and storage medium |
| US20200019904A1 (en)* | 2018-07-16 | 2020-01-16 | Beijing Baidu Netcom Science And Technology Co., Ltd. | Operation defense method and device, apparatus, and computer-readable storage medium |
| US20200082407A1 (en)* | 2015-07-10 | 2020-03-12 | Dyron Clower | Instant funds availablity risk assessment and real-time fraud alert system and method |
- 2020
- 2020-03-31CNCN202010245839.7Apatent/CN111353892B/enactiveActive
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103714479A (en)* | 2012-10-09 | 2014-04-09 | 四川欧润特软件科技有限公司 | Intelligent centralized monitor method and system for bank personal business fraudulent conducts |
| CN103295155A (en)* | 2012-11-30 | 2013-09-11 | 国泰君安证券股份有限公司 | Security core service system monitoring method |
| CN104301147A (en)* | 2014-10-24 | 2015-01-21 | 国家电网公司 | A method for monitoring business and process activities in a business application system |
| US20160234240A1 (en)* | 2015-02-06 | 2016-08-11 | Honeywell International Inc. | Rules engine for converting system-related characteristics and events into cyber-security risk assessment values |
| US20200082407A1 (en)* | 2015-07-10 | 2020-03-12 | Dyron Clower | Instant funds availablity risk assessment and real-time fraud alert system and method |
| CN107067157A (en)* | 2017-03-01 | 2017-08-18 | 北京奇艺世纪科技有限公司 | Business risk appraisal procedure, device and air control system |
| CN107067324A (en)* | 2017-04-18 | 2017-08-18 | 上海翼翎数据信息技术有限公司 | A kind of utilization network packet capturing data realize the method and system of transaction risk control |
| CN108108973A (en)* | 2017-12-01 | 2018-06-01 | 北京三快在线科技有限公司 | Business risk control method and device |
| CN108205587A (en)* | 2017-12-28 | 2018-06-26 | 北京九章云极科技有限公司 | A kind of daily record monitoring method and system |
| US20200019904A1 (en)* | 2018-07-16 | 2020-01-16 | Beijing Baidu Netcom Science And Technology Co., Ltd. | Operation defense method and device, apparatus, and computer-readable storage medium |
| CN109146381A (en)* | 2018-08-23 | 2019-01-04 | 北京顺丰同城科技有限公司 | Logistics data monitoring method, device, electronic equipment and computer storage medium |
| CN109347202A (en)* | 2018-09-06 | 2019-02-15 | 国网浙江省电力有限公司 | Typical operation identification and multi-dimensional analysis method of monitoring equipment |
| CN109377003A (en)* | 2018-09-21 | 2019-02-22 | 泰康保险集团股份有限公司 | Risk control method and device, computer readable storage medium, electronic equipment |
| CN109800221A (en)* | 2019-02-01 | 2019-05-24 | 浪潮软件集团有限公司 | A kind of mass data association relationship analysis method, apparatus and system |
| CN110262949A (en)* | 2019-04-29 | 2019-09-20 | 北京邮电大学 | Intelligent device log processing system and method |
| CN110610376A (en)* | 2019-08-01 | 2019-12-24 | 招联消费金融有限公司 | Behavior data response method and device, computer equipment and storage medium |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111951010A (en)* | 2020-07-26 | 2020-11-17 | 中国建设银行股份有限公司 | Business decision method and device based on rule engine, electronic equipment and readable storage medium |
| CN112434214A (en)* | 2020-11-03 | 2021-03-02 | 中国南方电网有限责任公司 | Redis-based operation event pushing method |
| CN112529528A (en)* | 2020-12-16 | 2021-03-19 | 中国南方电网有限责任公司 | Workflow monitoring and warning method, device and system based on big data flow calculation |
| CN112529528B (en)* | 2020-12-16 | 2023-01-31 | 中国南方电网有限责任公司 | Workflow monitoring and warning method, device and system based on big data flow calculation |
| CN112613717A (en)* | 2020-12-17 | 2021-04-06 | 安徽兆尹信息科技股份有限公司 | Financial data processing method and storage medium |
| CN112766975A (en)* | 2021-01-20 | 2021-05-07 | 中信银行股份有限公司 | Risk detection method and device, electronic equipment and readable storage medium |
| CN113269547A (en)* | 2021-05-31 | 2021-08-17 | 中国农业银行股份有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN113269547B (en)* | 2021-05-31 | 2024-05-31 | 中国农业银行股份有限公司 | Data processing method, device, electronic equipment and storage medium |
| CN114782165A (en)* | 2022-04-26 | 2022-07-22 | 中国银行股份有限公司 | Bank outlet transaction processing method and system supporting no network |
| CN115034791A (en)* | 2022-05-10 | 2022-09-09 | 广东省机电设备招标中心有限公司 | Multi-section electronic transaction risk real-time monitoring method and system |
| CN114782061A (en)* | 2022-05-12 | 2022-07-22 | 中国平安财产保险股份有限公司 | Risk control method, device, equipment and storage medium |
| CN115880067A (en)* | 2022-11-22 | 2023-03-31 | 中国银行股份有限公司 | Transaction abnormal data processing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111353892B (en) | 2024-07-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111353892B (en) | Transaction risk monitoring method and device | |
| CN113435989B (en) | Financial data processing method and device | |
| CN111782470B (en) | Distributed container log data processing method and device | |
| US11711326B2 (en) | Bot group messaging method | |
| US11431659B2 (en) | Shared and per-user bot group messaging method | |
| CN112163946A (en) | Accounting processing method and device based on distributed transaction system | |
| CN112615753B (en) | Link abnormity tracking method, first node, second node and link | |
| US20220157663A1 (en) | Bot group messaging using bot-specific voice libraries | |
| CN111258602A (en) | Information updating method and device | |
| CN113051094A (en) | Supervision data submission testing method and device | |
| US20210144109A1 (en) | Bot group messaging using general voice libraries | |
| CN115205009A (en) | Account opening business processing method and device based on virtual technology | |
| CN111191143A (en) | Application recommendation method and device | |
| CN112035557B (en) | Transaction log report display method and device | |
| CN113760683B (en) | Log acquisition method and device | |
| CN115099930A (en) | Financial business data processing method and device | |
| US12340263B2 (en) | Edge cloud caching using real-time customer journey insights | |
| CN111459538B (en) | Code synchronization method and device | |
| CN113486013A (en) | Application data processing method and device | |
| CN115373848A (en) | Batch operation and maintenance method and device for servers | |
| CN115208875A (en) | Information integration system of multi-transmission middleware | |
| CN115955450A (en) | Instant message display method, instant message push method, instant message display device, instant message push device, electronic equipment and storage medium | |
| CN111464634A (en) | Channel sharing platform | |
| CN114881643A (en) | Loss reporting method, device and system for bank card | |
| CN115271716A (en) | Cross-domain financial transaction verification method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right | Effective date of registration:20220922 Address after:25 Financial Street, Xicheng District, Beijing 100033 Applicant after:CHINA CONSTRUCTION BANK Corp. Address before:25 Financial Street, Xicheng District, Beijing 100033 Applicant before:CHINA CONSTRUCTION BANK Corp. Applicant before:Jianxin Financial Science and Technology Co.,Ltd. | |
| GR01 | Patent grant | ||
| GR01 | Patent grant |