CN117788054A

CN117788054A - Account verification method and device, electronic equipment and storage medium

Info

Publication number: CN117788054A
Application number: CN202311675681.7A
Authority: CN
Inventors: 干振廷; 钟刚
Original assignee: China Telecom Corp Ltd
Current assignee: China Telecom Corp Ltd
Priority date: 2023-12-07
Filing date: 2023-12-07
Publication date: 2024-03-29

Abstract

The embodiment of the invention provides a verification method and device for an account, electronic equipment and a storage medium, and relates to the technical field of communication, wherein the method comprises the following steps: responding to a user account to initiate a participation request for business activities, and acquiring communication characteristic information and financial characteristic information corresponding to the user account; performing risk detection on the user account according to the communication characteristic information and the financial characteristic information to obtain the real-time risk level of the user account; the method comprises the steps of obtaining a target verification mode corresponding to the real-time risk level, verifying a user account according to the target verification mode, obtaining a verification result corresponding to the user account, reducing the influence on a real user under the condition of realizing user account detection, and simultaneously carrying out risk detection on the user account from the angle of a communication side and the angle of transaction, thereby greatly improving the accuracy and the accuracy of risk detection.

Description

Account verification method and device, electronic equipment and storage medium

Technical Field

The present invention relates to the field of communications technologies, and in particular, to a method for checking an account, a device for checking an account, an electronic device, and a computer readable storage medium.

Background

In the mobile internet era, companies are in order to develop business, promote sales, promote brands, expand user groups and the like, and often attract users to participate in various benefits through a mode of developing activities, but a large number of risk users who take the benefits are in society, a large number of mobile phone numbers are purchased, a favorable activity platform account number is registered in batches, a plurality of mobile phones are controlled or simulated through group control, and second killing, coupon preemption and preferential actions such as taking the products or services are carried out through malicious software and technology, so that the enterprise marketing cost is reduced, and meanwhile, most of the benefits are occupied by the risk users due to the fact that the technical means effect of the risk users is obviously stronger than that of the real users, and the real users are seriously influenced to participate in the activities to enjoy the benefits.

For such users, the following means are mainly adopted to conduct identification protection from the internet side: performing man-machine identification according to the characteristics in the operation process through user behavior analysis, and detecting whether software simulates personnel operation; analyzing and identifying data characteristics such as user IP and the like acquired from an Internet acquisition side; identifying through abnormal interface call; identifying the mobile phone terminal device by comparing the IMSI (International Mobile Subscriber Identity ); and constructing a blacklist through analysis of abnormal delivery orders, return visit data and the like after the event. However, since the risk user means is also continuously upgrading the countermeasure means, the countermeasure abnormal behavior recognition: by developing a Bots (robot) program which is closer to the operation of a real person, the man-machine identification is avoided; virtual IP through cloud service providers or proxy servers, even trojan backdoors; adopting a more concealed interface calling means; blocking the IMSI permission from being acquired, and preventing the IMSI from being identified; and hiring a professional scattered receiving address to take goods, and answering and replying to the return visit by adopting an AI voice technology. The original recognition technology means is not adequate, and a new method for recognizing the favorable earning risk behavior is needed, so that the loss is reduced, and the real user participation experience is improved.

Disclosure of Invention

The embodiment of the invention provides a verification method and device for an account, electronic equipment and a computer readable storage medium, so as to solve or partially solve the problem of inaccurate identification of risk behaviors.

The embodiment of the invention discloses a verification method of an account, which comprises the following steps:

responding to a user account to initiate a participation request for business activities, and acquiring communication characteristic information and financial characteristic information corresponding to the user account;

performing risk detection on the user account according to the communication characteristic information and the financial characteristic information to obtain a real-time risk level of the user account;

and acquiring a target verification mode corresponding to the real-time risk level, and verifying the user account according to the target verification mode to acquire a verification result corresponding to the user account, wherein the verification result comprises one of successful verification and failure verification of the user account.

In some optional embodiments, the risk detection of the user account according to the communication feature information and the financial feature information, to obtain a real-time risk level of the user account, includes:

scoring the user account by adopting the communication characteristic information to obtain a communication characteristic score of the user account, and scoring the user account by adopting the financial characteristic information to obtain a financial characteristic score of the user account;

And carrying out weighted calculation on the communication characteristic score and the financial characteristic score to obtain the real-time risk level of the user account.

In some optional embodiments, the communication feature information at least includes a package tariff level, a number level, a historical number of times of under-stops, a base station connection state, and IP information, and the scoring the user account with the communication feature information to obtain a communication feature score of the user account includes:

and scoring the user account by adopting the package charge grade, the number grade, the historical under-stop times, the base station connection state and the IP information to obtain the communication characteristic score of the user account.

In some optional embodiments, the financial feature information includes at least a verification number, a ticket payment number and a payment total number, where the verification number is a user account historical transaction number, the verification number is a merchant number for which the user account historical transaction is successful, the ticket payment number is a number for which a coupon is used for payment in the user account historical transaction process, and the scoring the user account with the financial feature information to obtain a financial feature score of the user account includes:

Calculating the verification and sale merchant ratio of the user account by adopting the verification and sale times and the verification and sale merchant number;

calculating the ticket payment rate of the user account by adopting the ticket payment times and the total payment times;

and scoring the user account by adopting the verifying and verifying merchant ratio and the coupon payment rate to obtain the financial characteristic score of the user account.

In some optional embodiments, the weighting the communication feature score with the financial feature score to obtain the real-time risk level of the user account includes:

weighting calculation is carried out on the communication characteristic scores and the financial characteristic scores, risk scores of the user accounts are obtained, and a preset grade corresponding to the risk scores is used as a basic risk grade of the user accounts;

if the user account is a number which is not acquired in the preset time length, taking the basic risk level as the real-time risk level of the user account;

if the user account is the number of the coupon in the preset time length, determining a target coupon which is taken by the user account in the preset time length, and acquiring coupon parameters corresponding to each target coupon;

Calculating a subsidy index of the target coupon by adopting the coupon parameters;

and calculating the real-time risk level of the user account by adopting the subsidy index corresponding to each target coupon and the basic risk level.

In some alternative embodiments, the ticket parameters include at least an actual subsidy value, a ticket face value, and a tuning parameter, and the calculating the subsidy index of the target ticket using the ticket parameters includes:

and calculating the subsidy index of the target coupon by adopting the actual subsidy value, the coupon face value and the adjustment parameter.

In some optional embodiments, the acquiring a target verification manner corresponding to the real-time risk level includes:

if the real-time risk level is a first risk level, a first verification mode aiming at the user account is obtained, wherein the first verification mode is one-time man-machine verification;

if the real-time risk level is a second risk level, acquiring a second verification mode aiming at the user account, wherein the second verification mode is at least two man-machine verification modes;

if the real-time risk level is a third risk level and the subsidy index is smaller than a first preset threshold, a third verification mode for the user account is obtained, wherein the third verification mode is a live experience mode;

And if the real-time risk level is a third risk level and the subsidy index is equal to a second preset threshold, intercepting the parameter request.

In some optional embodiments, the verifying the user account according to the target verification manner, to obtain a verification result corresponding to the user account, includes:

and if the user account passes through the live experience authentication mode, degrading the real-time risk level of the user account to obtain a target risk level.

The embodiment of the invention also discloses a checking device of the account, comprising:

the characteristic information acquisition module is used for responding to a participation request initiated by a user account for business activities and acquiring communication characteristic information and financial characteristic information corresponding to the user account;

the risk detection module is used for detecting the risk of the user account according to the communication characteristic information and the financial characteristic information, and obtaining the real-time risk level of the user account;

and the verification module is used for acquiring a target verification mode corresponding to the real-time risk level, verifying the user account according to the target verification mode, and acquiring a verification result corresponding to the user account, wherein the verification result comprises one of successful verification and failure verification of the user account.

In some alternative embodiments, the risk detection module is specifically configured to:

In some optional embodiments, the communication characteristic information includes at least a package tariff level, a number level, a historical number of times of under-stops, a base station connection state, and IP information, and the risk detection module is specifically configured to:

In some optional embodiments, the financial feature information includes at least a verification number, a ticket payment number, and a payment total number, where the verification number is a user account historical transaction number, the verification number is a merchant number for which the user account historical transaction is successful, the ticket payment number is a number for which coupon payment is used in the user account historical transaction process, and the risk detection module is specifically configured to:

In some alternative embodiments, the ticket parameters include at least an actual subsidy value, a ticket face value, and an adjustment parameter, and the risk detection module is specifically configured to:

In some alternative embodiments, the verification module is specifically configured to:

The embodiment of the invention also discloses electronic equipment, which comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;

the memory is used for storing a computer program;

the processor is configured to implement the method according to the embodiment of the present invention when executing the program stored in the memory.

Embodiments of the present invention also disclose a computer-readable storage medium having instructions stored thereon, which when executed by one or more processors, cause the processors to perform the method according to the embodiments of the present invention.

The embodiment of the invention has the following advantages:

in the embodiment of the invention, when the user account participates in the corresponding business activity, the participation request aiming at the business activity can be initiated by responding to the user account, the communication characteristic information and the financial characteristic information corresponding to the user account are obtained, then the risk detection is carried out on the user account according to the communication characteristic information and the financial characteristic information, the real-time risk grade of the user account is obtained, if the real-time risk grade characterizes that the user account can participate in the business activity, the target verification mode corresponding to the real-time risk grade is obtained, the user account is verified according to the target verification mode, the verification result corresponding to the user account is obtained, the risk detection is carried out on the user account through the communication characteristic and the financial characteristic, the influence on the real user is reduced under the condition of realizing the detection of the user account, and meanwhile, the risk detection is carried out on the user account from the angle of the communication side and the transaction angle, so that the accuracy and the accuracy of the risk detection are greatly improved.

Drawings

FIG. 1 is a flow chart of steps of a method for verifying an account provided in an embodiment of the present invention;

FIG. 2 is a schematic flow chart of account verification provided in an embodiment of the present invention;

FIG. 3 is a schematic flow chart of account verification provided in an embodiment of the present invention;

FIG. 4 is a block diagram of an account verification device according to an embodiment of the present invention;

fig. 5 is a block diagram of an electronic device provided in an embodiment of the invention.

Detailed Description

In order that the above-recited objects, features and advantages of the present invention will become more readily apparent, a more particular description of the invention will be rendered by reference to the appended drawings and appended detailed description.

In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, the following explains and describes some technical features related to the embodiments of the present invention:

communication package tariffs: the consumer uses the communication carrier product, and the product use cost is required to be paid every month.

Number grade: the mobile phone number used for communication is usually composed of 11 digits, and is most popular in regular arrangement, sequential arrangement or multiple repeated arrangement, combination circulation and the like. The operator may categorize numbers that match different ranking features into different number classes.

And (3) a base station: the base station, i.e., the public mobile communication base station, is one type of radio station, and is a radio transceiver station for transmitting information to and from a mobile phone terminal through a mobile communication switching center in a certain radio coverage area, and is responsible for investment construction and operation management by a communication carrier.

IMSI: international Mobile Subscriber Identity (IMSI) International Mobile Subscriber Identity is an internationally assigned number that uniquely identifies a mobile subscriber.

Bots: the robot program can perform specified software operation according to the action of the set dummy.

LBS: the mobile phone location service (Location Based Services) is also called as mobile phone location service, and is to determine the actual geographic position of the mobile user through the cooperation of the mobile terminal and a GPS, beidou satellite positioning system and a mobile network.

As an example, abnormal risk identification is performed on a user account based on characteristics of the internet side, so that the abnormal risk of the user account can be easily avoided by a risk user through technical means, and the abnormal risk of the user account can not be effectively identified.

In the invention, when the user account participates in the corresponding business activity, the participation request aiming at the business activity can be initiated by responding to the user account, the communication characteristic information and the financial characteristic information corresponding to the user account are obtained, then the risk detection is carried out on the user account according to the communication characteristic information and the financial characteristic information, the real-time risk grade of the user account is obtained, if the real-time risk grade characterizes the user account to participate in the business activity, the target verification mode corresponding to the real-time risk grade is obtained, the user account is verified according to the target verification mode, the verification result corresponding to the user account is obtained, the risk detection is carried out on the user account through the communication characteristic and the financial characteristic, the influence on the real user is reduced under the condition of realizing the user account detection, and meanwhile, the risk detection is carried out on the user account from the angle of the communication side and the transaction angle, so that the accuracy and the precision of the risk detection are greatly improved.

It should be noted that, for the acquisition of the user data, the acquisition may be performed under the condition that the local law is satisfied and the user authorization is obtained, so as to ensure the security of the user privacy data.

Referring to fig. 1, a step flowchart of an account verification method provided in an embodiment of the present invention may specifically include the following steps:

step 101, responding to a user account to initiate a participation request for business activities, and acquiring communication characteristic information and financial characteristic information corresponding to the user account;

for the user account, the user account may be a user number, such as a mobile phone number, account information, and the like, and in the embodiment of the present invention, the user account is exemplified as the mobile phone number.

In practice, operators often issue corresponding business activities at intervals, and users can enjoy corresponding offers while participating in such activities, for which users can initiate participation requests for the business activities through user terminals. After receiving the participation request sent by the user terminal, the wind control evaluation system can acquire the communication characteristic information and the financial characteristic information corresponding to the user account, so that risk detection is carried out on the user account based on the communication characteristic information and the financial characteristic information. The communication characteristic information can be parameters generated when the user account executes communication behaviors, the financial characteristic information can be parameters corresponding to historical transaction behaviors of the user account, the communication behaviors, the historical data, abnormal conditions and other risk characteristics of the user account can be detected through the communication characteristic information, and historical consumption behaviors and other risks of the user account can be detected through the financial characteristic information.

In a specific implementation, the communication characteristic information at least includes package tariff level, number level, historical under-stop number, base station connection state, IP information, etc., and the communication characteristic information may be provided by the operator background system (package tariff level, number level, historical under-stop number, etc.), and by the base station management system (base station connection state, IP information, etc.); the financial characteristic information can be provided to the wind control evaluation system by a payment channel party cooperated with an operator in an API (Application Programming Interface ) mode, and after the wind control evaluation system receives the corresponding characteristic information, risk detection of different dimensions can be performed on the user number to judge whether the user account meets the condition of participating in the business activity.

102, performing risk detection on the user account according to the communication characteristic information and the financial characteristic information to obtain a real-time risk level of the user account;

in the embodiment of the invention, the current risk of the user account can be determined through the real-time risk level, and whether the user account meets the condition of participating in the business activity or not can be judged through the real-time risk level. In the specific implementation, the communication characteristic information is adopted to score the user account, so as to obtain the communication characteristic score of the user account, the financial characteristic information is adopted to score the user account, so as to obtain the financial characteristic score of the user account, and then the communication characteristic score and the financial characteristic score are subjected to weighted calculation, so that the real-time risk grade of the user account is obtained.

In a specific implementation, for the communication characteristic information, the wind control evaluation system may score the user account by adopting the package tariff level, the number level, the historical number of times of stopping, the connection state of the base station and the IP information, so as to obtain the communication characteristic score of the user account. The financial characteristic information at least comprises the verification times, the verification and sale number of customers, the ticket payment times and the payment total times, wherein the verification and sale number is the historical transaction number of the user account, the verification and sale number is the successful merchant number of the historical transaction of the user account, the ticket payment times is the coupon payment number used in the historical transaction process of the user account, the wind control evaluation system can calculate the verification and sale merchant ratio of the user account by adopting the verification and sale number and the verification and sale merchant ratio, calculate the ticket payment rate of the user account by adopting the ticket payment times and the payment total times, and score the user account by adopting the verification and sale merchant ratio and the ticket payment rate to obtain the financial characteristic score of the user account.

After the communication feature score and the financial feature score are obtained, weighting calculation can be performed by adopting the communication feature score and the financial feature score to obtain a risk score of the user account, a preset grade corresponding to the risk score is used as a basic risk grade of the user account, and if the user account is a number which is not acquired in a preset time period, the basic risk grade is used as a real-time risk grade of the user account; if the user account is the number of the coupon in the preset time, determining a target coupon which is taken by the user account in the preset time, acquiring coupon parameters corresponding to each target coupon, calculating the subsidy index of the target coupon by adopting the coupon parameters, and calculating the real-time risk level of the user account by adopting the subsidy index and the basic risk level corresponding to each target coupon.

Optionally, for the ticket parameter including at least the actual subsidy value, the ticket face value, and the adjustment parameter, the wind control evaluation system may calculate the subsidy index of the target ticket using the actual subsidy value, the ticket face value, and the adjustment parameter. In one example, for the calculation process of the communication feature score, the package tariff score, the number grade score, the under-stop score, the base station connection score and the IP score corresponding to the package tariff grade may be calculated according to the package tariff grade, the number grade, the historical under-stop number, the base station connection status, the IP information, and the like, and the following process may be referred to specifically, for the package tariff score (a): the package price grading is mainly to judge whether the package of the user is a first-level package according to the package price of the user per month, and the second-level package and the third-level package, so that x=the package price per month, and the preliminary judgment is as follows:

when x <5, the risk is high and the score should be low, so a=x 0.01;

when 5< x <20 is the second level package, the risk is generally normal, so a=x 0.1;

when x >20 is the third level package, the risk is less and the score should be higher, so a=x 0.5.

For number grade grading (S), in number grade analysis of risk users, if the number grade of the risk users is lower, the number grades can be respectively graded according to the grading of operators, and the specific grading is as follows:

when the number class is 6, the class is very high and the risk is very low, so s=40 points;

when the number grade is 5, the grade is higher, the risk is lower, so s=30 points;

when the number grade is 4, the grade is higher, the risk is lower, so s=20 points;

when the number class is 3, the class is high, the risk is low, so s=10 points;

when the number class is class 2, the class is medium, the risk is medium, and thus s=5 points;

when the number class is class 1, the class is general and the risk is general, so s=3 points;

when the number class is 0, the risk is higher for the normal user than for the above-mentioned rated number, so s=1.

Wherein, the user number grade, the reference standard and the scoring condition are shown in the following table:

for the under-stop score (B): the under-stop scoring is mainly performed on the user account according to the past under-stop data of the user account, the core parameters are the past under-stop times (a) and the past total under-stop time (b, unit hour), and if the user account is frequently arreared or the total under-stop time is longer, the score is lower. The total under-stop time is in hours, b=a×b/24.

When the number of times of under-stop is larger and the time of under-stop is longer, the risk of representing the user account is higher, and the score of B is higher;

when the number of under-stops is smaller and the under-stop time is shorter, the risk representing the user account is smaller, and the score of B is smaller.

The specific algorithm is as follows:

a'＝(a-a_min)/(a_max-a_min)

b'＝(b-b_min)/(b_max-b_min)

the step is to normalize the two core parameters so that the two parameters are of the same magnitude so that they can be fairly combined, where a_min and a_max are the minimum and maximum of the number of under stops and b_min and b_max are the minimum and maximum of the total time of under stops.

B ' =1.5×a ' +1.1×b ', which is obtained by weighting two core parameters respectively

B=b' ×100, and finally converting the score into a specific score range.

For base station connection score (C): the number of base stations connected with each month of the risk user accounts is small, even a few months, only one base station is connected, and when an activity is performed, other risk user accounts are often connected with the base station connected with a certain risk user account, and the risk user account groups are concentrated in one place and possibly uniformly controlled by a computer, so that the specific conditions can be calculated according to the number (h) of the base stations connected with each month of the user accounts and the number (u) of the user accounts connected with the same base station as the current user account in all the user accounts participating in the activity as main parameters, wherein the specific conditions are as follows:

When the number of the base stations connected in each month of the user account is not more than 10 or is only 1, the abnormal behavior of the user account is indicated, and the possibility of being uniformly controlled exists, so that the score is lower when the number of the base stations connected in each month is smaller, the specific algorithm is as follows:

the average number of connected base stations in the current active all user accounts is h ', h ' = (h1+h2+h … +hn)/n, and t=h/h ' ×10; when the number of the base stations connected in the user account per month exceeds 10, the user account is indicated to have normal behavior track, and C=t×5.

When the activity is in progress, the judgment can be also performed according to the number of user accounts connected with the same base station as the user account, and if the number of people connected with the base station and participating in the activity suddenly increases greatly, the possibility that the user account has centralized benefits is indicated:

when u is less than 100, the number of user accounts connected with the same base station is normal, weighting is not needed, and C=C;

when u >100, the user account data connected with the same base station is abnormal, the score of the user account data is halved, and C=C 0.5

For IP score (D): the IP score of the user account is used as a weighting coefficient of an overall algorithm, and can be compared (g) according to an IP area (m) to which the user account currently belongs, an area (n) to which a base station to which the user account is currently connected belongs, and an LBS location area, if the IP score of the user account, the IP area, the base station and the LBS location area are inconsistent, the IP of the current user account is possibly proxied, and the risk is high. The specific cases are as follows:

When m, n and g are consistent, representing that all the behaviors of the user account are normal, and the weighted score is D=1.2;

when n is consistent with m and g is inconsistent, representing that the user account is actually positioned in a connecting area between the base station and the ip, a certain risk exists, and the weighted score is D=0.6;

when n is consistent with g and m is inconsistent, representing that the area of the user account ip is abnormal, the risk of being proxied possibly exists, and the weighted score is D=0.5;

when n, m and g are inconsistent, the data representing the user account are abnormal, the risk is high, and the weighted score is D=0.1;

when n has no data and m and g have data, the data representing the unconnected base station or the abnormal base station of the user account, the probability of the virtual user account is high, so the weighted score is D=0.01,

the comparison condition and the scoring condition of m, n and g are shown in the following table:

parameter comparison	Score (D)
		m, n and g are consistent	1
n is consistent with m, g is inconsistent with m	0.6
		n is consistent with g and m is inconsistent with g	0.5
m, n and g are all inconsistent	0.1
		n has no data, m and g have data	0.01

After the package tariff score (A), the number grade score (S), the under-stop score (B), the base station connection score (C), the IP score (D) and the like are obtained through calculation in the process, the user account can be comprehensively processed and analyzed to obtain the communication characteristic score of the user account, and the specific process is as follows:

P＝(A-B+C*100)*D+S

Package tariff score, under-stop score, base station connection score, are weighted by IP score, and number grade score is superimposed as a single term score. The higher the package tariff score is, the lower the under-stop score is, the higher the base station connection score is, and the higher the number-of-beauty grade score is, the higher the total communication score is; otherwise, the score is low. Further, for the financial feature scoring, the financial scoring of the user is performed by using the verifying number of customers ratio y (verifying number of times/verifying number of customers), the ticket payout rate w (ticket payout number of times/total payout number of times). The financial score q= (1/(y+w)) of the user is 100, specifically as follows:

when the number of the verification merchants is high, the verification merchants represent that the user pays only at a few merchants, and the arbitrage risk is high, so that the score is low; when the bill payment rate is low, only when the bill is used, the bill is paid, and the arbitrage risk is high, because the risk user cannot actually pay daily expenses at ordinary times for arbitrage.

After the communication feature score and the financial feature score are obtained through calculation, the communication feature score and the financial feature score can be weighted to obtain a risk score of the user account, and the risk score is specifically as follows:

M＝P+2Q

since the financial feature score is related to the actual payment of the user account, in the risk score of the user account, the communication feature score is added to the doubled financial feature score.

Step 103, obtaining a target verification mode corresponding to the real-time risk level, and verifying the user account according to the target verification mode to obtain a verification result corresponding to the user account, wherein the verification result comprises one of successful verification and failure verification of the user account.

In the embodiment of the invention, after the risk detection is carried out on the user account to obtain the real-time risk level, the risk of the user account can be judged according to the real-time risk level, and the corresponding verification mode can be obtained according to the real-time risk level, so that the user account is further verified in the verification mode, the influence on the real user is reduced under the condition of realizing the detection of the user account, and meanwhile, the risk detection is carried out on the user account from the angle of the communication side and the transaction, so that the accuracy and the accuracy of the risk detection are greatly improved.

In a specific implementation, the real-time risk level can be compared with a preset risk level, and if the real-time risk level is the first risk level, a first verification mode for the user account is obtained, wherein the first verification mode is one-time man-machine verification; if the real-time risk level is the second risk level, a second verification mode aiming at the user account is obtained, and the second verification mode is at least two man-machine verification modes; if the real-time risk level is the third risk level and the subsidy index is smaller than the first preset threshold, a third verification mode aiming at the user account is obtained, and the third verification mode is a live experience verification mode; if the real-time risk level is the third risk level and the subsidy index is equal to the second preset threshold, intercepting the parameter request, and accordingly, aiming at different risk levels, performing differentiated verification on the user account by adopting different verification modes, and effectively guaranteeing effectiveness of user account verification.

It should be noted that, for man-machine verification, the user can interact with the user by outputting corresponding verification content in the interaction interface, when the interaction operation input by the user accords with the verification content, the verification is determined to be successful, and the user account is allowed to participate in the business activities (such as coupon, preferential activity, etc.); when the interactive operation input by the user does not accord with the verification content, judging that the verification fails, intercepting the participation request of the user account, and sending corresponding feedback information to the user terminal to which the user account belongs. The human-computer verification can include short message verification, verification code verification, gesture verification, graphic verification, face identification, fingerprint verification, text verification, voiceprint verification and the like, and the living experience verification mode can be a mode of scanning and identifying biological characteristics of a user to verify the identity of the user, such as facial recognition, fingerprint recognition, eyeball recognition, voiceprint recognition, behavior recognition, electrocardiogram recognition and the like, and whether the user account is an account operated by a real user can be more accurately verified through the living verification mode, so that the accuracy of user account verification is ensured.

In the above process, if the user account needs to perform living verification, after performing corresponding living verification, if the user account passes through the living experience verification mode, the real-time risk level of the user account is degraded, a target risk level is obtained, then a verification mode corresponding to the target risk level is obtained again, and verification of the user account is continued based on the new verification mode.

In one example, the base risk level (K) is based on the communication characteristic score and the financial characteristic score. The total basic level of the users is 6 levels, namely no risk, low micro risk, low risk, medium and high risk. Wherein, the risk-free and low risk-medium risk-third risk-etc. can be used as the first risk-level, the risk-low risk-medium risk-second risk-third risk-etc., and the invention is not limited to this. Wherein:

grade one: the total score of the user account is more than 81 points, so that risk is avoided; grade two: the total score of the user account is between 51 and 80, so that the risk of low risk is low, and the risk of suspicious is low; grade three: the total score of the user account is between 31 and 50, the risk is low, and the risk of medium and low suspicion is high; grade four: user account total score between 21-30, risk in medium-grade suspicious risk; grade five: the total score of the user account is between 11 and 20, the risk is medium and high, and the risk is high; grade six: the total score of the user account is less than 10, the risk is high, the risk is highly suspicious, and the risk is very high. And finally obtaining a total score for each user account according to the algorithm, wherein the comparison relation between the total score and the basic risk level is as follows:

User account score	Basic risk level	Degree of risk
			<10	6	Risk of high doubt
11-20	5	Risk of medium-high suspicion
			21-30	4	Risk of moderate suspicion
31-50	3	Risk of low-medium level doubt
			51-80	2	Risk of low suspicion
>81	1	No risk

Assuming that the business activity is the activity of taking coupons, initiating a process of taking coupons in a user account, and dynamically calculating the influence of the user coupon on the change of the risk level by the user coupon according to the adjustment of the real-time risk level (L) of the risk user under the recent coupon taking condition by the wind control evaluation system:

for non-coupon users within 96 hours, real-time risk level (L) =base risk level (K).

For 96 hours of users with coupon actions:

according to the coupon subsidy proportion situation subsidy index (I) obtained by the user, when the subsidy index is used for dynamically adjusting the risk level of the user in the next step, weight calculation is carried out, and the algorithm can convert the ratio of the actual subsidy value o to the coupon face value p into the subsidy index I between 0 and 1 so as to represent different subsidy degrees. When the ratio o/p is equal to r, the patch index I reaches the maximum value 1, which indicates that the patch strength has reached the maximum value, and the measurement rule is as follows:

the actual subsidy value (o) refers to the amount of the actual subsidy, the coupon face value (p) refers to the deduction amount of the coupon, the subsidy adjustment constant is (q) which is mainly used for adjusting the increasing amplitude of the subsidy index I according to the actual situation, (q) > 1, r refers to the subsidy loss line (0 is less than or equal to r is less than or equal to 1) calculated according to different services, loss occurs below the line, and sqrt refers to square root. The calculation formula is as follows: i= (sqrt ((o/p) 100) -sqrt ((o/p) 100 q))/(sqrt (r) -sqrt (r q)). Then, the real-time risk level (L) is obtained by adding the product of the sum of the subsidy indexes (I) of the coupons at each time and a dynamic adjustment coefficient s (which is set according to the service difference, and the higher the coefficient is, the larger the influence of the coupons is), and the calculation formula is as follows: l=k+ (i1+i2+i3+.+ It) s, and the L calculation results are rounded.

After the actual risk level of the user account is obtained through the above process, according to different participation thresholds which are already set, a verification mode corresponding to the actual risk level is obtained, and then the user account is verified based on the verification mode, specifically, the mapping mode between the actual risk level and the verification mode can be:

in addition, for the user account which does not meet the grade requirement, a prompt page is popped up to inform the user that the user account cannot participate in the activity because the grade requirement is not met, a complaint entrance is provided, the user account can complain through the activity page, living body identification is firstly carried out, then a picture which can prove the non-risk user account of the user account is provided according to the requirement to prove the handheld identity card and the date of the completion of the day, and the signature confirmation is carried out on the confirmation book through an electronic signature; after the related materials pass the manual verification, the customer service party calls the customer voice verification, and simultaneously carries out living body identification on the user account through the evaluation (K) of the basic risk level, and after the verification of the user account passes the verification, the user account level is increased to the level of the participatable activity.

It should be noted that the embodiments of the present invention include, but are not limited to, the foregoing examples, and it will be understood that those skilled in the art may also set the embodiments according to actual requirements under the guidance of the concepts of the embodiments of the present invention, which are not limited thereto.

In order to enable those skilled in the art to better understand the technical solutions according to the embodiments of the present invention, the following exemplary descriptions are provided by way of corresponding examples:

referring to fig. 2, a flow chart of account verification provided in an embodiment of the present invention is shown, which specifically includes:

S1, acquiring a mobile phone number of a user to be identified;

s2, acquiring communication characteristic information and financial characteristic information through a mobile phone number;

s3, scoring according to the communication characteristic information and the financial characteristic information;

s4, evaluating the risk level of the user according to the communication characteristic score and the financial characteristic score;

s5, performing risk control based on the risk level of the user when the activity is performed;

s6, providing a manual channel, and enabling a user to complain about risk control release.

Referring to fig. 3, a flow chart of account verification provided in an embodiment of the present invention is shown, which specifically includes: after the user enters the system page, the user can authorize the system to acquire corresponding information, such as communication package data, number grade, IP information, connection base station information, LBS positioning information, verifying and selling merchant ratio, coupon payment rate, historical under-stop times and the like, then can calculate corresponding package tariff scores, number grade scores, under-stop scores, base station connection scores, IP scores, financial scores and the like based on the information, and then calculates corresponding user risk scores according to the package tariff scores, number grade scores, under-stop scores, base station connection scores, IP scores, financial scores and the like. After the user risk score is obtained, a corresponding user basic risk level can be obtained, and in the process of participating in the activity, the user dynamic risk level is calculated, so that corresponding applications such as a coupon, a real name, living authentication and the like are executed according to the user dynamic risk level to change the dynamic risk level.

The risk detection is carried out on the user account through the communication characteristics and the financial characteristics, the influence on the real user is reduced under the condition of realizing the detection of the user account, and meanwhile, the risk detection is carried out on the user account from the angle of the communication side and the angle of the transaction, so that the accuracy and the accuracy of the risk detection are greatly improved.

It should be noted that, for simplicity of description, the method embodiments are shown as a series of acts, but it should be understood by those skilled in the art that the embodiments are not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred embodiments, and that the acts are not necessarily required by the embodiments of the invention.

Referring to fig. 4, a block diagram of an account verification device provided in an embodiment of the present invention is shown, which may specifically include the following modules:

the feature information obtaining module 401 is configured to obtain communication feature information and financial feature information corresponding to a user account in response to the user account initiating a participation request for a business activity;

The risk detection module 402 is configured to perform risk detection on the user account according to the communication characteristic information and the financial characteristic information, so as to obtain a real-time risk level of the user account;

and the verification module 403 is configured to obtain a target verification manner corresponding to the real-time risk level, and verify the user account according to the target verification manner, so as to obtain a verification result corresponding to the user account, where the verification result includes one of success and failure in verification of the user account.

In some alternative embodiments, the risk detection module 402 is specifically configured to:

In some alternative embodiments, the communication characteristic information includes at least package tariff level, number level, historical number of times of under-stops, base station connection status, and IP information, and the risk detection module 402 is specifically configured to:

In some optional embodiments, the financial characteristic information includes at least a verification number, a ticket payment number, and a payment total number, where the verification number is a user account historical transaction number, the verification number is a merchant number for which the user account historical transaction is successful, the ticket payment number is a number for which a coupon payment is used in the user account historical transaction process, and the risk detection module 402 is specifically configured to:

In some alternative embodiments, the ticket parameters include at least an actual subsidy value, a ticket face value, and an adjustment parameter, and the risk detection module 402 is specifically configured to:

In some alternative embodiments, the verification module 403 is specifically configured to:

For the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points.

In addition, the embodiment of the invention also provides electronic equipment, which comprises: the processor, the memory, store the computer program on the memory and can run on the processor, this computer program realizes each course of the above-mentioned account check method embodiment when being carried out by the processor, and can reach the same technical result, in order to avoid repetition, will not be repeated here.

The embodiment of the invention also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor, realizes the processes of the above account verification method embodiment, and can achieve the same technical effects, and in order to avoid repetition, the description is omitted here. Wherein the computer readable storage medium is selected from Read-Only Memory (ROM), random access Memory (Random Access Memory, RAM), magnetic disk or optical disk.

Fig. 5 is a schematic diagram of a hardware structure of an electronic device implementing various embodiments of the present invention.

The electronic device 500 includes, but is not limited to: radio frequency unit 501, network module 502, audio output unit 503, input unit 504, sensor 505, display unit 506, user input unit 507, interface unit 508, memory 509, processor 510, and power source 511. It will be appreciated by those skilled in the art that the structure of the electronic device according to the embodiments of the present invention is not limited to the electronic device, and the electronic device may include more or less components than those illustrated, or may combine some components, or may have different arrangements of components. In the embodiment of the invention, the electronic equipment comprises, but is not limited to, a mobile phone, a tablet computer, a notebook computer, a palm computer, a vehicle-mounted terminal, a wearable device, a pedometer and the like.

It should be understood that, in the embodiment of the present invention, the radio frequency unit 501 may be used to receive and send information or signals during a call, specifically, receive downlink data from a base station, and then process the downlink data with the processor 510; and, the uplink data is transmitted to the base station. Typically, the radio frequency unit 501 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like. In addition, the radio frequency unit 501 may also communicate with networks and other devices through a wireless communication system.

The electronic device provides wireless broadband internet access to the user through the network module 502, such as helping the user to send and receive e-mail, browse web pages, access streaming media, and the like.

The audio output unit 503 may convert audio data received by the radio frequency unit 501 or the network module 502 or stored in the memory 509 into an audio signal and output as sound. Also, the audio output unit 503 may also provide audio output (e.g., a call signal reception sound, a message reception sound, etc.) related to a specific function performed by the electronic device 500. The audio output unit 503 includes a speaker, a buzzer, a receiver, and the like.

The input unit 504 is used for receiving an audio or video signal. The input unit 504 may include a graphics processor (Graphics Processing Unit, GPU) 5041 and a microphone 5042, the graphics processor 5041 processing image data of still pictures or video obtained by an image capturing device (e.g., a camera) in a video capturing mode or an image capturing mode. The processed image frames may be displayed on the display unit 506. The image frames processed by the graphics processor 5041 may be stored in the memory 509 (or other storage medium) or transmitted via the radio frequency unit 501 or the network module 502. Microphone 5042 may receive sound and may be capable of processing such sound into audio data. The processed audio data may be converted into a format output that can be transmitted to the mobile communication base station via the radio frequency unit 501 in case of a phone call mode.

The electronic device 500 also includes at least one sensor 505, such as a light sensor, a motion sensor, and other sensors. Specifically, the light sensor includes an ambient light sensor that can adjust the brightness of the display panel 5061 according to the brightness of ambient light, and a proximity sensor that can turn off the display panel 5061 and/or the backlight when the electronic device 500 is moved to the ear. As one of the motion sensors, the accelerometer sensor can detect the acceleration in all directions (generally three axes), and can detect the gravity and direction when stationary, and can be used for recognizing the gesture of the electronic equipment (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration recognition related functions (such as pedometer and knocking), and the like; the sensor 505 may further include a fingerprint sensor, a pressure sensor, an iris sensor, a molecular sensor, a gyroscope, a barometer, a hygrometer, a thermometer, an infrared sensor, etc., which are not described herein.

The display unit 506 is used to display information input by a user or information provided to the user. The display unit 506 may include a display panel 5061, and the display panel 5061 may be configured in the form of a liquid crystal display (Liquid Crystal Display, LCD), an Organic Light-Emitting Diode (OLED), or the like.

The user input unit 507 is operable to receive input numeric or character information and to generate key signal inputs related to user settings and function control of the electronic device. Specifically, the user input unit 507 includes a touch panel 5071 and other input devices 5072. Touch panel 5071, also referred to as a touch screen, may collect touch operations thereon or thereabout by a user (e.g., operations of the user on touch panel 5071 or thereabout using any suitable object or accessory such as a finger, stylus, etc.). Touch panel 5071 may include two parts, a touch detection device and a touch controller. The touch detection device detects the touch azimuth of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch detection device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 510, and receives and executes commands sent by the processor 510. In addition, the touch panel 5071 may be implemented in various types such as resistive, capacitive, infrared, and surface acoustic wave. In addition to the touch panel 5071, the user input unit 507 may include other input devices 5072. In particular, other input devices 5072 may include, but are not limited to, physical keyboards, function keys (e.g., volume control keys, switch keys, etc.), trackballs, mice, joysticks, and so forth, which are not described in detail herein.

Further, the touch panel 5071 may be overlaid on the display panel 5061, and when the touch panel 5071 detects a touch operation thereon or thereabout, the touch operation is transmitted to the processor 510 to determine a type of touch event, and then the processor 510 provides a corresponding visual output on the display panel 5061 according to the type of touch event. It will be appreciated that in one embodiment, the touch panel 5071 and the display panel 5061 are implemented as two separate components for input and output functions of the electronic device, but in some embodiments, the touch panel 5071 and the display panel 5061 may be integrated for input and output functions of the electronic device, which is not limited herein.

The interface unit 508 is an interface for connecting an external device to the electronic apparatus 500. For example, the external devices may include a wired or wireless headset port, an external power (or battery charger) port, a wired or wireless data port, a memory card port, a port for connecting a device having an identification module, an audio input/output (I/O) port, a video I/O port, an earphone port, and the like. The interface unit 508 may be used to receive input (e.g., data information, power, etc.) from an external device and transmit the received input to one or more elements within the electronic apparatus 500 or may be used to transmit data between the electronic apparatus 500 and an external device.

The memory 509 may be used to store software programs as well as various data. The memory 509 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, phonebook, etc.) created according to the use of the handset, etc. In addition, the memory 509 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device.

The processor 510 is a control center of the electronic device, connects various parts of the entire electronic device using various interfaces and lines, and performs various functions of the electronic device and processes data by running or executing software programs and/or modules stored in the memory 509, and calling data stored in the memory 509, thereby performing overall monitoring of the electronic device. Processor 510 may include one or more processing units; preferably, the processor 510 may integrate an application processor that primarily handles operating systems, user interfaces, applications, etc., with a modem processor that primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 510.

The electronic device 500 may also include a power supply 511 (e.g., a battery) for powering the various components, and preferably the power supply 511 may be logically connected to the processor 510 via a power management system that performs functions such as managing charging, discharging, and power consumption.

In addition, the electronic device 500 includes some functional modules, which are not shown, and will not be described herein.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present invention.

The embodiments of the present invention have been described above with reference to the accompanying drawings, but the present invention is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those having ordinary skill in the art without departing from the spirit of the present invention and the scope of the claims, which are to be protected by the present invention.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.

In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.

The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk, etc.

The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims

1. A method for checking an account, comprising:

2. The method of claim 1, wherein the risk detection of the user account based on the communication characteristic information and the financial characteristic information to obtain a real-time risk level of the user account comprises:

3. The method according to claim 2, wherein the communication characteristic information at least includes package tariff level, number level, historical number of times of stopping, base station connection status, and IP information, the scoring the user account using the communication characteristic information to obtain a communication characteristic score of the user account includes:

4. The method of claim 3, wherein the financial characteristic information includes at least a verification number, a cancellation number, a ticket payment number, and a payment total number, the verification number being a user account historical transaction number, the cancellation number being a merchant number for which the user account historical transaction was successful, the ticket payment number being a number for which coupons were paid during the user account historical transaction, the scoring the user account with the financial characteristic information to obtain a financial characteristic score for the user account, comprising:

5. The method of any one of claims 2 to 4, wherein said weighting the communication characteristic score with the financial characteristic score to obtain a real-time risk level for the user account comprises:

6. The method of claim 5, wherein the ticket parameters include at least an actual subsidy value, a ticket face value, and a tuning parameter, and wherein calculating the subsidy index for the target ticket using the ticket parameters comprises:

7. The method of claim 5, wherein the obtaining a target verification pattern corresponding to the real-time risk level comprises:

8. The method of claim 7, wherein the verifying the user account according to the target verification manner to obtain a verification result corresponding to the user account comprises:

9. An account verification device, comprising:

10. An electronic device comprising a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory communicate with each other via the communication bus;

the memory is used for storing a computer program;

the processor is configured to implement the method according to any one of claims 1-8 when executing a program stored on a memory.

11. A computer-readable storage medium having instructions stored thereon, which when executed by one or more processors, cause the processors to perform the method of any of claims 1-8.