HK40056775A - System, method and computer-accessible medium for early merchant breach fraud detection - Google Patents
System, method and computer-accessible medium for early merchant breach fraud detection Download PDFInfo
- Publication number
- HK40056775A HK40056775A HK42022045814.5A HK42022045814A HK40056775A HK 40056775 A HK40056775 A HK 40056775A HK 42022045814 A HK42022045814 A HK 42022045814A HK 40056775 A HK40056775 A HK 40056775A
- Authority
- HK
- Hong Kong
- Prior art keywords
- merchant
- computer
- transaction
- credit card
- accessible medium
- Prior art date
Links
Description
Technical Field
The present disclosure relates generally to data violations, and more particularly, to exemplary embodiments of exemplary systems, methods, and computer-accessible media for early merchant violation fraud detection.
Background
Data violations refer to the intentional or unintentional release of secure or private/confidential information into an untrusted environment. This can sometimes be referred to as unintentional information disclosure, data violations, information leaks, and data leaks. Events include a collaborative attack where an individual intrudes on behalf of a certain individual. Data violations may include events such as digital media being stolen or lost, media containing unencrypted storage information such as computer tapes, hard disks, or laptops, or unauthorized access to databases.
The cost of preventing a data breach can be high for a merchant. Thus, many small and medium-sized merchants do not spend sufficient resources to protect the merchant's data, which typically includes the merchant's customer's private information. For example, when a merchant processes a credit card transaction, this information may be stored in the merchant's database. Unauthorized individuals (e.g., hackers) may access this database and download or retrieve credit card information for many merchant customers. The hacker may then use the credit card information for his own consumption, or the hacker may sell the credit card information to other individuals who may charge the account a significant amount without the account owner (e.g., customer) being aware of the theft. In many cases, the merchant may not realize that they have been infringed, and the hacker may have a significant amount of time (e.g., the sponsor) to uninstall the credit card information before the customer is notified of the intrusion to take action (e.g., close the credit card account).
In addition, merchant violations result in the disclosure of credit card information or other financial account information, which may place a significant burden on the bank associated with the financial account (e.g., the bank that issued the credit card). Typically, when one abuses the credit card of another person (e.g., account holder), the account holder is not responsible for these charges. However, the issuing bank may be responsible for some or all of the losses associated with the abusive activity. Thus, the faster the financial institution becomes aware of the violation event, the faster action can be taken (e.g., closing the financial account to prevent fraudulent charges).
Accordingly, it may be beneficial to provide exemplary systems, methods, and computer-accessible media for early merchant breach fraud detection that may overcome at least some of the deficiencies described above.
Disclosure of Invention
Exemplary systems, methods, and computer-accessible media may include: receiving financial information related to a transaction at a first merchant, wherein the transaction may be based on a virtual credit card number and the first merchant may be different from a second merchant; refusing the transaction; determining whether the virtual credit card number is bound to (i) the second merchant or (ii) the second merchant and other merchants; and determining a default at the second merchant based on the transaction. Other transactions may be received at (i) the first merchant or (ii) a third merchant, where the other transactions may be based on (i) financial instruments or (ii) other financial instruments that may be associated with the second merchant, and the third merchant may be different from the second merchant and the first merchant. The other transaction may be denied and a breach at the second merchant may be determined based on the transaction and the other transaction.
The virtual credit card number may be determined to be associated with the second merchant by: matching the virtual credit card number with other virtual credit card numbers in a database, wherein the other virtual credit card numbers may be associated with a third merchant; and determining whether the third merchant is the same as the second merchant. May be based on (i) the names of the third merchant and the second merchant; (ii) (ii) the phone numbers of the third merchant and the second merchant, or (iii) the merchant types of the third merchant and the second merchant to determine that the third merchant is the same as the second merchant.
In some exemplary embodiments of the present disclosure, the first merchant may be determined to be a monetization merchant, where the monetization merchant may be a merchant at which fraudulent transactions may occur. It may be determined whether the rejection of the transaction is a true rejection, which may be a correct rejection, or a false rejection, which may be an erroneous rejection. A change point analysis process may be performed on the true rejections and a breach may be determined based on the results of the change point analysis process.
Additionally, exemplary systems, methods, and computer-accessible media may include: receiving first financial information relating to a plurality of transactions at a first merchant, the first financial information being associable with a plurality of virtual credit card numbers; determining whether the virtual credit card number is bound to a second merchant; determining second information related to the frequency of the transactions and the amount of each transaction; generating third information by comparing the second information to a predetermined behavior associated with the first merchant; and determining a default at the second merchant based on the financial information and third information.
Whether the virtual credit card number is bound to the second merchant may be determined by: matching each virtual credit card number with other virtual credit card numbers in a database, wherein the other virtual credit card numbers may be associated with a third merchant; and determining whether the third merchant is the same as the second merchant. May be based on (i) the names of the third merchant and the second merchant; (ii) (ii) the phone numbers of the third merchant and the second merchant, or (iii) the merchant types of the third merchant and the second merchant to determine whether the third merchant is the same as the second merchant. It may be determined whether the first merchant is a monetized merchant, where the monetized merchant may be a merchant where fraudulent transactions are likely to occur.
Exemplary systems, methods, and computer-accessible media for determining a data breach at a third merchant may include: receiving first financial information relating to (i) a plurality of first transactions at a first merchant and (ii) a plurality of second transactions at a second merchant, wherein the first and second transactions may be based on virtual credit card numbers bound to a third merchant or the third merchant and other merchants; determining second information comprising whether the first merchant and the second merchant are monetized merchants, wherein the monetized merchants are merchants where fraudulent transactions are likely to occur; rejecting the first transaction and the second transaction based on the second information; determining third information related to (i) a frequency of the first and second transactions and (ii) an amount of each of the first and second transactions; and determining a default at the third merchant based on the second information and third information.
These and other objects, features and advantages of the exemplary embodiments of the present disclosure will become apparent from the following detailed description of the exemplary embodiments of the present disclosure when read in conjunction with the appended claims.
Drawings
Other objects, features and advantages of the present disclosure will become apparent from the following detailed description taken in conjunction with the accompanying drawings which illustrate illustrative embodiments of the disclosure, in which:
FIG. 1 is an exemplary diagram illustrating a hacker intruding into a database to obtain credit card information;
FIGS. 2-4 are flowcharts of a method of determining a data violation, according to an exemplary embodiment of the present invention; and
fig. 5 is an illustration of an exemplary block diagram of an exemplary system according to certain exemplary embodiments of the present disclosure.
Detailed Description
As data violations become more prevalent, many merchants and financial institutions have begun to use virtual credit card numbers rather than numbers printed on standard credit cards. Virtual credit cards are unique credit card numbers that allow transactions to be made on a financial account without using or exposing the financial account number. The virtual credit card number may be limited to a single transaction (e.g., the virtual credit card number is generated specifically for a single transaction and then deactivated after the transaction). The virtual credit card number may also be time limited to being valid only for a particular period of time (e.g., one hour, one day, one week, one month, etc.). After a certain period of time has elapsed, the virtual credit card number may be deactivated and a new credit card may be issued. The issuer of the virtual credit card number may also allow locking or deleting of the account, which may help prevent fraudulent purchases without affecting the primary financial account. Additional, new virtual credit card numbers may be created to continue shopping.
In addition to the benefits described above, the virtual credit card number may also be merchant-specific. For example, a customer or financial institution may generate a unique virtual credit card number that is associated or bound with one or more particular merchants. The customer may use the virtual credit card number and make purchases while the customer is shopping at the merchant. However, if the virtual credit card number is used at a different merchant (e.g., at a merchant that has no relationship or binding to the virtual credit card number), whether by the customer or a third party, the transaction will be denied.
Because the virtual credit card number may be bound to a particular merchant, the example systems, methods, and computer-accessible medium may utilize information regarding purchases made using the virtual credit card number to determine that the merchant to which the virtual credit card number is bound breaches. When a breach occurs at a merchant, the merchant may not be aware of the breach. For example, small and medium-sized merchants may not have sufficient data protection measures to protect the merchant's data. Furthermore, they may not have sufficient capability to detect the occurrence of a vulnerability. In this case, if an undetected breach occurs, a hacker may use the stolen credit card information for a long period of time until the breach is actually detected. The use of bound virtual credit card numbers may prevent fraudulent purchases at other merchants. Additionally, the use of virtual credit card numbers at other merchants may indicate that a breach exists at the bound merchant. However, the rare case where different merchants use a virtual credit card number bound to one merchant does not necessarily indicate that a breach has occurred at the bound merchant. According to one exemplary example of the present disclosure, the exemplary systems, methods, and computer-accessible medium may utilize the virtual credit card number and other transaction information regarding the binding to determine whether a breach has indeed occurred.
According to an exemplary embodiment of the present disclosure, the exemplary system, method and computer accessible medium may be used to analyze a declined transaction based on a virtual credit card number that has been bound to a particular merchant. The rejected transaction may be mapped to a common point (e.g., a common merchant), and this information, including information about the bound merchant, and information about where the virtual credit card number was rejected, may be used to determine whether the bound merchant has been breached.
For example, as shown in FIG. 1, merchant 1 may include a database 105 having information for a plurality of credit cards (e.g., credit card 1, credit card 2, and credit card 3) stored therein. These credit cards may be virtual credit card numbers bound to merchant 1. Any suitable binding process may be used, including generating a certain number of digits specific to merchant 1, or a certain sequence of some or all of the digits of each number. Various other suitable binding processes may be used.
Hacker 110 may use computer 115 to gain access to merchant 1's database 105 (e.g., using network 120, which may be a wired or wireless network, or directly to merchant 1's server). The hacker 110 may then download the credit card information stored in the database 105. Credit cards 1, 2, 3, and 3 may be virtual credit card numbers, but do not appear to be distinguishable from standard credit card numbers. The fraudster 125 may be the hacker 110, or the person to whom the hacker 110 sells credit card information, who may take the credit cards 1, 2 and 3 and attempt to use the credit cards at merchant 2 or a number of merchants other than merchant 1 in order to purchase goods, gift cards, etc. However, these transactions will be denied because the credit cards 1, 2, 3 are bound to the merchant 1. The exemplary system, method, and computer accessible medium may then detect an increase or peak in virtual number rejection bound to merchant 1. If the exemplary system, method, and computer-accessible medium determine this peak as anomalous activity, the exemplary system, method, and computer-accessible medium may determine that a breach may have occurred at merchant 1, and may take various actions based on the breach.
For example, if a breach is detected, exemplary systems, methods, and computer-accessible media according to exemplary embodiments of the present disclosure may automatically notify merchant 1 that a breach has occurred. This may be before merchant 1 detects the breach. All virtual credit card numbers bound to merchant 1 may be revoked. Further, the exemplary system, method and computer accessible medium may analyze other financial information to determine any unbound credit cards used at merchant 1. These credit cards may be logged off and new credit cards may be automatically issued. The exemplary system, method and computer accessible medium may also notify the financial institution of the breach to facilitate the financial institution canceling any credit cards that may be purchased at merchant 1.
Various exemplary processes may be used to determine whether the anomalous activity is the result of a default at merchant 1. For example, various exemplary models may be used, which may be based on information for merchant 1, information for merchants for which other transactions are denied, the number of instances of the denied transaction, and other suitable information. For example, information relating to the chronological order of the declined transactions may be used. Models can be generated using an exemplary machine learning process that can be used to analyze consumer behavior as well as financial transactions and abnormal activities to generate models of the breach. Whenever the virtual credit card number relates to a rejected transaction, a machine learning process may be used to analyze the rejected transaction and determine a breach.
Exemplary systems, methods, and computer-accessible media may determine a breach based on an amount of a transaction occurring at a particular merchant. For example, large merchants like amazon or walma may appear different from small and medium merchants. In addition, the online merchant and the merchant with only the physical store, or the merchant with the online store and the physical store may have different analysis modes. Further, some merchants may actually have different merchant identifiers (e.g., merchant names), depending on where and how the transaction is processed. For example, a transaction processed by a walmart entity store may appear different from a transaction processed by walmart. All of this information can be analyzed by the exemplary system, method, and computer-accessible medium, including by a machine learning process, to determine if a breach has occurred at the merchant to which the virtual credit card number is bound.
In accordance with exemplary embodiments of the present disclosure, exemplary systems, methods, and computer-accessible media may analyze each merchant and generate a default profile for a particular merchant. The default profile may be generated prior to detecting a default for the merchant. For example, each merchant to which a number of virtual credit card numbers are bound (depending on the size of the merchant or the number of transactions processed by the merchant) may generate a profile for the merchant after creating a number of virtual credit card numbers bound. The profile may then be used in analyzing a declined transaction using a virtual credit card number associated with the particular merchant. Alternatively, upon determining a certain number of anomalous declined transactions, the exemplary systems, methods, and computer-accessible medium may generate a profile for the merchant bound to the virtual credit card number to determine if a breach has occurred.
In accordance with exemplary embodiments of the present disclosure, exemplary systems, methods, and computer-accessible media may continually monitor certain levels of declined transactions to bind or encode a breach determination. The exception condition of the binding rejection exception level may be analyzed, which may apply to any profile generated about the merchant. By automatically monitoring the rejected transactions, fraud reports generated by the customer are no longer needed to detect the breach. For example, previous systems relied on the customer to identify the fraudulent transaction and advise the financial institution of the fraudulent transaction. However, the customer may not be aware of the fraudulent transaction until several weeks have occurred. In contrast, the exemplary systems, methods, and computer-accessible medium may continuously monitor the virtual credit card number for denied transactions to determine the occurrence of a breach shortly after the breach occurs, even before the merchant becomes aware of the breach.
As described above, a financial institution may generate a plurality of virtual credit card numbers that may be bound to a particular merchant using an exemplary binding process. When the merchant is hacked, the virtual credit card number may be obtained by the hacker. These virtual credit card numbers may be used at different merchants (e.g., monetized at different merchants). However, the transaction will be denied because the virtual credit card number is bound to the first merchant. The exemplary system, method and computer-accessible medium may use appropriate logic to determine that the second merchant is different from the first merchant. This may include the name or other biographical information of the merchant, as well as geographic information of the merchant. Further, according to an example embodiment of the present disclosure, the example systems, methods, and computer-accessible medium may determine whether a first merchant and a second merchant are closely matched, allowing the transaction to proceed. For example, if the merchant has various names associated with it (e.g., walmart.
Once a sufficient number of declined transactions are determined, exemplary systems, methods, and computer-accessible media according to exemplary embodiments of the present disclosure may determine whether a breach has occurred. For example, exemplary systems, methods, and computer-accessible media may examine a merchant at which a declined transaction occurred to determine whether the merchant is a monetized merchant. A monetization merchant is a place where a fraudster would normally prefer monetization (e.g., to redeem stolen credit card information). This includes electronic stores, merchants selling gift cards, and the like. They are the preferred location where a fraudster can easily convert a credit card number into something that can be converted into cash. If a large number of denials occur for a monetized merchant, which may indicate potential fraud, this may be used by the exemplary systems, methods, and computer-accessible medium to determine that a breach exists for the merchant to which the virtual credit card number is bound. And if the transaction occurs at a non-monetized merchant, this may indicate that no breach has occurred.
According to an example embodiment of the present disclosure, example systems, methods, and computer-accessible media may analyze transaction amounts and transaction frequencies and determine whether they are consistent with typical behavior of merchants that have a binding denial occurring. Thresholds for transaction amounts, transaction frequency, and typical behavior may be determined by the exemplary systems, methods, and computer-accessible media. These thresholds may be determined for each merchant using, for example, historical transaction data. For example, if a particular merchant typically has 100 transactions per day with an average transaction amount of $ 25, while the exemplary system, method, and computer-accessible medium observe 200 transactions per day with an average transaction amount of $ 100, this may be determined to be a default.
According to one exemplary embodiment of the present disclosure, exemplary systems, methods, and computer-accessible media may determine whether a binding rejection is a "true" rejection (e.g., determined by a string mismatch) or a "false" rejection (e.g., an error in our binding rejection logic). A true rejection is a down that occurs when the binding logic (binding the virtual credit card number to a particular merchant) is working properly. However, there may be errors in the binding logic that may result in unintended rejections, or false rejections. For example, a merchant may be "merchantzxyz" 90% of the time in a transaction and "MrchXYZ" 10% of the time. Since "MrchXYZ" does not match "merchanttxyz". The transaction that occurred at "MrchXYZ" may be rejected. However, once a false rejection is determined, the example systems, methods, and computers may be updated to facilitate that the transaction at "MrchXYZ" is not rejected.
For a "true" rejection, these rejected purchases may be mapped back to a common bound purchase location. The "common bound purchase" is the source of the declined transaction. If 100 bound rejections are observed, 80 of which are from a particular merchant (e.g., a monetized merchant), this may be a common purchase location. For these "true" rejections, an exemplary change point analysis process can be used to determine whether the binding rejection pattern is normal or "alarm". The change point analysis process can be used to determine anomalies in time series data having a normal pattern. In this case, the "normal mode" may be that there are few or no binding rejections because most virtual credit card number holders are using the numbers properly. Occasionally, there may be some honest users abusing the bound virtual credit card number at an unbound merchant, which may result in the purchase being denied. In this case, no breach may occur at the bound merchant. Exemplary systems, methods, and computer-accessible media may make such determinations using a change point analysis process. For example, even with noise generated based on honest abuse, the change point analysis process may be used to determine whether the amount of binding rejections exceeds an expected value (e.g., exceeds a certain threshold). This amount may depend on the associated binding merchant. For example, more virtual credit card numbers will be bound to larger merchants (e.g., Walmart or Amazon). Thus, more honest abuse may be expected at these merchants. According to an exemplary embodiment of the present disclosure, exemplary systems, methods, and computer-accessible media may automatically adjust a threshold according to a bound merchant. For an "alarm" mode of binding rejection, a verification process may be performed to determine whether the mode indicates a breach.
Fig. 2, 3 and 4 are exemplary flowcharts of exemplary methods 200, 300 and 400, respectively, for performing a process according to one exemplary embodiment of the present disclosure.
For example, as shown in FIG. 2, at process 205, financial information related to a transaction at a first merchant may be received. The financial information may include information relating to a particular transaction, as well as the financial instrument (e.g., virtual credit card number) used to conduct the transaction. At process 210, the virtual credit card number may be matched with other virtual credit card numbers in the database. At process 215, it may be determined whether the third merchant is the same as the second merchant. For example, this may be performed by viewing biographical information (e.g., merchant name, abbreviation, address, phone number, business name, etc.) associated with the merchant. At process 220, the transaction may be denied. At 225, it may be determined whether the rejection of the transaction is a true rejection or a false rejection. A true rejection may be a correct rejection, while a false rejection is one that should not occur. At process 230, other transactions at (i) the first merchant or (ii) the third merchant may be received. Other transactions may be denied at process 235. At process 240, a change point analysis process may be performed on the rejected transaction to determine if the rejection is a true rejection. This change point analysis may be used to check the transaction history, frequency, and amount of the merchant. At process 245, a behavioral profile for the first merchant and/or the second merchant may be determined. At or 250, a breach at the second merchant may be determined based on the transaction, other transactions, and/or the point of change analysis.
As shown in FIG. 3, at process 305, first financial information relating to a transaction at a first merchant may be received, the transaction being associated with a virtual credit card number. At process 310, it may be determined whether the virtual credit card numbers are bound to a second merchant. This may be done by matching the virtual credit card number with other virtual credit card numbers stored in a database. At process 315, it may be determined whether the first merchant is a monetization merchant (e.g., a merchant where fraud may occur). At process 320, second information relating to the frequency of transactions and the amount of each transaction may be determined. At process 325, third information may be generated by comparing the second information to a predetermined behavior associated with the first merchant. At process 325, a determination may be made as to whether the financial instrument is associated with a second merchant. In process 330, each financial instrument may be matched with other financial instruments in the database. At process 335, it may be determined whether the third merchant is the same as the second merchant. At process 340, the transaction may be denied based on the determination. At step 345, a change point analysis may be performed. At process 350, a behavioral profile of the first merchant and/or the second merchant may be determined. At process 355, a breach at the second merchant may be determined based on the financial information and the third information, and/or the change point analysis.
As shown in fig. 4, at process 405, first financial information relating to (i) a plurality of first transactions at a first merchant and (ii) a plurality of second transactions at a second merchant may be received. At process 410, second information including whether the first merchant and the second merchant are monetized merchants may be determined. At process 415, the first transaction and the second transaction may be denied based on the second information. At process 420, third information related to (i) the frequency of the first and second transactions and (ii) the amount of each of the first and second transactions may be determined. At process 425, a breach at the third merchant may be determined based on the second information and the third information.
Fig. 5 shows a block diagram of one exemplary embodiment of a system according to the present disclosure. For example, exemplary processes according to the present disclosure described herein can be performed by a processing device and/or a computing device (e.g., a computer hardware device) 505. Such a processing/computing device 505 may be, for example, all or part of a computer/processor 510, or include, but is not limited to, a computer/processor 510, the computer/processor 510 may include, for example, one or more microprocessors, and utilize instructions stored on a computer-accessible medium (e.g., RAM, ROM, hard disk, or other storage device).
As shown in fig. 5, a computer-accessible medium 515 (e.g., a storage device such as a hard disk, floppy disk, memory stick, CD-ROM, RAM, ROM, or a collection thereof, as described above) may be provided, for example (e.g., in communication with the processing device 505). The computer-accessible medium 515 may contain executable instructions 520 thereon. Additionally or alternatively, storage 525 may be provided separate from the computer-accessible medium 515, which may provide instructions to the processing device 505 for configuring the processing device to perform certain exemplary processes, procedures, and methods, e.g., as described herein.
Further, the example processing device 505 may be equipped with or include input/output ports 535, which may include, for example, a wired network, a wireless network, the internet, an intranet, data acquisition probes, sensors, and the like. As shown in fig. 5, the exemplary processing device 505 may be in communication with an exemplary display device 530, and according to some exemplary embodiments of the present disclosure, the exemplary display device 530 may be a touch screen, for example, configured to input information to the processing device in addition to outputting information from the processing device. Further, the example display device 530 and/or the storage device 525 may be used to display and/or store data in a user accessible format and/or a user readable format.
The present disclosure is not limited to the particular embodiments described in this application, which are intended as illustrations of various aspects. It may be evident that various modifications and changes may be made thereto without departing from the broader spirit and scope thereof. Functionally equivalent methods and devices within the scope of the invention, in addition to those enumerated herein, may be apparent from the foregoing representative descriptions. Such modifications and variations are intended to fall within the scope of the appended representative claims. The disclosure is to be limited only by the terms of the appended representative claims, along with the full scope of equivalents to which such representative claims are entitled. It is also to be understood that the terminology used herein is for the purpose of describing particular embodiments only, and is not intended to be limiting.
Claims (20)
1. A non-transitory computer accessible medium having stored thereon computer executable instructions, wherein when the instructions are executed by a computer hardware device, the computer device is configured to perform a process comprising:
receiving financial information associated with at least one transaction conducted at a first merchant, wherein the at least one transaction is conducted based on a virtual credit card number, and wherein the first merchant is different from a second merchant;
determining whether the virtual credit card number is bound to (i) a second merchant or (ii) the second merchant and other merchants;
rejecting the at least one transaction; and
determining a default at the second merchant based on the at least one transaction.
2. The computer accessible medium as recited in claim 1, wherein the computer arrangement is further configured to determine a behavioral profile of at least one of the first merchant or second merchant, wherein the behavioral profile is based on a threshold amount of further transactions and a transaction frequency.
3. The computer accessible medium as recited in claim 2, wherein the computer apparatus is further configured to determine the breach based on the behavioral profile determined for the second merchant.
4. The computer accessible medium of claim 1, wherein the computer apparatus is further configured to:
receiving at least one other transaction at least one of (i) the first merchant or (ii) a third merchant, wherein the at least one other transaction is based on (i) a financial instrument or (ii) another financial instrument associated with the second merchant, and wherein the third merchant is different from the second merchant and the first merchant;
rejecting the at least one other transaction; and
determining a default at the second merchant based on the at least one transaction and the at least one other transaction.
5. The computer accessible medium as recited in claim 1, wherein the computer apparatus is configured to determine that the virtual credit card number is bound to the second merchant by:
matching the virtual credit card number with other virtual credit card numbers in a database, wherein the other virtual credit card numbers are associated with a third merchant; and
determining whether the third merchant is the same as the second merchant.
6. The computer accessible medium of claim 5, wherein the computer apparatus is configured to determine whether the third merchant is the same as the second merchant based on at least one of: (i) the names of the third merchant and the second merchant; (ii) (ii) phone numbers of the third merchant and the second merchant, or (iii) merchant types of the third merchant and the second merchant.
7. The computer accessible medium of claim 1, wherein the computer arrangement is further configured to determine whether the first merchant is a monetized merchant, wherein a monetized merchant is a merchant at which fraudulent transactions are likely to occur.
8. The computer accessible medium as recited in claim 1 wherein the computer arrangement is further configured to determine whether the rejection of the transaction is a true rejection or a false rejection.
9. The computer accessible medium as recited in claim 8, wherein the computer device is further configured to perform a change point analysis process on the true rejections and determine the breach based on results of the change point analysis process.
10. The computer accessible medium as recited in claim 9, wherein the computer arrangement is further configured to determine that the anomaly in the number of binding rejections is at least one of the first merchant or a second merchant using change point analysis.
11. The computer accessible medium as recited in claim 9, wherein the computer arrangement is further configured to use the change point analysis to determine whether an amount of binding rejections at the first merchant exceeds a particular threshold.
12. A non-transitory computer accessible medium having stored thereon computer executable instructions, wherein when the instructions are executed by a computer hardware device, the computer device is configured to perform a process comprising:
receiving first financial information relating to a plurality of transactions at a first merchant, the plurality of transactions associated with a plurality of virtual credit card numbers;
determining whether the virtual credit card number is bound to a second merchant;
denying the transaction in accordance with the determination;
determining second information related to the frequency of the transactions and the amount of each transaction;
generating third information by comparing the second information to a predetermined behavior associated with the first merchant; and
determining a default at the second merchant based on the financial information and third information.
13. The computer accessible medium as recited in claim 12, wherein the computer apparatus is further configured to determine a behavioral profile of at least one of the first merchant or the second merchant.
14. The computer accessible medium as recited in claim 13, wherein the behavioral profile is based on a threshold transaction amount and transaction frequency of other transactions.
15. The computer accessible medium as recited in claim 14, wherein the computer apparatus is further configured to determine the breach based on the behavioral profile determined for the second merchant.
16. The computer accessible medium as recited in claim 1, wherein the computer apparatus is further configured to perform a change point analysis process to determine the breach.
17. The computer accessible medium as recited in claim 16, wherein the computer apparatus is configured to determine that the virtual credit card number is bound to the second merchant by:
matching each virtual credit card number with other virtual credit card numbers in a database, wherein the other virtual credit card numbers are associated with a third merchant; and
determining whether the third merchant is the same as the second merchant.
18. The computer accessible medium as recited in claim 17, wherein the computer arrangement is configured to determine whether the third merchant is the same as the second merchant based on at least one of: (i) the names of the third merchant and the second merchant; (ii) (ii) phone numbers of the third merchant and the second merchant, or (iii) merchant types of the third merchant and the second merchant.
19. The computer accessible medium of claim 12, wherein the computer apparatus is further configured to determine whether the first merchant is a monetized merchant, wherein a monetized merchant is a merchant at which fraudulent transactions are likely to occur.
20. A method for determining a data breach at a third merchant, comprising:
receiving first financial information relating to (i) a plurality of first transactions at a first merchant and (ii) a plurality of second transactions at a second merchant, wherein the first and second transactions are based on a virtual credit card number bound to at least one of (i) the third merchant or (ii) the third merchant and at least one other merchant;
determining second information comprising whether the first merchant and second merchant are monetized merchants, wherein the monetized merchants are merchants that are likely to have fraudulent transactions;
rejecting the first and second transactions based on the second information;
determining third information related to (i) a frequency of the first and second transactions and (ii) an amount of each of the first and second transactions; and
determining a default at the third merchant based on the second information and third information.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US16/872,832 | 2020-05-12 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| HK40056775A true HK40056775A (en) | 2022-04-08 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7162640B2 (en) | System and method for protecting identity information | |
| CN113657989A (en) | System, method, and computer-accessible medium for early merchant default fraud detection | |
| US9060012B2 (en) | Methods and apparatus for detecting fraud with time based computer tags | |
| US8032449B2 (en) | Method of processing online payments with fraud analysis and management system | |
| US7539644B2 (en) | Method of processing online payments with fraud analysis and management system | |
| US8055584B2 (en) | Systems and methods for fraud management in relation to stored value cards | |
| US8880435B1 (en) | Detection and tracking of unauthorized computer access attempts | |
| US20180240107A1 (en) | Systems and methods for personal identification and verification | |
| JP3228339U (en) | Personal authentication and verification system and method | |
| Davinson et al. | Using the health belief model to explore users' perceptions of ‘being safe and secure’in the world of technology mediated financial transactions | |
| US20190295085A1 (en) | Identifying fraudulent transactions | |
| CA2650346A1 (en) | Fraud analyst smart cookie | |
| Murdoch et al. | Security protocols and evidence: Where many payment systems fail | |
| Graves et al. | Should credit card issuers reissue cards in response to a data breach? Uncertainty and transparency in metrics for data security policymaking | |
| US20180308099A1 (en) | Fraud Detection Tool | |
| Vijaya Geeta | Online identity theft–an Indian perspective | |
| CN113627902A (en) | Method and system for preventing block chain intrusion | |
| Malphrus | Perspectives on retail payments fraud | |
| HK40056775A (en) | System, method and computer-accessible medium for early merchant breach fraud detection | |
| Lincke | Complying with the PCI DSS Standard | |
| Coffey | Difficulties in determining data breach impacts | |
| WO2021234476A1 (en) | De-identified identity proofing methods and systems | |
| Mundra et al. | Blockchain-based novel solution for online fraud prevention and detection | |
| Arokodare et al. | Credit Card Fraud Detection Using a Proposed Model:“Blockchain Technology | |
| Smith | Evaluating materiality in cybercrime footnotes |