Method, device, terminal, and server for verifying security of service operation

US 10,313,353 B2
Filed: 10/12/2015
Issued: 06/04/2019
Est. Priority Date: 10/13/2014
Status: Active Grant

First Claim

Patent Images

1. A method for verifying a security of a service operation, comprising:

generating one or more risk control models based on user data associated with a user of a service terminal;

receiving, by the service terminal, a creditability analysis instruction of the service operation, the creditability analysis instruction being sent by a service server in response to an operation request associated with the service terminal;

performing, by the service terminal, a creditability analysis to obtain a creditability analysis result of the service operation based on the creditability analysis instruction and the one or more risk control models pre-stored in the service terminal; and

sending, by the service terminal, the creditability analysis result to the service server for determining the security of the service operation.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for verifying a security of a service operation is provided. The method includes receiving, by a service terminal, a creditability analysis instruction of the service operation, where the creditability analysis instruction is sent by a service server. The method may further include obtaining, by the service terminal, a creditability analysis result of the service operation based on the creditability analysis instruction and one or more risk control models pre-stored in the service terminal, and sending the creditability analysis result to the service server for determining the security of the service operation.

17 Citations

View as Search Results

26 Claims

1. A method for verifying a security of a service operation, comprising:
- generating one or more risk control models based on user data associated with a user of a service terminal;
  
  receiving, by the service terminal, a creditability analysis instruction of the service operation, the creditability analysis instruction being sent by a service server in response to an operation request associated with the service terminal;
  
  performing, by the service terminal, a creditability analysis to obtain a creditability analysis result of the service operation based on the creditability analysis instruction and the one or more risk control models pre-stored in the service terminal; and
  
  sending, by the service terminal, the creditability analysis result to the service server for determining the security of the service operation.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, further comprising:
    - obtaining the user data from the service terminal based on an authorization permission of a user of the service terminal;
      
      generating the one or more risk control models by analyzing the user data; and
      
      storing the one or more risk control models in a database of the service terminal.
  - 3. The method according to claim 2, further comprising:
    - encrypting the one or more risk control models before storing the one or more risk control models in a local security control database of the service terminal; and
      
      storing the encrypted one or more risk control models in the database of the service terminal.
  - 4. The method according to claim 2, wherein the user data comprises at least one of:
    - user social data, interest data and habit data, and wherein the one or more risk control models comprise at least one of;
      
      a social relationship control model generated based on the user social data, an interest control model generated based on the interest data, and a habit control model generated based on the habit data.
  - 5. The method according to claim 1, wherein obtaining a creditability analysis result of the service operation comprises:
    - obtaining service information of the service operation based on the creditability analysis instruction;
      
      obtaining a target risk control model from the one or more risk control models based on a type of the service operation, wherein the one or more risk control models include a corresponding relationship between service information and service creditability analysis values; and
      
      searching the target risk control model by using the service information as a keyword to obtain a service creditability analysis value corresponding to the service information.
  - 6. The method according to claim 5, wherein obtaining service information of the service operation based on the creditability analysis instruction comprises:
    - obtaining the service information from the creditability analysis instruction of the service operation, wherein the service information includes information obtained by the service server based on an operation request of the service operation sent by another terminal.
  - 7. The method according to claim 5, further comprising:
    - when a user of the service terminal initiates the service operation, sending an operation request of the service operation to the service server before receiving the creditability analysis instruction; and
      
      when receiving the creditability analysis instruction, obtaining the service information of the service operation based on the operation request of the service operation.

8. A method for verifying a security of a service operation, comprising:
- sending a creditability analysis instruction of the service operation to a service terminal in response to an operation request associated with the service terminal;
  
  receiving a creditability analysis result sent by the service terminal, wherein the creditability analysis result is obtained by the service terminal based on the service terminal performing a creditability analysis of the service operation and one or more risk control models pre-stored in the service terminal; and
  
  determining the security of the service operation based on the creditability analysis result.
- View Dependent Claims (9, 10, 11)
- - 9. The method according to claim 8, further comprising:
    - before sending the creditability analysis instruction of the service operation to the service terminal, receiving the operation request of the service operation sent by another terminal; and
      
      obtaining service information of the service operation based on the operation request, wherein the creditability analysis instruction of the service operation includes the service information of the service operation.
  - 10. The method according to claim 8, further comprising:
    - before sending the creditability analysis instruction of the service operation to the service terminal, receiving the operation request of the service operation sent by the service terminal, wherein the operation request is used as a trigger instruction for sending the creditability analysis instruction of the service operation to the service terminal.
  - 11. The method according to claim 8, wherein determining the security of the service operation based on the creditability analysis result comprises:
    - obtaining a first creditability analysis value of the service operation based on a local risk control model;
      
      obtaining a second creditability analysis value based on the creditability analysis result sent by the service terminal;
      
      obtaining weight values of the first creditability analysis value and the second creditability analysis value;
      
      calculating a combined creditability analysis value of the first creditability analysis value and the second creditability analysis value based on the weight values;
      
      comparing the combined creditability analysis value with a preset creditability threshold; and
      
      if the combined creditability analysis value is greater than the creditability threshold, determining that the service operation is secure, and if the combined creditability analysis value is not greater than the creditability threshold, determining that the service operation is insecure.

12. A device for verifying a security of a service operation, comprising:
- a generating unit configured to generate one or more risk control models based on user data associated with a user of a service terminal;
  
  a receiving unit configured to receive a creditability analysis instruction of the service operation sent by a service server;
  
  an analyzing unit configured to obtain a creditability analysis result of the service operation based on the service terminal performing a creditability analysis and the one or more risk control models pre-stored in the service terminal; and
  
  a sending unit configured to send the creditability analysis result to the service server for determining the security of the service operation.

13. A device for verifying a security of a service operation, comprising:
- a sending unit configured to send a creditability analysis instruction of the service operation to a service terminal in response to an operation request associated with the service terminal;
  
  a receiving unit configured to receive a creditability analysis result sent by the service terminal, wherein the creditability analysis result is obtained by the service terminal based on the service terminal performing a creditability analysis of the service operation and one or more risk control models pre-stored in the service terminal; and
  
  a verifying unit configured to determine the security of the service operation based on the creditability analysis result.

14. A terminal, comprising:
- a memory configured to store a set of instructions;
  
  a processor configured to execute the set of instructions to cause the terminal to;
  
  generate one or more risk control models based on user data associated with a user of the terminal;
  
  receive a creditability analysis instruction of a service operation sent by a service server in response to an operation request associated with the terminal;
  
  obtain a creditability analysis result of the service operation based on the service terminal performing a creditability analysis and the one or more risk control models pre-stored in the terminal; and
  
  send the creditability analysis result to the service server for determining a security of the service operation.

15. A service server, comprising:
- a memory configured to store a set of instructions;
  
  a processor configured to execute the set of instructions to cause the service server to;
  
  send a creditability analysis instruction of a service operation to a service terminal in response to an operation request associated with the service terminal;
  
  receive a creditability analysis result sent by the service terminal, wherein the creditability analysis result is obtained by the service terminal based on the service terminal performing a creditability analysis of the service operation and one or more risk control models pre-stored in the service terminal; and
  
  determine a security of the service operation based on the creditability analysis result.

16. A non-transitory computer readable medium that stores a set of instructions that is executable by at least one processor of a service terminal to cause the service terminal to perform a method for verifying a security of a service operation, the method comprising:
- generating one or more risk control models based on user data associated with a user of a service terminal;
  
  receiving a creditability analysis instruction of the service operation, the creditability analysis instruction being sent by a service server in response to an operation request associated with the service terminal;
  
  obtaining a creditability analysis result of the service operation based on the service terminal performing a creditability analysis and the one or more risk control models pre-stored in the service terminal; and
  
  sending the creditability analysis result to the service server for determining the security of the service operation.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The computer readable medium according to claim 16, wherein the set of instructions that is executable by the at least one processor of the service terminal to cause the service terminal to further perform:
    - obtaining the user data from the service terminal based on an authorization permission of the user of the service terminal;
      
      generating the one or more risk control models by analyzing the user data; and
      
      storing the one or more risk control models in a database of the service terminal.
  - 18. The computer readable medium according to claim 17, wherein the set of instructions that is executable by the at least one processor of the service terminal to cause the service terminal to further perform:
    - encrypting the one or more risk control models before storing the one or more risk control models in a local security control database of the service terminal; and
      
      storing the encrypted one or more risk control models in the database of the service terminal.
  - 19. The computer readable medium according to claim 17, wherein the user data comprises at least one of:
    - user social data, interest data and habit data, and wherein the one or more risk control models comprise at least one of;
      
      a social relationship control model generated based on the user social data, an interest control model generated based on the interest data, and a habit control model generated based on the habit data.
  - 20. The computer readable medium according to claim 16, wherein obtaining a creditability analysis result of the service operation comprises:
    - obtaining service information of the service operation based on the creditability analysis instruction;
      
      obtaining a target risk control model from the one or more risk control models based on a type of the service operation, wherein the one or more risk control model includes a corresponding relationship between the service information and service creditability analysis values; and
      
      searching the target risk control model by using the service information as a keyword to obtain a service creditability analysis value corresponding to the service information.
  - 21. The computer readable medium according to claim 20, wherein obtaining service information of the service operation based on the creditability analysis instruction comprises:
    - obtaining the service information from the creditability analysis instruction of the service operation, wherein the service information includes information obtained by the service server based on the operation request of the service operation sent by another terminal.
  - 22. The computer readable medium according to claim 20, wherein the set of instructions that is executable by the at least one processor of the service terminal to cause the service terminal to further perform:
    - when the user of the service terminal initiates the service operation, sending the operation request of the service operation to the service server before receiving the creditability analysis instruction; and
      
      when receiving the creditability analysis instruction, obtaining the service information of the service operation based on the operation request of the service operation.

23. A non-transitory computer readable medium that stores a set of instructions that is executable by at least one processor of a service server to cause the service server to perform a method for verifying a security of a service operation, the method comprising:
- sending a creditability analysis instruction of the service operation to a service terminal in response to an operation request associated with the service terminal;
  
  receiving a creditability analysis result sent by the service terminal, wherein the creditability analysis result is obtained by the service terminal based on the service terminal performing a creditability analysis of the service operation and one or more risk control models pre-stored in the service terminal; and
  
  determining the security of the service operation based on the creditability analysis result.
- View Dependent Claims (24, 25, 26)
- - 24. The computer readable medium according to claim 23, wherein the set of instructions that is executable by the at least one processor of the service server to cause the service server to further perform:
    - before sending the creditability analysis instruction to analyze the creditability of the service operation to the service terminal, receiving the operation request of the service operation sent by another terminal; and
      
      obtaining service information of the service operation based on the operation request, wherein the creditability analysis instruction of the service operation includes the service information of the service operation.
  - 25. The computer readable medium according to claim 23, wherein the set of instructions that is executable by the at least one processor of the service server to cause the service server to further perform:
    - before sending the creditability analysis instruction of the service operation to the service terminal, receiving the operation request of the service operation sent by the service terminal, wherein the operation request is used as a trigger instruction for sending the creditability analysis instruction of the service operation to the service terminal.
  - 26. The computer readable medium according to claim 23, wherein determining the security of the service operation based on the creditability analysis result comprises:
    - obtaining a first creditability analysis value of the service operation based on a local risk control model;
      
      obtaining a second creditability analysis value based on the creditability analysis result sent by the service terminal;
      
      obtaining weight values of the first creditability analysis value and the second creditability analysis value;
      
      calculating a combined creditability analysis value of the first creditability analysis value and the second creditability analysis value based on the weight values;
      
      comparing the combined creditability analysis value with a preset creditability threshold; and
      
      if the combined creditability analysis value is greater than the creditability threshold, determining that the service operation is secure, and if the combined creditability analysis value is not greater than the creditability threshold, determining that the service operation is insecure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced New Technologies Company Limited (Ant Group Co., Ltd.)
Original Assignee
Alibaba Group Holding Ltd.
Inventors
Lu, Kun
Primary Examiner(s)
Parsons, Theodore C

Application Number

US14/880,637
Publication Number

US 20160103997A1
Time in Patent Office

1,331 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/384   using social networks

G06Q 20/4014   Identity check for transact...

G06Q 20/4016   involving fraud or risk lev...

G06Q 30/0609   Buyer or seller confidence ...

G06Q 50/01   Social networking

H04L 63/08   for authentication of entit...

H04L 63/102   Entity profiles

H04L 67/30   Profiles

H04L 67/303   Terminal profiles

H04L 67/306   User profiles

H04L 67/535   Tracking the activity of th...

H04L 9/32   including means for verifyi...

Method, device, terminal, and server for verifying security of service operation

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

17 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method, device, terminal, and server for verifying security of service operation

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links