CN118432931A - Login security control method, device, equipment and medium - Google Patents

Abstract

The application provides a login security control method, a login security control device, login security control equipment and a login security control medium, wherein the login security control method comprises the following steps: receiving an actual login mobile phone number sent by a mobile terminal application program APP; inquiring a registered mobile phone number of the mobile terminal APP, and comparing the registered mobile phone number with an actual registered mobile phone number; if the registered mobile phone number is the same as the actual registered mobile phone number, judging that the mobile phone number is normally registered; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to an operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number; and receiving a risk detection result obtained after the risk detection of the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result. According to the scheme, risk detection can be performed on the mobile phone number logged in the mobile terminal APP, safety control is performed on the mobile terminal APP according to a risk detection result, and property safety of a user is protected.

Description

Login security control method, device, equipment and medium

Technical Field

The present application relates to the field of mobile communication technologies and computers, and in particular, to a method, an apparatus, a device, and a medium for controlling login security.

Background

The mobile terminal financial APP (including mobile banking, third party payment wallet and the like) refers to a channel mode that a client can use financial services on the terminal through the APP of each bank or third party payment company by taking a smart phone as a carrier. With the progress of communication and internet technology, the business functions of mobile finance are continuously updated and perfected. Through the mobile terminal financial APP, customers can handle various businesses such as transfer, remittance, payment, inquiry, credit card, financing and the like, and convenient financial service at any time and any place and with the customers is realized. The mobile terminal financial APP brings convenience to users and brings certain security risks related to fraud and the like.

Currently, in order to reduce financial security risks, organizations and organizations employ various means such as data analysis, model building, real-time monitoring, behavioral analysis, authentication, etc. to identify potential fraud to protect themselves and customers' interests.

Security techniques for financial anti-fraud mainly include behavioral analysis, machine learning and artificial intelligence, authentication and authorization, risk assessment and scoring, transaction monitoring and reporting, blockchain techniques, biometric techniques, etc. These techniques may be used alone or in combination to provide a multi-level, multi-angle anti-fraud defense system.

Existing financial anti-fraud models are typically built based on artificial intelligence, machine learning, data analysis and behavioral science, and mainly include several types: rule-based models, statistical models, machine learning models, behavioral analysis models, predictive models, integrated models, and the like.

However, existing sources of financial anti-fraud model data mainly include: transaction data, customer information, social network data, external data, machine-generated event logs, and sanctioned compliance data, among others. Based on the data, most of the problems of telecom security risks can be screened and solved, but for the impotent login of the mobile terminal APP, the impotent mobile terminal financial APP can be illegally logged in by means of stealing mobile phone verification codes or account passwords and the like, and the security problem still exists in the scene.

Disclosure of Invention

The application provides a login security control method, device, equipment and medium, which are used for solving the problem that the existing deception performs deception by performing the mobile terminal APP impersonation login.

In one aspect, the present application provides a method for controlling security of login, including:

receiving an actual login mobile phone number sent by a mobile terminal APP;

Inquiring a registered mobile phone number of a mobile terminal APP, and comparing the registered mobile phone number with an actual registered mobile phone number;

If the registered mobile phone number is the same as the actual registered mobile phone number, judging that the mobile phone number is normally registered; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to the operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number;

And receiving a risk detection result obtained after the risk detection of the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result.

Further, the performing security control on the mobile terminal APP according to the risk detection result includes:

If the risk value represented by the detection result is smaller than a threshold value, controlling the mobile terminal APP to execute a normal operation flow; and if the risk value is greater than or equal to the threshold value, controlling the mobile terminal APP to exit.

Optionally, the application further provides a login security control method, which comprises the following steps:

Receiving a risk detection request sent by a mobile terminal application program APP management platform, wherein the request carries an actual login mobile phone number and a registration mobile phone number of the mobile terminal APP;

And inputting the actual login mobile phone number and the registration mobile phone number into a multi-factor communication data model to perform risk detection according to the risk detection request, so as to obtain a risk detection result.

Further, the factors in the multi-factor communication data model include:

Risk database, location information, call and short message records, identity information, recharging records, and mobile phone unique identification code IMEI.

Further, the method for risk detection by the multi-factor communication data model platform comprises the following steps:

checking whether the actual login mobile phone number is in a risk database;

If the mobile phone number is in the risk database, determining that the risk detection result is the highest risk level;

and if the mobile phone number is not in the risk database, respectively calculating actual risk values of all other factors except the risk database, and comprehensively processing to obtain a risk detection result.

Further, the actual risk value is determined by the preset default risk value and the association value obtained by respectively performing association calculation on each factor.

Further, the multi-factor communication data model also includes one or more different sub-models for taking different rules and algorithms according to different factors.

In a third aspect, the present application provides a logged-in security control apparatus, comprising:

The receiving module is used for receiving the actual login mobile phone number sent by the mobile terminal APP;

The comparison module is used for inquiring the registered mobile phone number of the mobile terminal APP and comparing the registered mobile phone number with the actual registered mobile phone number;

The sending module is used for judging that the mobile phone is normally logged in if the registered mobile phone number is the same as the actual registered mobile phone number; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to the operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number;

The control module is used for receiving a risk detection result obtained after the risk detection is carried out on the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result.

In a fourth aspect, the present application provides an electronic device comprising: a memory and a processor;

The memory is used for storing computer instructions;

the processor configured to execute the computer-executable instructions to implement the method of any one of claims 1-7.

In a fifth aspect, the present application provides a computer storage medium having stored therein computer-executable instructions for performing the method of any of claims 1 to 7 when executed by a processor.

The application provides a login security control method, a device, equipment and a medium, which are used for receiving an actual login mobile phone number sent by a mobile terminal application program APP; inquiring a registered mobile phone number of the mobile terminal APP, and comparing the registered mobile phone number with an actual registered mobile phone number; if the registered mobile phone number is the same as the actual registered mobile phone number, judging that the mobile phone number is normally registered; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to an operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number; and receiving a risk detection result obtained after the risk detection of the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result. The risk detection can be carried out on the mobile phone number of the login mobile terminal APP, and the mobile terminal APP is safely controlled according to the risk detection result, so that the property safety of a user is protected.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.

FIG. 1 is a schematic diagram of a logged-on security control system architecture according to the present application;

FIG. 2 is a flow chart of a method for controlling login security according to the present application;

FIG. 3 is a schematic diagram of interaction principle of a logged-on security control system provided by the application;

FIG. 4 is a flowchart of another method for controlling login security according to the present application;

FIG. 5 is a schematic flow chart of a risk detection method of a multi-factor communication model according to the present application;

FIG. 6 is a schematic diagram of an ordered list of location information provided by the present application;

FIG. 7 is a schematic diagram of an ordered list of total duration of mobile phone number calls provided by the application;

FIG. 8 is a schematic diagram of a log-in security control device according to the present application;

fig. 9 is a schematic structural diagram of an electronic device according to the present application.

Specific embodiments of the present application have been shown by way of the above drawings and will be described in more detail below. The drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but rather to illustrate the inventive concepts to those skilled in the art by reference to the specific embodiments.

Detailed Description

Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.

It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or fully authorized by each party, and the collection, use and processing of the related data need to comply with related laws and regulations and standards, and provide corresponding operation entries for the user to select authorization or rejection.

The application scene of the application is mainly applied to login of the mobile terminal APP, and is particularly applied to login of the mobile terminal financial APP in the financial service industry.

With the progress of communication and internet technology, the business functions of mobile finance are continuously updated and perfected. Through the mobile terminal financial APP, the customer can handle a plurality of businesses, and convenient financial service which is carried at any time and any place is realized. The mobile terminal financial APP brings convenience to users and brings certain deception risks.

The existing financial anti-fraud model data sources mainly comprise: transaction data, customer information, social network data, external data, machine-generated event logs, sanctioned compliance data, and the like. Based on the data, most of the problems of telecom security risks can be screened and solved, but for the impotent login of the mobile terminal APP, the impotent mobile terminal financial APP can be illegally logged in by means of stealing mobile phone verification codes or account passwords and the like, and the security problem still exists in the scene.

In view of this, the present embodiment provides a method, an apparatus, a device, and a medium for controlling login security, including: receiving an actual login mobile phone number sent by a mobile terminal application program APP; inquiring a registered mobile phone number of the mobile terminal APP, and comparing the registered mobile phone number with an actual registered mobile phone number; if the registered mobile phone number is the same as the actual registered mobile phone number, judging that the mobile phone number is normally registered; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to an operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number; and receiving a risk detection result obtained after the risk detection of the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result. According to the scheme, the risk detection is carried out on the mobile phone number of the login mobile terminal APP, and the mobile terminal APP is safely controlled according to the risk detection result, so that the effect of protecting the property safety of the user is achieved.

The following describes the technical scheme of the present application and how the technical scheme of the present application solves the above technical problems in detail with specific embodiments. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.

Fig. 1 is a schematic diagram of a logged-on security control system architecture according to an embodiment of the present application, where the system includes:

s101: and the mobile terminal APP is used for sending the mobile phone number of the login user to the mobile terminal APP management platform.

The mobile terminal APP mainly refers to a financial APP of a mobile terminal, and the financial APP includes, but is not limited to, a mobile banking APP and a third party payment wallet APP.

S102: the mobile operator number taking platform is used for acquiring the mobile phone number of the mobile terminal APP actual registrant and interacting with the multi-factor communication data model platform to obtain a risk detection result.

The mobile operator number taking platform can acquire the mobile phone number of a registrant of the mobile terminal APP based on the network capability of the operator, and access the mobile operator multi-factor communication data model platform after receiving the risk detection request of the APP management platform to acquire a risk detection result.

S103: the mobile operator multi-factor communication data model platform is used for detecting risk of a mobile phone number actually logged in by the mobile terminal APP and generating a detection result.

S104: the mobile terminal APP management platform is used for carrying out data interaction with the mobile terminal APP and the operator number taking platform.

Fig. 2 is a flow chart of a login security control method provided by the embodiment of the application, which is applied to a mobile terminal application program APP management platform, and the method comprises the following steps:

S201, receiving an actual login mobile phone number sent by a mobile terminal application program APP.

The mobile terminal APP mainly refers to a financial APP of a mobile terminal, and the financial APP includes, but is not limited to, a mobile banking APP and a third party payment wallet APP. At present, the mobile phone bank and the third party payment wallet support a short message verification code or account mode, so that the risk of spoofed login is present. Namely, the deception (actual logger) acquires the mobile phone login verification code or account password of the account legal owner and successfully logs in the APP account of the account legal owner.

When a user logs in the mobile terminal APP, the mobile terminal APP can access an operator number taking platform to request the mobile phone number of a registrar, the operator number taking platform can acquire the mobile phone number of the registrar based on the network capability of the operator, the acquired mobile phone number of the registrar is transmitted to the mobile terminal APP, and the mobile terminal APP management platform can process the mobile phone number after receiving the mobile phone number transmitted by the mobile terminal APP.

S202, inquiring the registered mobile phone number of the mobile terminal APP, and comparing the registered mobile phone number with the actual registered mobile phone number.

The mobile terminal APP management platform stores the registered mobile phone number of the legal user of the APP account, when the registered mobile phone number of the APP transmitted by the mobile terminal APP is received, the registered mobile phone number of the APP is firstly inquired from a database of the mobile terminal APP management platform, after the registered mobile phone number is inquired, the registered mobile phone number transmitted by the APP is compared with the registered mobile phone number, whether the two mobile phone numbers are identical or not is judged, and then the follow-up operation is executed according to the judgment result.

S203, if the registered mobile phone number is the same as the actual registered mobile phone number, judging that the mobile phone number is normally registered; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to an operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number.

When the two mobile phone numbers are the same, the actual login user of the mobile terminal APP is the legal login user of the APP, and the login of the user can be judged to be normal login at the moment, so that no risk exists. The user can continue to normally use the APP to carry out service operation.

When the two mobile phone numbers are found to be different by comparison, the fact that the actual login user of the APP is not a legal login user of the account is indicated, risk of impoverishment login is possible, risk detection is needed at the moment, and whether the login user has fraud risk is judged through a series of specific methods.

Because the mobile terminal APP management platform cannot perform corresponding risk detection, the APP management platform needs to send two mobile phone numbers to the operator number taking platform at the same time, and sends a risk detection request to the multi-factor communication data model platform through the operator number taking platform. The operator serves as a provider and manager of the mobile phone number and has more comprehensive user data and more powerful technical capabilities for risk detection. The operator can judge whether the mobile phone number has abnormal behaviors or risks by analyzing the data such as call records, short message records and the like of the user. S204, receiving a risk detection result obtained after the risk detection by the multi-factor communication data model platform, and performing safety control on the mobile terminal APP according to the risk detection result.

The multi-factor communication data model platform can carry out risk detection on the mobile phone number according to the established data model and output a risk detection result. After receiving the risk detection result returned by the multi-factor communication data model platform, the APP management platform can carry out security control on different countermeasures of the APP according to the detection result so as to protect the property of the account owner.

In the embodiment, a mobile terminal APP management platform receives an actual login mobile phone number sent by a mobile terminal application program APP; inquiring a registered mobile phone number of the mobile terminal APP, and comparing the registered mobile phone number with an actual registered mobile phone number; if the registered mobile phone number is the same as the actual registered mobile phone number, judging that the mobile phone number is normally registered; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to an operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number; and receiving a risk detection result obtained after the risk detection of the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result. Through obtaining APP actual login cell phone number and comparing with registration cell phone number, send risk detection request to the operator and carry out safety control to APP according to risk detection result when two numbers are different, played the effect of protecting user's property safety and ensured the security and the user data privacy nature of mobile application.

Optionally, performing security control on the mobile terminal APP according to the risk detection result includes:

If the risk value represented by the detection result is smaller than the threshold value, controlling the mobile terminal APP to execute a normal operation flow; and if the risk value is greater than or equal to the threshold value, controlling the mobile terminal APP to exit.

After risk detection is carried out on two mobile phone numbers by the multi-factor communication data model platform, an actual risk detection result value is given, the detection result is returned to the operator number taking platform, and after the risk detection result of the multi-factor communication data model platform is received by the mobile terminal APP management platform, the mobile terminal APP management platform can forcedly exit the APP according to a preset risk value threshold value when the value of the risk detection result is larger than or equal to the threshold value, so that property of a user is protected from damage. And when the risk value is smaller than a preset threshold value, enabling the APP to continue to execute the subsequent flow.

According to the embodiment, the execution state of the APP is determined according to the magnitude of the risk value, and the APP is forced to exit when the risk value is high, so that potential malicious behaviors or fraudulent activities can be prevented from being continuously executed, and the property safety of a user is guaranteed. When the risk value is low, the APP can normally execute, and a user can smoothly perform various operations to enjoy services provided by the APP. The method has the effects of improving user experience and reducing potential loss of the user.

Fig. 3 is a schematic diagram of interaction principle of a logged-on security control system according to an embodiment of the present application, and the general principle is as follows:

S301: the APP calls the SDK method.

SDKs (Software Development Kit, software development kits) generally refer to a collection of development tools that are used by software engineers to build application software for a particular software package, software framework, hardware platform, operating system, etc. Typically to assist a developer in accessing and using the functionality of a particular platform or service more easily.

APP calls SDK methods typically occur when a user performs certain operations, such as logging in, registering or verifying identity. On the premise that the user agrees to authorize the mobile terminal APP to take the number, the mobile terminal APP can take the number by itself after the user successfully logs in the mobile terminal APP. When the APP needs to acquire the mobile phone number of the registrant, the APP triggers a number acquisition request through the SDK. The APP can access the operator platform more conveniently by calling the SDK method.

S302: the SDK accesses a mobile operator number-taking platform to request the mobile phone number of the login user.

The mobile operator (such as telecom, mobile, unicom and the like) has the real mobile phone number of the user, can directly provide the currently used mobile phone number, and the SDK can acquire the real mobile phone number of the current logger by accessing the operator number acquisition platform, so that the accuracy of data is ensured.

S303: and the number taking platform returns the mobile phone number to the SDK.

After receiving the number taking request of the SDK, the operator number taking platform acquires the mobile phone number of the actual login user based on the network capability of the operator, and returns the acquired mobile phone number to the SDK. The mobile phone number refers to the real mobile phone number of a registrant of a mobile phone bank or a third party payment wallet account, and whether the registrant is a deception cannot be judged at present.

S304: the SDK transmits the mobile phone number of the registrant to the mobile terminal APP.

S305: and the APP sends the mobile phone number of the registrant to the mobile terminal APP management platform.

After the SDK obtains the mobile phone number of the registrant from the operator number-taking platform, the mobile phone number is transmitted to the mobile terminal APP for calling the mobile phone number through an interface or a callback method provided by the SDK. The mobile terminal APP sends the mobile phone number data as a part of the request to the mobile terminal APP management platform, and the APP management platform executes subsequent data analysis or other logic processing.

S306: the mobile terminal APP management platform sends a risk detection request carrying a login mobile phone number and a registration mobile phone number to an operator number taking platform.

When the APP management platform receives the actually logged-in mobile phone number, the APP management platform searches the APP registration mobile phone number in an APP management platform database, and when the two mobile phone numbers are found to be different by comparison, the two mobile phone numbers are simultaneously sent to the operator number taking platform to request the operator number taking platform to perform risk monitoring.

S307: and the number taking platform forwards the mobile phone number and the risk detection request to the multi-factor communication data model platform for risk detection.

The actual risk detection process is completed by the multi-factor communication data model platform, so that after the operator number taking platform receives the risk detection request, the risk detection request needs to be forwarded to the multi-factor communication data model platform, and the multi-factor communication data model platform outputs a risk detection result after detecting according to the established multi-factor communication data model.

S308: and the operator multi-factor communication data model platform returns an imposter risk detection result to the number taking platform.

S309: and the number taking platform returns an imposter risk detection result to the APP management platform.

The multi-factor communication data model platform returns a risk detection result after risk detection to the operator number taking platform through data interaction with the operator number taking platform, and the operator number taking platform returns the risk detection result to the mobile terminal APP management platform again.

The operator number taking platform is responsible for managing and controlling the access rights to the communication data. The number taking platform is used for forwarding, so that the detection result can be received only by the authorized and verified APP management platform, and unauthorized access and data abuse are prevented.

S310: and the APP management platform carries out safety control on the mobile terminal APP according to the risk detection result.

The present step is the same as step S204, and will not be described in detail here.

Fig. 4 is a schematic diagram of another method for controlling login security, which is applied to a multi-factor communication data model platform and includes:

s401, receiving a risk detection request sent by an APP management platform of the mobile terminal, wherein the request carries an actual login mobile phone number and a registration mobile phone number of the APP of the mobile terminal.

A data model is an abstract representation of real world data features that is used to describe and organize the structure and relationships of data. The method is a core and a foundation of a database system, provides a unified framework for designing, realizing and managing the database, and generally consists of three parts of a data structure, data operation and data constraint. The multi-factor communication data model is a data model combining a plurality of influencing factors and is used for analyzing and predicting relevant data in the communication field.

The risk detection request is triggered when the APP management platform compares the registered mobile phone number with the registered mobile phone number, and the request contains two key information: the actual login mobile phone number and the registration mobile phone number of the user. These two cell phone numbers are important basis for verifying the identity of the user and identifying the potential risk.

S402, inputting the actual login mobile phone number and the registration mobile phone number into a multi-factor communication data model for risk detection according to the risk detection request, and obtaining a risk detection result.

According to the risk detection request, the multi-factor communication data model platform takes the actual login mobile phone number and the registration mobile phone number as key input parameters, and the key input parameters are imported into the constructed multi-factor communication data model to carry out risk detection. This process aims to accurately evaluate the security of a login request by integrating the analysis of multiple factors. By means of calculation and analysis of the multi-factor communication data model, the platform can obtain a risk detection result, and the result is taken as a basis for platform decision.

In this way, the login security control method provided by the embodiment fully utilizes the strong analysis capability of the multi-factor communication data model, can accurately and rapidly identify potential risks, and provides corresponding risk control measures, so that the security of the mobile terminal APP login process is effectively improved. Optionally, the factors in the multi-factor communication data model may include:

Risk database, location information, call and short message records, identity information, recharging records, and mobile phone unique identification code IMEI.

The risk database is a database storing risk-related information, which may include activity records of illegal actors, tools used, attack patterns, resource features, etc. By utilizing the risk database, enterprises can timely sense attack risks through the whole-network multi-channel monitoring to conduct targeted defense.

Position information: the location information may reflect the range of motion and habits of the user. If there is a significant difference in the location information of the login request from the user's historical location information, this may mean that the account is at risk of being fraudulent by others.

Conversation and short message recording: analyzing the call and the short message record of the user can reveal the communication habit and possible association relation of the user. For example, abnormal call frequencies, communication with high risk numbers, etc. may be risk signals.

Identity information: the identity information comprises sensitive information such as the name, the identification card number and the like of the user. By verifying the authenticity and consistency of the identity information, the identity of the user can be further confirmed, and the risk of being falsified is reduced.

And (5) recharging and recording: the recharge records may reflect the account activity and consumption habits of the user. If the account suddenly appears to have a high load or abnormal load behavior, this may mean that the account is at risk of being manipulated by others.

IMEI: the IMEI is a unique identification code of the mobile phone and can be used for tracking and identifying the mobile phone equipment. By analyzing IMEI information, whether the login request comes from the equipment of the user can be judged, so that a layer of security guarantee is added.

In practice, the multi-factor communication data model may selectively consider these factors according to specific requirements and data availability. By comprehensively utilizing the factors, the model can more comprehensively evaluate the risk of the login request and provide more accurate and effective security control.

Fig. 5 is a method for risk detection by the multifactor communication data model platform, which is specifically as follows:

S501, checking whether the actual login mobile phone number is in a risk database;

The risk database is used as a database system specially used for storing information related to the risk activities, and the recorded information covers illegal activities such as network spoofing, malicious attacks and the like. The risk database, a factor that can be used to check if the phone number is associated with a known malicious activity. When the multi-factor communication data model platform receives the risk detection request, the first step is to query the actual login mobile phone number provided by the APP management platform to verify whether the mobile phone number is recorded in the risk database. By comparing records in the risk database, high risk cell phone numbers can be quickly identified, thereby preventing potential security threats.

S502, if the mobile phone number is in the risk database, determining that the risk detection result is the highest risk level.

If the mobile phone number is found to exist in the risk database through inquiry, the login request can be primarily judged to contain higher security risk. The level of the risk detection result may be determined as the highest risk level at this time. The implementation of the step is beneficial to the platform to timely identify and cope with potential security threats, and ensures the security and reliability of communication data.

And S503, if the mobile phone number is not in the risk database, respectively calculating actual risk values of all other factors except the risk database, and comprehensively processing to obtain a risk detection result.

If the mobile phone number of the actual registrant is not listed in the risk database, but the actual registration mobile phone number is inconsistent with the registration mobile phone number, two possibilities exist at this time: firstly, a registrant of the mobile terminal APP carries out account login by using other mobile phones; and secondly, the non-registrant himself may attempt to log in. In view of these two possibilities, the risk level cannot be directly determined only by the difference of the mobile phone numbers. In order to ensure the accuracy and the comprehensiveness of risk assessment, the actual risk value of each related factor needs to be calculated according to a multi-factor communication data model, and a final risk detection result is obtained after comprehensive treatment.

In the embodiment, the login risk is detected through the multi-factor data model platform, whether the actually logged in mobile phone number is in the risk database is checked, and if the mobile phone number is in the risk database, the risk detection result is determined to be the highest risk level. Since the risk database typically contains cell phone numbers directly related to high risk activities, potential risks can be quickly identified and handled in this manner without the need for complex calculations or analysis. If the mobile phone number is not in the risk database, respectively carrying out actual risk value calculation on all other factors except the risk database, obtaining a risk detection result after comprehensive treatment, wherein the actual risk value calculation can comprehensively consider more factors and evaluate the risk level of the mobile phone number more accurately, thereby obtaining a more comprehensive risk evaluation result and avoiding inconvenience or loss of a user caused by misjudgment.

The comprehensive processing mode in the scheme is to add the actual risk value of each factor to obtain a final risk value as a risk detection result. In practice, the risk values of the factors may be combined in some manner (e.g., weighted average, machine learning model, etc.) to derive an overall risk score or risk level. This overall risk score or rating will be used as the final risk detection result to guide subsequent decisions.

Further, the actual risk value is determined by a preset default risk value and an association value obtained by respectively performing association calculation on each factor.

The actual risk value for each factor is determined by: firstly, presetting a default risk value for each factor; then, according to the association information of the two mobile phone numbers, sequentially calculating the association value of each factor; and finally, calculating the association value of the default risk value and the corresponding factor to obtain the actual risk value of the factor. The specific operation mode is as follows: the associated value is subtracted from the default risk value to derive the actual risk value.

In the present embodiment, the risk value is defined as integer-type data for quantifying the level representing the risk. The default risk value is set to 100 as a reference value for risk assessment. As the subsequent calculations proceed, the values are adjusted accordingly based on the associated values of the factors. Eventually, the system will return an actual risk value, the larger this value, the higher the risk. If the two cell phone numbers do not have any association, the association value is 0. In this case, the actual risk value will be equal to the default risk value, i.e. 100. This means that the phone number login behavior is seen as having a higher risk without associated information.

In addition, default risk values of the factors can be flexibly set according to actual conditions. In this embodiment, the default risk values of different factors may be different, for example, factors such as location information, call and sms records, user identity information, mobile phone recharging records, and mobile phone IMEI information, which each have different default risk values. For example: the default risk value set by the position information is 20, the default risk value of the call and short message records is 50, the default risk value of the user identity information is 10, the default risk value of the mobile phone recharging record is 10, the default risk value of the mobile phone IMEI information is 10, and the total default risk value of the 5 factors is 100. The setting mode can more accurately reflect different weights of each factor in risk assessment, and accuracy and reliability of risk assessment are improved.

In summary, the risk detection method of the multi-factor communication data model is realized by presetting a default risk value, calculating a factor association value and calculating an actual risk value. The risk of the mobile phone number login behavior can be comprehensively and accurately estimated, and an effective risk management means is provided for enterprises and clients.

Optionally, the multi-factor communication data model further comprises one or more different sub-models for taking different rules and algorithms according to different factors.

A data sub-model is a model that details or models a local region of a data feature or data structure. It is focused on a certain part or a certain aspect of the data, relative to the overall data model. The data submodel may be used to in-depth analyze and understand specific attributes, relationships, or patterns of data in order to better process, manage, and apply such data.

The multi-factor communication data model in this scheme includes one or more different sub-models. The design of the submodels aims at risk detection according to different factor characteristics by adopting targeted rules and algorithms.

Specifically, the multi-factor communication data model realizes the fine processing of different communication data factors by integrating a plurality of sub-models. Each sub-model designs unique algorithms and rules for specific data factors, such as location information, call and sms records, user identity information, mobile phone recharging records, mobile phone IMEI information, etc. The algorithms and rules fully consider the characteristics, change rules and correlation with risks of the data factors, so that the risks contained in each factor can be evaluated more accurately.

By applying the submodel, the method can realize comprehensive analysis and balance of different communication data factors. Each sub-model calculates risk values for the corresponding factors according to the respective algorithms and rules, which are then integrated into the overall risk assessment. By the method, the risk of the mobile phone number login behavior can be comprehensively and accurately detected, and an effective risk management means is provided for enterprises.

The different rules and algorithms adopted by each sub-model are described in detail below, and for convenience of description, the actual login mobile phone number and the registration mobile phone number of the APP are replaced by A and B respectively.

Firstly, introducing rules and algorithms of position information association values of mobile phone numbers A and B:

Through base station positioning, an operator can acquire the position information of the user. And preprocessing the position data of each mobile phone number within three months, and establishing a preprocessing database. Each handset number is passed through several base stations each day, and all LAC (Location Area Code, area code), CID (CELL IDENTITY, base station code) and time of the time are recorded. A Fixed-Length Queue (Fixed-Length Queue) with the Length of 90 (three months) is established by taking the LAC+CID as the Queue name, and the numerical value in the Queue is the time of the LAC+CID every day. The data in the queue is valid data of the last three months when the queue is input in time sequence. And averaging all the data in the queue, taking LAC+CID as key (key), taking the average value as value (value), and generating a key value pair. Then, an ordered list (Sorted List) is generated in order of the values, namely a position information list, the position information list is arranged from large to small according to the average value, and 7 values with the longest time are taken.

An Ordered List (Ordered List) is a List form used in text or HTML to represent a series of items, arranged in a certain order (usually numbers or letters). The ordered list helps organize and present information such that a reader can more easily understand the items in the list and their order.

When the position association calculation is performed, first, the ordered list of the position information corresponding to the mobile phone numbers a and B is acquired, and the scores are sequentially given from 7 to 1 in the order of the time average value from the higher to the lower (see fig. 6). And comparing the same values in the 2 ordered lists, if the LAC+CID are the same, taking corresponding scores, summing and dividing by 2 to obtain the association value 1. If the LAC is the same and the CID is different, the two are relatively close, but not very close, the corresponding score is taken, and the sum is divided by 4 to obtain the association value 2. And so on to obtain the association value 1, the association values 2 and …, and then summing the association values to obtain the position information association value (if the position information association value is greater than 20, the position information association value is directly assigned as 20). And finally subtracting the position information association value from 20 to obtain a position information risk value.

Fig. 6 is a schematic diagram of an ordered list of location information provided in an embodiment of the present application. Taking fig. 6 as an example, it is known that Aa is the same in both lists, and the correlation value 1= (7+7)/(2=7). The LAC of Bb and Bt in the list are the same and CID is different, the correlation value 2= (6+6)/(4=3). LAC of Cc and Cs in the list are the same and CID is different, the association value 3= (5+1)/(4=1.5). This results in a position information related value=7+3+1.5=11.5, and an actual position information risk value=20-11.5=8.5 can be determined from the default risk value 20 set by the position information.

The rules and algorithms for the mobile phone number and the related value of the call and the short message record are introduced as follows. Similarly to the association calculation of the position information, only the registered mobile phone number and the telephone dialed by the registered mobile phone number in three months are considered, the dialed mobile phone number is a key, and the sum of the call duration of each time is a value, so that an ordered list with the length of 10 is established. The same applies to the short message records, and the following description will be given by taking the call records as examples. The default risk values of the call records and the short message records are processed according to the weight of 8:2, and because the default risk values of the call records and the short message records set in the scheme are 50, the default risk values of the call records are 40 after being processed according to the weight proportion, and the default risk values of the short message records are 10.

When the correlation calculation of the call and the short message record is carried out, firstly, call record ordered lists corresponding to the mobile phone numbers A and B are respectively obtained, and scores are sequentially given from 10 to 1 according to the order of the sum of call durations (see fig. 7). And secondly, inquiring whether the mobile phone number of the opposite party exists in each ordered list, if so, taking the corresponding score as an association value 1, and if so, taking the corresponding score, and multiplying the sum by 2 to obtain the association value 1. And comparing the same values in the 2 ordered lists, namely, whether the interpersonal relationship of the two parties for dialing the telephone is available, if yes, taking the corresponding score, summing and dividing by 2 to obtain the association value 2. And so on, to obtain an association value 1, association values 2 and …, and then summing the association values to obtain a call record association value (if the call record association value is greater than 40, the call record association value is directly assigned as 40). And similarly, calculating to obtain a short message record association value. And finally subtracting the communication and short message record association value from 50 to obtain a communication and short message record risk value.

Fig. 7 is a schematic diagram of an ordered list of total call duration of mobile phone numbers according to an embodiment of the present application. Taking fig. 6 as an example, it is known after comparison that there are two parties in the two lists, i.e. a and B frequently make a call with each other and talk, and the association value is 1= (10+9) ×2=38. The cell phone number F exists in both lists with the association value 2= (6+6)/(2=6). Call record association value=38+6=44 >40, then the value is assigned to 40, and assuming that the short message record association value is 6, then the communication and short message record risk value=50-40-6=4.

The rule and method for carrying out the association calculation of the mobile phone identity information on the mobile phone numbers A and B are as follows. The current real-name system of the mobile phone number has very high proportion, and certain associated information can be obtained through analyzing the identity card information corresponding to the mobile phone numbers A and B. If the addresses are the same, the associated value 1 is 10. If the first 6 digits of the identification card number are the same, the association value 2 is 3. If the surname is the same, the association value 3 is 1. The association value 1, the association value 2 and … are obtained according to the above rule, and then the association values are summed to obtain the identity information association value (if the identity information association value is greater than 10, the identity information association value is directly assigned as 10). Subtracting the identity information association value from 10 to obtain an identity information risk value.

For example, the addresses corresponding to the mobile phone numbers a and B are different, the first 6 digits of the identification card numbers are the same, and the surnames are the same, so that the identification information association value=3+1=4, and the identification information risk value=10-4=6.

The rule and method for carrying out the association calculation of the recharging records of the mobile phone for the mobile phone numbers A and B are as follows. The rule is simple, and the record of whether the mobile phone number A and the mobile phone number B have the charge of the mobile phone is calculated within 3 months. If 1 record with the recharging value greater than 30 elements exists, the associated value 1 is 3. If there are 2 recharge records greater than 30, then the associated value 1 is 7. If the accumulated recharging total amount is more than 200 yuan, the association value 2 is 5. Subtracting the associated value of the recharging records from 10 to obtain the risk value of the recharging records.

For example, if there is a recharge record 1 time between the mobile phone numbers a and B and the recharge amount is 300 yuan, the recharge record association value=5, and the recharge record risk value=10-5=5.

The rules and methods for performing mobile phone IMEI information association calculation on mobile phone numbers A and B are as follows. Because the condition that the family members use the mobile phones mutually is common, the IMEI information is judged to judge that the two mobile phone numbers have certain association. However, due to the existence of the second-hand mobile phone, a time limit is added to the association of the IMEI information so as to reduce the association misjudgment probability of the second-hand mobile phone. And calculating the starting and stopping time of each IMEI value of the IMEI records of the mobile phone number A and the mobile phone number B within 3 months. If the mobile phone numbers A and B have the same IMEI information and the activation time of one mobile phone number is different from the deactivation time of the other mobile phone number by less than 2 days, the associated value of the IMEI information is 8. If the mobile phone numbers A and B have the same IMEI information, but the activation time of one mobile phone number is different from the deactivation time of the other mobile phone number by more than 2 days and less than 1 month, the IMEI information association value is 6. If the mobile phone numbers A and B have the same IMEI information, but the activation time of one mobile phone number is different from the deactivation time of the other mobile phone number by more than 1 month, the IMEI information association value is 4. Subtracting the IMEI information association value from 10 to obtain an IMEI information risk value.

For example, if mobile phone numbers a and B have the same IMEI information within three months, but the activation time of one mobile phone number differs from the deactivation time of the other mobile phone number by 40 days, then the IMEI information association value=4, and the IMEI information risk value=10-4=6.

And accumulating the position information risk value, the call and short message recording risk value, the identity information risk value, the mobile phone recharging recording risk value, the IMEI information risk value and other data to obtain a risk detection result. Taking the above data as an example, the risk detection result=8.5+4+6+5+6=29.5.

In the above embodiment, the sub-model in the multi-factor communication data model adopts different rules and algorithms according to different factors, so that optimization can be performed according to specific factors, and different requirements can be flexibly adapted. Each sub-model is subjected to refinement processing aiming at different data factors, and respective risk detection results are obtained through a specific algorithm and a specific rule. The outputs of the submodels are comprehensively considered, so that the expertise and advantages of each submodel can be fully utilized, and the possible limitations and defects of a single model can be overcome. Through the synergistic effect of multiple models, the model can provide more reliable and more accurate risk detection results.

Fig. 8 is a schematic diagram of a login security control device according to an embodiment of the present application, including:

the receiving module is used for receiving the actual login mobile phone number sent by the mobile terminal APP.

And the comparison module is used for inquiring the registered mobile phone number of the mobile terminal APP and comparing the registered mobile phone number with the actual login mobile phone number.

The sending module is used for judging that the mobile phone is normally logged in if the registered mobile phone number is the same as the actual logged-in mobile phone number; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to an operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number.

The control module is used for receiving a risk detection result obtained after the risk detection is carried out on the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result.

Fig. 9 is a schematic diagram of an electronic device according to an embodiment of the present application, including: a memory and a processor;

a memory for storing computer instructions;

A processor for executing computer-executable instructions to implement the method as claimed in any one of claims 1 to 7.

Embodiments of the present application also provide a computer storage medium having stored therein computer-executable instructions which, when executed by a processor, are adapted to carry out the method as set forth in any one of claims 1 to 7.

Other embodiments of the application will be apparent to those skilled in the art from consideration of the specification and practice of the application disclosed herein. This application is intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the application pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.

It is to be understood that the application is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (10)

1. The login security control method is characterized by being applied to a mobile terminal application program APP management platform and comprising the following steps:

receiving an actual login mobile phone number sent by a mobile terminal APP;

Inquiring a registered mobile phone number of a mobile terminal APP, and comparing the registered mobile phone number with an actual registered mobile phone number;

If the registered mobile phone number is the same as the actual registered mobile phone number, judging that the mobile phone number is normally registered; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to an operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number;

And receiving a risk detection result obtained after the risk detection of the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result.

2. The method of claim 1, wherein the performing security control on the mobile APP according to the risk detection result includes:

If the risk value represented by the detection result is smaller than a threshold value, controlling the mobile terminal APP to execute a normal operation flow; and if the risk value is greater than or equal to the threshold value, controlling the mobile terminal APP to exit.

3. The login safety control method is characterized by being applied to a multi-factor communication data model platform and comprising the following steps of:

Receiving a risk detection request sent by a mobile terminal application program APP management platform, wherein the request carries an actual login mobile phone number and a registration mobile phone number of the mobile terminal APP;

And inputting the actual login mobile phone number and the registration mobile phone number into a multi-factor communication data model to perform risk detection according to the risk detection request, so as to obtain a risk detection result.

4. A method according to claim 3, wherein the factors of the multi-factor communication data model comprise:

Risk database, location information, call and short message records, identity information, recharging records, and mobile phone unique identification code IMEI.

5. The method of claim 4, wherein the method of risk detection by the multi-factor communication data model platform comprises:

checking whether the actual login mobile phone number is in a risk database;

If the mobile phone number is in the risk database, determining that the risk detection result is the highest risk level;

and if the mobile phone number is not in the risk database, respectively calculating actual risk values of all other factors except the risk database, and comprehensively processing to obtain a risk detection result.

6. The method according to claim 5, wherein the actual risk value is determined by a default risk value set in advance and the associated value obtained by respectively performing association calculation on each factor.

7. The method of claim 6, wherein the multi-factor communication data model includes one or more different sub-models for taking different rules and algorithms according to different factors.

8. A security control apparatus for login, comprising:

The receiving module is used for receiving the actual login mobile phone number sent by the mobile terminal APP;

The comparison module is used for inquiring the registered mobile phone number of the mobile terminal APP and comparing the registered mobile phone number with the actual registered mobile phone number;

The sending module is used for judging that the mobile phone is normally logged in if the registered mobile phone number is the same as the actual registered mobile phone number; if the registered mobile phone number is different from the actual registered mobile phone number, judging that the login security risk exists, and sending a risk detection request to an operator number taking platform, wherein the risk detection request carries the registered mobile phone number and the actual registered mobile phone number;

The control module is used for receiving a risk detection result obtained after the risk detection is carried out on the multi-factor communication data model platform, and carrying out safety control on the mobile terminal APP according to the risk detection result.

9. An electronic device, comprising: a memory and a processor;

The memory is used for storing computer instructions;

the processor configured to execute the computer-executable instructions to implement the method of any one of claims 1-7.

10. A computer storage medium having stored therein computer executable instructions which when executed by a processor are adapted to carry out the method of any one of claims 1 to 7.