TR2022019342A2

TR2022019342A2 - A SYSTEM THAT ALLOWS INSTANT ACTION IN FRAUD MANAGEMENT

Info

Publication number: TR2022019342A2
Application number: TR2022/019342
Authority: TR
Inventors: Ye Hazal Keco Lu Hur; Mutlu Ozge; Palabiyik Anil; Sma L Yetk N Muhammed; Yucel Kurtul; Kurban Koray; Ah Nler Ocak Merve; M Ca Ri Artun Brah; Nem Sari S
Original assignee: Turkcell Teknoloji̇ Araştirma Ve Geli̇şti̇rme Anoni̇m Şi̇rketi̇
Filing date: 2022-12-14
Publication date: 2023-01-23

Abstract

Bu buluş, POS (point of sale) cihazı (2) gibi ödeme kanallarında yaşanmış dolandırıcılık yaşanmış verileri analiz edilmesi ile elde edilen bir skorun işlem anındaki verilerle zenginleştirilmesi sonucu işlem anında riskli olabilecek işlemlerin tahmin edilmesini ve işleme devam edilip edilmemesi konusunda anlık aksiyon alınmasını sağlayan bir sistem (1) ile ilgilidir.This invention relates to a system (1) that allows predicting potentially risky transactions at the time of the transaction and taking immediate action on whether to continue the transaction or not, as a result of enriching a score obtained by analyzing data on fraudulent transactions in payment channels such as POS (point of sale) devices (2) with data at the time of the transaction.

Description

TARIFNAME DOLANDIRICILIK YÖNETIMINDE ANLIK AKSIYON ALINMASINI SAGLAYAN BIR SISTEM Teknik Alan Bu bulus, POS (point of sale) cihazi gibi ödeme kanallarinda yasanmis dolandiricilik yasanmis verileri analiz edilmesi ile elde edilen bir skorun islem anindaki verilerle zenginlestirilmesi sonucu islem aninda riskli olabilecek islemlerin tahmin edilmesini ve isleme devam edilip edilmemesi konusunda anlik aksiyon alinmasini saglayan bir sistem ile ilgilidir. Önceki Teknik POS cihazlari kredi karti ya da banka kartlarini taniyarak nakit para kullanilmadan ödeme yapilmasini saglayan cihazlardir. POS cihazlari sayesinde isyeri ile banka arasinda çogunlukla bir telefon baglantisi üzerinden iletisim kurulmakta ve bankalar üzerinden gerekli bilgilere ulasilmasi ile ödeme islemin yapilip yapilmayacagina karar verilmektedir. Her türlü ödeme sisteminde/kanalinda oldugu gibi POS cihazlarinda da dolandiricilik olaylari yasanmaktadir. Kartini çaldiran bir kisi hemen banka iletisime geçerek olasi dolandiricilik islemlerini banka tarafinda engellemeye çalismaktadir. Fakat bazi durumlarda kartin çalindigindan geç haberdar olunmasi ve kartla dolandiricilik yapilmis olmasi durumunda kart sahibi banka ile iletisime geçerek yapilan ödemeleri geri talep etmektedir. Bu durum hem kart sahibi hem banka hem de ödemeyi alan tarafi kapsayan zorlu bir süreçtir. Bu nedenle POS cihazi üzerinden yapilan bir islemin riskli olup olmadigini sorgulayarak gerekli durumlarda islemi gerçeklestirmeyerek anlik aksiyon alinmasini saglayan çözümlere ihtiyaç duyulmaktadir. patent dokümaninda, dolandiricilik tespit sisteminden bahsedilmektedir. akilli yinelenen islem isleme ve dolandiricilik tespitine yönelik bir sistem, sunucu bilgisayarlarla iletisim halinde olan makine ögrenimi (ML) modellerini içeren bir yapay zeka (AI) platformu içermektedir. Sunucular, gelecekte yinelenen islemleri tahmin etmek üzere makine ögrenimi modellerini egitmek için bir islem veri tabanindan geçmis ödeme islem verilerine erismektedir. Sunucular, bir ödeme cihazi kullanan bir kart hamili tarafindan bir ödeme islemi için bir alicidan bir yetkilendirme talebi alir, yetkilendirme talebini karti verene isler ve bir yanit iletmektedir. Yetkilendirme talebinden gelen islem verileri, ödeme isleminin yinelenen bir ödeme islemi içerip içermedigini tahmin etmek ve içeriyorsa, bir sonraki yinelenen islemin tahmini tarihini belirlemek için makine ögrenimi modellerine girilmektedir. Tahmini tarihten önce bir sonraki yinelenen ödeme islemine iliskin islem öznitelikleriyle karti veren kurulusa bir API çagrisi baslatilmaktadir ve karti veren kurulus dogrudan kart sahibine bir uyari mesaji göndermektedir. Bulusun Kisa Açiklamasi Bu bulusun amaci, POS (point of sale) cihazi gibi ödeme sistemlerinde yasanmis dolandiricilik yasanmis verileri analiz ederek olusturulan skoru bir sonraki islemin riskli olup olmadiginin tahmin edilmesinde kullanilmasini ve isleme devam edilip edilmemesi konusunda anlik aksiyon alinmasini saglayan bir sistem gerçeklestirmektir. Bulusun diger amaci, islemin tamamlanmasinin ardindan ödeme sistemine iletilen bir geri ödeme talebinin kaldirilmasini ve anlik olarak alinacak aksiyonunu niteligine yapay zeka ile karar vererek provizyon sürecinin otomatize edilmesini saglayan bir sistem gerçeklestirmektir. Bulusun Ayrintili Açiklamasi Bu bulusun amacina ulasmak için gerçeklestirilen "Dolandiricilik Yönetiminde Anlik Aksiyon Alinmasini Saglayan Bir Sistem" ekli sekilde gösterilmis olup, bu Sekil 1 Bulus konusu sistemin sematik görünüsüdür. Sekilde yer alan parçalar tek tek numaralandirilmis olup, bu numaralarin karsiliklari asagida verilmistir: 1 . Sistem 2. POS cihazi 3. Veri tabani 4. Sunucu Ödeme kanalinda/sisteminde yapilan bir islemin geçmis dolandiricilik verilerinin kullanilmasi ile analiz edilmesini ve riskli olup olmamasina göre anlik aksiyon alinmasini saglayan bulus konusu sistem (1); -en azindan bir ekran, bir girdi birimi ve bir kart okuyucu içeren, herhangi bir uzak iletisim protokolü üzerinden dis sunucular ile iletisim kurmak ve veri alisverisi gerçeklestirmek üzere yapilandirilan en aZ bir POS cihazi (2), -içerisinde POS cihazi (2) üzerinden dolandiricilik yasamis kisilerin verilerini ve POS cihazi (2) üzerinde yasanmis geçmis dolandiricilik verilerine iliskin verileri kayit altinda tutmak üzere yapilandirilan en aZ bir veri tabani (3) ve -veri tabani (3) ile iletisim halinde olmak ve veri tabani (4) ile veri alisverisi gerçeklestirmek, herhangi bir iletisim protokolünü kullanarak POS cihazi (2) ile iletisim kurmak ve kurulan bu iletisim üzerinden veri alisverisi gerçeklestirmek, POS cihazi (2) üzerinde bir islem yapilmak istenmesi ile tetiklenmek, islem yapmak isteyen kullanicinin kimlik bilgilerine ulasmak, veri tabaninda (3) kayitli geçmis dolandiricilik verileri ile islemi yapmak isteyen kisinin kimlik verilerini yap ay zeka ile olusturulan skorlama ile modellemek ve islemin dolandiricilik süphesi tasiyip tasimadigin analiz etmek, islemin dolandiricilik süphesi tasimadigina karar verdiginde ödemenin gerçeklestirilebilmesi için isleme devam edilmesini saglamak, islemin dolandiricilik süphesi tasidigina karar verdiginde ise anlik aksiyon alarak islemi sonlandirmak üzere yapilandirilan en az bir sunucu (4) içermektedir. Bulus konusu sistemde (1) yer alan POS cihazi (2) sunucu (4) ile iletisim kurmak ve kurulan bu iletisim üzerinden veri alisverisi gerçeklestirmek üzere yapilandirilan, bir girdi birimi, bir ekran, bir kart okuyucu içeren bir android/IOS tabanli elektronik cihazdir. POS cihazi (2) kullanici kimlik bilgilerine ulasmak için dijital kimlige ait bilgileri alabildigi bir yakin alan iletisimi (NFC), manyetik okuma ya da çip ile okuma özelliklerinden en az birine sahip olmak üzere yapilandirilmaktadir. POS cihazi (2) kimlik bilgisine ulasmak için kullanicinin parmak izi bilgisini aldigi en azindan bir parmak okuyucu içermek üzere yapilandirilmaktadir. Bulusun tercih edilen uygulamasinda POS cihazi (2) Internet seklinde bir veri yolu kullanarak veri alisverisi gerçeklestirmek üzere yapilandirilmaktadir. Bulus konusu sistemde (1) yer alan veri tabani (3) sunucu (4) ile iletisim halinde olup sunucu (4) ile veri alisverisi gerçeklestirmek üzere yapilandirilmaktadir. Bulus konusu sistemde (1) yer alan veri tabani (3) içerisinde dolandiricilik yasamis kisilerin verilerine iliskin bilgileri kayit altinda tutmak üzere yapilandirilmaktadir. Veri tabani (3) içerisinde ayrica POS cihazinda (2) islemde yapacak kisilerin demografik verileri, bankalardan gelen ve içerisinde geri ödeme talebi, çalinti kart ve bayi dolandiriciligina iliskin verileri kayit altinda tutmak üzere yapilandirilmaktadir. Bulus konusu sistemde (1) yer alan sunucu (4), herhangi bir uzak iletisim protokolünü kullanarak POS cihazi (2) ile iletisim kurmak ve kurulan bu iletisim üzerinden POS cihazindan (2) islem yapmak isteyen kisinin talebini almak üzere yapilandirilmaktadir. Sunucu (4), veri tabani (3) ile iletisim kurmak ve veri tabani (4) içerisindeki verilere erismek üzere yapilandirilmaktadir. Sunucu (4), veri tabaninda (3) kayitli müsteri geçmis verilerini ve kisisel verilerini yapay zeka ile modellemek, bir skor olusturmak ve yapilacak ödemenin bir dolandiricilik süphesi tasiyip tasimadigini analiz etmek üzere yapilandirilmaktadir. Sunucu (4) tercihen dolandiricilik yasamis kisilerin verilerini yapay zekâ ile zenginlestirmek ve dolandiricilik yasayabilecek kitlenin skorlanarak tespit edilmesini saglamak üzere yapilandirilmaktadir. Sunucu (4) özellikle dolandiricilik yasamis kisilerin demografik verileri, kullanim verilerini kullanarak bir yapay zeka algoritmasi olusturmak ve POS cihazinda (2) yapilan geçerli, geçersiz islemler ile algoritmayi gelistirmek üzere yapilandirilmaktadir. Sunucu (4) POS cihazinda (2) yapilacak ödeme isleminin riskli olduguna karar verdigi durumda anlik olarak islemi sonlandirmak ve anlik aksiyon almak üzere yapilandirilmaktadir. Bulus konusu sistem (1) POS cihazinda (2) islem yapmak isteyen kisinin verilerinin, geçmis dolandiricilik islem verilerinin birlikte yapay zeka modelleri ile birlikte islenmesi ile yapilmak istenen islemin dolandiricilik riski tasiyip tasimadigina karar verilmesi ile ödeme islemlerinde sahteciligi önlemektedir. Bu sayede herhangi bir aksiyon alinmasi gereken bir duruma karar verilmesi ile islem sonlandirilmaktadir. Bulus konusu sistem (1) kullaniciya veri gizliligi ilkeleri içeren bilgilendirme ve onay sunmakta olup, Kisisel Verilerin Korunmasi Kanunu (KVKK) dahilinde faaliyet göstermektedir. Bu temel kavramlar etrafinda, bulus konusu "Dolandiricilik Yönetiminde Anlik Aksiyon Alinmasini Saglayan Bir Sistem (1)" ile ilgili çok çesitli uygulamalarin gelistirilmesi mümkün olup, bulus burada açiklanan örneklerle sinirlandirilamaz, esas olarak istemlerde belirtildigi gibidir. TR TR TR TRA SYSTEM THAT ENABLES INSTANT ACTION IN FRAUD MANAGEMENT Technical Field This invention relates to a system that allows for the prediction of potentially risky transactions and the taking of instant action on whether to proceed with the transaction by enriching a score obtained by analyzing data on fraudulent transactions experienced in payment channels such as POS (point of sale) devices with data from the moment of the transaction. Prior Art POS devices are devices that recognize credit or debit cards and enable cashless payments. Through POS devices, communication is generally established between the merchant and the bank via a telephone connection, and the decision to proceed with the payment is made by accessing the necessary information from the banks. As with any payment system/channel, fraudulent acts occur with POS devices. A person who has their card stolen immediately contacts their bank to try to prevent potential fraud. However, in some cases, if the cardholder is notified late that the card has been stolen and fraud has been committed with the card, they contact the bank and demand a refund. This is a challenging process involving both the cardholder, the bank, and the recipient. Therefore, solutions are needed that can assess whether a transaction made via a POS device is risky and, if necessary, take immediate action by not executing the transaction. The patent document describes a fraud detection system. A system for intelligent recurring transaction processing and fraud detection includes an artificial intelligence (AI) platform that incorporates machine learning (ML) models that communicate with the server computers. Servers access historical payment transaction data from a transaction database to train machine learning models to predict future recurring transactions. The servers receive an authorization request from a recipient for a payment transaction made by a cardholder using a payment device, process the authorization request to the card issuer, and return a response. The transaction data from the authorization request is fed into the machine learning models to predict whether the payment transaction contains a recurring payment and, if so, to determine the estimated date of the next recurring transaction. Before the estimated date, an API call is initiated to the card issuer with the transaction attributes for the next recurring payment transaction, and the card issuer sends an alert message directly to the cardholder. Brief Description of the Invention The purpose of this invention is to develop a system that analyzes data from fraudulent transactions in payment systems such as POS (point of sale) devices, using the resulting score to predict whether the next transaction is risky and allowing immediate action to be taken on whether the transaction should continue. Another purpose of the invention is to develop a system that removes a refund request submitted to the payment system after the transaction is completed and automates the provisioning process by using artificial intelligence to determine the nature of the immediate action to be taken. Detailed Description of the Invention The "System Enabling Instant Action in Fraud Management" developed to achieve the purpose of this invention is shown in the attached figure, and Figure 1 is a schematic view of the system in question. The parts in the figure are numbered one by one and the correspondences of these numbers are given below: 1. System 2. POS device 3. Database 4. Server The system in question, which enables the analysis of a transaction made in the payment channel/system by using past fraud data and taking instant action according to whether it is risky or not, is (1); -At least one POS device (2) which is configured to communicate with external servers and perform data exchange over any remote communication protocol, including at least one screen, an input unit and a card reader, -At least one database (3) which is configured to record the data of people who have committed fraud through the POS device (2) and the data related to past fraud data experienced on the POS device (2), and -To communicate with the database (3) and perform data exchange with the database (4), to communicate with the POS device (2) using any communication protocol and perform data exchange through this established communication, to be triggered by the request to perform a transaction on the POS device (2), to access the identity information of the user who wants to perform the transaction, to be able to record past fraud data recorded in the database (3), It contains at least one server (4) configured to model the identity data of the person who wants to make the transaction with a scoring created by artificial intelligence and to analyze whether the transaction carries a suspicion of fraud, to ensure that the transaction continues so that the payment can be made when it decides that the transaction does not carry a suspicion of fraud, and to take instant action and terminate the transaction when it decides that the transaction carries a suspicion of fraud. The POS device (2) in the system (1) of the invention is an Android/IOS based electronic device that is configured to communicate with the server (4) and to perform data exchange through this established communication, and that includes an input unit, a display and a card reader. The POS device (2) is configured to have at least one of the features of near field communication (NFC), magnetic reading, or chip reading, which can retrieve digital identity information to access user identification information. The POS device (2) is configured to include at least one fingerprint reader, which can retrieve the user's fingerprint information to access identification information. In the preferred embodiment of the invention, the POS device (2) is configured to perform data exchange using a data path such as the Internet. The database (3) in the system (1) of the invention communicates with the server (4) and is configured to perform data exchange with the server (4). The database (3) in the system (1) of the invention is configured to record information regarding the data of individuals who have committed fraud. The database (3) is also configured to record demographic data of individuals making transactions at the POS device (2), refund requests from banks, and data related to stolen cards and vendor fraud. The server (4) in the inventive system (1) is configured to communicate with the POS device (2) using any remote communication protocol and to receive the request of the individual wishing to perform a transaction at the POS device (2) through this established communication. The server (4) is configured to communicate with the database (3) and access the data within the database (4). The server (4) is configured to model the customer history and personal data recorded in the database (3) with artificial intelligence, generate a score, and analyze whether the payment to be made is suspected of fraud. The server (4) is configured to enrich the data of individuals who have experienced fraud with artificial intelligence and to identify groups likely to experience fraud through scoring. The server (4) is configured to create an artificial intelligence algorithm using demographic and usage data of individuals who have experienced fraud, and to improve the algorithm by analyzing valid and invalid transactions made on the POS device (2). The server (4) is configured to instantly terminate the transaction and take immediate action if it determines that a payment transaction on the POS device (2) is risky. The inventive system (1) processes the data of the individual attempting to make a transaction on the POS device (2) along with past fraud transaction data, using artificial intelligence models to determine whether the intended transaction carries a fraud risk. This prevents fraud in payment transactions. In this way, the process is concluded by deciding whether an action is necessary. The system (1) in question provides the user with information and consent regarding data privacy principles and operates within the Personal Data Protection Law (KVKK). It is possible to develop a wide variety of applications related to the subject of the invention, "A System (1) Enabling Instant Action in Fraud Management," based on these basic concepts. The invention cannot be limited to the examples described here; it is essentially as stated in the claims.

Claims

REQUESTS

l. -At least one POS device (2) that includes at least one screen, one input unit and one card reader, configured to communicate with external servers over any remote communication protocol and to exchange data, -at least one database (3) that is configured to record the data of people who have committed fraud through the POS device (2) and the data related to past fraud data experienced on the POS device (2), -communicating with the database (3) and exchanging data with the database (4), communicating with the POS device (2) using any communication protocol and exchanging data through this communication, -a system on the POS device (2) A system (1) characterized by at least one server (4) configured to be triggered by a request to perform a transaction, to access the identity information of the user who wants to perform the transaction, to model the identity data of the person who wants to perform the transaction with the past fraud data recorded in the database (3) with a scoring created by artificial intelligence and to analyze whether the transaction is suspected of fraud or not, to ensure that the transaction continues so that the payment can be made when it decides that the transaction is not suspected of fraud, and to take immediate action and terminate the transaction when it decides that the transaction is suspected of fraud.

2. A system (1) as in Claim 1, characterized by a POS device (2), which is an Android/IOS based electronic device comprising an input unit, a display and a card reader, configured to communicate with the server (4) and to exchange data through this communication.

3. A system (1) as in claim 1 or 2, characterized by the POS device (2) configured to have at least one of the features of near field communication (NFC), magnetic reading or chip reading, through which it can receive information about the digital identity in order to access the user identification information.

4. A system (1) as in any of the above claims, characterized by a POS device (2) configured to include at least one finger reader that obtains the user's fingerprint information in order to access the identification information.

5. A system (1) as in any of the above claims, characterized by a POS device (2) configured to perform data exchange using a data path in the form of the Internet.

6. A system (1) as in any of the above claims, characterized by a database (3) that is in communication with the server (4) and configured to exchange data with the server (4).

7. A system (1) as in any of the above claims, characterised by a database (3) structured to record information regarding the data of persons who have committed fraud.

8. A system as in any of the above claims, characterized by a database (3) configured to record demographic data of the persons who will make the transaction on the POS device (2), refund requests from banks, stolen cards and data related to dealer fraud.

9. A system (1) as in any of the above claims, characterized by a server (4) configured to communicate with the POS device (2) using any remote communication protocol and to receive the request of the person who wants to make a transaction from the POS device (2) through this communication.

10. A system as in any of the above claims, characterized by a server (4) configured to model the customer history and personal data recorded in the database (3) with artificial intelligence, to create a score and to analyze whether the payment to be made carries a suspicion of fraud.

1 1. Any of the above claims, characterized by the server (4) configured to enrich the data of people who have experienced fraud with artificial intelligence and to detect the mass that may experience fraud by scoring.

12. A system as in any of the above claims, characterized by a server (4) configured to create an artificial intelligence algorithm using demographic data and usage data of people who have experienced fraud and to improve the algorithm with valid and invalid transactions made on the POS device (2).

13. Any of the above-mentioned requests, characterized by the server (4) configured to instantly terminate the transaction and take immediate action in case it decides that the payment transaction to be made on the POS device (2) is risky.