| CPC H04L 63/1416 (2013.01) [G06F 16/955 (2019.01); G06Q 20/4016 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01)] | 14 Claims |
|
1. A computer-implemented method comprising:
receiving, by at least one computer, a record of a new transaction associated with a fraud alert, wherein the new transaction is associated with a client from a system database;
analyzing the fraud alert associated with the new transaction by:
tagging, by the at least one computer, one or more attributes in historical transactions matching one or more attributes of the new transaction;
identifying, by the at least one computer, a transaction session record of the client, wherein the transaction session record comprises one or more transaction session attributes that match the tagged one or more attributes;
identifying, by the at least one computer, one or more session records associated with one or more additional clients having session attributes matching the one or more transaction session attributes of the transaction session record;
in response to identifying the one or more session records, determining that a number of the one or more additional clients is greater than a predetermined threshold;
in response to the number of the one or more additional clients being greater than the predetermined threshold, determining, by the at least one computer, whether the session attributes matching the one or more transaction session attributes are in a whitelist; and
in response to determining the session attributes are in the whitelist, permitting the new transaction to occur.
|