| CPC G06Q 30/0185 (2013.01) [G06N 20/00 (2019.01); G06Q 20/4016 (2013.01); G06Q 40/12 (2013.12)] | 20 Claims |
|
1. A computer-implemented method, comprising:
training, by a transaction service provider system, a deep learning model based on historical transaction data associated with a plurality of historical transactions to provide a respective embedding for each payment account associated with the historical transaction data, wherein training comprises inputting the historical transaction data for each payment account associated with the historical transaction data to the deep learning model to provide a respective hidden layer vector, wherein each respective embedding comprises the respective hidden layer vector, wherein the deep learning model comprises a plurality of parameters, and wherein training the deep learning model comprises updating at least one parameter of the plurality of parameters based on the respective embedding for each payment account and a loss function;
receiving, by the transaction service provider system, transaction data associated with a plurality of transactions of at least one payment account;
detecting, by the transaction service provider system, at least one attempted attack based on the transaction data;
generating, by the transaction service provider system, using the deep learning model and a survival model, a fraud risk score for each subperiod of a plurality of subperiods in a time period following the at least one attempted attack based on the transaction data, wherein generating the fraud risk score comprises:
generating at least one embedding for each payment account of the at least one payment account based on inputting the transaction data for each payment account of the at least one payment account to the deep learning model to provide at least one hidden layer vector, wherein each embedding of the at least one embedding comprises a hidden layer vector of the at least one hidden layer vector; and
generating the fraud risk score for each subperiod based on inputting the at least one embedding to the survival model, wherein the fraud risk score for each respective subperiod is associated with a probability that a fraudulent transaction will not occur by the respective subperiod;
generating, by the transaction service provider system, a survival curve based on the fraud risk score for each subperiod;
determining, by the transaction service provider system, an area bounded by the survival curve;
comparing, by the transaction service provider system, the area to a threshold to determine whether the at least one payment account is in a high risk category;
sending, by the transaction service provider system, a notification to an issuer system based on determining the at least one payment account is in the high risk category, the notification indicating that the at least one payment account is in the high risk category;
adjusting, by the issuer system, monitoring of the at least one payment account based on receiving the notification indicating that the at least one payment account is in the high risk category, wherein adjusting monitoring is based on the probability that the fraudulent transaction will not occur by the respective subperiod;
initiating, by a point-of-sale (POS) device of a merchant system, a subsequent transaction by generating an authorization request message associated with the subsequent transaction;
sending, by the merchant system, the authorization request message associated with the subsequent transaction to an acquirer system;
based on receiving the authorization request message associated with the subsequent transaction, sending, by the acquirer system, the authorization request message to the issuer system, wherein the issuer system determines an authorization decision based on the authorization request; and
rejecting, by the issuer system, the subsequent transaction associated with the authorization request based on determining the at least one payment account is in the high risk category and adjusting monitoring of the at least one payment account.
|