US 12,136,089 B2
Anomaly and fraud detection with fake event detection using pixel intensity testing
Jesper Lind, Bellevue, WA (US); and Suchitra Sundararaman, Bellevue, WA (US)
Assigned to SAP SE, Walldorf (DE)
Filed by SAP SE, Walldorf (DE)
Filed on Apr. 11, 2022, as Appl. No. 17/717,880.
Application 17/717,880 is a continuation of application No. 16/711,679, filed on Dec. 12, 2019, granted, now 11,308,492.
Claims priority of provisional application 62/870,512, filed on Jul. 3, 2019.
Prior Publication US 2022/0237606 A1, Jul. 28, 2022
Int. Cl. G06Q 40/00 (2023.01); G06F 18/24 (2023.01); G06F 40/284 (2020.01); G06N 3/02 (2006.01); G06N 3/08 (2023.01); G06N 20/00 (2019.01); G06Q 20/04 (2012.01); G06Q 20/38 (2012.01); G06Q 20/40 (2012.01); G06Q 40/12 (2023.01); G06T 7/00 (2017.01); G06T 7/73 (2017.01); G06V 30/224 (2022.01); G06V 30/413 (2022.01); G06V 30/414 (2022.01); G06V 30/418 (2022.01); G06F 16/2455 (2019.01)
CPC G06Q 20/40 (2013.01) [G06F 18/24 (2023.01); G06F 40/284 (2020.01); G06N 3/02 (2013.01); G06N 3/08 (2013.01); G06N 20/00 (2019.01); G06Q 20/045 (2013.01); G06Q 20/389 (2013.01); G06Q 20/4016 (2013.01); G06Q 40/12 (2013.12); G06T 7/0002 (2013.01); G06T 7/74 (2017.01); G06V 30/224 (2022.01); G06V 30/413 (2022.01); G06V 30/414 (2022.01); G06V 30/418 (2022.01); G06F 16/24564 (2019.01); G06T 2207/20061 (2013.01); G06T 2207/30176 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method for auditing financial documents for potential fraud using pixel intensity testing using one or more computers, wherein the one or more computers comprise at least one processor configured to receive images and process the images according to one or more pixel intensity algorithms for detecting or generating pixel-based features in each image, wherein the at least one processor is configured to perform operations comprising:
identifying a first corpus of valid reference images, wherein each of the valid reference images comprises an authentic image of an authentic financial document, wherein the authentic image was captured by a camera;
identifying a second corpus of fraudulent reference images, wherein each of the fraudulent reference images comprises a fraudulent image of an inauthentic financial document, wherein the fraudulent image comprises a programmatically generated document;
analyzing first pixel values of first pixels in the valid reference images in the first corpus to determine that at least one valid pixel-based pattern is included in pixels of at least a first threshold percentage of the valid reference images, wherein the valid pixel-based pattern comprises a first kurtosis metric, wherein a kurtosis metric for any given image describes a shape of a lower and/or upper tail of a histogram distribution of pixel intensity values in a uniform color region of the given image, wherein the uniform color region of the given image visually appears to be of a uniform color, wherein the shape of tails of the histogram distribution for the uniform color region of the given image is compared to an overall shape of the histogram distribution which may have one or more maximum spikes or peaks in pixel intensity values, wherein the kurtosis metric is generated by:
determining a count of the pixel intensity values in the uniform color region;
generating a histogram distribution of the counts of the pixel intensity values for the uniform color region of the given image; and
combining the counts of the tails of the histogram distribution relative to the rest of the histogram distribution to generate a combined count,
wherein a lower combined count indicates a higher distribution of pixel intensity values in the uniform color region which indicates a greater likelihood that the given image is an authentic financial document, and
wherein a higher combined count indicates a lack of a wide distribution in pixel intensity values in the uniform color region and a concentration of pixel intensity values in one or more maximum peaks in the histogram distribution indicates a greater likelihood that the given image is an inauthentic financial document;
analyzing second pixel values of second pixels in the fraudulent reference images in the second corpus to determine that at least one fraudulent pixel-based pattern is included in pixels of at least a second threshold percentage of the fraudulent reference images, wherein the fraudulent pixel-based pattern comprises a second kurtosis metric;
receiving a request to classify a first image;
analyzing third pixel values of third pixels included in the first image to determine at least one pixel-based pattern in the third pixels, wherein the pixel-based pattern comprises a third kurtosis metric;
determining whether the third kurtosis metric matches either a first kurtosis metric or a second kurtosis metric;
in response to determining that the third kurtosis metric matches the first kurtosis metric, increasing a first likelihood of classifying the first image as a valid image;
in response to determining that the third kurtosis metric matches the second kurtosis metric, increasing a second likelihood of classifying the first image as a fraudulent image; and
classifying the first image in response to the request as either a valid image or a fraudulent image based on the first likelihood and the second likelihood.