Various examples are directed to systems and methods for visualizing computerized model decisions. A model system may access result data that comprises event results for a plurality of events and event feature data describing sets of event features. A first event result for a first event of the plurality of events is generated using the computerized model and a first set of event features from the event feature data. The model system may access importance score data comprising importance scores for at least a portion of the first set of event features, wherein a first event feature is assigned a first importance score and a second event feature is assigned a second importance score indicating a greater importance than the first importance score. The model system may also generate a user interface for display to a human user. The user interface may comprise a background area; a first visual indicator positioned on the background area and corresponding to the first event feature. A size of the first visual indicator may correspond to the first importance score. A second visual indicator may be positioned on the background area and corresponding to the second event feature. A size of the second visual indicator corresponds to the second importance score and is larger than the size of the first visual indicator. The model system may display the user interface at a display screen of a computing device.

A method for preventing transmission of malicious data may include receiving transaction data including at least one packet associated with a payment transaction; extracting at least one of network layer data or transport layer data from a header of the at least one packet; determining a first probability indicating that the at least one packet is in a first class based on the at least one of the network layer data or the transport layer data using a classifier. The method may also include determining a second probability indicating that the at least one packet is in a second class based on the at least one of the network layer data or the transport layer data using the classifier; and blocking the at least one packet. A system and a computer program product are also disclosed.

The present disclosure involves systems, software, and computer implemented methods for providing rapid approval of blockchain-based transactions. This includes approval of transactions prior to the transaction being written to the blockchain. A transaction system can register with a transaction manager, such as a cloud-based or cloud transaction manager, which can maintain a queue of pending transactions and provide approval for transactions in real-time or near real-time, while later verifying the pending transactions are written into the blockchain as expected. This allows the transaction system to securely confirm the transaction is approved prior to the transaction being written in the blockchain, based on a real-time or near real-time analysis of each customer's corresponding account and transactions.

An example method performed by a processing system obtaining a first port-in number for a first mobile device from a first mobile communications service provider, wherein the first port-in number is known to be involved in fraudulent activity, constructing a social graph of communications between the first port-in number and a plurality of other numbers associated with a plurality of other communications devices, identifying, by the processing system, a maximal subgraph of the social graph, wherein the maximal subgraph connects the first port-in number and a subset of the plurality of other numbers that includes those of the plurality of other numbers for which a usage metric is below a predefined threshold for a defined period of time prior to the first port-in number being ported into the first mobile communications service provider, and identifying, by the processing system, a potential fraud ring, based on the maximal subgraph.

A technique for remote access via a computing device is discussed. In one embodiment, a computing device receives data indicative of a card number associated with a bank-issued debit card. The debit card is associated with a bank account at a bank that issued the bank-issued debit card. The computing device also receives data indicative of an amount of cash to be deposited into the account based on an amount of cash provided at the computing device location. Encrypted data indicative of the card number and the data indicative of the amount of cash is routed to a gateway vendor server and is further routed to a payment network server for deposit of an amount corresponding to the data indicative of the amount of cash into the bank account associated with the card number.

Systems and methods of improving the operation of a transaction network and transaction network devices through use of a digital wallet fraud guard system are disclosed. A digital wallet fraud guard system may comprise various modules and engines, wherein the probability that a transaction is fraudulent may be evaluated for establishing better secured usage of transaction instruments. For instance, a triggered alert indication may visually indicate to an account user a fraud risk associated with a potential transaction prior to the exposure of the transaction instrument. In this manner, the transaction network more properly functions according to approved parameters by diminishing the risk of data loss and lessening the value of the transaction network as a target for fraud and thus network intrusions and disruptions.

Like many credit card payments, virtual card payments are subject to fraudulent transactions. To lower this possibility, data collected from a settlement transaction is stored including a merchant category code, a tax identification number, a merchant identification and an IP address of the processing terminal. Subsequent payments from the same payor to the same payee are verified against the previous settlement transaction data to minimize the possibility of fraud.

Computer-implemented methods and systems are provided for locally freezing a user account in a geographic or digital space. Consistent with disclosed embodiments, locally freezing a user account in a geographic or digital space includes receiving fraud data associated with the user account, the fraud data including a location where a fraud associated with the user account has occurred, wherein the fraud location includes at least one of a digital location or a geographical location; receiving account data associated with the user account, the account data including non-fraudulent account transaction information; generating a pattern of fraud based on the fraud data; generating a pattern of use associated with the user account based on the account data; determining a geodigital area for a localized account freeze based on the pattern of fraud and the pattern of use; and performing a localized account freeze on the user account based on the determined geodigital area.

A method of training a supervised machine learning system to detect anomalies within transaction data is described. The method includes obtaining a training set of data samples; assigning a label indicating an absence of an anomaly to unlabelled data samples in the training set; partitioning the data of the data samples in the training set into two feature sets, a first feature set representing observable features and a second feature set representing context features; generating synthetic data samples by combining features from the two feature sets that respectively relate to two different uniquely identifiable entities; assigning a label indicating a presence of an anomaly to the synthetic data samples; augmenting the training set with the synthetic data samples; and training a supervised machine learning system with the augmented training set and the assigned labels.

The present disclosure discloses a distributed consensus algorithm and apparatus for rapidly generating a block. The algorithm includes: broadcasting a new transaction to all nodes (S110); collecting, by each of the nodes, the new transaction into a block (S120); evaluating a trust value of each of the nodes to obtain an evaluation result (S130); selecting honest miners according to the evaluation result (S140); obtaining negotiation rules (S150); creating, by the honest miners, a new block according to the negotiation rules, and broadcasting the new block to all the nodes (S160); and when all transactions in the nodes are valid but do not take effect, receiving the new block and adding the new block to a blockchain (S170).