As the Internet matures, more people are interacting via networks, and the networks are becoming a platform for the exchange of information for many users. In networks, every user is a virtual user, and the actions of virtual users in the network reflect the relationships between users in the real world.
For example, in a social networking service (SNS), FIG. 1 is a schematic diagram illustrating SNS friends in a social network. If virtual user A and virtual user B have a friend, user C, in common, then users A and B are very likely or have a high likelihood of also being friends in the real world. In other words, user A is associated with user B.
In actual application, real associations among virtual users can be used for controlling risk of an online action of a user. For example, in an online transaction system, if fraud is detected on a part of a certain user during a transaction process, the user has already been added to a blacklist of malicious users, and other virtual users with whom this malicious user has real associations can be detected, the possibility of an act of fraud by one of the other virtual users is also very high. Thus, the other associated virtual users can be set as malicious users in advance, thereby preventing the occurrence of a transaction fraud.
In the above risk control process, the online transaction system generally uses device data or device fingerprints to analyze the real associations of virtual users. By collecting the device data (i.e., device fingerprints), such as a hard drive, a motherboard and other data that is capable of uniquely identifying a device, a determination can be made whether virtual users use the same physical device. For example, if two virtual users are determined to use one physical device, then an association could exist between these two virtual users.
The present system is limited as follows: associated users can only be determined with different virtual users use the same physical device; if the virtual users use different physical devices, even if they are associated users, the method described above is unable to detect an association between users. Therefore, the above method of analysis is too limited, is unable to detect the real associations of network virtual users accurately, and is therefore unable to identify malicious users accurately. Accordingly, the above method of analysis does not significantly minimize acts of network fraud.