Abstract: A computer-implemented method includes: receiving an inquiry request message identifying a first payment transaction having a plurality of transaction parameters and a risk score, where the risk score is generated by a machine-learning model based on the plurality of transaction parameters; for each transaction parameter of the plurality of transaction parameters, perturbing a value of the transaction parameter and re-analyzing the first payment transaction with the machine-learning model to generate a perturbed risk score based on the perturbed transaction parameter; determining at least one impact parameter from the plurality of transaction parameters by comparing the perturbed risk scores generated for each of the plurality of transaction parameters; and generating an inquiry response message based on the at least one impact parameter.

Abstract: In various embodiments, techniques can be provided for identifying a user or group of users who initiated network traffic. The user or group of users may be identified as an employee who can be found in corporate or organizational directory. In some embodiments, different authentication mechanisms may be used for various types of network traffic. For example, by proxying instant messaging (IM) communications, a proxy server can know which users are associated with what network traffic. In another example, transparent and non-transparent mechanisms may be provided to authenticate HTTP URL traffic. For other types of traffic, such as non-proxied IM, P2P, and spyware, an existing authentication cache or credential cache may be used to identify the user who generated the traffic.