CN104967586B - A kind of user ID authentication method, apparatus and system - Google Patents
A kind of user ID authentication method, apparatus and system Download PDFInfo
- Publication number
- CN104967586B CN104967586B CN201410183173.1A CN201410183173A CN104967586B CN 104967586 B CN104967586 B CN 104967586B CN 201410183173 A CN201410183173 A CN 201410183173A CN 104967586 B CN104967586 B CN 104967586B
- Authority
- CN
- China
- Prior art keywords
- user
- electric terminal
- server
- information
- facility information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Abstract
The present invention relates to a kind of user authentication method, apparatus and system, the described method comprises the following steps:Figure check information is shown according to the first user instruction for being used to carry out scheduled operation of input, the figure check information includes default trigger element, and the trigger element is used to after figure check information is scanned by the second electric terminal trigger the facility information that second electric terminal makes it to server upload second electric terminal;From the server obtain the result, the result include be used for identify first electric terminal user whether be validated user information;Operation requests corresponding with first user instruction are sent to the server if being validated user if the user of first electric terminal, so that the server performs the scheduled operation.Above-mentioned method, apparatus and system improving security of the user when carrying out sensitive operation.
Description
Technical field
The present invention relates to subscriber authentication technology, more particularly to a kind of user ID authentication method, apparatus and system.
Background technology
With the development of network technology, the increasing behavior transfer of people is carried out on network, such as online payment, network
Game, matchmaker etc., therefore network account becomes more and more important.And malicious user steals user account number and close using wooden horse
Code, has obtained the critical data of user, it is possible to which the user that disguises oneself as, which performs some, can make a profit or damage the sensitivity of user benefit
Important operation, such as paid the bill by Web bank, transfer accounts steal the property of user, steal ideal money, transfer game article, look into
See or delete important information data etc..Therefore, the security for how lifting user when carrying out these sensitive operations just turns into net
Network system has to the content considered.
The content of the invention
In view of this, the embodiment of the present invention provides a kind of user authentication method, apparatus and system, and it can lift user and enter
Security during row sensitive operation.
A kind of user ID authentication method, available in the first electric terminal, it comprises the following steps:
Figure check information, the figure verification are shown according to the first user instruction for being used to carry out scheduled operation of input
Packet contains default trigger element, and the trigger element is used for after the figure check information is scanned by the second electric terminal
Triggering second electric terminal makes it upload the facility information of second electric terminal to server;
From the server obtain the result, the result show first electric terminal user whether be
Validated user, wherein when the facility information of the user account number and second electric terminal of first electric terminal matches
When, the user of first electric terminal is validated user;
Send to the server if being validated user if the user of first electric terminal and refer to first user
Operation requests corresponding to order, so that the server performs the scheduled operation.
A kind of user ID authentication method, available in the second electric terminal, comprise the following steps:
The instruction inputted according to user starts predetermined graph scanning application program;
Scan the figure check information shown in the first electric terminal;
Parse the figure check information and judge whether include default trigger element in the figure check information;
Setting for second electric terminal is obtained if the default trigger element is included in the figure check information
Standby information;And
The facility information is uploaded in the server pointed by the figure check information, so that the server is sentenced
Whether the facility information that disconnected second electric terminal uploads matches with the user of first electric terminal.
A kind of user ID authentication method, it comprises the following steps:
First electric terminal shows figure check information according to the first user instruction for being used to carry out scheduled operation of input,
The figure check information includes default trigger element;
Second electric terminal scans the figure check information after second user instruction is detected, parses the figure school
Test information and detected the facility information of second electric terminal in the figure check information after the trigger element
It is uploaded to the server pointed by the figure check information;
The server judges whether the facility information matches with the user account number of first electric terminal, if
Then the server judges the user of first electric terminal for validated user, and the result is back into first electricity
Sub- terminal;
First electric terminal is sent to the server if being validated user if the user of first electric terminal
Operation requests corresponding with first user instruction, so that the server performs the scheduled operation.
A kind of subscriber authentication device, in the first electric terminal, it to include:
Display module, for showing figure verification letter according to the first user instruction for being used to carry out scheduled operation of input
Breath, the figure check information include default trigger element, the trigger element in the figure check information by the
Second electric terminal is triggered after the scanning of two electric terminals makes it upload the equipment letter of second electric terminal to server
Breath;
Acquisition module, for obtaining the result from the server, the result is used to show first electricity
Whether the user of sub- terminal is validated user, wherein user account number and second electric terminal when first electric terminal
Facility information when matching, the user of first electric terminal is validated user;
Request module, for if the user of first electric terminal for validated user if sent to the server and institute
Operation requests corresponding to the first user instruction are stated, so that the server performs the scheduled operation.
A kind of subscriber authentication device, in the second electric terminal, it to include:
Starting module, the instruction for being inputted according to user start predetermined graph scanning application program;
Scan module, for scanning the figure check information shown in the first electric terminal;
Parsing module, for parsing the figure check information and whether judging in the figure check information comprising default
Trigger element;
Acquisition module, for obtaining described second if the default trigger element is included in the figure check information
The facility information of electric terminal;And
Uploading module, for the facility information to be uploaded in the server pointed by the figure check information so that
The server judge facility information that second electric terminal uploads and first electric terminal user account number whether
Matching.
A kind of subscriber identity authentication system, it includes:First electric terminal, the second electric terminal and server;
First electric terminal shows figure check information according to the first user instruction for being used to carry out scheduled operation of input,
The figure check information includes default trigger element;
Second electric terminal scans the figure check information after second user instruction is detected, parses the figure school
Test information and detected the facility information of second electric terminal in the figure check information after the trigger element
It is uploaded to the server pointed by the figure check information;
The server judges whether the facility information matches with the user account number of first electric terminal, if
It is that then the user of the first electric terminal described in the server authentication is validated user, and the result is back to described
One electric terminal;
First electric terminal is sent to the server if being validated user if the user of first electric terminal
Operation requests corresponding with first user instruction, so that the server performs the scheduled operation.
According to above-mentioned scheme, when user carries out sensitive operation in addition to normal user's checking flow, also by upper
The electric terminal whether user that the facility information checking of biography currently logs in controls some to bind in advance, due to general account number and electricity
The possibility that sub- terminal is stolen simultaneously is very low, therefore uses such scheme to carry out sensitive operation with significant increase user
When security.
For the above and other objects, features and advantages of the present invention can be become apparent, preferred embodiment cited below particularly,
And coordinate institute's accompanying drawings, it is described in detail below.
Brief description of the drawings
Fig. 1 is the configuration diagram for the subscriber authentication system that first embodiment provides.
Fig. 2 is the module map for the subscriber authentication system that first embodiment provides.
Fig. 3 is the interaction timing diagram for the subscriber authentication system that first embodiment provides.
Fig. 4 be first embodiment subscriber authentication system in the first electric terminal interface schematic diagram.
Fig. 5 be first embodiment subscriber authentication system in the second electric terminal interface schematic diagram.
Fig. 6 be first embodiment subscriber authentication system in the first electric terminal another interface schematic diagram.
Fig. 7 be first embodiment subscriber authentication system in the first electric terminal another interface schematic diagram.
Fig. 8 is the interaction timing diagram for the subscriber authentication system that second embodiment provides.
Fig. 9 be second embodiment subscriber authentication system in the second electric terminal interface schematic diagram.
Figure 10 is the interaction timing diagram for the subscriber authentication system that 3rd embodiment provides.
Figure 11 is the interaction timing diagram for the subscriber authentication system that fourth embodiment provides.
Figure 12 is the flow chart for the user authentication method that the 5th embodiment provides.
Figure 13 is the flow chart for the user authentication method that sixth embodiment provides.
Figure 14 is a kind of structured flowchart for user authentication device that the 7th embodiment provides.
Figure 15 is the flow chart for the user authentication method that the 8th embodiment provides.
Figure 16 is the structured flowchart for the user authentication device that the 9th embodiment provides.
Figure 17 is the flow chart for the user authentication method that the tenth embodiment provides.
Figure 18 is the flow chart for the user authentication method that 11 embodiments provide.
Figure 19 is the flow chart for the user authentication method that the 12nd embodiment provides.
Embodiment
Further to illustrate that the present invention is to realize technological means and effect that predetermined goal of the invention taken, below in conjunction with
Accompanying drawing and preferred embodiment, to embodiment, structure, feature and its effect according to the present invention, describe in detail as after.
Refering to Fig. 1, first embodiment provides a kind of subscriber authentication system 100, and it includes:Web page server 12, equipment letter
Cease management server 14, Authentication server 16, the first electric terminal 22 and the second electric terminal 24.
Web page server 12, equipment information management server 14, Authentication server 16 are servers, and it can be respectively
The computer being deployed on network, for intercepting client (such as the first electric terminal 22 and the second electric terminal 24) according to predetermined
The network request that sends of agreement, parse these network requests, and corresponding data processing is further completed according to network request,
Then result is returned into client.
First electric terminal 22 and the second electric terminal 24 are terminal device, and its instantiation is including but not limited to desk-top
Computer, notebook computer, tablet personal computer (the including but not limited to iPad of Apple Inc. and other operations Apple Inc. IOS
The touch-screen equipment of operating system, the touch-screen equipment and operation Google Android of operation Microsoft Windows operating system
The touch-screen equipment of operating system), mobile phone, smart mobile phone (including but not limited to Apple Inc.'s IOS,
Windows Mobile operating systems, black mould operating system, fill in spot operating system smart mobile phone), E-book reader, operation appoint
The car-mounted terminal and wearable electronic terminal of aforementioned operation system of anticipating or other operating systems (including but not limited to intelligence
Energy glasses, wrist-watch, bracelet, wrist strap and other ornaments).
Although web page server 12, equipment information management server 14, Authentication server 16, the first electric terminal
22 and second electric terminal 24 can have different physical structures, but it may each comprise memory, processor or similar
Element.
Memory can be used for storage software program and module, and processor is stored in the software journey in memory by operation
Sequence and module, so as to perform various function application and data processing.The module for example refers to the collection of instruction or code
Close, predetermined data processing can be carried out after being executed by processor to realize predetermined function.
Memory may include high speed random access memory, may also include nonvolatile memory, such as one or more magnetic
Storage device, flash memory or other non-volatile solid state memories.In some instances, memory can further comprise relatively
In the remotely located memory of processor, these remote memories can pass through network connection to above-mentioned server or electronics
Terminal.The example of above-mentioned network includes but is not limited to internet, intranet, LAN, mobile radio communication and combinations thereof.
Further, refering to Fig. 2, it is the server and the mould of electric terminal involved by the subscriber authentication system of the present embodiment
Block schematic diagram.As shown in Fig. 2 web page server 12 includes web server module 122, it is used to receive from other equipment
Web-page requests, the code according to corresponding to performing the network address that net request is specified, carry out data calculating and/or number is read from database
According to the data that will be exported are packaged into the form such as html format suitable for being parsed by browser, then will meet the number of form
According to returning to client.In a representative instance, web server module 122 may include a http protocol server end,
The script operated on this http protocol server end explains performing environment and for by script performing environment
Explain and perform so as to completing the dynamic script of specific data processing.
Above-mentioned http protocol server end for example may include Apache's (Apache) HTTP server program or Microsoft
The Internet Information Service (Internet Information Service, IIS) of company.The example bag of above-mentioned script
Include but be not limited to such as hypertext word processing device (Hypertext Preprocessor, PHP), Active Server Pages
(Active Server Page, ASP), the java server page (Java Server Page, JSP) and Python.At this
In embodiment, above-mentioned script may include for generate one can allow user modify account number cipher webpage script.
In addition, as described above, above-mentioned web server module 122 can also use ASIC
(Application Specific Integrated Circuit, ASIC), field programmable gate array (field
Programmable gate array, FPGA) etc. hardware mode realize.
Equipment information management server 14 includes equipment information management module 142, equipment information management module 142 and webpage
Server module 122 is similar, such as may comprise http protocol server end, operates on this http protocol server end
Script explains performing environment, is in place of its difference, its specific execution script is different.Equipment information management module
Script in 142 is the facility information uploaded for receiving client, and the facility information received is submitted into authentication
Server 16 is verified.
Authentication server 16 includes authentication module 162, equipment information management module 142 and web page server mould
Block 122 is similar, such as may comprise http protocol server end, the script operated on this http protocol server end
Performing environment is explained, is in place of its difference, its specific execution script is different.Script in authentication module 162
It is the facility information for receiving the submission of web server module 122, whether checking facility information matches with account, and will
The result returns to client (such as electric terminal 22 of web page server 12 or first).
First electric terminal 22 includes browsing module 222.In one embodiment, browsing module 222 is for browsing webpage
Browser application.Its instantiation includes but is not limited to:IE browser (Internet Explorer), red fox browse
Device (Firefox), Chrome browsers, Safari browsers etc..Certain browsing module 222 is not limited to as browser, and it can
For other any form of application programs, such as the embedded application program of operating system, the original that runs directly in operating system
Give birth to application program and the insertion application program operated on some application framework etc..Browsing module 222 is used for webpage
Server 12 sends network request and corresponds to the web page contents of some network address to obtain, and parses the webpage that receives and webpage is defeated
Go out so that user checks.In addition, when browsing module 222 is native applications program, its content shown can also be deposits in advance
Storage, and need not be asked to web page server 12.
Second electric terminal 24 includes image scanning module 242.Image scanning module 242 is an application program or one
Some functional module of individual application program, it is used to shoot picture by the camera of the second electric terminal 24, according to predetermined association
Discuss the picture of (such as Quick Response Code agreement) parsing shooting, the function according to corresponding to performing the result of parsing, for example, detecting one
During predetermined trigger module, the hardware information of the second electric terminal 24 is collected, being uploaded to predetermined server, (such as equipment is believed
Cease management server 16).
Further, refering to Fig. 3, it is the interaction timing diagram of the subscriber authentication system of the present embodiment.First, user passes through
Browsing module 222 loads webpage from web page server 12.Refering to Fig. 4, it is the webpage schematic diagram shown in an embodiment,
Webpage include link or button 101, shown after link or button 101 are clicked figure check information 102 and
Prompt message 103.Figure check information 102 for example can be two-dimension code image.The content of prompt message 103 can be that prompting user opens
Corresponding image scanning application program is opened to scan the figure check information 102 of display.It may include to work as in figure check information 102
Before the user account number and trigger element that log in.Trigger element herein for example refers to predetermined character string (such as network address or life
Make word).
Refering to Fig. 5, it is the interface schematic diagram of image scanning module 242 in an embodiment.Image scanning module 242
Shown on a display screen by the image shot by camera of the second electric terminal 24, and by image, while image scanning module 242 is also
The image of shooting is decoded according to predetermined agreement (such as Quick Response Code agreement), and whether detected in decoded result including predetermined
Trigger element.After trigger element is detected, image scanning module 242 also collects the equipment letter of the second electric terminal 24
Breath.Facility information includes, but is not limited to, the international mobile equipment identification number (International of the second electric terminal 24
Mobile Station Equipment Identity, IMEI), installation application program unique identifier, other hardware
The unique identifier of (such as flash memory).As long as the facility information can be used to uniquely distinguish different terminals.Collecting
After facility information, the information such as facility information, above-mentioned user account number can be uploaded to equipment information management by image scanning module 242
Server 14.
Specifically, the facility information that image scanning module 242 uploads is handled by equipment information management module 262, equipment
Information management module 262 can generate checking request according to facility information and user account number, and checking request is sent to identity
Authentication server 16.
Authentication module 162 therefrom parses user account number and facility information after checking request is received, and tests
Whether card user account number matches with facility information.For example, in one embodiment, setting for binding can be inquired about according to user account number
Standby information, and whether the facility information that comparison query arrives is consistent with the facility information that information management module 262 is sent;If consistent
Illustrate that the user for sending the first user instruction is controlling the second electric terminal 24, the user of first electric terminal 22 is legal use
Family;Otherwise, the user for sending the first user instruction and the control without the second electric terminal 24, the first electric terminal are illustrated
22 user is disabled user.
In addition, authentication module 162 is not restricted to verify whether facility information matches, for example, can also carry out close
Code checking, key authentication.
When being verified, i.e., it is clear can to will confirm that message is sent to for authentication module 162 when user is validated user
Look at module 222.In one embodiment, browsing module 222, can be to Authentication server 16 after two-dimensional code display 102
Inquiry request is sent to obtain the result.The inquiry request that authentication module 162 is sent according to browsing module 222 is returned and tested
Result is demonstrate,proved to browsing module 222.
If the result shows that user is validated user, browsing module 222 shows password modification circle as shown in Figure 6
Face, user can input new password, and after button 104 is clicked (i.e. user inputs the 3rd user instruction), browsing module 222 will
Password, new password and the identifying code of user's input are sent to web page server 12 and verified.If being verified, webpage clothes
The new password of business device 12 updatable data library storage user setting.
If the result shows that user is disabled user, browsing module 222 can show prompt message as shown in Figure 7,
Refuse user's Modify password.
Although being illustrated above by taking Modify password as an example, the present embodiment is not limited to carry out password modification.For example, work as
Similar authentication mechanism can be used when user carries out some sensitive operations.Above-mentioned sensitive operation may include to influence to use
The operation of family account number security such as increase/the close guarantor's problem of deletion, binding/unbinds mobile device or dynamic cipher device.Sensitivity behaviour
The operation for the assets processing for being related to user's virtual assets or accounts of finance be may also include as transferred accounts, buying, transactional operation.
It is also logical when user carries out sensitive operation in addition to normal user's checking flow according to the scheme of the present embodiment
The electric terminal whether user that the facility information checking uploaded currently logs in controls some to bind in advance is crossed, due to general account number
The possibility being stolen simultaneously with electric terminal is very low, therefore uses the method for the present embodiment to enter with significant increase user
Security during row sensitive operation.
In addition, specific verification process can also be changed on the basis of above-described embodiment.Refering to Fig. 8, it is
The interaction timing diagram of subscriber authentication system in two embodiments.Shown in the interaction flow and Fig. 3 of the subscriber authentication system of the present embodiment
Part is similar, is in place of its main difference, after authentication module 162 is verified, confirmation message is not directly to send out
Browsing module 222 is given, and is destined to image scanning module 242.Disappear in the confirmation for receiving the transmission of authentication module 162
After breath, image scanning module 242 shows interface as shown in Figure 9, and it includes two ACK buttons 105 and refusal button 106,
(i.e. user inputs fourth user instruction) can send the logical of user's confirmation to browsing module 222 after ACK button 105 is clicked
Know message;The notification message of user's refusal can be sent to browsing module 222 after refusal button 106 is clicked.It is appreciated that by
May it be joined directly together in the first electric terminal 22 and the second electric terminal 24, image scanning module 242 is to browsing module 222
Notification message, which may need to realize by third-party server, to be forwarded.For example, user is confirmed or refused by image scanning module 242
Exhausted message is sent to web page server 12, and web page server 12 can return to user really according to the request of browsing module 222
Recognize result, or the confirmation result of user is actively pushed to browsing module 222.Certainly, the message that user confirms or refused
Other servers can also be destined to, as long as this notification message can reach browsing module 222.
If browsing module 222 receives the notification message for representing user's confirmation, browsing module 222 is shown as shown in Figure 6
Password modification interface, change process to carry out follow-up password.If browsing module 222 receives the notice for representing user's refusal
Message, then browsing module 222 can show prompt message interface as shown in Figure 7, prompt user's checking not by the way that refusal modification is close
Code.
According to the present embodiment, the verification step in the second electric terminal 24 is added, it is possible to prevente effectively from malicious user
Quick Response Code phishing attack is carried out, further improves the security of authentication procedures.
Refering to Figure 10, it is the interaction timing diagram of the subscriber authentication system of 3rd embodiment.The user's checking of the present embodiment
The interaction flow of system is similar to part shown in Fig. 3, is in place of its main difference, the equipment that image scanning module 242 gathers
Information is not destined to equipment information management server 14, but is transmitted directly to Authentication server 16.That is,
Equipment information management module 142 can also be deployed in same server with authentication module.
In addition, after the verification operation that authentication module 162 completes whether facility information matches with user account number, checking
As a result it is sent to web server module 122.Web server module 122 can be stored after the result is received,
And return to the result after the inquiry request of the transmission of browsing module 222 is received.If being verified, i.e., user is legal use
Family, then browsing module 222 show that interface as shown in Figure 6 allows user to be operated accordingly, otherwise;Browsing module 222 is aobvious
Show announcement interface as shown in Figure 7, forbid user to be operated accordingly.
According to the present embodiment, equipment information management module 142 and authentication module are deployed in same server, can be with
The quantity of network request in authentication process itself is reduced, reduces the proving time.
Refering to Figure 11, it is the interaction timing diagram of the subscriber authentication system of fourth embodiment.The user's checking of the present embodiment
The interaction flow of system is similar to part shown in Figure 10, and its difference essentially consists in, after the first user instruction is detected,
Browsing module 222 shows password modification interface as shown in Figure 6, and user can input the letter such as Old Password, new password and identifying code
Breath.Browsing module 222 can be generated according to information such as Old Password, new password and identifying codes after the 3rd user instruction is received and tested
Card request, and checking request is sent to web server module 122.
Web server module 122 verifies whether the Old Password of user's input is identical with the user cipher to prestore, and will test
Card result returns to browsing module 222.If being verified, browsing module 222 shows interface as shown in Figure 4, prompts user
Start the Quick Response Code that image scanning module 242 scans display;Otherwise, browsing module 222 can show the prompting of password authentification mistake
Information.
Image scanning module 242 collects the second electronics end after detecting that two-dimension code image includes predetermined trigger element
The facility information at end 24, and the information such as account number that the facility information of collection, the first electric terminal are currently logged in is sent to identity
Authentication module 162 is verified.
Authentication module 162 transmits verification result to web server module 122 after completing to verify.If checking knot
Fruit shows to be verified, then performs corresponding operation, i.e., the new password inputted according to user updates the data storehouse and repaiied with completing password
Change operation.If the result shows checking not by showing interface as shown in Figure 5, prompting user's checking not pass through.
According to the present embodiment, after authentication module 162 authenticates to user as validated user, make web page server 122
Directly perform predetermined operation, it is possible to reduce the number of user input instruction, the convenience of lifting operation.
Under a concrete application scene, the first above-mentioned electric terminal 22 is desktop computer or notebook computer, clear
Module 222 of looking at is browser, and the second electric terminal 24 is smart mobile phone, and image scanning module 242 should to be embedded in instant messaging
With the image scanning module in program (such as wechat or mobile phone QQ).Therefore, according to the description of the various embodiments described above, when user will
When password or other sensitive operations of modifying in a browser, browser two-dimensional code display picture, and disclose user's unlatching
Mobile phone QQ or wechat are scanned.When detecting that Quick Response Code includes predetermined trigger element (such as predetermined network address), open
Dynamic facility information collects process, collects the facility information such as international mobile equipment identity number of the second electric terminal 24, and by international mobile equipment identity number and clear
Look in device and currently login the user account number of web page server 12 and be sent to Authentication server 16 and verified.Pass through and compare
Whether whether the international mobile equipment identity number matching judgment user bound with user account number is validated user to international mobile equipment identity number.If user is legal use
Family then pushes the result by wechat/QQ server to the second electric terminal 24.Correspondingly, in the second electric terminal 24
Wechat or mobile phone QQ client applications show confirmation interface as shown in Figure 9.After user confirms, by user's confirmation letter
Breath is sent to web server module 122.
Browser to web server module 122 by sending whether requesting query user is validated user, if so, then showing
Show that interface as shown in Figure 6 carries out password modification operation;Otherwise, show that interface prompt user's checking as shown in Figure 7 does not pass through.
According to this user's checking flow, whether the user that can currently carry out account number sensitive operation really is legal use
Family, lift account number security.
Refering to Figure 12, it is the flow chart for the user authentication method that the 5th embodiment provides.The method of the present embodiment is for example
It can be applied in the first electric terminal 22 shown in Fig. 1.Refering to Figure 12, the described method comprises the following steps:
Step S101, figure check information is shown according to the first user instruction for being used to carry out scheduled operation of input.
In one embodiment, one webpage or sheet from server loading of display is also included before step S101
The step of ground Application Program Interface.Described webpage or Application Program Interface includes carrying out scheduled operation (such as changing close
Code) entrance.Entrance herein is the object that link, button etc. can arbitrarily receive the first user instruction.And the first user instruction
It may include:Click, touch, slip, voice command, space gesture and its any combination.Can after the first user instruction is detected
Show figure check information.
Refering to Fig. 4, in one embodiment, webpage includes link or button 101, in link or button 101
Figure check information 102 and prompt message 103 are shown after being clicked.Figure check information 102 for example can be Quick Response Code figure
Piece.The content of prompt message 103 can be that prompting user opens corresponding image scanning application program to scan the figure school of display
Test information 102.It may include the user account number and trigger element currently logged in figure check information 102.Triggering list herein
Member for example refers to predetermined character string (such as network address or command word).
Behind the interface shown in display Fig. 4, user can open the image scanning module 242 in the second electric terminal 24.
Refering to Fig. 5, it is the interface schematic diagram of image scanning module 242 in an embodiment.Image scanning module 242 passes through second
The image shot by camera of electric terminal 24, and image is shown on a display screen, while image scanning module 242 is according further to predetermined
Agreement (such as Quick Response Code agreement) image of shooting is decoded, and detect in decoded result whether include predetermined triggering list
Member.After trigger element is detected, image scanning module 242 also collects the facility information of the second electric terminal 24.Equipment is believed
Breath includes, but is not limited to, international mobile equipment identification number (the International Mobile of the second electric terminal 24
Station Equipment Identity, IMEI), installation application program unique identifier, other hardware (such as flash memory)
Unique identifier etc..As long as the facility information can be used to uniquely distinguish different terminals.Collecting facility information
Afterwards, the information such as facility information, above-mentioned user account number can be uploaded onto the server and be tested with carrying out identity by image scanning module 242
Card.
Step S102, the result is obtained from the server, the result includes being used to identify first electricity
The user of sub- terminal whether be validated user information.
Server parses user account number and facility information after checking request is received, and whether verifies user account number
Matched with facility information.For example, in one embodiment, the facility information of binding can be inquired about according to user account number, and compare
Whether the facility information inquired is consistent with the facility information sent in step S101;The first electric terminal is represented if consistent
User is validated user;Otherwise, the user for illustrating the first electric terminal is disabled user.
After step S101, the first electric terminal 22 can send inquiry request to obtain the result to server.And take
Being engaged in device can be according to the inquiry request of the first electric terminal 22 return the result.Certainly, server can also active push checking
As a result to the first electric terminal 22.
Step S103, sent and described the to the server if being validated user if the user of first electric terminal
Operation requests corresponding to one user instruction, so that the server performs the scheduled operation.
If the result shows that user is validated user, the first electric terminal 22 shows password modification as shown in Figure 6
Interface, user can input new password, and after button 104 is clicked (i.e. user inputs the 3rd user instruction), the first electronics is whole
Password, new password and the identifying code of user's input are sent to server and verified by end 22.If being verified, server
The new password of updatable data library storage user setting.
If the result shows that user is disabled user, the first electric terminal 22 can show prompting letter as shown in Figure 7
Breath, refuse user's Modify password.
It is also logical when user carries out sensitive operation in addition to normal user's checking flow according to the scheme of the present embodiment
The electric terminal whether user that the facility information checking uploaded currently logs in controls some to bind in advance is crossed, due to general account number
The possibility being stolen simultaneously with electric terminal is very low, therefore uses the scheme of the present embodiment to enter with significant increase user
Security during row sensitive operation.
Refering to Figure 13, it is the flow chart that sixth embodiment provides.The method of the present embodiment for example can be applied to shown in Fig. 1
The first electric terminal 22 in.Refering to Figure 13, the described method comprises the following steps:
Step S201, two-dimensional code display.
Refering to Fig. 4, i.e. two-dimensional code display scans for the second electric terminal 24 after button 101 is clicked.
Step S202, wait the result.
After step S201, you can send inquiry request to server to obtain the result and wait result to be returned.
Step S203, judgement are verified whether by the way that is, whether the active user of the first electric terminal 22 is validated user;If
It is then to perform step S204;Otherwise step S205 is performed.
Step S204, Modify password.
For example, display Fig. 6 shown in interface, receive user input information, and by the information of input submit to server with
Modify Password Operations.
Step S205, display information.
For example, interface shown in display Fig. 7, prompts user's checking not pass through.User can initiate password modification operation again,
Restart to carry out user's checking flow.
Refering to Figure 14, it is the structured flowchart for the user authentication device that the 7th embodiment provides.The device example of the present embodiment
As can be applied in the first electric terminal 22 shown in Fig. 1.Refering to Figure 14, described device includes:Display module 110, obtain mould
Block 120, receiving module 130, request module 140 and reminding module 150.
Display module 110 is used to show figure verification letter according to the first user instruction for being used to carry out scheduled operation of input
Breath, the figure check information include default trigger element, the trigger element in the figure check information by the
Second electric terminal is triggered after the scanning of two electric terminals makes it upload the equipment letter of second electric terminal to server
Breath;
Acquisition module 120 is used to obtain the result from the server, and the result includes described for identifying
The user of first electric terminal whether be validated user information.
If the user that receiving module 130 is used for first electric terminal is the letter that validated user also receives user's input
Breath, and the information that the user is inputted is included in the request, so that the letter that the server inputs according to the user
Breath performs the scheduled operation.
Request module 140 be used for if first electric terminal user be validated user if to the server send with
Operation requests corresponding to first user instruction, so that the server performs the scheduled operation.
Reminding module 150 is used for be disabled user if the user of first electric terminal if show for representing that user tests
Demonstrate,prove the prompt message of failure.
It is also logical when user carries out sensitive operation in addition to normal user's checking flow according to the scheme of the present embodiment
The electric terminal whether user that the facility information checking uploaded currently logs in controls some to bind in advance is crossed, due to general account number
The possibility being stolen simultaneously with electric terminal is very low, therefore uses the scheme of the present embodiment to enter with significant increase user
Security during row sensitive operation.
Refering to Figure 15, it is the flow chart for the user ID authentication method that the 8th embodiment provides.The method of the present embodiment
Such as it can be applied in the second electric terminal 24 shown in Fig. 1.Refering to Figure 15, the described method comprises the following steps:
S601, the instruction inputted according to user start predetermined graph scanning application program.
It is appreciated that in general graph scanning application program can only be parsed in Quick Response Code according to general Quick Response Code agreement
The content included.And as described above, according to the scheme in above-described embodiment, figure check information to be scanned includes predetermined
Trigger element.In response to trigger element, it is necessary to which two difficult code scanning application programs can identify these trigger elements.Namely
Say, Quick Response Code application program needs to change to add the function of identification trigger element.In some embodiments, above-mentioned figure
It is the Response Code scan module being embedded in other applications (such as instant messaging application program QQ, wechat) to scan application program
(" sweep and sweep " function in such as wechat).
The figure check information that S602, scanning are shown in the first electric terminal.
User operates operable second electric terminal, and alignment is shown in the figure check information in the first electric terminal, and
The result prompting for waiting graph scanning application prompts to scan successfully or fail.
Whether S603, the parsing figure check information simultaneously judge single comprising default triggering in the figure check information
Member.
After successfully image in 2 D code is obtained, graph scanning application program can be according to general Quick Response Code protocol analysis in it
Hold, and determine whether include default trigger element (such as specific character string) in it.
S604, obtain second electric terminal if the default trigger element is included in the figure check information
Facility information.
If including default trigger element in figure check information, the facility information triggered in the second electric terminal obtains
Modulus block, collect the facility information (such as international mobile equipment identity number) of the second electric terminal.
S605, the facility information is uploaded in the server pointed by the figure check information.
The network address for uploading facility information can directly be included in figure check information, now can be directly from from the figure
The first network address is parsed in shape check information and institute is committed to using predetermined procotol using the facility information as parameter
State the first network address.
In another embodiment, can be prestored in the second electric terminal one associated with trigger element second
Network address, now, can direct depositing from the second electric terminal when detecting default trigger element in figure check information
Second network address is directly read in reservoir, and institute is committed to using predetermined procotol using the facility information as parameter
State the second network address.
In addition, the facility information uploaded to enable the server to identification is the verification operation for which user, may be used also
One is parsed from the figure check information to be used to identify the figure check information or first electric terminal
The identifier of active user, and the identifier and the facility information are uploaded in the server in the lump.
According to the method for the present embodiment, when detecting that Quick Response Code includes default trigger element, active collection equipment
Information is simultaneously uploaded onto the server, and available for carrying out whether checking user is validated user, one is being carried out so as to lift user
Security when a little authorities are than more sensitive operation.
Refering to Figure 16, it is the structured flowchart for the user authentication device that the 9th embodiment provides.The device example of the present embodiment
As can be applied in the first electric terminal 24 shown in Fig. 2.Refering to Figure 16, described device includes:Starting module 210, scanning mould
Block 220, parsing module 230, acquisition module 240 and uploading module 250.
The instruction that starting module 210 is used to be inputted according to user starts predetermined graph scanning application program.
It is appreciated that in general graph scanning application program can only be parsed in Quick Response Code according to general Quick Response Code agreement
The content included.And as described above, according to the scheme in above-described embodiment, figure check information to be scanned includes predetermined
Trigger element.In response to trigger element, it is necessary to which two difficult code scanning application programs can identify these trigger elements.Namely
Say, Quick Response Code application program needs to change to add the function of identification trigger element.In some embodiments, above-mentioned figure
It is the Response Code scan module being embedded in other applications (such as instant messaging application program QQ, wechat) to scan application program
(" sweep and sweep " function in such as wechat).
Scan module 220 is used to scan the figure check information shown in the first electric terminal.
User operates operable second electric terminal, and alignment is shown in the figure check information in the first electric terminal, and
The result prompting for waiting graph scanning application prompts to scan successfully or fail.
Whether parsing module 230 is used to parse the figure check information and judges in the check information comprising default
Trigger element.
User operates operable second electric terminal, and alignment is shown in the figure check information in the first electric terminal, and
The result prompting for waiting graph scanning application prompts to scan successfully or fail.
Acquisition module 240 is used to obtain described the if the default trigger element is included in the figure check information
The facility information of two electric terminals.
If including default trigger element in figure check information, the facility information triggered in the second electric terminal obtains
Modulus block, collect the facility information (such as international mobile equipment identity number) of the second electric terminal.
Uploading module 250 is used to the facility information being uploaded in the server pointed by the figure check information.
The network address for uploading facility information can directly be included in figure check information, now can be directly from from the figure
The first network address is parsed in shape check information and institute is committed to using predetermined procotol using the facility information as parameter
State the first network address.
In another embodiment, can be prestored in the second electric terminal one associated with trigger element second
Network address, now, can direct depositing from the second electric terminal when detecting default trigger element in figure check information
Second network address is directly read in reservoir, and institute is committed to using predetermined procotol using the facility information as parameter
State the second network address.
In addition, the facility information uploaded to enable the server to identification is the verification operation for which user, it is described
Parsing module can also parse one from the figure check information and be used to identify the figure check information or described the
The identifier of the active user of one electric terminal, the uploading module also upload the identifier and the facility information in the lump
Into the server.
According to the method for the present embodiment, when detecting that Quick Response Code includes default trigger element, active collection equipment
Information is simultaneously uploaded onto the server, and available for carrying out whether checking user is validated user, one is being carried out so as to lift user
Security when a little authorities are than more sensitive operation.
Refering to Figure 17, it is the flow chart for the user authentication method that the tenth embodiment provides.The method of the present embodiment includes
Following steps:
Step S301, the first electric terminal shows figure according to the first user instruction for being used to carry out scheduled operation of input
Check information, the figure check information include default trigger element.
Refering to Fig. 4, in one embodiment, the first electric terminal 22 loads from server and shows a webpage, net
Page includes link or button 101, and be clicked (the first user instruction) in link or button 101 shows figure verification letter afterwards
Breath 102 and prompt message 103.Figure check information 102 for example can be two-dimension code image.The content of prompt message 103 can be
Prompting user opens corresponding image scanning application program to scan the figure check information 102 of display.Figure check information 102
In may include the user account number and trigger element that currently log in.Trigger element herein for example refers to predetermined character string (such as
Network address or command word).
Step S302, the second electric terminal scans the figure check information after second user instruction is detected and examined
The facility information of second electric terminal is uploaded onto the server after measuring the trigger element.
Behind the interface shown in display Fig. 4, user can open the image scanning module 242 in the second electric terminal 24.
Refering to Fig. 5, it is the interface schematic diagram of image scanning module 242 in an embodiment.Image scanning module 242 passes through second
The image shot by camera of electric terminal 24, and image is shown on a display screen, while image scanning module 242 is according further to predetermined
Agreement (such as Quick Response Code agreement) image of shooting is decoded, and detect in decoded result whether include predetermined triggering list
Member.After trigger element is detected, image scanning module 242 also collects the facility information of the second electric terminal 24.Equipment is believed
Breath includes, but is not limited to, international mobile equipment identification number (the International Mobile of the second electric terminal 24
Station Equipment Identity, IMEI), installation application program unique identifier, other hardware (such as flash memory)
Unique identifier etc..As long as the facility information can be used to uniquely distinguish different terminals.Collecting facility information
Afterwards, the information such as facility information, above-mentioned user account number can be uploaded onto the server and be tested with carrying out identity by image scanning module 242
Card.
Whether the user of the first electric terminal described in step S303, described server authentication is validated user and ties checking
Fruit is back to first electric terminal.
Server parses user account number and facility information after checking request is received, and whether verifies user account number
Matched with facility information.For example, in one embodiment, the facility information of binding can be inquired about according to user account number, and compare
Whether the facility information inquired is consistent with the facility information sent in step S101;The first electric terminal is represented if consistent
User is validated user;Otherwise, the user for illustrating the first electric terminal is disabled user.
First electric terminal 22 can also send inquiry request to server and be tested with obtaining after figure check information is shown
Demonstrate,prove result.Correspondingly, server returns to the result to the first electric terminal 22 after inquiry request is received.
Step S304, first electric terminal is to the clothes if being validated user if the user of first electric terminal
Business device sends request, so that the server performs the scheduled operation.
If the result shows that user is validated user, the first electric terminal 22 shows password modification as shown in Figure 6
Interface, user can input new password, i.e. the first electric terminal 22 receives the information of user's input, after button 104 is clicked
(i.e. user input the 3rd user instruction), the information that user input by the first electric terminal 22 as the password of input, new password, with
And identifying code is sent to server and verified.If being verified, Xinmi City of server updatable data library storage user setting
Code.
If the result shows that user is disabled user, the first electric terminal 22 can show prompting letter as shown in Figure 7
Breath, refuse user's Modify password.
It is also logical when user carries out sensitive operation in addition to normal user's checking flow according to the scheme of the present embodiment
The electric terminal whether user that the facility information checking uploaded currently logs in controls some to bind in advance is crossed, due to general account number
The possibility being stolen simultaneously with electric terminal is very low, therefore uses the scheme of the present embodiment to enter with significant increase user
Security during row sensitive operation.
Refering to Figure 18, it is the flow chart for the user authentication method that the 11st embodiment provides.The method of the present embodiment with
Figure 17 method is similar, and its difference is, may also include after step S303:If step S404, described first electronics
The user of terminal is that then first electric terminal shows the prompt message to fail for representing user's checking to disabled user.
Refering to Fig. 7, it is the schematic diagram of the prompt message shown.After the prompt message shown in display Fig. 7, user can be with
The operation of modification operation is initiated again, and certainly, user's checking flow can also restart.
According to the method for the present embodiment, user's checking is reminded in time after user's failure not by the way that can lift user makes
The convenience used.
Refering to Figure 19, it is the flow chart for the user authentication method that the tenth embodiment provides.The method and figure of the present embodiment
17 method is similar, and its difference is, comprises the following steps after step S303:
Step S504, if (user of the first electric terminal is validated user) is verified, Authentication server is to
Two electric terminals send confirmation message.
Step S505, the second electric terminal will be tested after user's confirmation is carried out after receiving confirmation message and is confirmed in user
Card result is sent to web page server.
For example, referring to Fig. 9, the second electric terminal shows that user confirms interface after confirmation message is received, specifically, this
Interface may include to be used to remind active user to carry out a certain sensitive operation, and it is oneself operation to prompt user to be confirmed whether.
User can be confirmed and be refused respectively by clicking on button 105 or button 106.If user clicks on button 105, it is considered as
User confirms;If user clicks on button 106, it is considered as user's refusal.
After user confirms, the second electric terminal can will represent the checking that current first electric terminal user is validated user
As a result it is sent to web page server;It is disabled user that otherwise the second electric terminal, which can will represent the user of current first electric terminal,
The result be sent to web page server.
Step S506, web page server returns to the result to the first electric terminal.
First electric terminal can send inquiry request after figure check information is shown to web page server, and wait webpage
The result that server returns.
After step S506, then step S304 or step S404 can be performed respectively according to the result.
It is also logical when user carries out sensitive operation in addition to normal user's checking flow according to the method for the present embodiment
The electric terminal whether user that the facility information checking uploaded currently logs in controls some to bind in advance is crossed, due to general account number
The possibility being stolen simultaneously with electric terminal is very low, therefore uses the scheme of the present embodiment to enter with significant increase user
Security during row sensitive operation.
In addition, the embodiment of the present invention also provides a kind of computer-readable recording medium, it is stored with computer and can perform
Instruction, above-mentioned computer-readable recording medium is, for example, nonvolatile memory such as CD, hard disk or flash memory.It is above-mentioned
Computer executable instructions be used to allowing computer or similar arithmetic unit to complete it is each in above-mentioned image processing method
Kind operation.
The above described is only a preferred embodiment of the present invention, any formal limitation not is made to the present invention, though
So the present invention is disclosed as above with preferred embodiment, but is not limited to the present invention, any those skilled in the art, not
Depart from the range of technical solution of the present invention, when the technology contents using the disclosure above make a little change or are modified to equivalent change
The equivalent embodiment of change, as long as being without departing from technical solution of the present invention content, the technical spirit according to the present invention is implemented to more than
Example any brief introduction modification, equivalent variations and the modification made, in the range of still falling within technical solution of the present invention.
Claims (37)
1. a kind of user ID authentication method, in the first electric terminal, it is characterised in that methods described includes following step
Suddenly:
Figure check information, the figure check information are shown according to the first user instruction for being used to carry out scheduled operation of input
Comprising default trigger element, the trigger element is used to after the figure check information is scanned by the second electric terminal trigger
Second electric terminal makes it upload the facility information of second electric terminal to server;
From the server obtain the result, the result be used for show first electric terminal user whether be
Validated user, wherein when the facility information of the user account number and second electric terminal of first electric terminal matches
When, the user of first electric terminal is validated user;
Sent and first user instruction pair to the server if being validated user if the user of first electric terminal
The operation requests answered, so that the server performs the scheduled operation.
2. the method as described in claim 1, it is characterised in that also include:If the user of first electric terminal is legal
User also receives the information of user's input, and the information that the user is inputted is included in the operation requests, so that described
The information that server inputs according to the user performs the scheduled operation.
3. the method as described in claim 1, it is characterised in that first use for being used to carry out scheduled operation according to input
Family instruction shows that figure check information includes:Two dimension is shown according to the first user instruction for being used to carry out scheduled operation of input
Code, the trigger element is predetermined character string.
4. method as claimed in claim 3, it is characterised in that also include:Also shown after the figure check information is shown
For prompting user to perform the prompt message of specific graph scanning application program.
5. the method as described in claim 1, it is characterised in that show if being disabled user if the user of first electric terminal
Show the prompt message for representing user's checking failure.
6. a kind of user ID authentication method, in the second electric terminal, it is characterised in that methods described includes following step
Suddenly:
The instruction inputted according to user starts predetermined graph scanning application program;
Scan the figure check information shown in the first electric terminal;
Parse the figure check information and judge whether include default trigger element in the figure check information;
The equipment letter of second electric terminal is obtained if the default trigger element is included in the figure check information
Breath;And
The facility information is uploaded in the server pointed by the figure check information, so that the server judges institute
Whether the facility information for stating the upload of the second electric terminal matches with the user account number of first electric terminal.
7. method as claimed in claim 6, it is characterised in that described that the facility information is uploaded to the figure verification letter
The pointed server of breath includes:
The first network address is parsed from the figure check information and uses predetermined network using the facility information as parameter
Agreement is committed to first network address.
8. method as claimed in claim 6, it is characterised in that described that the facility information is uploaded to the figure verification letter
The pointed server of breath includes:
The second network address to prestore is read from the memory of second electric terminal, and the facility information is adopted as parameter
Second network address is committed to predetermined procotol, second network address is associated with the trigger element.
9. method as claimed in claim 6, it is characterised in that also include:
One is parsed from the figure check information to be used to identify the identifier of the figure check information and by the mark
Know symbol to upload in the lump in the server with the facility information;Or
An identifier for being used to identify the active user of first electric terminal is parsed from the figure check information,
And the identifier of the user and the facility information are uploaded in the server in the lump.
10. a kind of user ID authentication method, it is characterised in that the described method comprises the following steps:
First electric terminal shows figure check information according to the first user instruction for being used to carry out scheduled operation of input, described
Figure check information includes default trigger element;
Second electric terminal scans the figure check information after second user instruction is detected, parses the figure verification letter
Breath, and upload the facility information of second electric terminal after detecting the trigger element in the figure check information
To the server pointed by the figure check information;
The server judges the user account number of facility information and first electric terminal that second electric terminal uploads
Whether match, if so, the user of the first electric terminal described in the server authentication is validated user and returns to the result
To first electric terminal;
If first electric terminal user for validated user if first electric terminal sent to the server and institute
Operation requests corresponding to the first user instruction are stated, so that the server performs the scheduled operation.
11. method as claimed in claim 10, it is characterised in that if the user of first electric terminal is validated user,
First electric terminal also receives the information of user's input, and after the 3rd user instruction of user's input is detected by described in
The information of user's input is included in the request, so that the information execution that the server inputs according to the user is described pre-
Fixed operation.
12. method as claimed in claim 10, it is characterised in that first electric terminal is shown according to the first user instruction
Figure check information includes:Two-dimensional code display, the trigger element are predetermined character string;First electric terminal is being shown
The prompt message for prompting user to perform specific graph scanning application program is also shown after the Quick Response Code.
13. method as claimed in claim 10, it is characterised in that also include:If the user of first electric terminal is non-
Then first electric terminal shows the prompt message to fail for representing user's checking to method user.
14. method as claimed in claim 10, it is characterised in that the server includes:Web page server and identity are tested
Demonstrate,prove server;
Second electric terminal sends the facility information to the Authentication server;
The Authentication server judges whether the facility information is the facility information bound with the first user account number, if
Then the Authentication server judges the user of first electric terminal for validated user, and first user account number is institute
State the account number that the first electric terminal logins the web page server.
15. method as claimed in claim 14, it is characterised in that the server also includes equipment information management server;
Second electric terminal, which sends the facility information to the Authentication server, to be included:To the facility information
Management server sends network request, so as to which the facility information is submitted into the equipment information management server and made described
The facility information is forwarded to the Authentication server by equipment information management server.
16. method as claimed in claim 14, it is characterised in that if the user of first electric terminal is validated user institute
State Authentication server and also send confirmation message to second electric terminal;
Second electric terminal exports user's confirmation request after the confirmation message is received, and is detecting the of input
The result for representing that authentication passes through is sent after four user instructions to first electric terminal.
17. method as claimed in claim 16, it is characterised in that second electric terminal is sent out to first electric terminal
Send and represent that the result that authentication passes through includes:
The result is sent to the web page server by second electric terminal, so that institute's web page server is by described in
The result is transmitted to first electric terminal.
18. method as claimed in claim 14, it is characterised in that the Authentication server sends the result
To the web page server;
The web page server returns to the result according to the inquiry request of first electric terminal.
19. method as claimed in claim 10, it is characterised in that also include:The data that the server is submitted according to user
Store the binding relationship between active user's account number of first electric terminal and the facility information of second electric terminal.
A kind of 20. subscriber authentication device, in the first electric terminal, it is characterised in that described device includes:
Display module, figure check information, institute are shown for the first user instruction for being used to carry out scheduled operation according to input
State figure check information and include default trigger element, the trigger element is used in the figure check information by the second electronics
Second electric terminal is triggered after terminal scanning makes it upload the facility information of second electric terminal to server;
Acquisition module, for obtaining the result from the server, the result is used to show that first electronics is whole
Whether the user at end is validated user, wherein when the user account number of first electric terminal and setting for second electric terminal
During standby information match, the user of first electric terminal is validated user;
Request module, for being validated user if the user of first electric terminal if sent and described the to the server
Operation requests corresponding to one user instruction, so that the server performs the scheduled operation.
21. device as claimed in claim 20, it is characterised in that also include:Receiving module, if whole for first electronics
The user at end is the information that validated user also receives user's input, and the information that the user is inputted please included in the operation
In asking, so that the information that the server inputs according to the user performs the scheduled operation.
22. device as claimed in claim 20, it is characterised in that the display module is used for:It is used to carry out according to input
First user instruction two-dimensional code display of scheduled operation, the trigger element are predetermined character string;The display module is also used
In the prompt message that display is used to prompt user to perform specific graph scanning application program.
23. device as claimed in claim 20, it is characterised in that also include:Reminding module, if whole for first electronics
The user at end is that disabled user then shows the prompt message to fail for representing user's checking.
A kind of 24. subscriber authentication device, in the second electric terminal, it is characterised in that described device includes:
Starting module, the instruction for being inputted according to user start predetermined graph scanning application program;
Scan module, for scanning the figure check information shown in the first electric terminal;
Parsing module, for parsing the figure check information and whether judging in the figure check information comprising default tactile
Bill member;
Acquisition module, for obtaining second electronics if the default trigger element is included in the figure check information
The facility information of terminal;And
Uploading module, for the facility information to be uploaded in the server pointed by the figure check information, so that institute
State facility information that server judges that second electric terminal uploads and first electric terminal user account number whether
Match somebody with somebody.
25. device as claimed in claim 24, it is characterised in that the uploading module is used for:
The first network address is parsed from the figure check information and uses predetermined network using the facility information as parameter
Agreement is committed to first network address.
26. device as claimed in claim 24, it is characterised in that the uploading module is used for:
The second network address to prestore is read from the memory of second electric terminal, and the facility information is adopted as parameter
Second network address is committed to predetermined procotol, second network address is associated with the trigger element.
27. device as claimed in claim 24, it is characterised in that the parsing module is additionally operable to from the figure check information
In parse one be used for identify the figure check information or first electric terminal active user identifier, institute
Uploading module is stated to be additionally operable to upload to the identifier and the facility information in the server in the lump.
A kind of 28. subscriber identity authentication system, it is characterised in that including:First electric terminal, the second electric terminal and clothes
Business device;
First electric terminal shows figure check information according to the first user instruction for being used to carry out scheduled operation of input, described
Figure check information includes default trigger element;
Second electric terminal scans the figure check information after second user instruction is detected, parses the figure verification letter
Cease and upload the facility information of second electric terminal after the trigger element is detected in the figure check information
To the server pointed by the figure check information;
The server judges whether the facility information matches with the user account number of first electric terminal, if so, then
The server judges the user of first electric terminal for validated user, and the result is back into first electronics
Terminal;
If first electric terminal user for validated user if first electric terminal sent to the server and institute
Operation requests corresponding to the first user instruction are stated, so that the server performs the scheduled operation.
29. system as claimed in claim 28, it is characterised in that if the user of first electric terminal is validated user institute
The information that the first electric terminal also receives user's input is stated, and by the use after the 3rd user instruction of user's input is detected
The information of family input is included in the request, so that the information that the server inputs according to the user performs described make a reservation for
Operation.
30. system as claimed in claim 28, it is characterised in that first electric terminal is shown according to the first user instruction
Figure check information includes:Two-dimensional code display, the trigger element are predetermined character string;First electric terminal is being shown
The prompt message for prompting user to perform specific graph scanning application program is also shown after the Quick Response Code.
31. system as claimed in claim 28, it is characterised in that also include:If the user of first electric terminal is non-
Then first electric terminal shows the prompt message to fail for representing user's checking to method user.
32. system as claimed in claim 28, it is characterised in that the server includes:Web page server and identity are tested
Demonstrate,prove server;
Second electric terminal sends the facility information to the Authentication server;
The Authentication server judges whether the facility information is the facility information bound with the first user account number, if
It is that then the Authentication server judges the user of first electric terminal for validated user, first user account number
The account number of the web page server is logined for first electric terminal.
33. system as claimed in claim 32, it is characterised in that the server also includes equipment information management server;
Second electric terminal, which sends the facility information to the Authentication server, to be included:To the facility information
Management server sends network request, so as to which the facility information is submitted into the equipment information management server, and makes institute
State equipment information management server and the facility information is forwarded to the Authentication server.
34. system as claimed in claim 32, it is characterised in that if the user of first electric terminal is validated user institute
State Authentication server and also send confirmation message to second electric terminal;
Second electric terminal exports user's confirmation request after the confirmation message is received, and is detecting the of input
The result for representing that authentication passes through is sent after four user instructions to first electric terminal.
35. system as claimed in claim 34, it is characterised in that second electric terminal is sent out to first electric terminal
Send and represent that the result that authentication passes through includes:
The result is sent to the web page server by second electric terminal, so that institute's web page server is by described in
The result is transmitted to first electric terminal.
36. system as claimed in claim 28, it is characterised in that the Authentication server sends the result
To the web page server;
The web page server returns to the result according to the inquiry request of first electric terminal.
37. system as claimed in claim 28, it is characterised in that the data storage institute that the server is submitted always according to user
State the binding relationship between active user's account number of the first electric terminal and the facility information of second electric terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410183173.1A CN104967586B (en) | 2014-05-04 | 2014-05-04 | A kind of user ID authentication method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410183173.1A CN104967586B (en) | 2014-05-04 | 2014-05-04 | A kind of user ID authentication method, apparatus and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104967586A CN104967586A (en) | 2015-10-07 |
CN104967586B true CN104967586B (en) | 2018-02-27 |
Family
ID=54221532
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410183173.1A Active CN104967586B (en) | 2014-05-04 | 2014-05-04 | A kind of user ID authentication method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104967586B (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106570989A (en) * | 2015-10-08 | 2017-04-19 | Rfid研创有限公司 | Intelligent display system and method |
CN105577643A (en) * | 2015-11-23 | 2016-05-11 | 清华大学 | Identity authentication method and identity authentication system based on smart glasses |
CN107367946B (en) * | 2016-05-11 | 2021-05-04 | 珠海格力电器股份有限公司 | Method and device for controlling equipment |
CN107645473B (en) * | 2016-07-20 | 2020-09-22 | 平安科技(深圳)有限公司 | Method and device for protecting data security |
CN106504171A (en) * | 2016-09-28 | 2017-03-15 | 深圳大学 | A kind of public transport ticket checking method and system |
CN108510296B (en) * | 2017-02-27 | 2022-01-28 | 阿里巴巴集团控股有限公司 | Service function starting and processing method, client and server |
CN107528697B (en) * | 2017-09-28 | 2023-10-31 | 山西特信环宇信息技术有限公司 | Electronic certificate verification terminal system based on biological recognition technology and operation method |
CN109559134A (en) * | 2018-02-05 | 2019-04-02 | 海南亚元防伪技术研究所(普通合伙) | Artificial intelligence quick and precisely verifies fine feature method for anti-counterfeit |
CN108288131A (en) * | 2018-03-08 | 2018-07-17 | 广东电网有限责任公司佛山供电局 | A kind of managing security tools and instruments of transformer substation trial system |
CN108765786B (en) * | 2018-04-03 | 2020-11-24 | 中电金融设备系统(深圳)有限公司 | Two-dimensional code withdrawal safety verification method and system and computer storage medium |
CN109104430B (en) * | 2018-09-27 | 2022-02-25 | 西安艾润物联网技术服务有限责任公司 | Identity authentication method, identity authentication device and computer readable storage medium |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101945366B (en) * | 2009-07-07 | 2013-03-27 | 中国移动通信集团公司 | Experiential accounting method, proxy module, terminal and system |
CN103023638B (en) * | 2011-09-22 | 2016-03-30 | 阿里巴巴集团控股有限公司 | A kind of auth method based on mobile terminal and device |
KR20130033209A (en) * | 2011-09-26 | 2013-04-03 | 마음골프 주식회사 | Remote login client, mobile device, remote login server, remote login method using visual code |
CN102769628B (en) * | 2012-07-27 | 2014-03-26 | 腾讯科技(深圳)有限公司 | Page login method and server |
CN102821104B (en) * | 2012-08-09 | 2014-04-16 | 腾讯科技(深圳)有限公司 | Authorization method, authorization device and authorization system |
CN103023917B (en) * | 2012-12-26 | 2016-03-16 | 百度在线网络技术(北京)有限公司 | The mthods, systems and devices of authorizing are carried out for intelligent appliance |
CN103475480A (en) * | 2013-09-05 | 2013-12-25 | 北京星网锐捷网络技术有限公司 | Certificate authority method and device |
CN103634294B (en) * | 2013-10-31 | 2017-02-08 | 小米科技有限责任公司 | Information verifying method and device |
-
2014
- 2014-05-04 CN CN201410183173.1A patent/CN104967586B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN104967586A (en) | 2015-10-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104967586B (en) | A kind of user ID authentication method, apparatus and system | |
US20210058354A1 (en) | Determining Authenticity of Reported User Action in Cybersecurity Risk Assessment | |
US9864852B2 (en) | Approaches for providing multi-factor authentication credentials | |
US10362026B2 (en) | Providing multi-factor authentication credentials via device notifications | |
KR101148627B1 (en) | Method and apparatus for preventing phishing attacks | |
US10079826B2 (en) | Methods and systems for data entry | |
TWI530894B (en) | Method and related apparatus for information verification and apparatus thereof | |
US10299118B1 (en) | Authenticating a person for a third party without requiring input of a password by the person | |
CN104429110B (en) | Communication method and device | |
CN104378343B (en) | The password method for retrieving of network account, Apparatus and system | |
CN104618315B (en) | A kind of method, apparatus and system of verification information push and Information Authentication | |
US10841297B2 (en) | Providing multi-factor authentication credentials via device notifications | |
CN111523102B (en) | Applet login method, device, equipment and computer readable storage medium | |
CN104348617A (en) | Verification code processing method and device, and terminal and server | |
US20130106916A1 (en) | Drag and drop human authentication | |
JP2023522835A (en) | System and method for cryptographic authentication | |
CN103647652B (en) | A kind of method for realizing data transfer, device and server | |
KR101027228B1 (en) | User-authentication apparatus for internet security, user-authentication method for internet security, and recorded medium recording the same | |
CN112154636A (en) | Deep link authentication | |
US11323434B1 (en) | System and method for secure two factor authentication | |
CN105207777B (en) | The method and apparatus of network information verifying | |
WO2017166297A1 (en) | Wifi hotpot portal authentication method and device | |
CN109544165B (en) | Resource transfer processing method, device, computer equipment and storage medium | |
CA2991067C (en) | Providing multi-factor authentication credentials via device notifications | |
CN105490988B (en) | Method, device and system for improving data transmission security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20190730 Address after: Shenzhen Futian District City, Guangdong province 518044 Zhenxing Road, SEG Science Park 2 East Room 403 Co-patentee after: Tencent cloud computing (Beijing) limited liability company Patentee after: Tencent Technology (Shenzhen) Co., Ltd. Address before: Shenzhen Futian District City, Guangdong province 518044 Zhenxing Road, SEG Science Park 2 East Room 403 Patentee before: Tencent Technology (Shenzhen) Co., Ltd. |
|
TR01 | Transfer of patent right |