Invention content
For this purpose, the present invention provides a kind of login authentication method, apparatus and system based on Application on Voiceprint Recognition, to try hard to solve or
Person at least alleviates existing at least one problem above.
According to an aspect of the invention, there is provided a kind of login authentication method based on Application on Voiceprint Recognition, this method is
Executed in one server, first server can by network and mobile terminal, second server, third server, using clothes
Business device is connected, including step:Sent by application server, user is received to ask to log in the logging request of third-party application, it is raw
At event identifier, wherein logging request includes the authentication information with application identities, user identifier and auth type, wherein certification
Type is Application on Voiceprint Recognition;Authentication information is sent to second server, user corresponding with user identifier is returned to by second server
Cell-phone number;It sends push task and gives third server, give and use so as to the message at third server push instruction display mandate interface
The corresponding mobile terminal of family cell-phone number;Event identifier is sent to application server, and sends the certification request for including authentication information
To mobile terminal;Sent by mobile terminal, user is received according to the voice letter for authorizing the predetermined content shown on interface input
Breath;And send include voice messaging authentication information to second server, by second server return user identifier and certification
Type, and association user mark, event identifier and auth type, so that application server is marked according to event identifier inquiry with user
Know corresponding authentication result.
Optionally, in the login authentication method according to the present invention based on Application on Voiceprint Recognition, authentication information also includes signature
Information, signing messages are that algorithm is encrypted to the transmission data including application identities, user identifier and auth type to obtain
It arrives.
Optionally, in the login authentication method according to the present invention based on Application on Voiceprint Recognition, authentication information is sent to second
Server, the step of returning to corresponding with user identifier user mobile phone number and auth type by second server include:Transmission is recognized
Information is demonstrate,proved to second server, so that whether second server verification signing messages is correct;And if be verified, receive by the
The first verification message that two servers are sent, wherein the first verification message includes user mobile phone number.
Optionally, further include step in the login authentication method according to the present invention based on Application on Voiceprint Recognition:Association user
Cell-phone number and event identifier, to determine the request type of active user according to the associated event identifier of user mobile phone number.
Optionally, in the login authentication method according to the present invention based on Application on Voiceprint Recognition, request is included in push task
Type.
Optionally, in the login authentication method according to the present invention based on Application on Voiceprint Recognition, transmission includes voice messaging
To second server, the step of returning to user identifier by second server includes authentication information:Send recognizing comprising voice messaging
Information is demonstrate,proved to second server, so that whether second server verification voice messaging is correct;And if be verified, receive by the
The second verification message that two servers are sent, wherein the second verification message includes user identifier and auth type.
Optionally, in the login authentication method according to the present invention based on Application on Voiceprint Recognition, push task is sent to third
Further include step before the step of server:Push verification is carried out to third server, if authentication failed, verification is sent and loses
Message is lost to application server.
According to another aspect of the present invention, a kind of login authentication device based on Application on Voiceprint Recognition is provided, device resides in
In first server, first server can pass through network and mobile terminal, second server, third server, application service
Device is connected, and device includes:Connection management unit asks login third party to answer suitable for receiving sent by application server, user
Logging request, and voice sent by mobile terminal, that user inputs according to the predetermined content shown on mandate interface
Information is further adapted for sending authentication information to second server and receives the user mobile phone number returned by second server, Yi Jifa
The authentication information including voice messaging is sent to second server and receives the user identifier returned by second server and certification class
Type sends event identifier and gives third service to mobile terminal and transmission push task to application server, transmission certification request
Device, so that third server push indicates that display authorizes the message at interface to give user mobile phone number corresponding mobile terminal, wherein stepping on
Record request and certification request all include to have the authentication information of application identities, user identifier and auth type, and auth type
It is Application on Voiceprint Recognition, user mobile phone number is corresponding with user identifier;Information generating unit, suitable for after receiving logging request, giving birth to
At event identifier;And information association unit, it is suitable for association user mark, event identifier and auth type, so as to application service
Device inquires authentication result corresponding with user identifier according to event identifier.
Optionally, according to the present invention in the login authentication device based on Application on Voiceprint Recognition, authentication information also includes signature
Information, signing messages are that algorithm is encrypted to the transmission data including application identities, user identifier and auth type to obtain
It arrives.
Optionally, according to the present invention in the login authentication device based on Application on Voiceprint Recognition, connection management unit is further adapted for
Authentication information is sent to second server, verifies whether signing messages is correct, if being verified, the first verification of reception disappears by it
Breath, it includes user mobile phone numbers corresponding with user identifier.
Optionally, according to the present invention in the login authentication device based on Application on Voiceprint Recognition, information association unit is further adapted for
Association user cell-phone number and event identifier, to determine the request class of active user according to the associated event identifier of user mobile phone number
Type.
Optionally, according to the present invention in the login authentication device based on Application on Voiceprint Recognition, request is included in push task
Type.
Optionally, according to the present invention in the login authentication device based on Application on Voiceprint Recognition, connection management unit is further adapted for
The authentication information comprising voice messaging is sent to second server, whether verify voice messaging by it correct, if being verified,
The second verification message is received, it includes user identifiers and auth type.
Optionally, further include in the login authentication device based on Application on Voiceprint Recognition according to the present invention:Push verification is single
Member is suitable for before sending push task to third server, push verification is carried out to third server, if authentication failed,
Authentication failed message is sent to application server.
According to another aspect of the present invention, another login authentication method based on Application on Voiceprint Recognition is provided, method is
Executed in two servers, second server can by network and mobile terminal, first server, third server, using clothes
Business device is connected, including step:The first checking request that first server is sent is received, includes that there is application in the first checking request
The authentication information of mark, user identifier and auth type, authentication information is sent by first server from application server, user
It is obtained in the logging request of request login third-party application, and first server also generates and the associated event mark of logging request
Know;Whether authentication verification information is correct, if being verified, returns to user mobile phone number corresponding with user identifier to first service
Device gives third server, by third so that first server sends event identifier to application server and transmission push task
Server push instruction display authorizes the message at interface to give user mobile phone number corresponding mobile terminal;First server is received to send
The second checking request, also include voice messaging in the second checking request, wherein first server is sent comprising authentication information
After certification request is to mobile terminal, it is defeated according to the predetermined content shown on mandate interface to receive sent by mobile terminal, user
After the voice messaging entered, the second checking request is sent;And whether verification voice messaging is correct, if being verified, returns to user
Mark and auth type are to first server, by first server association user mark, event identifier and auth type, to answer
Authentication result corresponding with user identifier is inquired according to event identifier with server.
Optionally, in the login authentication method according to the present invention based on Application on Voiceprint Recognition, authentication information also includes signature
Information, signing messages are that algorithm is encrypted to the transmission data including application identities, user identifier and auth type to obtain
It arrives.
Optionally, it in the login authentication method according to the present invention based on Application on Voiceprint Recognition, is asked receiving the first verification
The step for asking rear authentication verification information whether correct includes:It is whether correct that signing messages is verified by Encryption Algorithm.
Optionally, it in the login authentication method according to the present invention based on Application on Voiceprint Recognition, is asked receiving the second verification
The whether correct step of voice messaging is verified after asking includes:The vocal print feature in voice messaging is extracted, with the preset user's
Sound-groove model is matched, and thinks that verification is correct if similarity is more than threshold value.
According to another aspect of the present invention, another login authentication device based on Application on Voiceprint Recognition is provided, device is resident
In second server, second server can by network and mobile terminal, first server, third server, using clothes
Being engaged in, device is connected, and device includes:Connection management unit is suitable for receiving the first checking request sent by first server, and first tests
Card request in comprising with application identities, user identifier and auth type authentication information, authentication information by first server from
It is obtained in logging request that application server is sent, user's request login third-party application, and first server is further adapted for giving birth to
At with the associated event identifier of logging request, when being verified return user mobile phone number to first server, so as to first service
Device sends event identifier and gives third server to application server and transmission push task, is indicated by third server push aobvious
Show that the message for authorizing interface gives user mobile phone number corresponding mobile terminal, is further adapted for receiving and second be tested by first server is sent
Card request includes voice messaging in the second checking request, wherein first server send the certification request comprising authentication information to
After mobile terminal, sent by mobile terminal, user is received according to the voice letter for authorizing the predetermined content shown on interface input
Breath sends the second checking request, and user identifier and auth type are returned when being verified to first server, by first server
Association user mark, event identifier and auth type, so that application server is corresponding with user identifier according to event identifier inquiry
Authentication result;And Information Authentication unit, it is suitable for authentication verification information and whether voice messaging is correct.
Optionally, according to the present invention in the login authentication device based on Application on Voiceprint Recognition, authentication information also includes signature
Information, signing messages are that algorithm is encrypted to the transmission data including application identities, user identifier and auth type to obtain
It arrives.
Optionally, according to the present invention in the login authentication device based on Application on Voiceprint Recognition, Information Authentication unit is further adapted for
It is whether correct that signing messages is verified by Encryption Algorithm.
Optionally, according to the present invention in the login authentication device based on Application on Voiceprint Recognition, Information Authentication unit is further adapted for
The vocal print feature in voice messaging is extracted, is matched with the sound-groove model of the preset user, similarity is more than threshold if judging
Value then thinks that verification is correct.
According to another aspect of the present invention, a kind of accession authorization system based on Application on Voiceprint Recognition is provided, system includes:
First server with the login authentication device as described above based on Application on Voiceprint Recognition;With as described above based on vocal print knowledge
The second server of other login authentication device;Third server is suitable for pushing the PUSH message of first server to mobile whole
End;The application server being connected with third-party application;And mobile terminal, disappeared by the push of third server push suitable for analyzing
Breath, and certification request is obtained to first server, and show predetermined content on authorizing interface and acquire user according to predetermined
The voice messaging of content input is to first server.
Optionally, it in the accession authorization system according to the present invention based on Application on Voiceprint Recognition, is shown on authorizing interface pre-
It is the eight-digit number word generated at predetermined time intervals according to pre-defined rule to determine content.
Login authentication scheme according to the present invention based on Application on Voiceprint Recognition, the safety of user account is ensured by re-authentication
Property, especially when user needs to complete the sensitive operations such as payment transaction, it is contemplated that everyone vocal organs are not quite similar,
Therefore known using voiceprint map and logged in otherwise come certification;Further, pass through between first server and application server
User identifier is communicated, so first server will not obtain account information of the user in third-party application, is further protected
The account number safety of user is hindered.
Specific implementation mode
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
Completely it is communicated to those skilled in the art.
Fig. 1 is 100 organigram of mobile terminal according to an embodiment of the invention.Referring to Fig.1, mobile terminal
100 include:Memory interface 102, one or more data processors, image processor and/or central processing unit 104, with
And peripheral interface 106.Memory interface 102, one or more processors 104 and/or peripheral interface 106 are either discrete member
Part can also be integrated in one or more integrated circuits.In the mobile terminal 100, various elements can pass through one or more
Communication bus or signal wire couple.Sensor, equipment and subsystem may be coupled to peripheral interface 106, to help reality
Existing multiple functions.For example, motion sensor 110, optical sensor 112 and range sensor 114 may be coupled to peripheral interface
106, to facilitate the functions such as orientation, illumination and ranging.Other sensors 116 can equally be connected with peripheral interface 106, such as fixed
Position system (such as GPS receiver), temperature sensor, biometric sensor or other sensor devices, it is possible thereby to help reality
Apply relevant function.
Camera sub-system 120 and optical sensor 122 can be used for the camera of convenient such as recording photograph and video clipping
The realization of function, wherein the camera sub-system and optical sensor for example can be charge coupling device (CCD) or complementary gold
Belong to oxide semiconductor (CMOS) optical sensor.It can help to realize by one or more radio communication subsystems 124
Communication function, wherein radio communication subsystem may include radio-frequency transmitter and transmitter and/or light (such as infrared) receiver
And transmitter.The particular design and embodiment of radio communication subsystem 124 can depend on mobile terminal 100 is supported one
A or multiple communication networks.For example, mobile terminal 100 may include being designed to support GSM network, GPRS network, EDGE nets
The communication subsystem 124 of network, Wi-Fi or WiMax network and BlueboothTM networks.Audio subsystem 126 can with raise one's voice
Device 128 and microphone 130 are coupled, to help the function of implementing to enable voice, such as speech recognition, speech reproduction, number
Word records and telephony feature.
I/O subsystems 140 may include touch screen controller 142 and/or other one or more input controllers 144.
Touch screen controller 142 may be coupled to touch screen 146.For example, the touch screen 146 and touch screen controller 142 can be with
The contact carried out therewith and movement or pause are detected using any one of a variety of touch-sensing technologies, wherein sensing skill
Art includes but is not limited to capacitive character, resistive, infrared and surface acoustic wave technique.Other one or more input controllers 144
May be coupled to other input/control devicess 148, for example, one or more buttons, rocker switch, thumb wheel, infrared port,
The pointer device of USB port, and/or stylus etc.One or more of button (not shown)s may include for controlling
The up/down button of 130 volume of loud speaker 128 and/or microphone.
Memory interface 102 can be coupled with memory 150.The memory 150 may include that high random access is deposited
Reservoir and/or nonvolatile memory, such as one or more disk storage equipments, one or more optical storage apparatus, and/
Or flash memories (such as NAND, NOR).Memory 150 can store an operating system 152, for example, Android, IOS or
The operating system of Windows Phone etc.The operating system 152 may include for handling basic system services and execution
The instruction of task dependent on hardware.Memory 150 can also be stored using 154.These applications in operation, can be from memory
150 are loaded on processor 104, and are run on the operating system run via processor 104, and utilize operating system
And the interface that bottom hardware provides realizes the various desired functions of user, such as instant messaging, web page browsing, pictures management.
Can also be that operating system is included using operating system offer can be independently of.
According to one embodiment of present invention, a kind of movement with the login authentication function based on Application on Voiceprint Recognition is provided
Terminal 100 can realize the function, the visitor by client application of the arrangement with the login authentication function based on Application on Voiceprint Recognition
Family end application memory is in application 154.
Fig. 2 shows the according to an embodiment of the invention accession authorization system 200 based on Application on Voiceprint Recognition.The system
200 include mobile terminal 100, first server 210, second server 220, third server 230 and application server
240, server for example can be the remote cloud server for being physically located at one or more places, and above equipment passes through network phase
It connects.According to one embodiment of present invention, above equipment can be bound by way of scanning the two-dimensional code.And the
Three servers 230 have APN pushing modules, such as the APN pushing modules contain based on iOS, Android,
The push of WindowsPhone;Application server 240 is used as third-party server, is connected with third-party application.
The workflow of the accession authorization system 200 based on Application on Voiceprint Recognition is described in detail below.User is in third party
Using upper input account name and password, selection confirms, as shown in Figure 7 A.In response to the logging request of user, third-party application life
First server 210 is sent to by application server 240 at login request message.According to embodiment of the present invention,
Include in the login request message:Application identities, user identifier, auth type and signing messages.One according to the present invention
Application identities, user identifier and auth type are referred to as authentication information by embodiment.Wherein application identities are for uniquely identifying
The identity of the application;Auth type is to determine the type of this login authentication, and according to certain embodiments, auth type can wrap
Can be even more meticulously iris recognition, fingerprint containing modes such as recognition of face, gesture identification, Application on Voiceprint Recognition, key logins
The living things feature recognitions modes such as identification, in embodiments of the present invention, auth type refers to Application on Voiceprint Recognition;Signing messages is to certification
Information includes that the transmission data including application identities, user identifier and auth type is encrypted what algorithm obtained, in order to protect
The interaction safety of card system, all transmission datas are required for calculating that a signing messages is subsidiary to ask by special algorithm
In.According to one embodiment of present invention, the generation principle of signing messages is:Interface parameters except signing messages is pressed into parameter
After name dictionary sequence, character string is spliced by following format:
1 $ parameter name 2=$ parameter value 2... $ parameter name n=$ parameter value n $ app_key of $ parameter name 1=$ parameter values
Wherein, app_key is signed to request each time, to ensure the safety of data.The word that will have been spelled again
Symbol string uses md5 encryption.
For example, it is assumed that when certain primary interaction, the data of transmission have:
$ app_id='Fqlw4Z2KCqHzvw3YN0eUpM9KgTQ47iWf';// application identities
$ app_key='qms7LwYXgw3FbnVdwYyA';// application signature
$ uid='2384249';// user identifier
$ auth_type='2';// auth type, such as it is Application on Voiceprint Recognition to represent auth type with 2
In addition to signing messages, also the other three parameter:Application identities app_id, user identifier uid and auth type
Auth_type sorts by parameter name dictionary, and app_id is preceding, and auth_type second, uid are rear, then splicing character string:
' app_id='. $ app_id.'auth_type='. $ auth_type.'uid='. $ uid. $ app_key
Then, the character string of splicing is encrypted using MD5, has just obtained signing messages:
Md5 (' app_id='. $ app_id.'auth_type='. $ auth_type.'uid='. $ uid. $ app_
key)
It is worth noting that, prestoring the account name (such as username) of third-party application in application server 240
With the mapping relations between user identifier (such as uid), in this way, when user inputs username and password on third-party application
Afterwards, application server 240 searches its corresponding user identifier automatically, and user identifier is sent together with login request message
To first server 210, subsequent step is completed.That is, first server 210 will not obtain user in third-party application
Account information, communicated by user identifier between first server 210 and application server 240, further ensure
User account safety.
When first server 210 receives logging request, event identifier is generated.Event identifier is for identifying each time
Request event after obtaining event identifier, can obtain thing according to one embodiment by calling/v1/event_result
The corresponding event result of part mark.
The authentication information received is sent to second server 220 by first server 210, whether verifies the authentication information
Correctly, if being verified, the first verification message is sent to first server 210.Similarly, it can be also attached in the authentication information
There are signing messages, second server 220 to obtain a label to the encrypted authentication information received using same md5 encryption algorithm
Name information, then compared with the signing messages received, if two signing messages are consistent, then being verified, transmission includes
User mobile phone number and the first verification message of auth type are to first server 210, and user mobile phone number is with user identifier
It is corresponding.For example, user mobile phone number and application identities combines by certain rule to obtain a character string, as user's mark
Know.In the present invention, it is not restricted to calculating user mobile phone number and the method for user identifier correspondence.
First server 210 is after obtaining user mobile phone number, on the one hand, it is corresponding to inquire user mobile phone number in the database
The mobile terminal logged in online, mobile phone, Pad etc., then first server 210 information of the mobile terminal inquired is write
Enter push task, push task is then sent to third server 230.For example, it is mobile whole to prestore in first server 210
The device id at end, so that it may the device id of online mobile terminal to be written in push task;On the other hand, by user mobile phone number with
Event identifier is associated, and as described above, event identifier can identify the request type of this request event, then, root
According to incidence relation, so that it may to determine the request type of active user.
According to one embodiment, first server 210, be to before sending push task to third server 230
Third server carries out push verification, to ensure subsequently to push successfully.If authentication failed, sends authentication failed message and taken to application
Business device 240.
After third server 230 receives push task, PUSH message is pushed to by corresponding shifting by APN pushing modules
Dynamic terminal 100.According to one embodiment, PUSH message includes 3 kinds:Verification message, user gesture change message and other disappear
Breath.It is considered for propelling data safety, the type of push is only carried in PUSH message, without specific data.Example
Such as, the type of PUSH message can be:Whether consenting user logging request, kick out of user to login page and display push away
Send message.In the present invention, the type of PUSH message is not limited, can be determined according to the demand of third-party application
Justice.As described above, APN pushing modules contain the push based on iOS, Android, WindowsPhone, push
The code of message is as follows:
Android:
// use homing pigeon SDK
PushSingleDevice(data.did,msg,xinge.XingeApp.ENV_DEV)
WindowsPhone:
Headers=' ContentType':'text/xml','X-WindowsPhone-Target':'toast','
X-NotificationClass':' 2'} // setting connection WindowsPhone push message formats
Headers [' ContentLength']=len (msg) // setting PUSH message length
R=requests.post (data.did, headers=headers, data=msg) // PUSH message
Also, first server 210 can also send event identifier to application server 240.Mobile terminal 100 receives
After stating PUSH message, the type of PUSH message is analyzed, for example current push-type can be:Whether agreement logs in, mobile terminal
100 get the certification request of the transmission of first server 210, then show and authorize interface, are equally contained in the certification request
Authentication information.At this time mobile terminal 100 can authorize interface on show predetermined content, as shown in Figure 7 B, user be required according to
The predetermined content of display is pronounced.Optionally, the predetermined content shown on authorizing interface is at predetermined time intervals according to pre- set pattern
The eight-digit number word then generated can all have a random string, according to the character string by establishing rules in advance for each user
Then, generally HOTP algorithm (An HMAC-Based One-Time Password Algorithm) can generate one 8
Number, and (such as 30s) variation is primary at predetermined time intervals, and wherein HOTP algorithm is well known to those skilled in the art, therefore
The present invention is to this without explanation.Mobile terminal 100 can call the voice messaging of the record user of audio subsystem 126 at this time,
And the voice messaging is sent to first server 210.First server 210 can will carry language after receiving voice messaging
The authentication information of message breath is sent to second server 220, and whether correct, if being verified, send if verifying the voice messaging
Second verification message is to first server 210.According to the embodiment of the present invention, second server 220 extracts above-mentioned voice letter
Vocal print feature in breath is matched with the sound-groove model of the preset user, can judge matching journey by calculating similarity
Degree, when similarity is more than threshold value, then it is assumed that successful match is verified.Usually, the frequency values of formant and its trend are
Most stable of feature, and there is very strong specificity, utility value highest;And the features such as duration, loudness of a sound, waveform stability compared with
Difference can make reference;In addition to this, it also has an accent, languages, dialect information, the features such as channel information can be used as feature extraction consideration
The factor.According to one embodiment of present invention, user is required prior typing speech samples, second server in registration
220 extract vocal print feature from the speech samples of registration, build user's sound-groove model, i.e., preset user's sound-groove model.It answers
When it is noted that can not also be completed in second server 220 for the verification process of voice messaging, can arranging one specially
Door is used for Application on Voiceprint Recognition and matched background server, preset sound-groove model is stored with, when second server 220 receives voice
After information, the background server is sent it to, the verification process of feature extraction and matching is completed by it, verification result is returned
To second server 220.In addition, there is the algorithm of many comparative maturities can refer to about Application on Voiceprint Recognition and matching, this hair
It is bright to be not intended to limit whether specifically which kind of algorithm to verify voice messaging using correct.
After first server 210 receives the user identifier of return, which is associated with foundation with auth type and is reflected
Relationship is penetrated, based on description before, user mobile phone number can be obtained according to user identifier, therefore, stored in first server
Contingency table about user mobile phone number, event identifier and auth type.Application server 240 can basis at predetermined time intervals
Event identifier is to 210 query event of first server as a result, and being obtained according to the mapping relations between user identifier and event identifier
To the corresponding user identifier of the event result, due to prestoring user identifier and third-party application account in application server 240
The mapping relations of name in an account book, so, application server 240 has finally just obtained the result that active user asks login authentication.So far,
User asks the operation of login authentication just to complete.
Login authentication scheme according to the present invention based on Application on Voiceprint Recognition, the safety of user account is ensured by re-authentication
Property, especially when user needs to complete the sensitive operations such as payment transaction, logged in come certification by the way of Application on Voiceprint Recognition;Into one
Step ground, is communicated between first server and application server by user identifier, so first server will not obtain use
Account information of the family in third-party application, has further ensured the account number safety of user.
Fig. 3 shows the flow chart of the login authentication method 300 according to an embodiment of the invention based on Application on Voiceprint Recognition.
This method executes in first server 210, and first server 210 can pass through network and mobile terminal 100, second server
220, third server 230, application server 240 are connected, and this method starts from step S310, and reception is sent out by application server 240
Send, user asks to log in the logging request of third-party application, generates event identifier, and wherein logging request includes to have application mark
Know, the authentication information of user identifier and auth type.According to one embodiment of present invention, authentication information also includes A.L.S.
Breath, according to the description of Fig. 2, signing messages be to the transmission data including application identities, user identifier and auth type into
Row Encryption Algorithm obtains.According to an embodiment of the invention, auth type is Application on Voiceprint Recognition.
Then in step s 320, authentication information is sent to second server 220, is returned by second server 220 and is used
Family identifies corresponding user mobile phone number, and association user cell-phone number and event identifier, so as to associated according to user mobile phone number
Event identifier determines the request type of active user.Specifically, authentication information is sent to second server 220, so as to the second clothes
Whether business device 220 verifies signing messages correct;If being verified, the first verification message sent by second server 220 is received,
Wherein, the first verification message includes user mobile phone number.
Then in step S330, push task is sent to third server 230, so that the push of third server 230 refers to
Show that display authorizes the message at interface to the corresponding mobile terminal of user mobile phone number 100.According to one embodiment of present invention, it pushes
It include request type in task.It should be noted that in order to ensure push task can be pushed smoothly, push task is being sent to the
Before three servers 230, first server 210 first can carry out push verification to third server, if authentication failed, transmission is tested
Failed message is demonstrate,proved to application server 240.
Then in step S340, event identifier is sent to application server 240, and send the certification for including authentication information
It asks to mobile terminal 100.
Then in step S350, it is predetermined interior according to what is shown on mandate interface to receive sent by mobile terminal, user
Hold the voice messaging of input.
Then in step S360, the authentication information comprising voice messaging is sent to second server 220, by second service
Device 220 returns to user identifier and auth type, and association user mark, event identifier and auth type, so as to application server
240 inquire authentication result corresponding with user identifier according to event identifier.
Fig. 4 shows the schematic diagram of the login authentication device 400 according to an embodiment of the invention based on Application on Voiceprint Recognition.
The device 400 resides in first server 210, and first server 210 can be taken by network and mobile terminal 100, second
Being engaged in, device 220, third server 230, application server 240 are connected, which includes:Connection management unit 410, information life
At unit 420 and information association unit 430.
Connection management unit 410, which is suitable for receiving sent by application server 240, user, asks to log in third-party application
Logging request.Information generating unit 420 is suitable for after receiving logging request, generates event identifier.One according to the present invention
Embodiment, logging request includes the authentication information with application identities, user identifier and auth type, and authentication information also wraps
Containing signing messages, signing messages is that the transmission data including application identities, user identifier and auth type is encrypted
What algorithm obtained.According to the embodiment of the present invention, auth type is exactly Application on Voiceprint Recognition.
Connection management unit 410 is further adapted for sending authentication information to second server 220, and whether signing messages is verified by it
Correctly, if being verified, the first verification message comprising user mobile phone number returned by second server 220 is received, and
User mobile phone number is corresponding with user identifier.Information association unit 430 is suitable for being associated with the user mobile phone number and event identifier, by upper
It states it is found that according to the mapping relations of user mobile phone number and event identifier, it may be determined that the request type of active user.
Then connection management unit 410 sends push task to third server 230, so that third server 230 pushes
Indicate that display authorizes the message at interface to the corresponding mobile terminal of user mobile phone number 100.Such as the description of Fig. 2, wrapped in push task
Containing request type.According to one embodiment of present invention, which can also include a push authentication unit 440, be suitable for
Before sending push task to third server 230, push verification is carried out to third server 230, if authentication failed, is sent out
Send authentication failed message to application server 240.Connection management unit 410 retransmits event identifier after sending push task
To application server 240 and certification request is sent to mobile terminal 100.Similarly, which also includes certification letter
Breath.
When connection management unit 410 receive sent by mobile terminal 100, user according to authorize interface on show it is pre-
When determining the voice messaging of content input, the authentication information comprising above-mentioned voice messaging is sent again and to second server 220 and is connect
Receive the user identifier returned by second server 220 and auth type.Information association unit is suitable for association user mark, event mark
Knowledge and auth type, so that application server 240 inquires authentication result corresponding with user identifier according to event identifier.
Fig. 5 shows the flow of the login authentication method 500 in accordance with another embodiment of the present invention based on Application on Voiceprint Recognition
Figure.The method executes in second server 220, and second server 220 can pass through network and mobile terminal 100, first
Server 210, third server 230, application server 240 are connected.This method starts from step S510, receives first server
210 the first checking requests sent, the certification with application identities, user identifier and auth type is included in the first checking request
Information, and authentication information sent from application server 240 by first server 210, user ask log in third-party application
Logging request in obtain, according to one embodiment, authentication information also includes signing messages, and signing messages is to including using mark
Know, the transmission data including user identifier and auth type is encrypted what algorithm obtained.According to the embodiment of the present invention, recognize
It is exactly Application on Voiceprint Recognition to demonstrate,prove type.In addition, first server 210 also generates and the associated event identifier of logging request.
Whether then in step S520, it is correct to verify above-mentioned authentication information, if being verified, returns and user identifier pair
The user mobile phone number answered to first server 210, so as to first server 210 send event identifier to application server 240 with
And push task is sent to third server 230, instruction display is pushed by third server 230 and authorizes the message at interface to user
The corresponding mobile terminal of cell-phone number 100.For the verification step of authentication information, consistent with Fig. 2 descriptions, details are not described herein again.
Then in step S530, the second checking request that first server 210 is sent is received, in the second checking request
Including authentication information, also includes voice messaging.According to a kind of embodiment, include authentication information when first server 210 is sent
Certification request to mobile terminal 100 after, receive sent by mobile terminal 100, user according to authorize interface on show it is pre-
After the voice messaging for determining content input, above-mentioned second checking request is sent.
Then in step S540, whether verification voice messaging is correct, if being verified, returns to user identifier to the first clothes
Business device 210, by 210 association user of first server mark, event identifier and auth type, so as to 240 basis of application server
Event identifier inquires authentication result corresponding with user identifier.Equally, the step of verifying voice messaging, no longer does and retouches in detail herein
It states.
Fig. 6 shows the signal of the login authentication device 600 in accordance with another embodiment of the present invention based on Application on Voiceprint Recognition
Figure.The device resides in second server 220, which can pass through network and mobile terminal 100, first
Server 210, third server 230, application server 240 are connected, and device 600 includes:Connection management unit 610 and information are tested
Demonstrate,prove unit 620.
Connection management unit 610 is suitable for receiving the first checking request sent by first server 210, the first checking request
In comprising the authentication information with application identities, user identifier and auth type, the authentication information is by first server from application
It is obtained in logging request that server is sent, user's request login third-party application, and the first server 210 is further adapted for
It generates and the associated event identifier of logging request.
Whether Information Authentication unit 620 is suitable for verifying above-mentioned authentication information when receiving the first checking request correct.It tests
User mobile phone number is returned to first server 210, so that first server 210 is sent by connection management unit 610 when card passes through
Event identifier is to application server 240 and sends push task to third server 230, is referred to by the push of third server 230
Show that display authorizes the message at interface to the corresponding mobile terminal of user mobile phone number 100.
Connection management unit 610 is further adapted for receiving the second checking request sent by first server 210, and the second verification is asked
Include authentication information and voice messaging in asking.According to an embodiment of the present invention, it includes authentication information that first server 210, which is sent,
Certification request to mobile terminal 100 after, receive sent by mobile terminal 100, user according to authorize interface on show it is pre-
After the voice messaging for determining content input, above-mentioned second checking request is sent.
Whether Information Authentication unit 620 is suitable for verifying above-mentioned voice messaging when receiving the second checking request correct.It tests
Card by when return to user identifier and auth type (namely Application on Voiceprint Recognition) to first server 210, by first server 210
Association user mark, event identifier and auth type, so that application server 240 is according to event identifier inquiry and user identifier pair
The authentication result answered.
According to one embodiment of present invention, Information Authentication unit 620 be by include application identities, user identifier and
It is whether correct to verify signing messages after transmission data including auth type is encrypted, illustrate authentication information if correct
Correctly, it is verified.
On the other hand, Information Authentication unit 620 should with preset to the voice messaging received by voiceprint recognition algorithm
The sound-groove model income of user matches, and calculates its similarity, thinks to be verified if similarity is more than threshold value.Specific algorithm
Introduction can refer to the description section based on Fig. 2 in this specification.
It should be appreciated that in order to simplify the disclosure and help to understand one or more of each inventive aspect, it is right above
In the description of exemplary embodiment of the present invention, each feature of the invention be grouped together into sometimes single embodiment, figure or
In person's descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. claimed hair
The bright feature more features required than being expressly recited in each claim.More precisely, as the following claims
As book reflects, inventive aspect is all features less than single embodiment disclosed above.Therefore, it then follows specific real
Thus the claims for applying mode are expressly incorporated in the specific implementation mode, wherein each claim itself is used as this hair
Bright separate embodiments.
Those skilled in the art should understand that the module of the equipment in example disclosed herein or unit or groups
Part can be arranged in equipment as depicted in this embodiment, or alternatively can be positioned at and the equipment in the example
In different one or more equipment.Module in aforementioned exemplary can be combined into a module or be segmented into addition multiple
Submodule.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment
Change and they are arranged in the one or more equipment different from the embodiment.It can be the module or list in embodiment
Member or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it may be used any
Combination is disclosed to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so to appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power
Profit requires, abstract and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation
It replaces.
A4, the method as described in A3, further include step:Association user cell-phone number and event identifier, so as to according to user hand
The associated event identifier of machine number determines the request type of active user.A5, the method as described in A4, wherein wrapped in push task
Containing request type.A6, the method as described in any one of A2-5, wherein the authentication information that transmission includes voice messaging takes to second
Be engaged in device, by second server return user identifier the step of include:The authentication information comprising voice messaging is sent to second service
Device, so that whether second server verification voice messaging is correct;And if be verified, receive the sent by second server
Two verification message, wherein the second verification message includes user identifier and auth type.A7, the side as described in any one of A1-6
Method, wherein further include step before sending the step of push task is to third server:Push is carried out to third server to test
Card, if authentication failed, sends authentication failed message to application server.
B11, the device as described in B10, wherein information association unit is further adapted for association user cell-phone number and event identifier,
To determine the request type of active user according to the associated event identifier of user mobile phone number.B12, the device as described in B11,
In, include request type in push task.B13, the device as described in any one of B9-12, wherein connection management unit is also suitable
In sending the authentication information comprising voice messaging to second server, it is whether correct that voice messaging is verified by it, if being verified,
The second verification message is then received, it includes user identifiers and auth type.B14, the device as described in any one of B8-13, also
Including:Authentication unit is pushed, is suitable for before sending push task to third server, carrying out push to third server tests
Card, if authentication failed, sends authentication failed message to application server.
C16, the method as described in C15, wherein authentication information also includes signing messages, and signing messages is to including application
Transmission data including mark, user identifier and auth type is encrypted what algorithm obtained.C17, the method as described in C16,
Wherein, the whether correct step of authentication verification information includes after receiving the first checking request:It is verified by Encryption Algorithm
Whether signing messages is correct.C18, the method as described in any one of C15-17, wherein receiving the second checking request posteriority
Demonstrate,proving the whether correct step of voice messaging includes:Extract the vocal print feature in voice messaging, the vocal print mould with the preset user
Type is matched, and thinks that verification is correct if similarity is more than threshold value.
D20, the device as described in D19, wherein authentication information also includes signing messages, and signing messages is to including application
Transmission data including mark, user identifier and auth type is encrypted what algorithm obtained.D21, the device as described in D20,
Wherein, whether Information Authentication unit is further adapted for verifying signing messages by Encryption Algorithm correct.It is any in D22, such as D19-21
Device described in, wherein Information Authentication unit is further adapted for extracting the vocal print feature in voice messaging, with the preset user's
Sound-groove model is matched, and thinks that verification is correct if judging that similarity is more than threshold value.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
One of meaning mode can use in any combination.
In addition, be described as herein can be by the processor of computer system or by executing for some in the embodiment
The combination of method or method element that other devices of the function are implemented.Therefore, have for implementing the method or method
The processor of the necessary instruction of element forms the device for implementing this method or method element.In addition, device embodiment
Element described in this is the example of following device:The device is used to implement performed by the element by the purpose in order to implement the invention
Function.
As used in this, unless specifically stated, come using ordinal number " first ", " second ", " third " etc.
Description plain objects are merely representative of the different instances for being related to similar object, and are not intended to imply that the object being described in this way must
Must have the time it is upper, spatially, in terms of sequence or given sequence in any other manner.
Although the embodiment according to limited quantity describes the present invention, above description, the art are benefited from
It is interior it is clear for the skilled person that in the scope of the present invention thus described, it can be envisaged that other embodiments.Additionally, it should be noted that
The language that is used in this specification primarily to readable and introduction purpose and select, rather than in order to explain or limit
Determine subject of the present invention and selects.Therefore, without departing from the scope and spirit of the appended claims, for this
Many modifications and changes will be apparent from for the those of ordinary skill of technical field.For the scope of the present invention, to this
The done disclosure of invention is illustrative and not restrictive, and it is intended that the scope of the present invention be defined by the claims appended hereto.