CN105337940B - A kind of page verification method, client, server and system - Google Patents
A kind of page verification method, client, server and system Download PDFInfo
- Publication number
- CN105337940B CN105337940B CN201410379576.3A CN201410379576A CN105337940B CN 105337940 B CN105337940 B CN 105337940B CN 201410379576 A CN201410379576 A CN 201410379576A CN 105337940 B CN105337940 B CN 105337940B
- Authority
- CN
- China
- Prior art keywords
- page
- instruction
- client
- verification
- page verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- User Interface Of Digital Computer (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The present invention provides a kind of page verification method, client, server and system, wherein method includes:When triggering page authentication mechanism, the instruction of page verification is generated according to the terminal configuration information of the client of request page;The instruction insertion forms pages that the page is verified are back to the client, so that the client parses the forms pages to obtain and show the instruction of the page verification;Obtain the operation information that the user that the client returns inputs according to described instruction;Page verification is carried out according to the operation information.Using the present invention, it can solve the problems, such as that identifying code input is inconvenient in page verification process, improves the input efficiency of identifying code, improves user experience.
Description
Technical field
The present invention relates to mobile communication technology fields, more specifically, are related to a kind of page verification method, client, clothes
Business device and system.
Background technology
In order to prevent other people using robot (a kind of automatic script) carry out automatic a large amount of registrations, traversal crawl information,
The automatic behaviors such as money order receipt to be signed and returned to the sender of posting.General website all uses verification code technology.Usual identifying code includes picture validation code;Wherein,
In picture validation code, it can also be dynamic that picture, which can be static,.Current page verification flow is as follows:User passes through
The browse request page;If triggering page authentication mechanism, server is inserted into the picture tag of identifying code in forms pages, then
Forms pages are returned to client;Browser resolves simultaneously show forms pages;Browser requests verification depending on the user's operation
Code picture is simultaneously illustrated in forms pages;User inputs list content and identifying code, then submits;Server verifies identifying code
It is no correct, and execute corresponding operating.
It, can testing with the identifying code of analog subscriber since a kind of function of this robot (automatic script) is stronger and stronger
Flow is demonstrate,proved, common picture validation code is easily identified, so needing the continuous complexity for reinforcing identifying code, such as video verification
The identifying code of code or other complex forms;Video verification code refers to testing what random digit, letter and Chinese were composed
Card code is dynamically embedded into the videos of formats such as MP4, flv (flash video, Streaming Media);
However, increasing the complexity of identifying code, the identification of normal users can be also influenced;For some complicated verifications
Code, user, which often " has refreshed " multiple identifying codes, could not also input correct verification information;Even simple identifying code, also can
The problem for having verification content input difficult, especially on the mobile terminal of these input inconveniences of mobile phone.I other words current
Identifying code input is inconvenient in page verification process, so that identifying code input efficiency is low, influences user experience.
Invention content
A kind of page verification method of present invention proposition, device and system, it is defeated can to solve identifying code in page verification process
Enter inconvenient problem, improve the input efficiency of identifying code, improves user experience.
According to an aspect of the invention, there is provided a kind of page verification method, wherein including:
When triggering page authentication mechanism, page verification is generated according to the terminal configuration information of the client of request page
Instruction;The instruction insertion forms pages that the page is verified are back to the client, described in client parsing
Forms pages are to obtain and show the instruction of the page verification;It is defeated according to described instruction to obtain the user that the client returns
The operation information entered;Page verification is carried out according to the operation information.
According to another aspect of the present invention, a kind of page verification method is provided, wherein including:
After triggering page authentication mechanism, the forms pages for the instruction embedded with page verification that server returns are received;Its
In, the page verification instruction is that server is generated according to the terminal configuration information of the client of request page;Described in parsing
Forms pages obtain and show the instruction of the page verification;It receives and returns to user to server and verified according to the page
Instruction and the operation information that inputs, so that the server carries out page verification according to the operation information.
According to another aspect of the present invention, a kind of server for page verification is provided, wherein including:
Instruction generation unit, for when triggering page authentication mechanism, being configured according to the terminal of the client of request page
Information generates the instruction of page verification;Embedded unit, the instruction for verifying the page are embedded in forms pages;The first information
Returning unit, for the forms pages to be back to the client, for the client parse the forms pages with
Obtain and show the instruction of the page verification;Acquiring unit, for obtaining the user of the client return according to the finger
Enable the operation information of input;Authentication unit, for carrying out page verification according to the operation information.
According to another aspect of the present invention, a kind of client for page verification is provided, wherein including:
First receiving unit, for after triggering page authentication mechanism, what reception server returned to be embedded with page verification
The forms pages of instruction;Wherein, the page verification instruction is that server matches confidence according to the terminal of the client of request page
What breath generated;Resolution unit obtains the instruction of the page verification for parsing the forms pages;Display unit, for showing
Show the instruction of the page verification;Second receiving unit is inputted for receiving user according to the instruction that the page is verified
Operation information;Second information returning unit, for returning to the operation information to server, so that the server is according to
Operation information carries out page verification.
According to another aspect of the present invention, a kind of page verification system is provided, wherein including:Such as above-mentioned server
With above-mentioned client.
In the present invention, when carrying out page verification, change traditional verification mode, according to the end of the client of request page
Configuration information is held to generate the instruction of page verification, such as:It shakes, list is directed toward lower slider etc.;By the instruction insertion of page verification
Forms pages return to client, and client parses forms pages to obtain and show the instruction of above-mentioned page verification, such user
The input of page verification can be easily carried out according to the instruction that the page of display is verified, such as instruction is ' shaking ', need to only be shaken
One shake client (such as mobile phone) can be completed verification input, no longer needed as conventional method again request server to show
Then identifying code picture recognizes that the word on identifying code is inputted, to complete to verify again.Therefore it can be solved using the present invention
The inconvenient problem of identifying code input, improves the input efficiency of identifying code in page verification process, improves user experience.
To achieve the goals above, one or more aspects of the present invention includes being particularly described below and in claim
In the feature that particularly points out.Certain illustrative aspects of the invention is described in detail in the following description and the annexed drawings.However, these
Aspect instruction is only that some of the various ways in the principles of the present invention can be used.In addition, the present invention is intended to include
All such aspects and their equivalent.
Description of the drawings
According to following detailed descriptions carried out with reference to attached drawing, above and other objects, features and advantages of the invention will become
It must become apparent from.In the accompanying drawings:
Fig. 1 shows a flow chart of page verification method proposed by the present invention;
Fig. 2 shows another flow charts of page verification method proposed by the present invention;
Fig. 3 shows another flow chart of page verification method proposed by the present invention;
Fig. 4 shows a structural schematic diagram of the server proposed by the present invention for page verification;
Fig. 5 shows the structural schematic diagram of embedded unit in the present invention;
Fig. 6 shows a structural schematic diagram of the client proposed by the present invention for page verification;
Fig. 7 shows the structural schematic diagram of resolution unit in the present invention;
Fig. 8 shows a schematic diagram of the specific embodiment of page verification method proposed by the present invention;
Fig. 9 shows another schematic diagram of the specific embodiment of page verification method proposed by the present invention;
Figure 10 shows a structural schematic diagram of page verification system proposed by the present invention.
Identical label indicates similar or corresponding feature or function in all the appended drawings.
Specific implementation mode
Various aspects disclosed by the invention are described below.It is to be understood that teaching herein can be with varied shape
Formula embodies, and any concrete structure disclosed herein, function or both are only representative.Based on this paper's
Introduction, those skilled in the art are it is to be understood that one aspect disclosed herein can be independently of any other aspect reality
It is existing, and two or more aspects in these aspects can combine in various manners.It is, for example, possible to use described here
Any number of aspect, realization device or put into practice method.Further, it is possible to use other structures, function or in addition to this paper explained
It is not except the one or more aspects stated or the structure and function of one or more aspects described herein, realizes this dress
Set or put into practice this method.In addition, any aspect described herein may include at least one element of claim.
Each embodiment of the present invention is described below with reference to accompanying drawings.
The present invention discloses a kind of page verification method, and Fig. 1 shows a stream of page verification method proposed by the present invention
Cheng Tu;Wherein, including step:
Step S101:When triggering page authentication mechanism, generated according to the terminal configuration information of the client of request page
The instruction of page verification;
Specifically, when user is by the client browser requests page, if the page is verified, touch at this time
Page authentication mechanism is sent out.Wherein, terminal configuration information can be client browser in request page, with page request one
And upload server;Can also be that the model of terminal is uploaded to server, after server obtains the model of the terminal, according to pre-
The model first configured configures the table of comparisons with hardware parameter, the corresponding hardware configuration parameter of the terminal models is obtained, to obtain end
Hold configuration information;Wherein, terminal configuration information can be inductor information, such as:Gravity sensor information, gyroscope information, away from
From induction information, screen message (such as capacitive sensing device);It can also be camera information;Inductor would generally preferentially be selected
Information.
Wherein, the instruction of page verification is the identifiable instruction of inductor of terminal;The instruction of page verification includes following
Instruction one or more:Shake (shale), singly refer to it is upper draw (up), singly refer to lower stroke (down), singly refer to a left side stroke (left),
Singly refer to the right side stroke (right), Rotation screen, press any physical button etc..In general, the instruction of page verification is to have one
It is a.Such as:The information that need to be verified is generated " single to be directed toward lower slider " page by the screen message for randomly selecting terminal according to screen message
The instruction of verification.
Step S102:The instruction insertion forms pages of page verification are back to client, so that client parses list
The page is to obtain and show the instruction of page verification;
Wherein, list webpage is that a website and visitor carry out interactive window, and essence is a Webpage, is led to
Often carry out the page verification when, can will verification needed for information client is returned to by forms pages code, for client into
Row parsing forms pages code, obtains and shows forms pages.The content for the embedded forms pages of instruction that the page can be verified
In label, when client receives the forms pages of server return, the forms pages are parsed to will be embedded in form page
The instruction of page verification in the content tab of face is simultaneously shown.Forms pages include the information such as account, password and identifying code,
User is needed to fill in related content in corresponding position, to be verified.The forms pages parsed are as shown in Figure 8.
Step S103:The user of client return is obtained according to the operation information of instruction input;User is according to step S102
In the instruction of page verification that parses inputted accordingly, the instruction verified such as the page is ' shake one shake the hand machine ', user
The input that page verification can be completed in a machine of shaking the hand need to be shaken;Client gets this operation information, and the behaviour is returned to server
Make information.
Step S104:Page verification is carried out according to operation information.Server receives the behaviour that client returns in step S103
After making information, the terminal configuration information of the operation information and the client in requesting page server face in step S101 that detect user is given birth to
Whether the instruction verified at the page corresponds to, if corresponding, is verified;If not corresponding to, authentication failed.It, can after authentication failed
To re-start the flow of above-mentioned steps S101 to S104.
By above-mentioned flow it is found that when carrying out page verification using the method for the present invention, traditional verification mode is changed, according to
The terminal configuration information of the client of request page generates the instruction of page verification, such as:It shakes, list is directed toward lower slider etc.;
The instruction insertion forms pages of page verification are returned into client, client parses forms pages to obtain and show the above-mentioned page
The instruction of verification, such user can easily carry out the input of page verification according to the instruction that the page of display is verified, such as refer to
It is ' shaking ' to enable, and need to only shake client (such as mobile phone) and verification input can be completed, no longer be needed as conventional method
Again then request server recognizes that the word on identifying code is inputted, to complete to verify again to show identifying code picture.Cause
This can solve the problems, such as that identifying code inputs inconvenient in page verification process, improves the input efficiency of identifying code using the present invention,
Improve user experience.
Fig. 1 embodiments solve the problems, such as that identifying code input is inconvenient, however above-mentioned solution is easy to be identified by robot
Identifying code so that the safety of the page verification method of Fig. 1 embodiments cannot ensure that, in conjunction with Fig. 1 embodiments, the present invention proposes
A kind of improvement project, it is specific as follows:
In above-mentioned steps S102, using the public key encryption designated character of preset encryption method, encrypted characters string is obtained;
Wherein, designated character includes the instruction of page verification;Preset encryption method can be asymmetrical Encryption Algorithm, can also be
It is encrypted using the public key for the method that other are used to generate regular length character.For asymmetric encryption techniques, public key is public
It opens, all websites can be encrypted with this public key, but can only be solved with the symmetrical private key of public key.Specifically, can
Designated character is encrypted to use the public key of browser assignment in client, obtains encrypted characters string.
Then, encrypted characters string insertion forms pages are back to client, so that client parsing forms pages obtain
' encrypted characters string ', and obtained using the private key decryption encrypted characters string of preset encryption method and show the finger of page verification
It enables.The private key of preset encryption method used herein and the public key of the aforementioned preset encryption method used are that occur in pairs
's.
In the improvement project, encrypted characters string insertion forms pages are back to client, so that client parses list
The page obtains ' encrypted characters string ', and is obtained using the private key decryption encrypted characters string of preset encryption method and show the page
The instruction of verification.Above-metioned instruction according to the list of embedded page verification after the public key encryption of scheduled encryption method and is sent to
The client of request page;It is decrypted to obtain above-metioned instruction and show using the private key of scheduled encryption method in client,
It is inputted accordingly according to above-metioned instruction for user;Scheduled encryption method public key is utilized information is encrypted, with
And its private key is decrypted, it is not easy to be decrypted by robot, it is ensured that the safety of verification information.
Further, when the client terminal quantity of request page verification is more, server is according to the terminal of each client
Configuration information is possible to that identical page verification instruction can be generated, as long as the page of encrypted characters string representative is known in advance in robot
The instruction of verification in later verification flow, as long as being resolved to above-mentioned encrypted characters string, is not required to decrypt again and may know that encryption
The instruction of page verification in character string;Such as:' upward sliding instruction ', what is encrypted is the same, for example is all
The instruction for the page verification that 123abc is represented is known in advance as ' upward sliding instruction ' in 123abc, that robot, and next time gets
When encrypted characters string ' 123abc ', no at all decryption is known that instruction is ' upward sliding instruction ' again;Therefore it cannot protect
Demonstrate,prove the reliability of page verification.This present invention is further improved:
Timestamp when server records the mark of each client of request page and corresponds to the request page of client;
Above-mentioned designated character is added in timestamp when then by the client identification of request page and request page;Utilize preset encryption
Public key encryption ' the instruction of timestamp and the page verification when including the client identification and request page of request page of method
Designated character ', obtain unique encrypted characters string;Client will be issued after unique encrypted characters string insertion forms pages
End;
After client receives forms pages, unique encrypted characters string is decrypted using the private key of preset encryption method,
The instruction that timestamp and the page when obtaining client identification, the request page of the request page in designated character are verified.Add
When close ' instruction of page verification ', ' timestamp when client identification and request page of request page ', client are added
Mark refers to uniquely representing the information of a terminal, can be cookie or sn (registration code of CDKEY etc) so that
The encrypted characters string that each client receives is unique, and robot is verified if you need to the page and instructed, and must just go to taste every time
Examination decryption ' encrypted characters string ', this just increases the difficulty of robot decryption.
It handles in this way, can prevent robot from guessing identifying code, and can guarantee the instruction of the page verification to different clients
Encrypt come the result is that different.Such as, if the instruction of the page verification generated is " shake one shake the hand machine ";The mark of customer end A
Knowledge is IDa, the page request time is 10:10;Customer end B be identified as IDb, the page request time be 12:12;Using scheduled
Encryption method is to " IDa, 10:10 and shake one and shake the hand machine " be encrypted to obtain an encrypted characters string a;Utilize scheduled encryption
Method is to " IDb, 12:12 and shake one and shake the hand machine " be encrypted to obtain an encrypted characters string b;Although in this way, being same
Instruction, but it can be encrypted to different encrypted characters strings for different clients, therefore, the reliable of page verification can be reinforced
Property.
In addition, after the instruction for obtaining page verification, the instruction of page verification can not be shown immediately, first detects input light
Target position;When input light target position is located at identifying code input frame, the instruction of page verification is just shown.
In the another aspect of the present invention for combining above-described embodiment, when terminal configuration information is camera information, upper
The instruction for stating the page verification that step is generated according to terminal configuration information, can also be ' shoot and upload a certain picture '.Work as end
When to hold configuration information be fingerprint inductor information, the instruction that the page that is generated according to terminal configuration information in step S103 is verified,
It can also be ' input fingerprint '.
Another aspect of the present invention discloses a kind of page verification method, and Fig. 2 shows the page proposed by the present invention verifications
Another flow of method, the invention are based on client, and page verification method includes step:
Step S201:After triggering page authentication mechanism, the table for the instruction embedded with page verification that server returns is received
Single-page;Wherein, page verification instruction is that server is generated according to the terminal configuration information of the client of request page;The page
The instruction of verification is the identifiable instruction of terminal;The page verification instruction include:It shakes (shale);Singly refer to upper stroke (up);It is single
Refer to lower stroke (down);Singly refer to left stroke (left);Singly refer to right draw (right) etc..
By the client browser requests page, when the page is verified, the triggering page verifies flow, receives clothes
The forms pages for the instruction embedded with page verification that business device returns.
Subsequently into step S202:Forms pages are parsed, obtain and show the instruction of page verification;
Client parses forms pages, obtains the instruction of page verification;Control the page verification that display device display obtains
Instruction.
Then step S203 is carried out:Client receives and returns to user to server and inputted according to the instruction that the page is verified
Operation information, for server according to operation information carry out page verification.
To improve the safety of page verification method, Fig. 2 embodiments are improved:In the server with encrypted characters string
The form instruction of verifying the page be embedded in forms pages;Encrypted characters string is referred to using the public key encryption of preset encryption method
Determine what character obtained;Designated character includes the instruction of page verification;Wherein, preset encryption method can be asymmetrical encryption
Algorithm can also be other methods for generating regular length character.For asymmetric encryption techniques, public key be it is disclosed,
All websites can be encrypted with this public key, but can only be solved with the symmetrical private key of public key.
Fig. 3 shows that another flow of page verification method proposed by the present invention, the stream are based on client and server
Interaction flow, specifically include step:
Step S301:User end to server request page triggers page authentication mechanism;
Step S302:Server obtains the terminal configuration information of client;Specific acquisition methods can refer to previous embodiment,
Details are not described herein again.
Step S303:Server generates the instruction of page verification according to terminal configuration information;
Step S304:The public key encryption designated character of the preset encryption method of server by utilizing, obtains encrypted characters string;Refer to
Determine timestamp when character includes terminal iidentification, request page and the instruction of above-mentioned page verification.
Step S305:List is returned to client by the list of encrypted characters string insertion page verification by server;The page
The list of verification includes account, password and verification code information.
Step S306:After client receives the list of above-mentioned page verification, list is parsed, encrypted characters string is obtained;And
The encrypted characters string is decrypted using the private key of preset encryption method, obtains and shows above-metioned instruction;
Step S307:Client receives the operation information that user inputs according to above-metioned instruction;
Step S308:The operation information is returned to server by client;
Step S309:Server carries out page verification according to by the operation information.Verification mode is it has been observed that no longer superfluous herein
It states.If authentication failed, the step of repeating step S303 to S309, until being proved to be successful, or actively exits the page and verifies.If
It is verified, then continues page browser flow.
For a better understanding of the present invention, it with reference to a specific embodiment, is further described.With reference to figure 8 and Fig. 9.
It is specific as follows:(1) party A-subscriber triggers page authentication mechanism by one forum page of browser access of mobile phone terminal;(2) it services
Device judges whether the browser of party A-subscriber's mobile phone terminal supports this verification mode;Practical realize can such as judge page there are many kinds of method
It requests in person whether to have an agreement in asking and can support the statement of this verification mode;For another example add in UA (Useragent, user agent)
The feature string of this verification mode can be supported by entering.If supporting, step (3) is carried out, if not supporting, carries out the figure of traditional approach
The page of piece identifying code verifies flow;(3) server obtains the mobile phone configuration parameter that the browser of party A-subscriber's mobile phone terminal uploads:Add
Velocity sensor information, the capacitive sensing device information of touch screen;And when obtaining the mark x and request page of party A-subscriber's mobile phone terminal
Timestamp 12:10;(4) and then a mobile phone configuration parameter is randomly selected, generates the instruction of page verification;Such as:It extracts and ' accelerates
Degree sensor information ' generate " shake one shake the hand machine " page verification instruction;(5) server by utilizing asymmetrical encryption method
Public key encryption " party A-subscriber's mobile phone terminal mark x, request page when timestamp 12:10 and ' shake one shake the hand machine ' page verification
Instruction " obtain encrypted characters string abcde;(6) server returns the forms pages of encrypted characters string abcde insertion page verifications
Back to the browser of party A-subscriber's mobile phone terminal;Wherein, the forms pages schematic diagram of page verification is as shown in Figure 8.(7) party A-subscriber's mobile phone terminal
Browser receive the forms pages of page verification, parse and show the forms pages, and obtain encrypted characters string
abcde;Then encrypted characters string abcde is decrypted using the private key of asymmetrical encryption method, obtains the page of " shake one shake the hand machine "
The instruction of face verification, does not show the instruction of page verification at this time;(8) page that party A-subscriber shows in the browser of mobile phone terminal
Input account and password on the list of face verification;When detection when input light target position is located at identifying code input frame, in display
The instruction of the page verification of " shake one shake the hand machine " is stated, as shown in Figure 9;(9) party A-subscriber is according to the instruction, shakes one and shakes the hand machine;Party A-subscriber
After mobile phone gets the operation of party A-subscriber, the operation information of party A-subscriber is returned into server;(10) server is according to the behaviour of party A-subscriber
It is verified as information, if the instructions match of the operation and ' shake one shake the hand machine ' that generates for the user A that server receives, is verified
Pass through, then enters forum;If the operation for the user A that server receives and the instruction of ' shake one shake the hand machine ' that generates mismatch,
Authentication failed, then repeatedly step (4) to (10) until be proved to be successful or party A-subscriber actively exit verification.
Another aspect of the present invention discloses a kind of server for page verification, structural schematic diagram, reference chart
4, including:
Instruction generation unit 401, for when triggering page authentication mechanism, being matched according to the terminal of the client of request page
Confidence breath generates the instruction of page verification;
Wherein, terminal configuration information is the inductor configurations information of terminal;The instruction of page verification is the inductor of terminal
Identifiable instruction.Embedded unit 402, the instruction for verifying the page are embedded in forms pages;First information returning unit
403, for forms pages to be back to client, so that client parses forms pages to obtain and show the finger of page verification
It enables;Acquiring unit 404, for obtaining the user of client return according to the operation information of instruction input;Authentication unit 405 is used
According to operation information progress page verification.
To improve the safety of page verification, it is added in the embedded unit 402 of the above-mentioned server for page verification
Encrypting module 4021 obtains encrypted characters string for the public key encryption designated character using preset encryption method;Wherein, refer to
Determine the instruction that character includes page verification;First information returning unit 403, for returning to encrypted characters string insertion forms pages
To client, so that client parsing forms pages obtain ' encrypted characters string ', and the private key of preset encryption method is utilized
Decryption ' encrypted characters string ' obtains and shows the instruction of page verification.
In conjunction with the another aspect of Fig. 4, as shown in figure 5, to further strengthen the safety of page verification, encrypting module 4021
After above-mentioned designated character is added in timestamp when by the client identification and request page of requested page, recycle it is preset plus
The public key encryption designated character of decryption method obtains unique encrypted characters string.Different clients are got different
The instruction of page-out verification is decrypted in encrypted characters string, it is not easy to be decrypted by robot, improve the safety of page verification.
Another aspect of the present invention discloses a kind of client for page verification, structural schematic diagram, reference chart
6, including:
First receiving unit 501 is verified for after triggering page authentication mechanism, receiving the page that is embedded with that server returns
Instruction forms pages;Wherein, page verification instruction is terminal configuration information of the server according to the client of request page
It generates;Resolution unit 502 obtains the instruction of page verification for parsing forms pages;Display unit 503, for showing page
The instruction of face verification;Second receiving unit 504, the operation information inputted according to the instruction that the page is verified for receiving user;
Second information returning unit 505 is tested for returning to operation information to server so that server carries out the page according to operation information
Card.
To improve the safety of page verification, the instruction that server verifies the page is embedded in table in the form of encrypted characters string
Single-page;Encrypted characters string is that the public key encryption designated character of the preset encryption method of server by utilizing obtains;Designated character
Include the instruction of page verification.
Resolution unit 502 includes:Analyzing sub-module 5021 obtains encrypted characters string for parsing forms pages;Decrypt mould
Block 5022 obtains the instruction of page verification for the private key decryption ' encrypted characters string ' using preset encryption method.
Another aspect of the present invention, discloses a kind of page verification system, structural schematic diagram, with reference to figure 10, including:
Server 802 shown in Fig. 4 for page verification and the client 801 shown in fig. 6 for page verification.
In the present invention, when carrying out page verification, change traditional verification mode, according to the end of the client of request page
Configuration information is held to generate the instruction of page verification, such as:It shakes, be singly directed toward lower slider etc., can easily carry out the page and test
The input of card;Above-metioned instruction is asked according to the list of embedded page verification after the public key encryption of scheduled encryption method and being sent to
Seek the client of the page;It is decrypted to obtain above-metioned instruction and show using the private key of scheduled encryption method in client, it can
It is inputted accordingly according to above-metioned instruction for user;Scheduled encryption method public key is utilized information is encrypted, and
Its private key is decrypted, and will not be identified by robot, it is ensured that the safety of verification information.It therefore, can be with using the present invention
In the case where ensureing that identifying code is not identified by robot, identifying code identification difficulty is solved, inconvenient problem is inputted, improves verification
The verification efficiency of code improves user experience.
In addition, typically, terminal of the present invention can be various hand-held terminal devices bluetooth-capable, such as have
There are mobile phone, the personal digital assistant (PDA) of Bluetooth function.
In addition, being also implemented as being executed by the processor (such as CPU) in mobile terminal according to the method for the present invention
Computer program, and store in a memory in the mobile terminal.When the computer program is executed by processor, sheet is executed
The above-mentioned function of being limited in the method for invention.
In addition, it is also implemented as a kind of computer program product according to the method for the present invention, the computer program product
Including computer-readable medium, be stored on the computer-readable medium for execute the present invention method in limit it is above-mentioned
The computer program of function.
In addition, above method step and system unit can also utilize controller and for storing so that controller is real
The computer readable storage devices of the computer program of existing above-mentioned steps or Elementary Function are realized.
Those skilled in the art will also understand is that, various illustrative logical blocks, mould in conjunction with described in disclosure herein
Block, circuit and algorithm steps may be implemented as the combination of electronic hardware, computer software or both.It is hard in order to clearly demonstrate
This interchangeability of part and software, with regard to various exemplary components, square, module, circuit and step function to its into
General description is gone.This function is implemented as software and is also implemented as hardware depending on concrete application and application
To the design constraint of whole system.Those skilled in the art can in various ways realize described for each concrete application
Function, but this realization decision should not be interpreted as causing a departure from the scope of the present.
Although content disclosed above shows exemplary embodiment of the present invention, it should be noted that without departing substantially from power
Under the premise of profit requires the scope of the present invention limited, it may be many modifications and change.It is real according to invention described herein
The function, step and/or action for applying the claim to a method of example are not required to execute with any particular order.In addition, although the present invention
Element can describe or require in the form of individual, be unless explicitly limited odd number it is also contemplated that multiple.
Although describing each embodiment according to the present invention above with reference to figure to be described, people in the art
Member can also do it should be appreciated that each embodiment proposed to aforementioned present invention on the basis of not departing from the content of present invention
Go out various improvement.Therefore, protection scope of the present invention should be determined by the content of appended claims.
Claims (14)
1. a kind of page verification method, wherein including:
When triggering page authentication mechanism, the finger of page verification is generated according to the terminal configuration information of the client of request page
It enables, the terminal configuration information is the inductor configurations information of terminal, and the instruction of the page verification can for the inductor of terminal
The instruction of identification;
The instruction insertion forms pages that the page is verified are back to the client, so that the client parses the table
Single-page is to obtain and show the instruction of the page verification;
Obtain the operation information that the user that the client returns inputs according to described instruction;
Page verification is carried out according to the operation information.
2. page verification method as described in claim 1, wherein the identifiable instruction of inductor of the terminal includes following
Instruction one or more:Shake, singly refer to it is upper draw, singly refer to lower stroke, singly refer to it is left draw, singly refer to the right side stroke, Rotation screen and by
Under any physical button.
3. page verification method as described in claim 1, wherein described to return to the instruction insertion forms pages of page verification
To the client, so that the client parses the forms pages to obtain and show the step of the instruction of the page verification
Suddenly include:
Using the public key encryption designated character of preset encryption method, encrypted characters string is obtained;Wherein, the designated character includes
The instruction of the page verification;
Encrypted characters string insertion forms pages are back to the client, so that the client parses the form page
Face obtains the encrypted characters string, and obtains and show using the private key decryption encrypted characters string of preset encryption method
Described instruction.
4. page verification method as claimed in claim 3, wherein the designated character further includes the client mark of request page
Know and timestamp when request page;Designated character described in public key encryption using preset encryption method obtains uniquely adding
Close character string.
5. such as Claims 1-4 any one of them page verification method, wherein the acquisition and the step for showing described instruction
Suddenly include:Obtain described instruction;Detect input light target position;When input light target position is located at identifying code input frame, show
Show described instruction.
6. a kind of page verification method, wherein including:
After triggering page authentication mechanism, the forms pages for the instruction embedded with page verification that server returns are received;Wherein, institute
It is that server is generated according to the terminal configuration information of the client of request page to state page verification instruction;
The forms pages are parsed, obtain and show the instruction of the page verification;
It receives and returns to the operation information that user inputs according to the instruction that the page is verified to server, for the service
Device carries out page verification according to the operation information.
7. page verification method as claimed in claim 6, wherein the instruction of the page verification is in the form of encrypted characters string
The embedded forms pages;The encrypted characters string is obtained using the public key encryption designated character of preset encryption method;
The designated character includes described instruction;
The parsing forms pages obtain and include the step of showing the instruction of the page verification:
It parses the forms pages and obtains the encrypted characters string;The encrypted word is decrypted using the private key of preset encryption method
Symbol string obtains and shows described instruction.
8. a kind of server for page verification, wherein including:
Instruction generation unit is used for when triggering page authentication mechanism, according to the terminal configuration information of the client of request page
Generate the instruction of page verification;
Embedded unit, the instruction for verifying the page are embedded in forms pages;
First information returning unit, for the forms pages to be back to the client, so that the client parses institute
Forms pages are stated to obtain and show the instruction of the page verification;
Acquiring unit, the operation information inputted according to described instruction for obtaining the user that the client returns;
Authentication unit, for carrying out page verification according to the operation information.
9. the server for page verification as claimed in claim 8, wherein the embedded unit includes:Encrypting module is used
In the public key encryption designated character using preset encryption method, encrypted characters string is obtained;Wherein, the designated character includes institute
State instruction;
The first information returning unit, for encrypted characters string insertion forms pages to be back to the client, with
The forms pages, which are parsed, for the client obtains the encrypted characters string, and the private key solution using preset encryption method
The close encrypted characters string obtains and shows described instruction.
10. the server for page verification as claimed in claim 9, wherein the designated character further includes request page
Client identification and timestamp when request page;Encrypting module, for being referred to using the public key encryption of preset encryption method
Determine character, obtains unique encrypted characters string.
11. the server for page verification as claimed in claim 8, wherein the terminal configuration information is the sense of terminal
Answer device configuration information;The instruction of the page verification is the identifiable instruction of inductor of terminal.
12. a kind of client for page verification, wherein including:
First receiving unit, the instruction embedded with page verification returned for after triggering page authentication mechanism, receiving server
Forms pages;Wherein, the page verification instruction is that server is given birth to according to the terminal configuration information of the client of request page
At;
Resolution unit obtains the instruction of the page verification for parsing the forms pages;
Display unit, the instruction for showing the page verification;
Second receiving unit, the operation information inputted according to the instruction that the page is verified for receiving user;
Second information returning unit, for returning to the operation information to server, so that the server is according to the operation
Information carries out page verification.
13. the client for page verification as claimed in claim 12, wherein the instruction of the page verification is with encrypted word
The form of symbol string is embedded in the forms pages;The encrypted characters string is the public key encryption designated word using preset encryption method
What symbol obtained;The designated character includes described instruction;
The resolution unit includes:Analyzing sub-module obtains the encrypted characters string for parsing the forms pages;Decrypt mould
Block obtains described instruction for decrypting the encrypted characters string using the private key of preset encryption method.
14. a kind of page verifies system, wherein including:Client described in server and 12 as claimed in claim 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410379576.3A CN105337940B (en) | 2014-08-04 | 2014-08-04 | A kind of page verification method, client, server and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410379576.3A CN105337940B (en) | 2014-08-04 | 2014-08-04 | A kind of page verification method, client, server and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105337940A CN105337940A (en) | 2016-02-17 |
| CN105337940B true CN105337940B (en) | 2018-11-02 |
Family
ID=55288226
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410379576.3A Active CN105337940B (en) | 2014-08-04 | 2014-08-04 | A kind of page verification method, client, server and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105337940B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107463851B (en) * | 2016-06-02 | 2020-11-27 | 阿里巴巴(中国)有限公司 | Page verification method, device and system |
| CN106330437A (en) * | 2016-10-20 | 2017-01-11 | 武汉斗鱼网络科技有限公司 | Password resetting method and device |
| CN109491908B (en) * | 2018-11-06 | 2021-12-10 | 北京字节跳动网络技术有限公司 | Page detection method and device, electronic equipment and storage medium |
| CN111199007A (en) * | 2020-01-10 | 2020-05-26 | 北京智信通联信息技术有限公司 | Configuration method based on Web page, data encryption method and device |
| CN112717417A (en) * | 2020-12-31 | 2021-04-30 | 新浪网技术(中国)有限公司 | Man-machine recognition method and device |
| CN113765898B (en) * | 2021-08-20 | 2023-08-01 | 北京来也网络科技有限公司 | Login method, device, equipment and medium based on AI and RPA |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102257466A (en) * | 2008-12-19 | 2011-11-23 | 微软公司 | Image-based human interactive proofs |
| CN103064607A (en) * | 2011-10-20 | 2013-04-24 | 网秦无限(北京)科技有限公司 | Method and system for unlocking device with touch screen |
| CN103701600A (en) * | 2013-12-13 | 2014-04-02 | 百度在线网络技术(北京)有限公司 | Input validation method and device |
| US9024890B2 (en) * | 2008-05-17 | 2015-05-05 | David H. Chin | Comparison of an applied gesture on a touch screen of a mobile device with a remotely stored security gesture |
-
2014
- 2014-08-04 CN CN201410379576.3A patent/CN105337940B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9024890B2 (en) * | 2008-05-17 | 2015-05-05 | David H. Chin | Comparison of an applied gesture on a touch screen of a mobile device with a remotely stored security gesture |
| CN102257466A (en) * | 2008-12-19 | 2011-11-23 | 微软公司 | Image-based human interactive proofs |
| CN103064607A (en) * | 2011-10-20 | 2013-04-24 | 网秦无限(北京)科技有限公司 | Method and system for unlocking device with touch screen |
| CN103701600A (en) * | 2013-12-13 | 2014-04-02 | 百度在线网络技术(北京)有限公司 | Input validation method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105337940A (en) | 2016-02-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105337940B (en) | A kind of page verification method, client, server and system | |
| CN104468531B (en) | The authorization method of sensitive data, device and system | |
| US10218506B1 (en) | Cross-device authentication | |
| CN107302539B (en) | Electronic identity registration and authentication login method and system | |
| CN106487511B (en) | Identity authentication method and device | |
| KR101589192B1 (en) | Identity authentication and management device and method thereof | |
| CN105025041B (en) | The methods, devices and systems that file uploads | |
| US20150222435A1 (en) | Identity generation mechanism | |
| CN109801192A (en) | Electron contract method, apparatus, computer equipment and storage medium | |
| US20160205098A1 (en) | Identity verifying method, apparatus and system, and related devices | |
| CN108063750A (en) | dynamic user identity verification method | |
| US20090150983A1 (en) | System and method for monitoring human interaction | |
| CN102123148B (en) | Authentication method, system and device based on dynamic password | |
| JP2013524314A (en) | Authentication method and system using portable terminal | |
| CN106100848A (en) | Double factor identity authorization system based on smart mobile phone and user password and method | |
| CN104700007A (en) | Gesture impression password setting and application method | |
| US20140227999A1 (en) | Method, server and system for authentication of a person | |
| CN104348617A (en) | Verification code processing method and device, and terminal and server | |
| KR101897085B1 (en) | Apparatus and method for generating a realtime password and storage medium | |
| WO2015032281A1 (en) | Method and system for generating and processing challenge-response tests | |
| US10587594B1 (en) | Media based authentication | |
| JP2008242926A (en) | Authentication system, authentication method and authentication program | |
| CN108174360A (en) | A kind of note transmission method and device, short-message verification method and device | |
| CN108833431A (en) | A kind of method, apparatus, equipment and the storage medium of password resetting | |
| CN110113329A (en) | A kind of verification method and device of identifying code |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201231 Address after: 310052 room 508, 5th floor, building 4, No. 699 Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: Alibaba (China) Co.,Ltd. Address before: 12 / F, 28 Chengfu Road, Haidian District, Beijing 100083 Patentee before: UC MOBILE Ltd. |