CN105553947A - Methods and devices for finding account back, protecting account security and preventing account theft - Google Patents

Methods and devices for finding account back, protecting account security and preventing account theft Download PDF

Info

Publication number
CN105553947A
CN105553947A CN201510900205.XA CN201510900205A CN105553947A CN 105553947 A CN105553947 A CN 105553947A CN 201510900205 A CN201510900205 A CN 201510900205A CN 105553947 A CN105553947 A CN 105553947A
Authority
CN
China
Prior art keywords
information
account number
authentication
biological characteristic
identity document
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510900205.XA
Other languages
Chinese (zh)
Inventor
王小叶
陆莉
阳萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201510900205.XA priority Critical patent/CN105553947A/en
Publication of CN105553947A publication Critical patent/CN105553947A/en
Priority to CN201611061995.8A priority patent/CN106789922A/en
Priority to CN201611060402.6A priority patent/CN106789918A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Abstract

The invention relates to methods and devices for preventing account theft, protecting account security and finding an account back. The method for preventing the account theft comprises the steps of: receiving a sensitivity operation request for an account identifier; determining whether the requesting device is authorized; if the device is authorized, acquiring a corresponding verification mode according to the security level of the sensitivity operation, verifying the uploaded verification information by the stored verification information corresponding to the verification mode to obtain a verification result; if the verification is passed, permitting the sensitivity operation; if the verification is unsuccessful, refusing the sensitivity operation, wherein the verification mode comprises a user biological feature information verification mode; and if the device is not authorized, returning to the prompt information of the sensitivity operation operated on the authorized device. By verifying the biological feature information and the identity document information of the user, the safety of the account is improved.

Description

Give the method and apparatus of account number, protection account number safety, account anti-theft for change
Technical field
The present invention relates to information security field, particularly relate to a kind of method and apparatus, the method and apparatus of protection account number safety, the method and apparatus of account anti-theft of giving account number for change.
Background technology
Universal along with computer and Internet technology, increasing user uses internet to be engaged in various activity.When user is engaged in activity by internet, needs to register various account number, and password is set, but password is easily forgotten or easily stolen.
In order to ensure cryptosecurity, provide multiple cryptoguard instrument, as arranged safety problem, user carry out changing close, give the sensitive operation such as account number for change time, need to answer correct option.But the relatively morning that the answer of the safety problem of password is generally arranged, easily forget, and be easy to be stolen by other people, fail safe is low.Another kind of mode is by account number binding phone number, verifies by sending dynamic secret order to phone number, if phone number is changed, have forgotten the phone number of binding, then cannot verify, and dynamically secret order is easily utilized fishing mode to steal by other people, its fail safe is low.
Summary of the invention
Based on this, be necessary, for the low problem of traditional account number safeguard protection, a kind of method and apparatus of account anti-theft to be provided, the fail safe of account number can be improved.
In addition, there is a need to provide a kind of method and apparatus protecting account number safety, the fail safe of account number can be improved.
In addition, there is a need to provide a kind of method and apparatus giving account number for change, the fail safe of account number can be improved.
A method for account anti-theft, comprises the following steps:
Receive the sensitive operation request to account number mark, in described sensitive operation request, comprise the facility information of initiating sensitive operation request;
Judge whether the equipment represented by facility information of initiating described sensitive operation request is authorisation device;
If described equipment is authorisation device, then obtains corresponding verification mode according to the level of security of sensitive operation in described sensitive operation request, described verification mode is sent to the requestor initiating described sensitive operation request;
Receive the authorization information uploaded according to described verification mode;
Described authorization information is carried out checking by the authorization information stored corresponding to described verification mode to the authorization information uploaded and is verified result;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises the checking of user biological characteristic information; Described authorization information is corresponding with described verification mode;
If described equipment is not authorisation device, then return the information of carrying out sensitive operation in authorisation device.
A method for account anti-theft, comprises the following steps:
Initiate the sensitive operation request to account number mark, in described sensitive operation request, comprise the facility information of the sensitive operation request initiated account number mark;
If equipment is authorisation device, then receive the verification mode corresponding to the level of security of sensitive operation in described sensitive operation request returned;
Obtain the authorization information gathered according to described verification mode;
The authorization information of collection is uploaded to certificate server;
Receive described certificate server and the authorization information uploaded is verified to the result obtained by the authorization information stored corresponding to described verification mode;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode;
If equipment is not authorisation device, then receives and be illustrated in the information of authorisation device being carried out sensitive operation.
Protect a method for account number safety, comprise the following steps:
Receive the authentication information of account number mark and the correspondence uploaded, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
Biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored are compared and obtains the first Similarity value;
User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value;
The authentication result to described authentication information is obtained according to described first Similarity value and the second Similarity value;
If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Protect a method for account number safety, comprise the following steps:
Gather user biological characteristic information and identity document information;
Obtain account number mark and user's usage behavior data;
Upload the authentication information of described account number mark and correspondence to certificate server, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
To make described certificate server extract face from described identity document information, described user biological characteristic information is compared with biological characteristic in the biological characteristic stored or identity document information and obtains the first Similarity value; User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value; The authentication result to described authentication information is determined according to described first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Give a method for account number for change, comprise the following steps:
Account number request is given in reception for change;
The user biological characteristic information and identity document information that obtain account number mark and correspondence is given account number request for change from described;
User biological characteristic information according to certification and in the real name archives of the account number mark, user biological characteristic information and the identity document information that store and identity document information are verified the described user biological characteristic information uploaded and identity document information, are verified result;
The result is sent to the requestor initiating to give account number request for change;
If the result is for being verified, then give account number success for change, if the result is authentication failed, then account number gives failure for change.
Give a method for account number for change, comprise the following steps:
Obtain the identity document information at the user biological characteristic information and scanning giving the collection of account number interface for change;
That initiates to comprise account number mark and user biological characteristic information and identity document information gives account number request for change;
Receive according to described in give the result that account number request returns for change, described the result is certificate server according to certification and the account number stored identifies, user biological characteristic information in the real name archives of user biological characteristic information and identity document information and identity document information are verified the described user biological characteristic information uploaded and identity document information and obtained;
If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
A device for account anti-theft, comprising:
Operation requests receiver module, for receiving the sensitive operation request to account number mark, comprises the facility information of initiating sensitive operation request in described sensitive operation request;
Judge module, for judging to initiate equipment represented by the facility information of described sensitive operation request whether authorisation device;
Verification mode returns module, if be authorisation device for described equipment, then obtains corresponding verification mode according to the level of security of sensitive operation in described sensitive operation request, described verification mode is sent to described account number to identify corresponding user;
Authorization information receiver module, for receiving the authorization information uploaded according to described verification mode;
Antitheft authentication module, is verified result for described authorization information is carried out checking by the authorization information stored corresponding to described verification mode to the authorization information uploaded;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode
Information returns module, if be not authorisation device for described equipment, then returns the information of carrying out sensitive operation in authorisation device.
A device for account anti-theft, comprising:
Operation requests initiation module, for initiating the sensitive operation request to account number mark, comprises the facility information of the sensitive operation request initiated account number mark in described sensitive operation request;
Verification mode receiver module, if be authorisation device for equipment, then receives the verification mode corresponding to the level of security of sensitive operation in described sensitive operation request returned;
Authorization information acquisition module, for obtaining the authorization information gathered according to described verification mode;
Transmission module in authorization information, for uploading to certificate server by the authorization information of collection;
The result receiver module, verifies by the authorization information stored corresponding to described verification mode the result obtained for receiving described certificate server to the authorization information uploaded;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode;
Information receiver module, if be not authorisation device for equipment, then receive and is illustrated in the information of authorisation device being carried out sensitive operation.
Protect a device for account number safety, comprising:
Receiver module, for receiving the authentication information of account number mark and the correspondence uploaded, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
Comparing module, obtains the first Similarity value for biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored being compared;
Comparison module, compares for the user's historical behavior data corresponding to described user's usage behavior data and described account number being identified, obtains the second Similarity value;
Authentication result obtains module, for obtaining the authentication result to described authentication information according to described first Similarity value and the second Similarity value;
Relation sets up module, if be authentication success for authentication result, then account number mark, user biological characteristic information and identity document information is set up corresponding real name archives.
Protect a device for account number safety, comprising:
Acquisition module, for gathering user biological characteristic information and identity document information;
Data obtaining module, for obtaining account number mark and user's usage behavior data;
Upper transmission module, for uploading the authentication information of described account number mark and correspondence to certificate server, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data; To make described certificate server biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored compared and obtain the first Similarity value; User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value; The authentication result to described authentication information is determined according to described first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Give a device for account number for change, comprising:
Giving account number request receiving module for change, giving account number request for change for receiving;
Extraction module, for giving in account number request from described the user biological characteristic information and identity document information that obtain account number mark and correspondence for change;
Authentication module, for the user biological characteristic information according to certification and in the real name archives of the account number mark, user biological characteristic information and the identity document information that store and identity document information, the described user biological characteristic information uploaded and identity document information are verified, be verified result;
Sending module, for sending to the requestor initiating to give account number request for change by the result;
If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
Give a device for account number for change, comprising:
Give account acquisition module for change, for obtaining the identity document information at the user biological characteristic information and scanning giving the collection of account number interface for change;
Give account number request initiation module for change, give account number request for change for what initiate to comprise account number mark and user biological characteristic information and identity document information;
Give account number result receiver module for change, for receive according to described in give the result that account number request returns for change, described the result is certificate server according to certification and the account number stored identifies, user biological characteristic information in the real name archives of user biological characteristic information and identity document information and identity document information are verified the described user biological characteristic information uploaded and identity document information and obtained;
If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
The method and apparatus of above-mentioned account anti-theft, by judging whether the equipment of initiating sensitive operation request is authorisation device, if authorisation device, then provide corresponding verification mode according to the level of security of sensitive operation, authorization information corresponding to verification mode is verified the authorization information uploaded, after being verified, allow this sensitive operation, authentication failed, then refuse this sensitive operation, if equipment is not authorisation device, then send information, remind and carry out sensitive operation in authorisation device, shield unsafe entrance, improve the fail safe of account number, prevent account number stolen.
The method and apparatus of above-mentioned protection account number safety; by user biological characteristic information, identity document information and user's usage behavior data are carried out certification; after certification is passed through; establish the real name archives that account number mark, user biological characteristic information and identity document information are corresponding; by the safety that these real name archives can effectively protect user account number to identify; improve the fail safe of account number; when user operates account number; need the checking carrying out face and/or identity document information, provide the fail safe of account number.
The above-mentioned method and apparatus giving account number for change, by the user biological characteristic information in the real name archives of the user biological characteristic information of reception and identity document information and the user biological characteristic information stored and identity document information and identity document information are compared, be verified, then give account number for change, recover account number, account number is given for change by user biological characteristic information and identity document information, do not need to remember cost, account number can be given for change fast, and belonging to the voucher of people belonging to account number mark because of user biological characteristic information and identity document information, fail safe is high.
Accompanying drawing explanation
Fig. 1 protects the method for account number safety in an embodiment, gives the method for account number and the applied environment schematic diagram of account anti-theft method for change;
Fig. 2 is the process schematic being gathered face and identity document information by terminal;
Fig. 3 is process schematic authentication information being carried out to certification;
Fig. 4 is the schematic diagram determining whether authentication success after carrying out certification to authentication information;
Fig. 5 is authority information terminal being shown the feedback information after authentication success and obtain;
Fig. 6 A is the process schematic that traditional approach gives account number for change;
Fig. 6 B is the process schematic being given for change account number by face and identity document information;
Fig. 7 A is the schematic diagram of multiple verification mode;
Fig. 7 B is the process schematic of Modify password;
Fig. 8 is the schematic diagram that sensitive operation is carried out in prompting in authorisation device;
Fig. 9 gathers the schematic diagram that user fingerprints and identity document information carry out certification in an embodiment;
Figure 10 is the flow chart protecting the method for account number safety in an embodiment;
Figure 11 is the particular flow sheet processed sensitive operation;
Figure 12 is the flow chart of the method protecting account number safety in another embodiment;
Figure 13 is to the particular flow sheet that sensitive operation processes on Figure 12 basis;
Figure 14 is the flow chart giving the method for account number in an embodiment for change;
Figure 15 is the flow chart of the method giving account number in another embodiment for change;
Figure 16 is the flow chart of the method for account anti-theft in an embodiment;
Figure 17 is the flow chart of the method for account anti-theft in another embodiment;
Figure 18 is the structured flowchart protecting the device of account number safety in an embodiment;
Figure 19 is the structured flowchart of the device protecting account number safety in another embodiment;
Figure 20 is the structured flowchart giving the device of account number in an embodiment for change;
Figure 21 is the structured flowchart of the device giving account number in another embodiment for change;
Figure 22 is the structured flowchart of the device of account anti-theft in an embodiment;
Figure 23 is the structured flowchart of the device of account anti-theft in another embodiment;
Figure 24 is the internal structure schematic diagram of terminal in an embodiment;
Figure 25 is the internal structure schematic diagram of certificate server in an embodiment.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
Be appreciated that term used in the present invention " first ", " second " etc. can in this article for describing various element, but these elements do not limit by these terms.These terms are only for distinguishing first element and another element.
Fig. 1 protects the method for account number safety in an embodiment, gives the method for account number and the applied environment schematic diagram of account anti-theft method for change.As shown in Figure 1, this applied environment comprises terminal 110, certificate server 120 and Third Party Authentication system 130.Terminal 110 communicates with certificate server 120, and certificate server 120 communicates with Third Party Authentication system 130.
Terminal 110 provides client, and user to certificate server 120, inputs account at account registration interface by client's side link.Account information comprises account number mark and password, and account number mark and password are submitted to certificate server 120 and verify, after being verified, certificate server 120 returns the information that succeeds in registration in terminal 110.Terminal 110 can be personal computer, smart mobile phone, panel computer or personal digital assistant etc.Account number mark can be account number name or E-mail address or phone number etc.Account number name can be one or more combinations in numeral, letter and character.
In order to protect account number safety, certificate server 120 sends the information of face and identity document authentification of message to terminal 110.Client in terminal 110 is shown information or is provided the entrance carrying out face and identity document authentification of message.Client can be business application (App) or browser client etc.
Terminal 110 gathers user biological characteristic information and identity document information by camera or sensor, and obtains account number mark and user's usage behavior data, and account number mark and authentication information are uploaded to certificate server 120.Wherein, authentication information comprises user biological characteristic information, identity document information and user's usage behavior data.User biological characteristic information can comprise at least one in face characteristic information, fingerprint feature information, iris feature information, palm print characteristics information etc.Terminal 110 gathers user fingerprints characteristic information by fingerprint collecting transducer, takes face, palmprint image by camera, gathers iris feature information etc. by iris transducer.
Identity document information comprises certificate numbering, name, date of birth, issuing authority, valid expiration date etc.Identity document information can adopt image format to show, as direct picture and the verso images of identity card, or comprises the driving license image of face, or comprises the passport image etc. of face.The facility information that user's usage behavior data use when can comprise upload user biological information and identity document information and network environment.Facility information can comprise device type, unit type, device identification etc.Network environment can comprise used network type, geographical position etc.User biological characteristic information comprises face characteristic information, then facial image can be gathered, the face feature of what facial image mainly gathered is face, face feature can comprise shape, the relative position relation of face's organ, the size relation of face's organ of face's organ, specifically as shape, the shape of lip, the size of lip, the patterned feature such as height, forehead height, face's decree line of cheekbone of the spacing between eyes size, two eyes, eye shape, nose.Fig. 2 is the process schematic being gathered face and identity document information by terminal.As shown in Figure 2, user is autodyned by mobile phone and obtains facial image, and shooting identity card obtains identity document information, and facial image and ID Card Image are uploaded to certificate server 120.
Before terminal 110 gathers user biological characteristic information, live body checking can be carried out to providing the picker of user biological characteristic information.Terminal 110 specifically comprises providing the picker of user biological characteristic information to carry out movable checking: export the motion guiding information chosen from action guidance information storehouse, gather corresponding motion images, the motion images of collection and motion guiding information are carried out matching detection, if coupling, then illustrate to there is live body, or the motion images of collection and motion guiding information are carried out mating obtaining matching value, when matching value exceedes matching value threshold value, then illustrate to there is live body, otherwise there is not live body.Motion guiding information comprises the action indicator sequence that multiple action indicating member is formed.Action indicating member is minimum motion guiding unit, an action indicating member represents an action, such as " nictation ", " opening one's mouth " or " rotary head " represent an action indicating member respectively, and multiple action indicating member arranges formation action indicator sequence in order.Matching value can adopt the similarity of motion images and the motion images corresponding to motion guiding information to represent, or, represent by the value after that carries out positive correlation computing to similarity.
Account number mark on certificate server 120 receiving terminal 110 and the authentication information of correspondence, compare biological characteristic in user biological characteristic information and identity document information or the biological characteristic storehouse that stored and obtain the first Similarity value; User's historical behavior data corresponding to user's usage behavior data and account number being identified compare, and obtain the second Similarity value; The data stored in user biological characteristic information and/or identity document information and Third Party Authentication system 130 are compared, obtains third phase like angle value; When the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to this authentication information authentication success, otherwise authentification failure.If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives by certificate server 120.Identity document information can comprise name, passport NO., date of birth, issuing authority, valid expiration date and identity document image etc.
When user biological characteristic information comprises face characteristic information, can extract face from identity document information, the face of extraction and face characteristic information being compared obtains the first Similarity value; Also facial image can be compared with the facial image stored and obtain the first Similarity value.When user biological characteristic information comprises fingerprint feature information, iris feature information or palm print characteristics information, fingerprint feature information, iris feature information or palm print characteristics information are carried out corresponding comparison with fingerprint feature information, iris feature information or palm print characteristics information in the biological characteristic storehouse stored and obtains the first Similarity value.
When user biological characteristic information comprises two or more in face characteristic information, fingerprint feature information, iris feature information and palm print characteristics information, face characteristic information, fingerprint feature information, iris feature information and palm print characteristics information to be compared with characteristic information in the biological characteristic storehouse stored respectively respective Similarity value, respective Similarity value is carried out arithmetic average or weighted average obtains the first Similarity value.First Similarity value, the second Similarity value and third phase all can adopt unified scoring value to represent like angle value, and respective numerical computations mode also can be adopted to calculate.Such as the first Similarity value, the second Similarity value and third phase all adopt percentage to represent like angle value, and namely identical, then Similarity value is 1; Not same, then Similarity value is 0; Have half identical, then Similarity value is 50%.First Similarity value, the second Similarity value and third phase also can adopt hundred-mark system score value to represent like angle value, and namely identical, then Similarity value is 100 points; Not same, then Similarity value is 0 point; Have half identical, then Similarity value is 50 points.
The data stored in user biological characteristic information and/or identity document information and Third Party Authentication system 130 are compared and comprises: the biological information stored in user biological characteristic information and Third Party Authentication system 130 can be compared, also the identity document information stored in identity document information and Third Party Authentication system 130 can be compared, or the biological information stored in user biological characteristic information and Third Party Authentication system 130 is compared, and the identity document information stored in identity document information and Third Party Authentication system 130 is compared.
The identity authorization system etc. that Third Party Authentication system 130 can be public security bureau's identity authorization system or specifies.
In other embodiments, applied environment can not comprise Third Party Authentication system 130.Account number mark on certificate server 120 receiving terminal 110 and the authentication information of correspondence, compare biological characteristic in user biological characteristic information and identity document information or the biological characteristic storehouse that stored and obtain the first Similarity value; User's historical behavior data corresponding to user's usage behavior data and account number being identified compare, and obtain the second Similarity value.When the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to this authentication information authentication success, otherwise authentification failure.If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives by certificate server 120.
Fig. 3 is process schematic authentication information being carried out to certification.As shown in Figure 3, the face of the face on identity card and shooting is compared and is obtained the first Similarity value and score A by certificate server 120; User's usage behavior data and user's historical behavior data are compared, obtain the second Similarity value and score B, wherein user's usage behavior data can comprise unit type and network environment, user's historical behavior data can comprise x month x day in 2015, log in ground abc, logging device m123, x month x day in 2015, log in ground abc, logging device m123 etc.; The facial image submit to user and/or identity document information and public security bureau's identity authorization system are compared, and obtain third phase seemingly angle value and score C.
Fig. 4 is the schematic diagram determining whether authentication success after carrying out certification to authentication information.As shown in Figure 4, certificate server 120 carries out judging whether that certification is passed through according to score A, score B and score C, when score A exceed first threshold, score B exceed Second Threshold and score C more than the 3rd threshold value, then authentication success, then sets up the real name archives of account number mark, facial image and ID card information and photo.Account number mark can comprise user name, password and other information.ID card information can comprise name, ID card No. and address information etc.
Fig. 5 is authority information terminal being shown the feedback information after authentication success and obtain.As shown in Figure 5, terminal 110 shows the information of authentication success, and point out " you have obtained following privilege ", as 100% given account number for change, forbid that other people change close and complaint, honor and enjoy real name identity etc.Account has 100% and gives account number for change, the verification mode of memoryless cost, forbids that other people change the advantages such as close and complaint.
In one embodiment, when user forget account number cipher or account number stolen after, when giving account number for change, terminal 110 obtains is giving the user biological characteristic information and the identity document information of scanning that account number interface gathers for change, and that initiates to comprise account number mark and user biological characteristic information and identity document information to certificate server 120 gives account number request for change.Certificate server 120 receiving package account number mark and the user biological characteristic information of correspondence and identity document information give account number request for change after, identify according to the account number that certification also stores, user biological characteristic information in the real name archives of user biological characteristic information and identity document information and identity document information are verified this user biological characteristic information uploaded and identity document information, be verified result, if the result is for being verified, then give account number success for change, if the result is authentication failed, then give account number failure for change, the result is sent to the terminal 110 initiating to give the requestor place of account number request for change.Because user biological characteristic information and identity document information can be carried at any time, do not need memory, authenticating security and convenient.
Fig. 6 A is the process schematic that traditional approach gives account number for change.Fig. 6 B is the process schematic being given for change account number by face and identity document information.As shown in Figure 6A, give the information of filling in needed for account number for change giving on account number interface display for change, this information comprises name, identity card, the mailbox of binding, the phone number, history password, good friend etc. of binding, if any one is filled in mistake, then give for change on account number interface show " information provided is not accurate enough, give for change account number failure! " information.As shown in Figure 6B, terminal 110 account number interface provides scanning face and scanning identity document information giving for change, the face obtain scanning and identity document information upload to certificate server 120, by verifying face and identity document information, after being verified, then certificate server 120 returns and is verified, and gives account number success for change.Terminal 110 shows account number successfully give for change.
In one embodiment, terminal 110 obtains the sensitive operation that user identifies account number, initiates the sensitive operation request to account number mark to certificate server 120; Certificate server 120 obtains corresponding verification mode according to the level of security of sensitive operation in this sensitive operation request, verification mode is sent to the terminal 110 at the requestor place of initiating sensitive operation request; Terminal 110 gathers authorization information according to verification mode, and authorization information is uploaded to certificate server 120; Certificate server 120 carries out checking by the authorization information stored corresponding to this verification mode to the authorization information uploaded and is verified result.Sensitive operation can comprise login, Modify password, amendment communicating number, amendment E-mail address, bound device etc.If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation; This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; This authorization information is corresponding with this verification mode, namely verification mode is the checking of user biological characteristic information, then gather and the authorization information uploaded should be user biological characteristic information, the authorization information stored corresponding to the verification mode that certificate server 120 provides also is user biological characteristic information.
The level of security of sensitive operation and the verification mode corresponding to level of security can pre-set.Such as sensitive operation is for logging in, and during level of security is, then verification mode can be the checking of user biological characteristic information; Sensitive operation is Modify password, and level of security is high, then verification mode can be the checking of user biological characteristic information and adds identity document Information Authentication.
In addition, receive and store the mobile communication mark according to the typing of account mark, and identifying the password protection problem and answer that arrange according to account; This verification mode also comprises password protection problem and/or sends dynamic code to mobile communication mark; Described authorization information comprises the dynamic code of answer and/or the input inputted according to described password protection problem.
Fig. 7 A is the schematic diagram of multiple verification mode.As shown in Figure 7 A, face verification can be provided according to the level of security of sensitive operation, face adds identity document Information Authentication, face adds identity document information and add other modes and verify (as mobile phone+password protection problem etc.).
Fig. 7 B is the process schematic of Modify password.As shown in Figure 7 B, terminal 110 gets Modify password operation, initiates the Modify password request to account number mark to certificate server 120; Certificate server 120 is according to the verification mode of Modify password acquisition request face verification, and the verification mode of face verification sends to terminal 110; Terminal 110 is pointed out " please first scan face and carry out authentication " and " starting checking " control, terminal 110 obtains the operation to " starting to verify " control, open camera, the face of scanning user, obtain facial image, and facial image is uploaded to certificate server 120, the facial image of the facial image of scanning with authentication store is compared by certificate server 120, if identical, then judge it is the owner that account number identifies, can continue to arrange new password, if inconsistent, then judge it is other people, refuse this operation.
In one embodiment, terminal 110 obtains the sensitive operation to account number mark, initiates the 120 sensitive operation requests initiating to identify account number, comprise the facility information of initiating sensitive operation request in this sensitive operation request according to sensitive operation to certificate server.Facility information can comprise device type etc.
After certificate server 120 receives sensitive operation request, judge the whether authorisation device of the equipment represented by facility information initiating this sensitive operation request; If this equipment is authorisation device, then obtains corresponding verification mode according to the level of security of sensitive operation in this sensitive operation request, this verification mode is sent to the terminal 110 at the requestor place of initiating this sensitive operation request.
Terminal 110 gathers authorization information according to verification mode, and authorization information is uploaded to certificate server 120; Certificate server 120 carries out checking by the authorization information stored corresponding to this verification mode to the authorization information uploaded and is verified result.Sensitive operation can comprise login, Modify password, amendment communicating number, amendment E-mail address, bound device etc.If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation.This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; This authorization information is corresponding with described verification mode.
If this equipment is not authorisation device, then certificate server 120 return in authorisation device, carry out sensitive operation information to terminal 110, terminal 110 shows this information.Authorisation device refers to and identifies with account number the equipment that there is binding relationship, and binding relationship refers to sets up corresponding relation by account number mark with device identification.Identify with account number the equipment bound and can be mobile phone, panel computer etc.
In authorisation device, carry out sensitive operation by prompting, shield unsafe operation entry, prevent account number stolen.Unsafe operation entry can be webpage entrance and/or other checking entrances etc. except face and identity document Information Authentication.
In one embodiment, in sensitive operation or when giving account number for change, certificate server 120 only can provide face and identity document Information Authentication, shields the checking of other modes, and the checking of other modes is as password protection, dynamic code etc.
Fig. 8 is the schematic diagram that sensitive operation is carried out in prompting in authorisation device.As shown in Figure 8, user initiates the operation requests to account number Modify password on page end, and certificate server 120 detects the conductively-closed of page end entrance, points out by mobile phone version client account number Modify password.
It should be noted that, in Fig. 2, Fig. 3, Fig. 4, Fig. 5, Fig. 6 B, Fig. 7 A and Fig. 7 B, user biological characteristic information is described for facial image, in other embodiments, user biological characteristic information can comprise at least one in face characteristic information, fingerprint feature information, iris feature information and palm print characteristics information.
Fig. 9 gathers the schematic diagram that user fingerprints and identity document information compares in an embodiment.As shown in Figure 9, terminal 110 gathers user fingerprints, obtains identity document information and user's usage behavior data, by account number, user fingerprints, identity document information and user's usage behavior data upload to certificate server 120; User fingerprints is compared with fingerprint in the biological characteristic storehouse stored and is obtained the first Similarity value by certificate server 120; User's historical behavior data corresponding to user's usage behavior data and account number being identified compare, and obtain the second Similarity value; The data stored in user fingerprints and/or identity document information and Third Party Authentication system 130 are compared, obtains third phase like angle value; When the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to this authentication information authentication success, otherwise authentification failure.If authentication result is authentication success, then account number mark, user fingerprints and identity document information are set up corresponding real name archives by certificate server 120.
In addition, when user forget account number cipher or account number stolen after, when giving account number for change, terminal 110 obtains in the identity document information giving user fingerprints that account number interface gathers and scanning for change, and that initiates to comprise account number mark and user fingerprints and identity document information to certificate server 120 gives account number request for change.Certificate server 120 receiving package account number mark and the user fingerprints of correspondence and identity document information give account number request for change after, user fingerprints according to certification and in the real name archives of the account number mark, user fingerprints and the identity document information that store and identity document information are verified this user fingerprints uploaded and identity document information, be verified result, if the result is for being verified, then give account number success for change, if the result is authentication failed, then give account number failure for change, the result is sent to the terminal 110 initiating to give the requestor place of account number request for change.Because user biological characteristic information and identity document information can be carried at any time, do not need memory, authenticating security and convenient.
Figure 10 is the flow chart protecting the method for account number safety in an embodiment.As shown in Figure 10, a kind of method protecting account number safety, runs on the certificate server in Fig. 1, comprises the following steps:
Step 1002, receive the authentication information of account number mark and the correspondence uploaded, this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data.
Particularly, account number mark can be account number name or E-mail address or phone number etc.Account number mark can be one or more combinations in numeral, letter, character.
Identity document information can comprise certificate numbering, name, date of birth, issuing authority, valid expiration date etc.Identity document information can adopt image format to show, as direct picture and the verso images of identity card, or comprises the driving license image of face, or comprises the passport image etc. of face.The facility information that user's usage behavior data use when can comprise upload user biological information and identity document information and network environment.Facility information can comprise device type, unit type, device identification etc.Network environment can comprise used network type, geographical position etc.Before reception authentication information, live body checking can be carried out to user biological characteristic information.
User biological characteristic information comprises at least one in face characteristic information, fingerprint feature information, iris feature information and palm print characteristics information etc.
Step 1004, compares biological characteristic in this user biological characteristic information and this identity document information or the biological characteristic storehouse that stored and obtains the first Similarity value.
Particularly, when user biological characteristic information comprises face characteristic information, can extract face from identity document information, the face of extraction and face characteristic information being compared obtains the first Similarity value; Also facial image can be compared with the facial image stored and obtain the first Similarity value.When user biological characteristic information comprises fingerprint feature information, iris feature information or palm print characteristics information, fingerprint feature information, iris feature information or palm print characteristics information are carried out corresponding comparison with fingerprint feature information, iris feature information or palm print characteristics information in the biological characteristic storehouse stored and obtains the first Similarity value.
Store biological information in the biological characteristic storehouse stored, this biological information comprises face characteristic information, fingerprint feature information, iris feature information and palm print characteristics information.Step 1006, the user's historical behavior data corresponding to these user's usage behavior data and account being identified compare, and obtain the second Similarity value.
Step 1008, obtains the authentication result to this authentication information according to this first Similarity value and the second Similarity value.
Particularly, the first Similarity value, the second Similarity value can adopt percentage to represent, namely identical, then Similarity value is 1; Not same, then Similarity value is 0; Have half identical, then Similarity value is 50%.First Similarity value, the second Similarity value and third phase also can adopt hundred-mark system score value to represent like angle value, and namely identical, then Similarity value is 100 points; Not same, then Similarity value is 0 point; Have half identical, then Similarity value is 50 points.
In the present embodiment, obtain comprising the step of the authentication result of this authentication information according to this first Similarity value and the second Similarity value: when the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to this authentication information authentication success, otherwise authentification failure.
First threshold and Second Threshold can according to circumstances set.
Step 1010, if authentication result is authentication success, then sets up corresponding real name archives by account number mark, user biological characteristic information and identity document information.
Particularly, when identity document information exists with image format, the word in identity document frame is identified by character recognition technology.The Word message of account number mark, user biological characteristic information, identity document information and image are set up corresponding real name archives.
The method of above-mentioned protection account number safety; by user biological characteristic information, identity document information and user's usage behavior data are carried out certification; after certification is passed through; establish the real name archives that account number mark, user biological characteristic information and identity document information are corresponding; by the safety that these real name archives can effectively protect user account number to identify; improve the fail safe of account number; when user operates account number; need the checking carrying out face and/or identity document information, provide the fail safe of account number.
In one embodiment, the method for above-mentioned protection account number safety also comprises: the data stored in this user biological characteristic information and/or identity document information and Third Party Authentication system compared, and obtains third phase like angle value; According to the authentication result that this first Similarity value, the second Similarity value and third phase obtain this authentication information like angle value.
Further, obtain comprising the step of the authentication result of this authentication information like angle value according to this first Similarity value, the second Similarity value and third phase: when the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to this authentication information authentication success, otherwise authentification failure.Detailed process as shown in Figure 3 and Figure 4, does not repeat them here.
Figure 11 is the particular flow sheet processed sensitive operation.As shown in figure 11, composition graphs 7A and Fig. 7 B, in one embodiment, the method for above-mentioned protection account number safety also comprises:
Step 1102, receives the sensitive operation request to account number mark.
Particularly, sensitive operation can comprise login, Modify password, amendment communicating number, amendment E-mail address, bound device etc.Certificate server 120 receives the sensitive operation request to account number mark.
Step 1104, the level of security according to sensitive operation in this sensitive operation request obtains corresponding verification mode, this verification mode is sent to the requestor initiating this sensitive operation request.
Particularly, the level of security of sensitive operation and the verification mode corresponding to level of security can pre-set.Such as sensitive operation is for logging in, and during level of security is, then verification mode can be the checking of user biological characteristic information; Sensitive operation is Modify password, and level of security is high, then verification mode can be the checking of user biological characteristic information and adds identity document Information Authentication.
Step 1106, receives the authorization information uploaded according to this verification mode.
Step 1108, carries out checking by the authorization information stored corresponding to this verification mode to the authorization information uploaded and is verified result; If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation; This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; This authorization information is corresponding with this verification mode.
Such as, verification mode is the checking of user biological characteristic information, then the authorization information stored corresponding to verification mode is the user biological characteristic information stored.The authorization information uploaded and verification mode are also corresponding, if verification mode is the checking of user biological characteristic information, the authorization information uploaded is the landscape figure not having face, then authentication failed.Verify to the authorization information uploaded, the authorization information being about to upload is compared with the authorization information stored, and obtains Similarity value, when Similarity value exceedes similarity threshold, then be proved to be successful, if Similarity value does not exceed similarity threshold, then authentication failed.
Further, the method for above-mentioned protection account number safety also comprises: receive and store the mobile communication mark according to the typing of account mark, and identifying the password protection problem and answer that arrange according to account; This verification mode also comprises password protection problem and/or sends dynamic code to mobile communication mark; This authorization information comprises the dynamic code of answer and/or the input inputted according to this password protection problem.
Particularly, mobile communication mark can be phone number etc.Cryptographic problem according to circumstances can be arranged by user or system provides multiple problem to select for user.
When carrying out sensitive operation to account number mark, verification mode is provided, this verification mode comprises face and/or identity document Information Authentication, because face and identity document information belong to the special certificate of people belonging to account number mark, other people are difficult to steal or copy, improve the fail safe of account number, and accurately can identify steal-number person, and do not need to remember cost; Verify in conjunction with other verification modes, fail safe is higher.
Figure 12 is the flow chart of the method protecting account number safety in another embodiment.As shown in figure 12, a kind of method protecting account number safety, runs in terminal, comprises the following steps:
Step 1202, gathers user biological characteristic information and identity document information.
Particularly, the camera carried by terminal 110 or pick-up transducers etc. gather user biological characteristic information and identity document information.The identity document information gathered can be the identity document image of shooting.
Step 1204, obtains account number mark and user's usage behavior data.
Particularly, the facility information used when user's usage behavior data can comprise upload user biological information and identity document information and network environment.Facility information can comprise device type, unit type, device identification etc.Network environment can comprise used network type, geographical position etc.
Step 1206, upload the authentication information of account mark and correspondence to certificate server, this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data; To make this certificate server biological characteristic in this user biological characteristic information and this identity document information or the biological characteristic storehouse that stored compared and obtain the first Similarity value; User's historical behavior data corresponding to these user's usage behavior data and account being identified compare, and obtain the second Similarity value; The authentication result to this authentication information is determined according to this first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
The method of above-mentioned protection account number safety; by the user biological characteristic information of collection, identity document information and user's usage behavior data upload are carried out certification to certificate server; after certification is passed through; establish the real name archives that account number mark, user biological characteristic information and identity document information are corresponding; by the safety that these real name archives can effectively protect user account number to identify; improve the fail safe of account number; when user operates account number; need the checking carrying out face and/or identity document information, provide the fail safe of account number.
Figure 13 is to the particular flow sheet that sensitive operation processes on Figure 12 basis.As Figure 13, shown in composition graphs 7A and Fig. 7 B, in one embodiment, the method for above-mentioned protection account number safety also comprises:
Step 1302, obtains the sensitive operation to account number mark.
Particularly, sensitive operation can comprise login, Modify password, amendment communicating number, amendment E-mail address, bound device etc.Certificate server 120 receives the sensitive operation request to account number mark.
Step 1304, sends the sensitive operation request identified account number to certificate server according to this sensitive operation.
Step 1306, receives the verification mode corresponding to the level of security of sensitive operation in this sensitive operation request returned.
Particularly, the level of security of sensitive operation and the verification mode corresponding to level of security can pre-set.Such as sensitive operation is for logging in, and during level of security is, then verification mode can be the checking of user biological characteristic information; Sensitive operation is Modify password, and level of security is high, then verification mode can be the checking of user biological characteristic information and adds identity document Information Authentication.
Step 1308, obtains the authorization information gathered according to this verification mode.
Step 1310, uploads to certificate server by the authorization information of collection.
Step 1312, receives this certificate server and the authorization information uploaded is verified to the result obtained by the authorization information stored corresponding to this verification mode; If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation; This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; This authorization information is corresponding with this verification mode.
Such as, verification mode is the checking of user biological characteristic information, then the authorization information stored corresponding to verification mode is the user biological characteristic information stored.The authorization information uploaded and verification mode are also corresponding, if verification mode is the checking of user biological characteristic information, the authorization information uploaded is the landscape figure not having face, then authentication failed.Verify to the authorization information uploaded, the authorization information being about to upload is compared with the authorization information stored, and obtains Similarity value, when Similarity value exceedes similarity threshold, then be proved to be successful, if Similarity value does not exceed similarity threshold, then authentication failed.
Further, in one embodiment, the method for above-mentioned protection account number safety also comprises: obtain the mobile communication mark according to the typing of account mark and password protection problem and answer; The mobile communication mark of account mark and typing and cryptographic problem and answer upload are stored to certificate server; When this verification mode also comprises password protection problem and/or sends dynamic code to mobile communication mark, this authorization information comprises the answer of password protection problem input and/or the dynamic code of input.
When carrying out sensitive operation to account number mark, verification mode is provided, this verification mode comprises user biological characteristic information and/or identity document Information Authentication, because user biological characteristic information and identity document information belong to the special certificate of people belonging to account number mark, other people are difficult to steal or copy, improve the fail safe of account number, and accurately can identify steal-number person; Verify in conjunction with other verification modes, fail safe is higher.
Figure 14 is the flow chart giving the method for account number in an embodiment for change.As shown in figure 14, a kind of method giving account number for change, run on certificate server 120, composition graphs 6B, comprises the following steps:
Step 1402, receives and gives account number request for change.
Step 1404, gives account number request from this user biological characteristic information and identity document information that obtain account number mark and correspondence for change.
Step 1406, user biological characteristic information according to certification and in the real name archives of the account number mark, user biological characteristic information and the identity document information that store and identity document information are verified this user biological characteristic information uploaded and identity document information, are verified result.
Step 1408, sends to the requestor initiating to give account number request for change by the result; If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
The above-mentioned method giving account number for change, by the user biological characteristic information in the real name archives of the user biological characteristic information of reception and identity document information and the user biological characteristic information stored and identity document information and identity document information are compared, be verified, then give account number for change, recover account number, account number is given for change by user biological characteristic information and identity document information, do not need to remember cost, account number can be given for change fast, and belonging to the voucher of people belonging to account number mark because of user biological characteristic information and identity document information, fail safe is high.
In one embodiment, the above-mentioned method giving account number for change, after step 1402, also comprise: judge that this is given for change in account number request and whether comprise user biological characteristic information and identity document information, if, then give account number request from this user biological characteristic information and identity document information that obtain account number mark and correspondence for change, if not, then return need to provide user biological characteristic information and identity document information give account number guidance information for change, then receive upload give according to this user biological characteristic information and identity document information that account number guidance information obtains for change.
By judging to give in account number request whether comprise user biological characteristic information and identity document information for change, maskable falls other and gives the request that account number initiates for change, and what as filled in, the mode such as phone number, password protection answer initiated gives account number request for change.
In one embodiment, the above-mentioned method giving account number for change, before the step of account number request is given in reception for change, also comprises (a1) ~ (a5):
(a1) receive the authentication information of account number mark and the correspondence uploaded, this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data.
(a2) from this identity document information, extract face, the face of this extraction and this user biological characteristic information being compared obtains the first Similarity value.
(a3) these user's usage behavior data and account are identified corresponding to user's historical behavior data compare, obtain the second Similarity value.
(a4) authentication result to this authentication information is obtained according to this first Similarity value and the second Similarity value.
Obtain comprising the step of the authentication result of this authentication information according to this first Similarity value and the second Similarity value: when the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to this authentication information authentication success, otherwise authentification failure.
(a5) if authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Further, the above-mentioned method giving account number for change also comprises: the data stored in this user biological characteristic information and/or identity document information and Third Party Authentication system compared, and obtains third phase like angle value; According to the authentication result that this first Similarity value, the second Similarity value and third phase are determined this authentication information like angle value.
The step of the authentication result determined this authentication information like angle value according to this first Similarity value, the second Similarity value and third phase comprises: when the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to this authentication information authentication success, otherwise authentification failure.
Figure 15 is the flow chart of the method giving account number in another embodiment for change.As shown in figure 15, composition graphs 6B, a kind of method giving account number for change, runs in terminal 110, comprises the following steps:
Step 1502, obtains the identity document information at the user biological characteristic information and scanning giving the collection of account number interface for change.
Step 1504, that initiates to comprise account number mark and user biological characteristic information and identity document information gives account number request for change.
Step 1506, receive and give according to this result that account number request returns for change, this result is certificate server according to certification and the account number stored identifies, user biological characteristic information in the real name archives of user biological characteristic information and identity document information and identity document information verifies this user biological characteristic information uploaded and identity document information and obtain; If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
The above-mentioned method giving account number for change, by the user biological characteristic information in the real name archives of the user biological characteristic information of reception and identity document information and the user biological characteristic information stored and identity document information and identity document information are compared, be verified, then give account number for change, recover account number, account number is given for change by user biological characteristic information and identity document information, do not need to remember cost, account number can be given for change fast, and belonging to the voucher of people belonging to account number mark because of user biological characteristic information and identity document information, fail safe is high.
In one embodiment, this method giving account number for change was obtaining before the user biological characteristic information giving the input of account number interface for change and identity document information, also comprised (b1) ~ (b3):
(b1) user biological characteristic information and identity document information is gathered;
(b2) account number mark and user's usage behavior data are obtained;
(b3) upload the authentication information of account mark and correspondence to certificate server, this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data; To make this certificate server biological characteristic in user biological characteristic information and identity document information or the biological characteristic storehouse that stored compared and obtain the first Similarity value; User's historical behavior data corresponding to these user's usage behavior data and account being identified compare, and obtain the second Similarity value; The authentication result to this authentication information is determined according to this first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Further, the above-mentioned method giving account number for change also comprises: the data stored in this user biological characteristic information and/or identity document information and Third Party Authentication system compared, and obtains third phase like angle value; According to the authentication result that this first Similarity value, the second Similarity value and third phase are determined this authentication information like angle value.
The step of the authentication result determined this authentication information like angle value according to this first Similarity value, the second Similarity value and third phase comprises: when the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to this authentication information authentication success, otherwise authentification failure.
Figure 16 is the flow chart of the method for account anti-theft in an embodiment.As shown in figure 16, composition graphs 8, a kind of account anti-theft method, runs on certificate server 120, comprises the following steps:
Step 1602, receives the sensitive operation request to account number mark, comprises the facility information of initiating sensitive operation request in this sensitive operation request.
Particularly, sensitive operation can comprise login, Modify password, amendment communicating number, amendment E-mail address, bound device etc.
Step 1604, judges the whether authorisation device of the equipment represented by facility information initiating this sensitive operation request.
Particularly, authorisation device refers to and identifies with account number the equipment that there is binding relationship.Binding relationship refers to sets up corresponding relation by account number mark with device identification.
Step 1606, if this equipment is authorisation device, then obtains corresponding verification mode according to the level of security of sensitive operation in this sensitive operation request, this verification mode is sent to the requestor initiating this sensitive operation request.
Step 1608, receives the authorization information uploaded according to this verification mode.
Step 1610, carries out checking by the authorization information stored corresponding to this verification mode to the authorization information uploaded by this authorization information and is verified result; If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation; This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; This authorization information is corresponding with this verification mode.
Step 1612, if this equipment is not authorisation device, then returns the information of carrying out sensitive operation in authorisation device.
The method of above-mentioned account anti-theft, by judging whether the equipment of initiating sensitive operation request is authorisation device, if authorisation device, then provide corresponding verification mode according to the level of security of sensitive operation, authorization information corresponding to verification mode is verified the authorization information uploaded, after being verified, allow this sensitive operation, authentication failed, then refuse this sensitive operation, if equipment is not authorisation device, then send information, remind and carry out sensitive operation in authorisation device, shield unsafe entrance, improve the fail safe of account number, prevent account number stolen.
In one embodiment, the method that account is antitheft, is receiving the sensitive operation request to account number mark, before comprising the step of the facility information of initiating sensitive operation request, is also comprising (c1) ~ (c5) in this sensitive operation request:
(c1) receive the authentication information of account number mark and the correspondence uploaded, this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
(c2) from this identity document information, extract face, the face of this extraction and this user biological characteristic information being compared obtains the first Similarity value;
(c3) these user's usage behavior data and account are identified corresponding to user's historical behavior data compare, obtain the second Similarity value;
(c4) when the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to this authentication information authentication success, otherwise authentification failure;
(c5) if authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Further, in one embodiment, the method for above-mentioned account anti-theft also comprises: the data stored in this user biological characteristic information and Third Party Authentication system compared, and obtains third phase like angle value;
When the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to this authentication information authentication success, otherwise authentification failure.
Figure 17 is the flow chart of the method for account anti-theft in another embodiment.As shown in figure 17, composition graphs 8, a kind of account anti-theft method, runs in terminal, comprises the following steps:
Step 1702, initiates the sensitive operation request to account number mark, comprises the facility information of the sensitive operation request initiated account number mark in this sensitive operation request.
Step 1704, if equipment is authorisation device, then receives the verification mode corresponding to the level of security of sensitive operation in this sensitive operation request returned.
Particularly, authorisation device refers to and identifies with account number the equipment that there is binding relationship, sets up corresponding relation by account number mark with device identification.
Step 1706, obtains the authorization information gathered according to this verification mode.
Step 1708, uploads to certificate server by the authorization information of collection.
Step 1710, receives this certificate server and the authorization information uploaded is verified to the result obtained by the authorization information stored corresponding to this verification mode; If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation; This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; This authorization information is corresponding with this verification mode.
Step 1712, if equipment is not authorisation device, then receives and is illustrated in the information of authorisation device being carried out sensitive operation.
The method of above-mentioned account anti-theft, by judging whether the equipment of initiating sensitive operation request is authorisation device, if authorisation device, the verification mode of the correspondence provided according to the level of security of sensitive operation is then provided, authorization information is gathered according to verification mode, and upload authorization information and verify, after being verified, allow this sensitive operation, authentication failed, then refuse this sensitive operation, if equipment is not authorisation device, then send information, remind and carry out sensitive operation in authorisation device, shield unsafe entrance, improve the fail safe of account number, prevent account number stolen.
Figure 18 is the structured flowchart protecting the device of account number safety in an embodiment.As shown in figure 18; a kind of device protecting account number safety; corresponding to the virtual bench constructed by the method protecting account number safety in Figure 10, comprise receiver module 1802, comparing module 1804, comparison module 1806, authentication result obtains module 1808 and relation sets up module 1810.Wherein:
Receiver module 1802 is for receiving the authentication information of account number mark and the correspondence uploaded, and this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data.
Comparing module 1804 is compared for biological characteristic in user biological characteristic information and identity document information or the biological characteristic storehouse that stored and is obtained the first Similarity value;
Comparison module 1806 compares for the user's historical behavior data corresponding to these user's usage behavior data and account being identified, and obtains the second Similarity value.
Authentication result obtains module 1808 for obtaining the authentication result to this authentication information according to this first Similarity value and the second Similarity value.
In the present embodiment, authentication result obtains module 1808 for when the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to described authentication information authentication success, otherwise authentification failure.
If it is authentication success that relation sets up module 1810 for authentication result, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Comparing module 1804, also for the data stored in this user biological characteristic information and/or identity document information and Third Party Authentication system being compared, obtains third phase like angle value.
Authentication result obtains the authentication result of module 1808 for obtaining described authentication information according to this first Similarity value, the second Similarity value and third phase like angle value.
Particularly, authentication result obtain module 1808 when the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to this authentication information authentication success, otherwise authentification failure.
In one embodiment, the device of above-mentioned protection account number safety, also can comprise operation requests receiver module, verification mode returns module, authorization information receiver module and authentication module.
Operation requests receiver module is for receiving the sensitive operation request to account number mark.
Verification mode returns module and obtains corresponding verification mode for the level of security according to sensitive operation in this sensitive operation request, this verification mode is sent to the requestor initiating described sensitive operation request.
Authorization information receiver module is for receiving the authorization information uploaded according to this verification mode.
Authentication module, is verified result for carrying out checking by the authorization information stored corresponding to this verification mode to the authorization information uploaded.
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation; Verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode.
Memory module for receiving and storing the mobile communication mark according to the typing of described account number mark, and identifies the password protection problem and answer that arrange according to described account number.
This verification mode also comprises password protection problem and/or sends dynamic code to mobile communication mark; This authorization information comprises the dynamic code of answer and/or the input inputted according to described password protection problem.
Figure 19 is the structured flowchart of the device protecting account number safety in another embodiment.As shown in figure 19, a kind of device protecting account number safety, comprises acquisition module 1902, data obtaining module 1904 and upper transmission module 1906.Wherein:
Acquisition module 1902 is for gathering user biological characteristic information and identity document information.
Data obtaining module 1904 is for obtaining account number mark and user's usage behavior data.
Upper transmission module 1906 is for uploading the authentication information of account mark and correspondence to certificate server, and this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data; To make this certificate server biological characteristic in user biological characteristic information and described identity document information or the biological characteristic storehouse that stored compared and obtain the first Similarity value; User's historical behavior data corresponding to these user's usage behavior data and account being identified compare, and obtain the second Similarity value; The authentication result to this authentication information is determined according to this first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
In one embodiment, the device of above-mentioned protection account number safety also comprises operation acquisition module, operation requests initiation module, verification mode receiver module, authorization information acquisition module, transmission module on transmission module, the result receiver module, password protection data obtaining module and encrypted message in authorization information.
Operation acquisition module is for obtaining the sensitive operation to account number mark;
Operation requests initiation module is used for sending according to this sensitive operation the sensitive operation request identified account number to certificate server;
Verification mode receiver module is for receiving the verification mode corresponding to the level of security of sensitive operation in described sensitive operation request returned;
Authorization information acquisition module is for obtaining the authorization information gathered according to this verification mode;
In authorization information, transmission module is used for the authorization information of collection to upload to certificate server;
The result receiver module verifies by the authorization information stored corresponding to described verification mode the result obtained for receiving this certificate server to the authorization information uploaded;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation; This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode.
Password protection data obtaining module is for obtaining mobile communication mark according to the typing of account mark and password protection problem and answer;
In password protection information, transmission module is used for the mobile communication mark of described account number mark and typing and cryptographic problem and answer upload to store to certificate server;
When this verification mode also comprises password protection problem and/or sends dynamic code to mobile communication mark, this authorization information comprises the answer of password protection problem input and/or the dynamic code of input.
Figure 20 is the structured flowchart giving the device of account number in an embodiment for change.As shown in figure 20, a kind of device giving account number for change, runs on certificate server 120, comprises and gives account number request receiving module 2002, extraction module 2004, authentication module 2006 and sending module 2008 for change.
Give account number request receiving module 2002 for change and give account number request for change for receiving.
Extraction module 2004 is for giving in account number request from this user biological characteristic information and identity document information that obtain account number mark and correspondence for change.User biological characteristic information in the real name archives of account number mark, user biological characteristic information and identity document information that authentication module 2006 also stores for basis certification and identity document information are verified this user biological characteristic information uploaded and identity document information, are verified result.
Sending module 2008 is for sending to the requestor initiating to give account number request for change by the result; If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
As shown in figure 20, the above-mentioned device giving account number for change also comprises judge module 2010.
Whether judge module 2010 comprises user biological characteristic information and identity document information for judging that this is given for change in account number request, if, then extraction module 2004 gives account number request from this user biological characteristic information and identity document information that obtain account number mark and correspondence for change, if not, then sending module 2008 return need to provide user biological characteristic information and identity document information give account number guidance information for change, then by give for change account number request receiving module 2002 receive upload give according to this user biological characteristic information and identity document information that account number guidance information obtains for change.
The above-mentioned device giving account number for change also comprises receiver module, comparing module, comparison module, authentication result obtains module and relation sets up module.
Receiver module was used for before account number request is given in reception for change, and receive the authentication information of account number mark and the correspondence uploaded, this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
Comparing module is used for biological characteristic in user biological characteristic information and described identity document information or the biological characteristic storehouse that stored to compare to obtain the first Similarity value;
User's historical behavior data corresponding to comparison module is used for these user's usage behavior data and described account number to identify compare, and obtain the second Similarity value;
Authentication result obtains module for obtaining the authentication result to this authentication information according to this first Similarity value and the second Similarity value;
In the present embodiment, authentication result obtains module for when the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to described authentication information authentication success, otherwise authentification failure.
If it is authentication success that relation sets up module for authentication result, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Authentication result obtains module and the data stored in described user biological characteristic information and/or identity document information and Third Party Authentication system is compared, and obtains third phase like angle value; According to the authentication result that described first Similarity value, the second Similarity value and third phase are determined described authentication information like angle value.
When the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to described authentication information authentication success, otherwise authentification failure.
Figure 21 is the structured flowchart of the device giving account number in another embodiment for change.As shown in figure 21, a kind of device giving account number for change, runs in terminal, comprises giving account acquisition module 2102 for change, giving account number request initiation module 2104 for change and give account number result receiver module 2106 for change.Wherein:
Give account acquisition module 2102 for change for obtaining the identity document information at the user biological characteristic information and scanning giving the collection of account number interface for change;
Give account number request initiation module 2104 for change for what initiate to comprise account number mark and user biological characteristic information and identity document information and give account number request for change;
Give account number result receiver module 2106 for change and give according to this result that account number request returns for receiving for change, this result is certificate server according to certification and user biological characteristic information in the real name archives of the account number mark, user biological characteristic information and the identity document information that store and identity document information are verified this user biological characteristic information uploaded and identity document information and obtained.
If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
In one embodiment, the above-mentioned device giving account number for change also comprises acquisition module, data obtaining module and upper transmission module.
Acquisition module is for gathering user biological characteristic information and identity document information.
Data obtaining module is for obtaining account number mark and user's usage behavior data.
Upper transmission module is for uploading the authentication information of described account number mark and correspondence to certificate server, and this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data; To make this certificate server biological characteristic in user biological characteristic information and described identity document information or the biological characteristic storehouse that stored compared and obtain the first Similarity value; User's historical behavior data corresponding to these user's usage behavior data and account being identified compare, and obtain the second Similarity value; The authentication result to this authentication information is determined according to this first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Figure 22 is the structured flowchart of the device of account anti-theft in an embodiment.As shown in figure 22, a kind of account anti-theft device, comprises operation requests receiver module 2202, judge module 2204, verification mode returns module 2206, authorization information receiver module 2208, antitheft authentication module 2210 and information and return module 2212.Wherein:
Operation requests receiver module 2202, for receiving the sensitive operation request to account number mark, comprises the facility information of initiating sensitive operation request in this sensitive operation request;
Judge module 2204 is for judging to initiate equipment represented by the facility information of this sensitive operation request whether authorisation device;
If it is authorisation device that verification mode returns module 2206 for this equipment, then obtain corresponding verification mode according to the level of security of sensitive operation in this sensitive operation request, this verification mode sent to account to identify corresponding user;
Authorization information receiver module 2208 is for receiving the authorization information uploaded according to this verification mode;
Antitheft authentication module 2210 is verified result for this authorization information is carried out checking by the authorization information stored corresponding to this verification mode to the authorization information uploaded; If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; This authorization information is corresponding with this verification mode.
If it is not authorisation device that information returns module 2212 for this equipment, then return the information of carrying out sensitive operation in authorisation device.
Above-mentioned account anti-theft device also comprises receiver module, comparing module, comparison module, authentication result obtains module and relation sets up module.
Receiver module is used for receiving the sensitive operation request to account number mark, before comprising the facility information of initiating sensitive operation request in this sensitive operation request, receive the authentication information of account number mark and the correspondence uploaded, this authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
Comparing module is used for biological characteristic in user biological characteristic information and identity document information or the biological characteristic storehouse that stored to compare to obtain the first Similarity value;
User's historical behavior data corresponding to comparison module is used for these user's usage behavior data and described account number to identify compare, and obtain the second Similarity value;
Authentication result obtains module for obtaining the authentication result to this authentication information according to this first Similarity value and the second Similarity value;
In the present embodiment, authentication result obtains module for when the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to described authentication information authentication success, otherwise authentification failure.
If it is authentication success that relation sets up module for authentication result, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
Authentication result obtains module and the data stored in user biological characteristic information and/or identity document information and Third Party Authentication system is compared, and obtains third phase like angle value; According to the authentication result that described first Similarity value, the second Similarity value and third phase are determined described authentication information like angle value.
When the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to described authentication information authentication success, otherwise authentification failure.
Figure 23 is the structured flowchart of the device of account anti-theft in another embodiment.As shown in figure 23, a kind of account anti-theft device, comprises transmission module 2308, the result receiver module 2310 and information receiver module 2312 in operation requests initiation module 2302, verification mode receiver module 2304, authorization information acquisition module 2306, authorization information.
Operation requests initiation module 2302, for initiating the sensitive operation request to account number mark, comprises the facility information of the sensitive operation request initiated account number mark in this sensitive operation request;
If verification mode receiver module 2304 is authorisation device for equipment, then receive the verification mode corresponding to the level of security of sensitive operation in this sensitive operation request returned;
Authorization information acquisition module 2306 is for obtaining the authorization information gathered according to this verification mode;
In authorization information, transmission module 2308 is for uploading to certificate server by the authorization information of collection;
The result receiver module 2310 verifies by the authorization information stored corresponding to this verification mode the result obtained for receiving this certificate server to the authorization information uploaded;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
This verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; This authorization information is corresponding with this verification mode;
If information receiver module 2312 is not authorisation device for equipment, then receives and be illustrated in the information of authorisation device being carried out sensitive operation.
Figure 24 is the internal structure schematic diagram of terminal in an embodiment.As shown in figure 24, this terminal comprises the processor, storage medium, internal memory, network interface, image collecting device, display screen and the input unit that are connected by system bus.Wherein, the storage medium of terminal stores operating system; also comprise and a kind ofly protect the device of account number safety, give the device of account number and the device of account anti-theft for change; the device of protection account number safety is for realizing the method protecting account number safety; the device giving account number for change realizes the method giving account number for change, and the device of account anti-theft realizes the method for account anti-theft.This processor is used for providing calculating and control ability, supports the operation of whole terminal.The device saving as the protection account number safety in storage medium in terminal, the operation giving the device of account number and the device of account anti-theft for change provide environment; network interface is used for carrying out network service with server; as sent authentication request to server, the authentication result etc. that reception server returns.Image collecting device is for gathering user biological characteristic information and identity document information.The display screen of terminal can be LCDs or electric ink display screen etc., input unit can be the touch layer that display screen covers, also can be button, trace ball or Trackpad that terminal enclosure is arranged, also can be external keyboard, Trackpad or mouse etc.This terminal can be mobile phone, panel computer or personal digital assistant.It will be appreciated by those skilled in the art that, structure shown in Figure 24, it is only the block diagram of the part-structure relevant to the application's scheme, do not form the restriction to the terminal that the application's scheme is applied thereon, concrete terminal can comprise than parts more or less shown in figure, or combine some parts, or there is different parts layouts.
Figure 25 is the internal structure schematic diagram of certificate server in an embodiment.As shown in figure 25, this server comprises the processor, storage medium, internal memory and the network interface that are connected by system bus.Wherein, the storage medium of this server store operating system, database, protection account number safety device, give the device of account number and the device of account anti-theft for change, store account number mark, user biological characteristic information and identity document information in database.The processor of this server is used for providing calculating and control ability, supports the operation of whole server.The device saving as the protection account number safety in storage medium in this server, the operation giving the device of account number and the device of account anti-theft for change provide environment.The network interface of this server is used for being connected by network with the terminal of outside according to this communicating, the authentication request of such as receiving terminal transmission and to terminal return authentication result etc.Server can realize with the server cluster that independently server or multiple server form.It will be appreciated by those skilled in the art that, structure shown in Figure 25, it is only the block diagram of the part-structure relevant to the application's scheme, do not form the restriction to the server that the application's scheme is applied thereon, concrete server can comprise than parts more or less shown in figure, or combine some parts, or there is different parts layouts.
One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in a non-volatile computer read/write memory medium, this program, when performing, can comprise the flow process of the embodiment as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-OnlyMemory, ROM) etc.
The above embodiment only have expressed several execution mode of the present invention, and it describes comparatively concrete and detailed, but therefore can not be interpreted as the restriction to the scope of the claims of the present invention.It should be pointed out that for the person of ordinary skill of the art, without departing from the inventive concept of the premise, can also make some distortion and improvement, these all belong to protection scope of the present invention.Therefore, the protection range of patent of the present invention should be as the criterion with claims.

Claims (27)

1. a method for account anti-theft, comprises the following steps:
Receive the sensitive operation request to account number mark, in described sensitive operation request, comprise the facility information of initiating sensitive operation request;
Judge whether the equipment represented by facility information of initiating described sensitive operation request is authorisation device;
If described equipment is authorisation device, then obtains corresponding verification mode according to the level of security of sensitive operation in described sensitive operation request, described verification mode is sent to the requestor initiating described sensitive operation request;
Receive the authorization information uploaded according to described verification mode;
Described authorization information is carried out checking by the authorization information stored corresponding to described verification mode to the authorization information uploaded and is verified result;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises the checking of user biological characteristic information and/or identity document information; Described authorization information is corresponding with described verification mode;
If described equipment is not authorisation device, then return the information of carrying out sensitive operation in authorisation device.
2. method according to claim 1, is characterized in that, receiving the sensitive operation request to account number mark, before comprising the step of the facility information of initiating sensitive operation request in described sensitive operation request, described method also comprises:
Receive the authentication information of account number mark and the correspondence uploaded, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
Biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored are compared and obtains the first Similarity value;
User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value;
When the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to described authentication information authentication success, otherwise authentification failure;
If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
3. method according to claim 2, is characterized in that, described method also comprises:
The data stored in described user biological characteristic information and/or identity document information and Third Party Authentication system are compared, obtains third phase like angle value;
When the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to described authentication information authentication success, otherwise authentification failure.
4. a method for account anti-theft, is characterized in that, comprises the following steps:
Initiate the sensitive operation request to account number mark, in described sensitive operation request, comprise the facility information of the sensitive operation request initiated account number mark;
If equipment is authorisation device, then receive the verification mode corresponding to the level of security of sensitive operation in described sensitive operation request returned;
Obtain the authorization information gathered according to described verification mode;
The authorization information of collection is uploaded to certificate server;
Receive described certificate server and the authorization information uploaded is verified to the result obtained by the authorization information stored corresponding to described verification mode;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode;
If equipment is not authorisation device, then receives and be illustrated in the information of authorisation device being carried out sensitive operation.
5. protect a method for account number safety, it is characterized in that, comprise the following steps:
Receive the authentication information of account number mark and the correspondence uploaded, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
Biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored are compared and obtains the first Similarity value;
User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value;
The authentication result to described authentication information is obtained according to described first Similarity value and the second Similarity value;
If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
6. method according to claim 5, is characterized in that, describedly obtains comprising the step of the authentication result of described authentication information according to described first Similarity value and the second Similarity value:
When the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to described authentication information authentication success, otherwise authentification failure.
7. method according to claim 5, is characterized in that, described method also comprises:
The data stored in described user biological characteristic information and/or identity document information and Third Party Authentication system are compared, obtains third phase like angle value;
According to the authentication result that described first Similarity value, the second Similarity value and third phase obtain described authentication information like angle value.
8. method according to claim 7, is characterized in that, obtains comprising the step of the authentication result of described authentication information like angle value according to described first Similarity value, the second Similarity value and third phase:
When the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to described authentication information authentication success, otherwise authentification failure.
9. method according to claim 5, is characterized in that, described method also comprises:
Receive the sensitive operation request to account number mark;
Level of security according to sensitive operation in described sensitive operation request obtains corresponding verification mode, described verification mode is sent to the requestor initiating described sensitive operation request;
Receive the authorization information uploaded according to described verification mode;
By the authorization information stored corresponding to described verification mode, checking is carried out to the authorization information uploaded and be verified result;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode.
10. method according to claim 9, is characterized in that, described method also comprises:
Receive and store the mobile communication mark according to the typing of described account number mark, and identifying the password protection problem and answer that arrange according to described account number;
Described verification mode also comprises password protection problem and/or sends dynamic code to mobile communication mark; Described authorization information comprises the dynamic code of answer and/or the input inputted according to described password protection problem.
11. 1 kinds of methods protecting account number safety, is characterized in that, comprise the following steps:
Gather user biological characteristic information and identity document information;
Obtain account number mark and user's usage behavior data;
Upload the authentication information of described account number mark and correspondence to certificate server, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
To make described certificate server extract face from described identity document information, described user biological characteristic information is compared with biological characteristic in the biological characteristic stored or identity document information and obtains the first Similarity value; User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value; The authentication result to described authentication information is determined according to described first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
12. methods according to claim 11, is characterized in that, described method also comprises:
Obtain the sensitive operation to account number mark;
Send the sensitive operation request that account number is identified to certificate server according to described sensitive operation;
Receive the verification mode corresponding to the level of security of sensitive operation in described sensitive operation request returned;
Obtain the authorization information gathered according to described verification mode;
The authorization information of collection is uploaded to certificate server;
Receive described certificate server and the authorization information uploaded is verified to the result obtained by the authorization information stored corresponding to described verification mode;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode.
13. methods according to claim 12, is characterized in that, described method also comprises:
Obtain according to the mobile communication mark of described account number mark typing and password protection problem and answer;
The mobile communication mark of described account number mark and typing and cryptographic problem and answer upload are stored to certificate server;
When described verification mode also comprises password protection problem and/or sends dynamic code to mobile communication mark, described authorization information comprises the answer of password protection problem input and/or the dynamic code of input.
14. 1 kinds of methods giving account number for change, is characterized in that, comprise the following steps:
Account number request is given in reception for change;
The user biological characteristic information and identity document information that obtain account number mark and correspondence is given account number request for change from described;
User biological characteristic information according to certification and in the real name archives of the account number mark, user biological characteristic information and the identity document information that store and identity document information are verified the described user biological characteristic information uploaded and identity document information, are verified result;
The result is sent to the requestor initiating to give account number request for change;
If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
15. methods according to claim 14, is characterized in that, after the step of account number request is given in described reception for change, described method also comprises:
Give for change described in judgement in account number request and whether comprise user biological characteristic information and identity document information, if, then give account number request from described the user biological characteristic information and identity document information that obtain account number mark and correspondence for change, if not, then return need to provide user biological characteristic information and identity document information give account number guidance information for change, then receive upload according to described in give the user biological characteristic information and identity document information that account number guidance information obtains for change.
16. methods according to claim 14, is characterized in that, give the step of account number request for change in described reception before, described method also comprises:
Receive the authentication information of account number mark and the correspondence uploaded, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
Biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored are compared and obtains the first Similarity value;
User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value;
The authentication result to described authentication information is obtained according to described first Similarity value and the second Similarity value;
If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
17. methods according to claim 16, is characterized in that, describedly obtain comprising the step of the authentication result of described authentication information according to described first Similarity value and the second Similarity value:
When the first Similarity value is greater than first threshold and the second Similarity value is greater than Second Threshold, to described authentication information authentication success, otherwise authentification failure.
18. methods according to claim 16, is characterized in that, described method also comprises:
The data stored in described user biological characteristic information and/or identity document information and Third Party Authentication system are compared, obtains third phase like angle value;
According to the authentication result that described first Similarity value, the second Similarity value and third phase are determined described authentication information like angle value.
19. methods according to claim 18, is characterized in that, the step of the authentication result determined described authentication information like angle value according to described first Similarity value, the second Similarity value and third phase comprises:
When the first Similarity value be greater than first threshold, the second Similarity value be greater than Second Threshold and third phase is greater than the 3rd threshold value like angle value time, to described authentication information authentication success, otherwise authentification failure.
20. 1 kinds of methods giving account number for change, is characterized in that, comprise the following steps:
Obtain the identity document information at the user biological characteristic information and scanning giving the collection of account number interface for change;
That initiates to comprise account number mark and user biological characteristic information and identity document information gives account number request for change;
Receive according to described in give the result that account number request returns for change, described the result is certificate server according to certification and the account number stored identifies, user biological characteristic information in the real name archives of user biological characteristic information and identity document information and identity document information are verified the described user biological characteristic information uploaded and identity document information and obtained;
If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
21. methods according to claim 20, is characterized in that, obtaining before the user biological characteristic information giving the input of account number interface for change and identity document information, described method also comprises:
Gather user biological characteristic information and identity document information;
Obtain account number mark and user's usage behavior data;
Upload the authentication information of described account number mark and correspondence to certificate server, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
To make described certificate server biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored compared and obtain the first Similarity value; User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value; The authentication result to described authentication information is determined according to described first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
The device of 22. 1 kinds of account anti-thefts, is characterized in that, comprising:
Operation requests receiver module, for receiving the sensitive operation request to account number mark, comprises the facility information of initiating sensitive operation request in described sensitive operation request;
Judge module, for judging to initiate equipment represented by the facility information of described sensitive operation request whether authorisation device;
Verification mode returns module, if be authorisation device for described equipment, then obtains corresponding verification mode according to the level of security of sensitive operation in described sensitive operation request, described verification mode is sent to described account number to identify corresponding user;
Authorization information receiver module, for receiving the authorization information uploaded according to described verification mode;
Antitheft authentication module, is verified result for described authorization information is carried out checking by the authorization information stored corresponding to described verification mode to the authorization information uploaded;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode
Information returns module, if be not authorisation device for described equipment, then returns the information of carrying out sensitive operation in authorisation device.
The device of 23. 1 kinds of account anti-thefts, is characterized in that, comprising:
Operation requests initiation module, for initiating the sensitive operation request to account number mark, comprises the facility information of the sensitive operation request initiated account number mark in described sensitive operation request;
Verification mode receiver module, if be authorisation device for equipment, then receives the verification mode corresponding to the level of security of sensitive operation in described sensitive operation request returned;
Authorization information acquisition module, for obtaining the authorization information gathered according to described verification mode;
Transmission module in authorization information, for uploading to certificate server by the authorization information of collection;
The result receiver module, verifies by the authorization information stored corresponding to described verification mode the result obtained for receiving described certificate server to the authorization information uploaded;
If the result is for being verified, then allowing this sensitive operation, if the result is authentication failed, then refusing this sensitive operation;
Described verification mode comprises the checking of user biological characteristic information and/or identity document Information Authentication; Described authorization information is corresponding with described verification mode;
Information receiver module, if be not authorisation device for equipment, then receive and is illustrated in the information of authorisation device being carried out sensitive operation.
24. 1 kinds of devices protecting account number safety, is characterized in that, comprising:
Receiver module, for receiving the authentication information of account number mark and the correspondence uploaded, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data;
Comparing module, obtains the first Similarity value for biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored being compared;
Comparison module, compares for the user's historical behavior data corresponding to described user's usage behavior data and described account number being identified, obtains the second Similarity value;
Authentication result obtains module, for obtaining the authentication result to described authentication information according to described first Similarity value and the second Similarity value;
Relation sets up module, if be authentication success for authentication result, then account number mark, user biological characteristic information and identity document information is set up corresponding real name archives.
25. 1 kinds of devices protecting account number safety, is characterized in that, comprising:
Acquisition module, for gathering user biological characteristic information and identity document information;
Data obtaining module, for obtaining account number mark and user's usage behavior data;
Upper transmission module, for uploading the authentication information of described account number mark and correspondence to certificate server, described authentication information comprises user biological characteristic information, identity document information and user's usage behavior data; To make described certificate server biological characteristic in described user biological characteristic information and described identity document information or the biological characteristic storehouse that stored compared and obtain the first Similarity value; User's historical behavior data corresponding to described user's usage behavior data and described account number being identified compare, and obtain the second Similarity value; The authentication result to described authentication information is determined according to described first Similarity value and the second Similarity value; If authentication result is authentication success, then account number mark, user biological characteristic information and identity document information are set up corresponding real name archives.
26. 1 kinds of devices giving account number for change, is characterized in that, comprising:
Giving account number request receiving module for change, giving account number request for change for receiving;
Extraction module, for giving in account number request from described the user biological characteristic information and identity document information that obtain account number mark and correspondence for change;
Authentication module, for the user biological characteristic information according to certification and in the real name archives of the account number mark, user biological characteristic information and the identity document information that store and identity document information, the described user biological characteristic information uploaded and identity document information are verified, be verified result;
Sending module, for sending to the requestor initiating to give account number request for change by the result;
If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
27. 1 kinds of devices giving account number for change, is characterized in that, comprising:
Give account acquisition module for change, for obtaining the identity document information at the user biological characteristic information and scanning giving the collection of account number interface for change;
Give account number request initiation module for change, give account number request for change for what initiate to comprise account number mark and user biological characteristic information and identity document information;
Give account number result receiver module for change, for receive according to described in give the result that account number request returns for change, described the result is certificate server according to certification and the account number stored identifies, user biological characteristic information in the real name archives of user biological characteristic information and identity document information and identity document information are verified the described user biological characteristic information uploaded and identity document information and obtained;
If the result is for being verified, then giving account number success for change, if the result is authentication failed, then giving account number failure for change.
CN201510900205.XA 2015-12-08 2015-12-08 Methods and devices for finding account back, protecting account security and preventing account theft Pending CN105553947A (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201510900205.XA CN105553947A (en) 2015-12-08 2015-12-08 Methods and devices for finding account back, protecting account security and preventing account theft
CN201611061995.8A CN106789922A (en) 2015-12-08 2016-11-25 Give account number, the method and apparatus of authentication for change
CN201611060402.6A CN106789918A (en) 2015-12-08 2016-11-25 Give account number, protection account number safety, the method and apparatus of account anti-theft for change

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510900205.XA CN105553947A (en) 2015-12-08 2015-12-08 Methods and devices for finding account back, protecting account security and preventing account theft

Publications (1)

Publication Number Publication Date
CN105553947A true CN105553947A (en) 2016-05-04

Family

ID=55832883

Family Applications (3)

Application Number Title Priority Date Filing Date
CN201510900205.XA Pending CN105553947A (en) 2015-12-08 2015-12-08 Methods and devices for finding account back, protecting account security and preventing account theft
CN201611060402.6A Pending CN106789918A (en) 2015-12-08 2016-11-25 Give account number, protection account number safety, the method and apparatus of account anti-theft for change
CN201611061995.8A Pending CN106789922A (en) 2015-12-08 2016-11-25 Give account number, the method and apparatus of authentication for change

Family Applications After (2)

Application Number Title Priority Date Filing Date
CN201611060402.6A Pending CN106789918A (en) 2015-12-08 2016-11-25 Give account number, protection account number safety, the method and apparatus of account anti-theft for change
CN201611061995.8A Pending CN106789922A (en) 2015-12-08 2016-11-25 Give account number, the method and apparatus of authentication for change

Country Status (1)

Country Link
CN (3) CN105553947A (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106293751A (en) * 2016-08-15 2017-01-04 华为技术有限公司 A kind of method showing information on the terminal device and terminal unit
CN106358145A (en) * 2016-09-22 2017-01-25 中国联合网络通信集团有限公司 Safe replacement method of reserved mobile phone number and operator background system
CN106506459A (en) * 2016-10-17 2017-03-15 北京小米移动软件有限公司 Identity information verification method and device
CN106921655A (en) * 2017-01-26 2017-07-04 华为技术有限公司 A kind of business authorization method and device
CN107196971A (en) * 2017-07-19 2017-09-22 中国银行股份有限公司 Information processing method, device, electronic equipment and server
CN107257325A (en) * 2017-05-09 2017-10-17 北京潘达互娱科技有限公司 User profile guard method and device
CN107528849A (en) * 2017-09-04 2017-12-29 马上消费金融股份有限公司 A kind of method and system for changing password
CN107622203A (en) * 2017-09-30 2018-01-23 广东欧珀移动通信有限公司 Guard method, device, storage medium and the electronic equipment of sensitive information
CN107689936A (en) * 2016-08-03 2018-02-13 阿里巴巴集团控股有限公司 Security verification system, the method and device of logon account
CN107704759A (en) * 2017-09-30 2018-02-16 广东欧珀移动通信有限公司 Control method, device, storage medium and the electronic equipment of sensitive operation
CN107729727A (en) * 2016-08-11 2018-02-23 腾讯科技(深圳)有限公司 The real name identification method and device of a kind of account number
CN107786491A (en) * 2016-08-24 2018-03-09 腾讯科技(深圳)有限公司 account number verification method and device
CN107786349A (en) * 2016-08-24 2018-03-09 腾讯科技(深圳)有限公司 A kind of method for managing security and device for user account
CN107800672A (en) * 2016-09-06 2018-03-13 腾讯科技(深圳)有限公司 A kind of Information Authentication method, electronic equipment, server and information authentication system
CN108288080A (en) * 2017-12-01 2018-07-17 国政通科技股份有限公司 Identity information checking method, device, medium and computing device
CN108491701A (en) * 2018-03-23 2018-09-04 深圳乐信软件技术有限公司 A kind of method for authenticating, device, server and storage medium
IT201700034573A1 (en) * 2017-03-29 2018-09-29 Aliaslab S P A REMOTE IDENTIFICATION METHOD FOR SIGNING AN ELECTRONIC DOCUMENT
CN109428804A (en) * 2017-08-28 2019-03-05 腾讯科技(深圳)有限公司 A kind of account management method and device
CN109510806A (en) * 2017-09-15 2019-03-22 阿里巴巴集团控股有限公司 Method for authenticating and device
CN109598251A (en) * 2018-12-11 2019-04-09 北京旷视科技有限公司 Testimony of a witness checking method, device, equipment and system and storage medium
CN109686011A (en) * 2018-12-18 2019-04-26 维拓智能科技(深圳)有限公司 The user identification method of self-aided terminal and self-aided terminal
CN110401621A (en) * 2018-04-25 2019-11-01 中国移动通信集团有限公司 A kind of means of defence of sensitive instructions, equipment and storage medium

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109214632B (en) * 2017-07-05 2022-01-28 创新先进技术有限公司 Risk control method and equipment
CN109559759B (en) * 2017-09-27 2021-10-08 华硕电脑股份有限公司 Electronic device with incremental registration unit and method thereof
CN108985069B (en) * 2018-06-29 2022-06-21 深信服科技股份有限公司 Information processing method, device, terminal and computer readable storage medium
CN109242489B (en) * 2018-08-15 2020-08-25 中国银行股份有限公司 Authentication mode selection method and device
CN109960920A (en) * 2019-03-29 2019-07-02 联想(北京)有限公司 Information processing method and electronic equipment
CN111190909B (en) * 2019-05-17 2020-12-15 延安大学 Data credible processing method
CN110276892A (en) * 2019-06-26 2019-09-24 深圳市腾讯计算机系统有限公司 Self-service method, apparatus, equipment and storage medium
CN111786991B (en) * 2020-06-29 2022-06-14 深圳赛安特技术服务有限公司 Block chain-based platform authentication login method and related device
CN113705506B (en) * 2021-09-02 2024-02-13 中国联合网络通信集团有限公司 Nucleic acid detection method, apparatus, device, and computer-readable storage medium

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101174948A (en) * 2006-11-02 2008-05-07 上海银晨智能识别科技有限公司 Network login system and method with face authentication
CN101226653A (en) * 2007-01-18 2008-07-23 中国科学院自动化研究所 Rapid go-aboard system and method based on id card and biological characteristic recognition technique
CN101719238B (en) * 2009-11-30 2013-09-18 中国建设银行股份有限公司 Method and system for managing, authenticating and authorizing unified identities
US20120096542A1 (en) * 2010-10-14 2012-04-19 Shea David P Portable confidential account information management device
CN102045367B (en) * 2011-01-10 2014-04-23 软库创投(北京)科技有限公司 Registration method and authentication server of real-name authentication
CN102790674B (en) * 2011-05-20 2016-03-16 阿里巴巴集团控股有限公司 Auth method, equipment and system
CN102970292A (en) * 2012-11-20 2013-03-13 无锡成电科大科技发展有限公司 Single sign on system and method based on cloud management and key management
CN103023921A (en) * 2012-12-27 2013-04-03 中国建设银行股份有限公司 Authentication and access method and authentication system
CN103929402B (en) * 2013-01-11 2016-12-21 深圳市腾讯计算机系统有限公司 Sensitive operation verification method, terminal unit, server and checking system
CN104298908B (en) * 2013-07-15 2018-04-27 联想(北京)有限公司 A kind of information processing method and electronic equipment
CN104573434B (en) * 2013-10-12 2018-09-04 深圳市腾讯计算机系统有限公司 Account Protection method, apparatus and system
CN103593598B (en) * 2013-11-25 2016-09-21 上海骏聿数码科技有限公司 User's on-line authentication method and system based on In vivo detection and recognition of face
CN103634120A (en) * 2013-12-18 2014-03-12 上海市数字证书认证中心有限公司 Method and system for real-name authentication based on face recognition
CN103853950A (en) * 2014-03-20 2014-06-11 深圳市中兴移动通信有限公司 Authentication method based on mobile terminal and mobile terminal
CN104378343B (en) * 2014-05-21 2016-04-13 腾讯科技(深圳)有限公司 The password method for retrieving of network account, Apparatus and system
CN104159225A (en) * 2014-09-02 2014-11-19 解芳 Wireless network based real-name registration system management method and system
CN104239768B (en) * 2014-09-04 2018-08-24 深圳市浩方电子商务有限公司 Personal account information safety management system and method based on biological information verification
CN104202339B (en) * 2014-09-24 2018-01-05 广西大学 A kind of across cloud authentication service method based on user behavior
CN104301328A (en) * 2014-10-29 2015-01-21 北京思特奇信息技术股份有限公司 Resource operation safety authentication method and system under cloud calculation environment

Cited By (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107689936A (en) * 2016-08-03 2018-02-13 阿里巴巴集团控股有限公司 Security verification system, the method and device of logon account
CN107689936B (en) * 2016-08-03 2021-07-06 阿里巴巴集团控股有限公司 Security verification system, method and device for login account
CN107729727A (en) * 2016-08-11 2018-02-23 腾讯科技(深圳)有限公司 The real name identification method and device of a kind of account number
CN106293751A (en) * 2016-08-15 2017-01-04 华为技术有限公司 A kind of method showing information on the terminal device and terminal unit
US11269981B2 (en) 2016-08-15 2022-03-08 Huawei Technologies Co., Ltd. Information displaying method for terminal device and terminal device
CN107786491A (en) * 2016-08-24 2018-03-09 腾讯科技(深圳)有限公司 account number verification method and device
CN107786349B (en) * 2016-08-24 2021-06-25 腾讯科技(深圳)有限公司 Security management method and device for user account
CN107786349A (en) * 2016-08-24 2018-03-09 腾讯科技(深圳)有限公司 A kind of method for managing security and device for user account
CN107800672B (en) * 2016-09-06 2020-12-08 腾讯科技(深圳)有限公司 Information verification method, electronic equipment, server and information verification system
CN107800672A (en) * 2016-09-06 2018-03-13 腾讯科技(深圳)有限公司 A kind of Information Authentication method, electronic equipment, server and information authentication system
CN106358145A (en) * 2016-09-22 2017-01-25 中国联合网络通信集团有限公司 Safe replacement method of reserved mobile phone number and operator background system
CN106506459A (en) * 2016-10-17 2017-03-15 北京小米移动软件有限公司 Identity information verification method and device
CN106506459B (en) * 2016-10-17 2019-08-30 北京小米移动软件有限公司 Identity information verification method and device
CN106921655A (en) * 2017-01-26 2017-07-04 华为技术有限公司 A kind of business authorization method and device
CN106921655B (en) * 2017-01-26 2021-01-29 华为技术有限公司 Service authorization method and device
IT201700034573A1 (en) * 2017-03-29 2018-09-29 Aliaslab S P A REMOTE IDENTIFICATION METHOD FOR SIGNING AN ELECTRONIC DOCUMENT
CN107257325A (en) * 2017-05-09 2017-10-17 北京潘达互娱科技有限公司 User profile guard method and device
CN107196971A (en) * 2017-07-19 2017-09-22 中国银行股份有限公司 Information processing method, device, electronic equipment and server
CN109428804B (en) * 2017-08-28 2021-07-27 腾讯科技(深圳)有限公司 Account management method and device
CN109428804A (en) * 2017-08-28 2019-03-05 腾讯科技(深圳)有限公司 A kind of account management method and device
CN107528849B (en) * 2017-09-04 2019-11-22 马上消费金融股份有限公司 A kind of method and system for changing password
CN107528849A (en) * 2017-09-04 2017-12-29 马上消费金融股份有限公司 A kind of method and system for changing password
CN109510806A (en) * 2017-09-15 2019-03-22 阿里巴巴集团控股有限公司 Method for authenticating and device
CN107622203A (en) * 2017-09-30 2018-01-23 广东欧珀移动通信有限公司 Guard method, device, storage medium and the electronic equipment of sensitive information
CN107622203B (en) * 2017-09-30 2020-12-22 Oppo广东移动通信有限公司 Sensitive information protection method and device, storage medium and electronic equipment
CN107704759A (en) * 2017-09-30 2018-02-16 广东欧珀移动通信有限公司 Control method, device, storage medium and the electronic equipment of sensitive operation
CN108288080A (en) * 2017-12-01 2018-07-17 国政通科技股份有限公司 Identity information checking method, device, medium and computing device
CN108491701A (en) * 2018-03-23 2018-09-04 深圳乐信软件技术有限公司 A kind of method for authenticating, device, server and storage medium
CN110401621A (en) * 2018-04-25 2019-11-01 中国移动通信集团有限公司 A kind of means of defence of sensitive instructions, equipment and storage medium
CN109598251A (en) * 2018-12-11 2019-04-09 北京旷视科技有限公司 Testimony of a witness checking method, device, equipment and system and storage medium
CN109686011A (en) * 2018-12-18 2019-04-26 维拓智能科技(深圳)有限公司 The user identification method of self-aided terminal and self-aided terminal

Also Published As

Publication number Publication date
CN106789922A (en) 2017-05-31
CN106789918A (en) 2017-05-31

Similar Documents

Publication Publication Date Title
CN105553947A (en) Methods and devices for finding account back, protecting account security and preventing account theft
EP3005202B1 (en) System and method for biometric authentication with device attestation
US9531710B2 (en) Behavioral authentication system using a biometric fingerprint sensor and user behavior for authentication
US9589399B2 (en) Credential quality assessment engine systems and methods
CA2640915C (en) Biometric authentication method, computer programme, authentication server, corresponding terminal and portable object
US8776213B2 (en) Mobile application security system and method
JP2022512123A (en) Identity authentication method, device and server
CN108134791A (en) A kind of data center's total management system login validation method
CA3125054A1 (en) Identity identification methods for a fixed-point authorization, and devices and servers therefor
JP2022513978A (en) Operation decision method, device and electronic device based on facial expression group
CN109711847B (en) Near field information authentication method and device, electronic equipment and computer storage medium
CN103907328A (en) Mobile device-based authentication
US20230403271A1 (en) Mobile enrollment using a known biometric
JP2018205906A5 (en)
WO2020261545A1 (en) Authentication system, authentication device, authentication method, and program
JP5145179B2 (en) Identity verification system using optical reading code
Paul et al. IEDs on the Road to Fingerprint Authentication: Biometrics have vulnerabilities that PINs and passwords don't
JP6891356B1 (en) Authentication system, authentication device, authentication method, and program
WO2017171698A1 (en) Payment authentication
US20230412587A1 (en) Disabling a password-based mode of authentication and enabling a password-less mode of authentication
Patil et al. Design and implementation of secure biometric based authentication system using rfid and secret sharing
JP6075131B2 (en) Authentication system, service providing system, authentication device, and program
CN107959669B (en) Password verification method for handheld mobile communication device
JP2019050014A (en) Account opening system, account opening method, and program
JP6907426B1 (en) Authentication system, authentication method, and program

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20160504