CN105871786A

CN105871786A - User information authentication method, device and system

Info

Publication number: CN105871786A
Application number: CN201510033288.7A
Authority: CN
Inventors: 高玉涛; 付歆; 杨沐桥; 沈洲
Original assignee: Alibaba Group Holding Ltd
Current assignee: Advanced New Technologies Co Ltd; Advantageous New Technologies Co Ltd
Priority date: 2015-01-22
Filing date: 2015-01-22
Publication date: 2016-08-17
Anticipated expiration: 2035-01-22
Also published as: CN105871786B

Abstract

The embodiments of the invention provide a user information authentication method, a user information authentication device and a user information authentication system. The method includes the following steps that: a first authentication request sent by a first platform is received; one or more second authentication service identifiers which are in mapping relations with a first platform identifier and a first authentication service identifier are searched; one or more second verification service requests are generated based on the one or more second authentication service identifiers and first user information; and the one or more second verification service requests are sent to one or more second platforms respectively, and one or more first authentication results are received, wherein the one or more first authentication results are results which are obtained after the one or more second platforms carry out authentication on the one or more second authentication service identifiers. With the user information authentication method, the user information authentication device and the system adopted, verification channels can be increased, and with massive data stored in the second platforms adopted, the success rate of verification can be greatly increased.

Description

The verification method of a kind of user profile, device and system

Technical field

The application relates to security technology area, particularly relates to the verification method of a kind of user profile, one The checking device of user profile and the checking system of a kind of user profile.

Background technology

Along with the fast development of the Internet, the business that each network platform is provided also gets more and more, to meet The various life requirements of people.

Such as, the platform of communication company provides communication traffic, and the platform of educational training company provides education training Instruction business etc..

Due to network remote application business, user cannot in person arrive scene and handle, therefore, and website one As the identity of client can be verified, need to fill in name, certificate during a certain business of client's online application Number, mobile phone, the user profile such as address.

On current platform, these user profile are processed according to certain interface format, rule, then Call API (Application Program Interface, application program that certain third party's information system provides DLL), by third party's information system to user profile such as this name, certificate number, mobile phone, addresses Verify.

This verification mode is only verified by the third party's information system docked with current site, verifies canal Road is single, and, due to the user profile limited amount of third party's information system storage, it is easily caused and tests Card success rate is low.

Such as, a user fill in identity card and cell-phone number, then identity card can be believed from certain third party Breath system is verified, when the service that this user does not use third party's information system, this is years old Tripartite's information system not storage user's cell-phone number instantly, or, although third party's information system has Storage user profile, but make the amount of storage of user profile less for some reason, it is not enough to support and tests Card, this cell-phone number but cannot be verified in this third party's information system.

Summary of the invention

In view of the above problems, it is proposed that the embodiment of the present application is to provide one to overcome the problems referred to above or extremely Partially solve the checking dress of the verification method of a kind of user profile of the problems referred to above, a kind of user profile Put the checking system with a kind of user profile.

According to a kind of aspect of the embodiment of the present application, the embodiment of the present application discloses testing of a kind of user profile Card method, including:

Receive the first checking request that the first platform sends；Described first checking request includes the first platform Mark, the first service for checking credentials mark, first user information；

That searches with described first platform identification and described first service for checking credentials identity map is one or more Second service for checking credentials mark；

At least use the one or more second service for checking credentials mark and described first user information, generate One or more second checking requests；

The one or more second checking request is respectively sent to one or more second platform, with And, receive one or more first the result, wherein, the one or more first the result is The one or more second platform is verified for the one or more second service for checking credentials mark The result obtained.

Preferably, described first checking request includes that authorization data, described second checking request include Authorization data.

Preferably, described lookup and described first platform identification and described first service for checking credentials identity map The step of one or more second service for checking credentials marks includes:

Search and described first platform identification and described first service for checking credentials identity map, hinge checking clothes Business mark and one or more second platform identification；

Search and the one or more second platform identification and described hinge service for checking credentials identity map One or more second service for checking credentials marks.

Preferably, described at least use the one or more second service for checking credentials mark and described first use Family information, the step generating one or more second checking request includes:

Search manner of decryption corresponding to described first platform identification, the one or more second platform identification Corresponding one or more cipher modes；

According to described manner of decryption, described first user information is decrypted, to obtain original user letter Breath；

According to the one or more cipher mode, described original user information is encrypted, to obtain one Individual or multiple second user profile；

Use the one or more second service for checking credentials mark and the one or more second user's letter Breath generates one or more second checking request.

Preferably, described second platform is verified in the following manner:

Extract the second service for checking credentials mark and the second user profile in the second checking request；

Call the service for checking credentials that described second service for checking credentials mark is corresponding；

Use the described service for checking credentials that described second user profile is carried out with preset third party's user profile Checking, to obtain the first the result.

Preferably, described first user information is encrypted generation, described second platform by the PKI specified Verify in the following manner:

Extract the second service for checking credentials mark in the second checking request and first user information；

Use the described service for checking credentials PKI to specifying that preset third party's user profile is encrypted, with Obtain feature user profile；

Described second user profile is used to verify with described feature user profile, to obtain the first checking Result.

Preferably, during described first the result includes logic checking result, Numerical Validation result at least A kind of.

Preferably, described method also includes:

The one or more first the result is used to carry out normalization, to obtain the second checking knot Really；

Described second the result is returned to described first platform.

Preferably, described method also includes:

The one or more first the result is returned to described first platform and carries out normalization, with Obtain the second the result.

Preferably, at least one during described normalization includes logic normalization, numerical value normalization.

According to the another kind of aspect of the embodiment of the present application, the embodiment of the present application also discloses a kind of user profile Checking device, including:

First checking request receiver module, for receiving the first checking request that the first platform sends；Described First checking request includes the first platform identification, the first service for checking credentials mark, first user information；

Second service for checking credentials identifier lookup module, for searching and described first platform identification and described first One or more second service for checking credentials marks of service for checking credentials identity map；

Second checking request generation module, at least using the one or more second service for checking credentials mark Know and described first user information, generate one or more second checking request；

Second checking request sending module, for sending the one or more second checking request respectively To one or more second platforms；

First the result receiver module, is used for receiving one or more first the result, wherein, institute Stating one or more first the result is that the one or more second platform is for one or many Individual second service for checking credentials mark carries out the result that checking obtains.

Preferably, described second service for checking credentials identifier lookup module includes:

First searches submodule, for searching and described first platform identification and described first service for checking credentials mark Know mapping, hinge service for checking credentials mark and one or more second platform identification；

Second searches submodule, for searching and the one or more second platform identification and described hinge One or more second service for checking credentials marks of service for checking credentials identity map.

Preferably, described second checking request generation module includes:

3rd search submodule, for search manner of decryption corresponding to described first platform identification, described one One or more cipher modes that individual or multiple second platform identification is corresponding；

Deciphering submodule, for described first user information being decrypted according to described manner of decryption, with Obtain original user information；

Encryption submodule, for entering described original user information according to the one or more cipher mode Row encryption, to obtain one or more second user profile；

Generate submodule, be used for using the one or more second service for checking credentials mark and one or Multiple second user profile generate one or more second checking request.

Preferably, described second platform is verified in the following manner:

Preferably, described device also includes:

Normalization module, is used for using the one or more first the result to carry out normalization, To obtain the second the result；

Second the result returns module, described first flat for being returned to by described second the result Platform.

Preferably, also include:

First the result returns module, for the one or more first the result is returned to institute State the first platform and carry out normalization, to obtain the second the result.

According to the another kind of aspect of the embodiment of the present application, the embodiment of the present application also discloses a kind of user profile Checking system, described system includes the first platform, hinge platform, one or more second platform；Its In,

Described first platform includes:

First checking request sending module, for sending the first checking request to hinge platform；

Described hinge platform includes:

First the result receiver module, is used for receiving one or more first the result；

Described second platform includes:

User profile authentication module, for verifying for described second service for checking credentials mark, to obtain First the result；

First the result sending module, puts down for described first the result is sent extremely described hinge Platform.

Preferably, described first platform also includes:

First checking request generation module, for when receiving service request, generates the first checking request；

Service Processing Module, is used for using described second the result to carry out Business Processing.

Preferably, described second service for checking credentials identifier lookup module includes following submodule:

Preferably, described second checking request generation module includes following submodule:

Preferably, described user profile authentication module includes following submodule:

First extracts submodule, for extracting the second service for checking credentials mark and second in the second checking request User profile；

First calls submodule, for calling the service for checking credentials that described second service for checking credentials mark is corresponding；

First checking submodule, for using the described service for checking credentials to described second user profile with preset Third party's user profile is verified, to obtain the first the result.

Preferably, described first user information is encrypted generation, described user profile by the PKI specified Authentication module includes:

Second extracts submodule, for extracting the second service for checking credentials mark and first in the second checking request User profile；

Second calls submodule, for calling the service for checking credentials that described second service for checking credentials mark is corresponding；

Feature user profile obtains submodule, for using the described service for checking credentials PKI to specifying to preset Third party's user profile be encrypted, to obtain feature user profile；

Second checking submodule, is used for using described second user profile to carry out with described feature user profile Checking, to obtain the first the result.

Preferably, described hinge platform also includes:

Preferably, described hinge platform also includes such as lower module:

The embodiment of the present application includes advantages below:

The embodiment of the present application connects the first platform and the second platform by hinge platform, by the first platform First checking request, by mapping, is translated as the second checking request, the second platform verifies, a side Face, the quantity of the second platform greatly increases, and can increase the channel of checking, the sea of storage in the second platform Amount data can be greatly increased the success rate of checking；On the other hand, the first platform docks with hinge platform, Without coordinating with multiple second platforms, similarly, the second platform docks with hinge platform, it is not necessary to Multiple first platforms docking, hinge platform, as attachment structure, safeguards mapping relations, the first platform without Modifying its parameter, the second platform converts without docking port so that the first platform, second The change of the system of platform is little, and system maintains integrity, improves autgmentability and maintainability, simultaneously Greatly reduce human and material resources cost, additionally, due to hinge platform is absorbed in the mapping of various information.

Accompanying drawing explanation

Fig. 1 is a kind of platform architecture schematic diagram of the application；

Fig. 2 is the flow chart of steps of the verification method embodiment of a kind of user profile of the application；

Fig. 3 is the structured flowchart of the checking device embodiment of a kind of user profile of the application；

Fig. 4 is the structured flowchart of the checking system embodiment of a kind of user profile of the application.

Detailed description of the invention

Understandable, below in conjunction with the accompanying drawings for enabling the above-mentioned purpose of the application, feature and advantage to become apparent from With detailed description of the invention, the application is described in further detail.

If current platform finds more information source, access multiple third party's information system, to a certain degree On can increase the checking channel of user profile and the success rate of checking.

But, the Parameter specifications of third party's information system is the most different from current platform, and it typically cannot Directly reading the Parameter specifications of current platform, current platform is it is generally required to according to the parameter of its API provided Specification, is its readable parameter by the Parameters Transformation of itself, retransmits to third party's information system, call Its service provided.

Current platform need with third party's information system carry out interface mode, host-host protocol, data form, Equipment performances etc. coordinate.

In order to improve the comprehensive of checking, the quantity of third party's information system that current platform accesses is general very Many, and same third party's information system is likely to the requirement according to each platform to multiple platforms and to convert many Planting interface, the amendment to current platform and third party's information system also can be very big, the one-tenth of required manpower and materials This is the biggest, thus causes verifying that cost is the highest, and maintainability and autgmentability are the lowest, and, a lot of in the case of, The applications of the business of current platform more unexpected winner are the lowest, needed for the business to current platform more unexpected winner The utilization rate of third party's information system that user profile carries out verifying is the lowest, causes the service efficiency of resource The lowest.

Therefore, it is proposed to one of core idea of the embodiment of the present application, as it is shown in figure 1, at platform with flat Between platform, as between the first platform 101 and the second platform 104, set up hinge platform 102, one or Multiple second platforms 104 are macroscopically forming third party's information pool 103, to improve the channel of checking and to test The success rate of card, the certificate parameter of the first platform, as hinge, can be mapped by hinge platform 102, It is mapped as the certificate parameter that the second platform is readable, to reduce the amendment to each platform, it is ensured that each platform itself Maintainability and autgmentability, improve resource service efficiency.

With reference to Fig. 2, it is shown that the steps flow chart of the verification method embodiment of a kind of user profile of the application Figure, specifically may include steps of:

Step 201, receives the first checking request that the first platform sends；

Platform, such as the first platform, the second platform, hinge platform etc., for object, can To refer to mechanism (such as financial institution), company (such as insurance company), department (such as public security department) etc., Its essence can be independent server or server cluster, such as distributed system, Cloud Server etc..

In actual applications, hinge platform can be connected with multiple platforms, as the hinge between each platform, Making can be without directly docking between each platform.

In the embodiment of the present application, the first platform can be the platform of requests verification user profile, and second is flat Platform can be the platform verifying user profile.

It should be noted that user profile can equity platform between carry out symmetry two-way request and Checking, each platform can have function of both the requestor of user profile, verifier etc. simultaneously, Have the rights and duties of equity.

Specifically, the most each platform (in addition to hinge platform) can be connected to other by hinge platform Platform, and carry out request and the checking of identity information, any two platform (in addition to hinge platform) is permissible First platform each other, the second platform the most each other.

In implementing, user can pass through client (such as webpage, independent application program) to One platform sends service request, and to apply for a certain business, such as, user applies for loan industry to financial institution It is engaged in, to insurance company's application vehicle insurance business etc..

Owing to these business are usually directed to user, the assets etc. of the first platform, the most important, it is generally required to The personal identification of checking active user, identifies that in network, digital identity lawful owner is the most right with operator Should, it is i.e. the most corresponding to physical identity and the digital identity of service requester.

In the embodiment of the present application, can be by the individual exclusive information such as a user profile person to user Part is verified.

Such as, financial institution fill in when may require that a certain business of client's online application name, certificate number, The user profile such as mobile phone, address, verifies the personal identification of user.

In implementing, the service request that client is submitted to can include first user information, first Platform can generate the first checking request when receiving the service request that client is submitted to.

Specifically, the first platform can use default the first platform identification, the first platform identification, One service for checking credentials mark, first user information generate the first checking request, and send to hinge platform.

The most described first checking request can include the first platform identification, the first service for checking credentials mark, the One user profile.

Wherein, the first platform identification can be the information that can represent well-determined first platform, First service for checking credentials mark can be to represent the readable checking clothes of well-determined first platform The information of business.

Under normal circumstances, owing to user profile is the most important, first user information can be entered by the first platform Row encryption, improves the safety in transmitting procedure of the first user information.

The mode that first user information is encrypted can be included using exclusive the adding of the first platform by the first platform Close mode, it would however also be possible to employ the PKI specified is encrypted etc., and this is not limited by the embodiment of the present application System.

Certainly, first user information can not be encrypted in some specific scene, directly by One ID is encapsulated in the first checking request, but the first checking request needs possess privacy, example As, hinge platform only receives the first checking request of the first platform in white list, the embodiment of the present application pair This is not any limitation as.

Additionally, be the safety improving checking user profile further, the first platform can be sent out to client Send checking to authorize prompting, such as, " whether authorize XX mechanism to read you in XX company, XX mechanism User profile, including name, cell-phone number.”

If user returns confirmation instruction by client to the first platform, be equivalent to user by client pair The behavior mandate of this checking user profile, such as, user is defeated for this checking mandate prompting by client Enter information etc. as stronger in privacy such as mobile phone identifying code, U-shield passwords, then the first platform can obtain The first checking request is generated in the case of mandate.

If user returns refusal instruction by client to the first platform, be equivalent to indicate user to pass through client The behavior mandate to this checking user profile of the end refusal, then the first platform can terminate service.

Therefore, can include authorization data in described first checking request, this authorization data can characterize Behavior mandate to checking user profile, such as mobile phone identifying code, U-shield password etc..

Furthermore, hinge platform can open an api interface specified, and the first platform can be adjusted The api interface specified with this, according to the Parameter specifications of this api interface specified, by this API pair The URL (Uniform Resource Locator, URL) answered sends to the second platform First checking request, whether this user of requests verification exists the user profile identical with current user information.

Step 202, searches and described first platform identification and the one of described first service for checking credentials identity map Individual or multiple second service for checking credentials marks；

In actual applications, hinge platform can be arranged with each platform in advance, arranges the first platform mark Know and first service for checking credentials mark, with, the mapping relations of one or more second service for checking credentials marks, pivot Knob platform can be identified with the first platform identification and first service for checking credentials by this default mapping relationship searching One or more second service for checking credentials marks mapped.

Wherein, the second service for checking credentials mark can be that can to represent well-determined second platform readable The information of the service for checking credentials.

Further, if the behavior needs mandate of information of checking user, then hinge platform is awarded detecting Flexible strategy according to time, search with described first platform identification and one of described first service for checking credentials identity map or Multiple second service for checking credentials marks.

In a preferred embodiment of the present application, step 202 can include following sub-step:

Sub-step S11, lookup and described first platform identification and described first service for checking credentials identity map, Hinge service for checking credentials mark and one or more second platform identification；

Sub-step S12, searches and the one or more second platform identification and the described hinge service for checking credentials One or more second service for checking credentials marks of identity map.

In the embodiment of the present application, hinge platform can store the first service for checking credentials request mapping table, the Two service for checking credentials request mapping tables.

Checking request ID, the first platform mark can be recorded in this first service for checking credentials request mapping table The information such as knowledge, the first service for checking credentials mark, hinge service for checking credentials mark, the second platform identification.

Checking request ID, the second platform mark can be recorded in this second service for checking credentials request mapping table The information such as knowledge, the second service for checking credentials mark, hinge service for checking credentials mark.

Wherein, the second platform identification can be the information that can represent well-determined second platform, Hinge service for checking credentials mark can be to represent the readable checking clothes of well-determined hinge platform The information of business.

Hinge platform can be searched and described first platform identification in mapping table is asked in first service for checking credentials And described first service for checking credentials identity map, hinge service for checking credentials mark and one or more second platform Mark, second service for checking credentials ask mapping table is searched with the one or more second platform identification and One or more second service for checking credentials marks of described hinge service for checking credentials identity map.

The example of the first service for checking credentials request mapping table can be such that

The example of the second service for checking credentials request mapping table can be such that

Wherein, Ikcert is the mark of ID card verification service readable for bank A, with request to user's Identity card is verified, certsvr be hinge platform readable ID card verification service mark, Akcert For the mark of ID card verification service readable for insurance company B, Tmcert is that property firm C is readable ID card verification service mark.

The order of checking can be first to verify from insurance company B, and Zai Qu property firm C verifies.

It should be noted that the first platform can be made an appointment needs to which the second platform carry out verifying, How to verify (such as checking order), the first platform can send checking for this second platform to client Authorizing prompting, hinge platform can carry out user profile when authorization data being detected to this second platform Checking.

Step 203, at least uses the one or more second service for checking credentials mark and described first user Information, generates one or more second checking request；

In actual applications, the second different platforms has different Parameter specifications, and hinge platform is not according to The Parameter specifications of the second same platform, generates the second checking request that each second platform is readable, calls second The service for checking credentials that platform provides.

Due to first platform send user profile typically carried out encryption, in order to the second platform to Family information is verified, user profile can be carried out by the first platform, the second platform and hinge platform in advance Agreement.

In a preferred embodiment of the present application, step 203 can include following sub-step:

Sub-step S21, search manner of decryption corresponding to described first platform identification, the one or more One or more cipher modes that second platform identification is corresponding；

Sub-step S22, is decrypted described first user information according to described manner of decryption, to obtain Original user information；

Sub-step S23, adds described original user information according to the one or more cipher mode Close, to obtain one or more second user profile；

Sub-step S24, uses the one or more second service for checking credentials to identify and the one or more Second user profile generates one or more second checking request.

In the embodiment of the present application, due to different platform (such as the first platform, the second platform) system Through molding, each use exclusive cipher mode and manner of decryption, for reducing the amendment to each plateform system, First platform and the second platform, with, hinge platform can arrange cipher mode, manner of decryption, by hinge User profile is changed by platform, and first user information readable for the first platform is converted to the second platform The second readable user profile.

In another preferred embodiment of the present application, the first platform and the second platform can be made an appointment and be added Close mode, the PKI specified such as agreement, first user information can not be processed by hinge platform, It is sent directly to the second platform.

Step 204, is respectively sent to one or more second by the one or more second checking request Platform；

It should be noted that between the first platform and the second platform and, can be mutual between the second platform Belong to mutually, but can in the face of identical user, this user can in the second platform register account number.

Second platform can open an api interface specified, and hinge platform can call what this was specified Api interface, according to the Parameter specifications of this api interface specified, by URL corresponding for this API to Second platform sends the second matched checking request, asks whether this user of the second platform validation exists The user profile identical with current user information.

Additionally, be the safety improving checking user profile further, the behavior needs of checking user profile Obtain and authorize, then can write authorization data in the second checking request.

The most described second checking request can include that authorization data, the second platform are detecting authorization data Time, carry out verification process for the second service for checking credentials mark.

Step 205, receives one or more first the result；

Wherein, the one or more first the result can be the one or more second platform pin The one or more second service for checking credentials mark is carried out the result that checking obtains.

In a preferred embodiment of the present application, described second platform can be tested in the following manner Card:

Sub-step S31, extracts the second service for checking credentials mark and the second user profile in the second checking request；

Sub-step S32, calls the service for checking credentials that described second service for checking credentials mark is corresponding；

Sub-step S33, uses the described service for checking credentials to use described second user profile with preset third party Family information is verified, to obtain the first the result.

In the embodiment of the present application, user profile is changed by hinge platform, by readable for the first platform First user information is converted to the second user profile that the second platform is readable.

Second platform can directly use third party's user profile that the second user profile stores with itself Verify, it is thus achieved that the first the result.

It should be noted that third party's user profile is for the first current platform, second Platform may be considered the third party verifying user profile, and the essence of third party's user profile also may be used To be user profile.

For different user profile, can have the different services for checking credentials, such as, the surname of checking user Name, ID (identity number) card No. etc., can be carried out the mode that the second user profile and third party's user profile contrast Checking；The most such as, checking user repaying ability etc., can directly inquire this user user name, Repaying ability (third party's user profile) that second user profile such as ID (identity number) card No. is corresponding etc., this Shen This please be any limitation as embodiment.

The most described first the result can include logic checking result (as the most correct in identity card, address Whether correct, contact method is the most correct), Numerical Validation result (as repaying ability be 500,000 yuan/ Year, level of consumption be 100,000 yuan/year etc., Assets Levels be 1,000,000 yuan of deposits) at least one.

In a preferred embodiment of the present application, described first user information can be entered by the PKI specified Row encryption generates, and the most in the embodiment of the present application, described second platform can be tested in the following manner Card:

Sub-step S41, extracts the second service for checking credentials mark in the second checking request and first user information；

Sub-step S42, calls the service for checking credentials that described second service for checking credentials mark is corresponding；

Sub-step S43, uses the described service for checking credentials PKI to specifying to preset third party's user profile It is encrypted, to obtain feature user profile；

Sub-step S44, uses described second user profile to verify with described feature user profile, with Obtain the first the result.

In the embodiment of the present application, user profile is not changed by hinge platform, and the second platform can be straight Connect and the second user profile is verified.

In implementing, the second platform can use the cipher mode identical with the first platform to itself Third party's user profile of storage is encrypted, and then uses the second user profile to obtain spy with encryption Levy user profile to verify, it is thus achieved that the first the result.

Wherein, during described first the result can include logic checking result, Numerical Validation result extremely Few one.

In a preferred embodiment of the present application, the method embodiment can also include step:

Step 206, uses the one or more first the result to carry out normalization, to obtain Two the results；

Step 207, returns to described first platform by described second the result.

It should be noted that normalization can refer to one or more first the results according to default Process rule to process, draw the processing procedure of final second the result.

In the embodiment of the present application, normalization can be carried out by hinge platform, the second checking that will obtain Result returns the first platform.

In implementing, described normalization can include logic normalization (as with computing or fortune Calculation, inverse, priority arithmetic etc.), numerical value normalization (such as adds computing, averages, asks and add Power draw value etc.) at least one.

The embodiment of the present application can carry out logic normalization to logic checking result, can test with logarithm value Card result carries out numerical value normalization etc..

Such as, the identity card of user is tested by bank A request insurance company B, property firm C Card, if insurance company B returns the first the result being proved to be successful, property firm C returns checking First the result of failure, when carrying out logic normalization, it is believed that the first the result is the most complete When portion is proved to be successful, it is judged that authentication failed (the i.e. second the result), it is also possible to think insurance company B With a high credibility in property firm C, can test using the result that insurance company B is proved to be successful as second Card result, asks property firm C to verify again when insurance company B cannot verify.

The most such as, the level of consumption of user is entered by bank A request insurance company B, property firm C Row checking, if insurance company B returns the first the result of the amount insured of 20,000 yuan/year, real estate is public Department C returns the first the result of the housing loan of 80,000 yuan/year, when carrying out numerical value normalization, and can So that the first the result is carried out summation process, it is thus achieved that the second the result of the amount of consumption of 100,000 yuan/year.

Step 208, returns to described first platform by the one or more first the result and returns One processes, to obtain the second the result.

In the embodiment of the present application, the first the result can be returned to the first platform by hinge platform, has First platform carries out normalization, with the second the result obtained.

In actual applications, hinge platform can carry out pretreatment to the first the result, to test first Card result is converted to the character that the first platform is readable.

Such as, character " N " is respectively identified as authentication failed with " Y " and verifies into by the first platform Merit, and character " 0 " and " 1 " are respectively identified as authentication failed by certain second platform and are proved to be successful, If comprising " 0 " or " 1 " in the first the result of returning of this second platform, then hinge platform can be by " 0 " or " 1 " " N " or " Y " should be converted to.

First platform, when obtaining the second the result, can use this second the result to carry out at business Reason, specifically can include by service request, refusal service request, enter next step examination & verification etc..

Such as, user applies for vehicle insurance business to insurance company's (the first platform), and (first is flat in insurance company Platform) by the hinge platform cell-phone number (user profile) to communication company this user of requests verification, if obtaining The result obtained is for being proved to be successful (the second the result), then insurance company's (the first platform) may determine that Preliminary audit survey is passed through in this vehicle insurance business application, enters next step examination & verification；If the result obtained is authentication failed (the second the result), then insurance company's (the first platform) may determine that this vehicle insurance business application is not led to Cross preliminary audit survey, refuse this vehicle insurance business application.

The most such as, user applies for loan transaction to bank's (the first platform), and bank's (the first platform) leads to Cross hinge platform to insurance company, the assets water of property firm's (the second platform) this user of requests verification Flat (user profile), it is thus achieved that the fixed assets that level of consumption is 1,500,000 yuan (the second the result), If these fixed assets be enough to the guarantee as this loan transaction, then bank's (the first platform) may determine that this Preliminary audit survey is passed through in loan transaction application, enters next step examination & verification；If these fixed assets are insufficient as this The guarantee of loan transaction, then bank's (the first platform) may determine that this vehicle insurance business application is not by preliminary Examination & verification, refuse this loan transaction application.

It should be noted that for embodiment of the method, in order to be briefly described, therefore it is all expressed as one it be The combination of actions of row, but those skilled in the art should know, and the embodiment of the present application is not by described The restriction of sequence of movement because according to the embodiment of the present application, some step can use other orders or Person is carried out simultaneously.Secondly, those skilled in the art also should know, embodiment described in this description Belong to preferred embodiment, necessary to involved action not necessarily the embodiment of the present application.

With reference to Fig. 3, it is shown that the structured flowchart of the checking device embodiment of a kind of user profile of the application, Specifically can include such as lower module:

First checking request receiver module 301, for receiving the first checking request that the first platform sends； Described first checking request includes the first platform identification, the first service for checking credentials mark, first user information；

Second service for checking credentials identifier lookup module 302, for searching and described first platform identification and described One or more second service for checking credentials marks of the first service for checking credentials identity map；

Second checking request generation module 303, at least using the one or more second checking clothes Business mark and described first user information, generate one or more second checking request；

Second checking request sending module 304, for by the one or more second checking request respectively Send to one or more second platforms；

First the result receiver module 305, is used for receiving one or more first the result, wherein, The one or more first the result be the one or more second platform for one or Multiple second service for checking credentials marks carry out the result that checking obtains.

In a preferred embodiment of the present application, described first checking request can include authorizing number According to, described second checking request can include authorization data.

In a preferred embodiment of the present application, described second service for checking credentials identifier lookup module 302 can To include following submodule:

In a preferred embodiment of the present application, described second checking request generation module 303 can wrap Include following submodule:

In a preferred embodiment of the present application, described first user information can be entered by the PKI specified Row encryption generates, and described second platform can be verified in the following manner:

In implementing, described first the result can include that logic checking result, Numerical Validation are tied At least one in Guo.

In a preferred embodiment of the present application, this device can also include such as lower module:

In implementing, described normalization can include in logic normalization, numerical value normalization At least one.

With reference to Fig. 4, it is shown that the structured flowchart of the checking system embodiment of a kind of user profile of the application, Described system includes the first platform 410, hinge platform 420, one or more second platform 430；Wherein,

Described first platform 410 can include such as lower module:

First checking request sending module 411, for sending the first checking request to hinge platform；

Described hinge platform 420 can include such as lower module:

First checking request receiver module 421, for receiving the first checking request that the first platform sends； Described first checking request includes the first platform identification, the first service for checking credentials mark, first user information；

Second service for checking credentials identifier lookup module 422, for searching and described first platform identification and described One or more second service for checking credentials marks of the first service for checking credentials identity map；

Second checking request generation module 423, at least using the one or more second checking clothes Business mark and described first user information, generate one or more second checking request；

Second checking request sending module 424, for by the one or more second checking request respectively Send to one or more second platforms；

First the result receiver module 425, is used for receiving one or more first the result；

Described second platform 430 can include such as lower module:

User profile authentication module 431, for verifying for described second service for checking credentials mark, with Obtain the first the result；

First the result sending module 432, for sending described first the result to described hinge Platform.

In a preferred embodiment of the present application, described first platform 410 can also include such as lower module:

In a preferred embodiment of the present application, described second service for checking credentials identifier lookup module 422 can To include following submodule:

In a preferred embodiment of the present application, described second checking request generation module 423 can wrap Include following submodule:

In a preferred embodiment of the present application, described user profile authentication module 431 can include as Lower submodule:

In a preferred embodiment of the present application, described first user information can be entered by the PKI specified Row encryption generates, and described user profile authentication module 431 can include following submodule:

In a preferred embodiment of the present application, described hinge platform 420 can also include such as lower module:

For device, system embodiment, due to itself and embodiment of the method basic simlarity, so describing Fairly simple, relevant part sees the part of embodiment of the method and illustrates.

Each embodiment in this specification all uses the mode gone forward one by one to describe, and each embodiment stresses Be all the difference with other embodiments, between each embodiment, identical similar part sees mutually ?.

Those skilled in the art are it should be appreciated that the embodiment of the embodiment of the present application can be provided as method, dress Put or computer program.Therefore, the embodiment of the present application can use complete hardware embodiment, completely Software implementation or the form of the embodiment in terms of combining software and hardware.And, the embodiment of the present application Can use and can be situated between with storage at one or more computers wherein including computer usable program code The upper computer journey implemented of matter (including but not limited to disk memory, CD-ROM, optical memory etc.) The form of sequence product.

In a typical configuration, described computer equipment includes one or more processor (CPU), input/output interface, network interface and internal memory.Internal memory potentially includes computer-readable medium In volatile memory, the shape such as random access memory (RAM) and/or Nonvolatile memory Formula, such as read only memory (ROM) or flash memory (flash RAM).Internal memory is computer-readable medium Example.Computer-readable medium includes removable media permanent and non-permanent, removable and non- Information storage can be realized by any method or technology.Information can be computer-readable instruction, Data structure, the module of program or other data.The example of the storage medium of computer includes, but Be not limited to phase transition internal memory (PRAM), static RAM (SRAM), dynamic random are deposited Access to memory (DRAM), other kinds of random access memory (RAM), read only memory (ROM), Electrically Erasable Read Only Memory (EEPROM), fast flash memory bank or other in Deposit technology, read-only optical disc read only memory (CD-ROM), digital versatile disc (DVD) or other Optical storage, magnetic cassette tape, tape magnetic rigid disk storage other magnetic storage apparatus or any its His non-transmission medium, can be used for the information that storage can be accessed by a computing device.According to herein Defining, computer-readable medium does not include the computer readable media (transitory media) of non-standing, Data signal and carrier wave such as modulation.

The embodiment of the present application is with reference to the method according to the embodiment of the present application, terminal unit (system) and meter The flow chart of calculation machine program product and/or block diagram describe.It should be understood that can be by computer program instructions Each flow process in flowchart and/or block diagram and/or square frame and flow chart and/or square frame Flow process in figure and/or the combination of square frame.Can provide these computer program instructions to general purpose computer, The processor of special-purpose computer, Embedded Processor or other programmable data processing terminal equipment is to produce One machine so that performed by the processor of computer or other programmable data processing terminal equipment Instruction produce for realizing at one flow process of flow chart or multiple flow process and/or one square frame of block diagram or The device of the function specified in multiple square frames.

These computer program instructions may be alternatively stored in and computer or other programmable datas can be guided to process In the computer-readable memory that terminal unit works in a specific way so that be stored in this computer-readable Instruction in memorizer produces the manufacture including command device, and this command device realizes flow chart one The function specified in flow process or multiple flow process and/or one square frame of block diagram or multiple square frame.

These computer program instructions also can be loaded into computer or other programmable data processing terminals set Standby upper so that on computer or other programmable terminal equipment, to perform sequence of operations step in terms of producing The process that calculation machine realizes, thus the instruction performed on computer or other programmable terminal equipment provides and uses In realizing in one flow process of flow chart or multiple flow process and/or one square frame of block diagram or multiple square frame The step of the function specified.

Although having been described for the preferred embodiment of the embodiment of the present application, but those skilled in the art being once Know basic creative concept, then these embodiments can be made other change and amendment.So, Claims are intended to be construed to include preferred embodiment and fall into the institute of the embodiment of the present application scope There are change and amendment.

Finally, in addition it is also necessary to explanation, in this article, the relational terms of such as first and second or the like It is used merely to separate an entity or operation with another entity or operating space, and not necessarily requires Or imply relation or the order that there is any this reality between these entities or operation.And, art Language " includes ", " comprising " or its any other variant are intended to comprising of nonexcludability, so that Process, method, article or terminal unit including a series of key elements not only include those key elements, and Also include other key elements being not expressly set out, or also include for this process, method, article or The key element that person's terminal unit is intrinsic.In the case of there is no more restriction, statement " include one It is individual ... " key element that limits, it is not excluded that including the process of described key element, method, article or end End equipment there is also other identical element.

Verification method, the checking of a kind of user profile to a kind of user profile provided herein above The checking system of device and a kind of user profile, is described in detail, specific case used herein Principle and embodiment to the application are set forth, and the explanation of above example is only intended to help reason Solve the present processes and core concept thereof；Simultaneously for one of ordinary skill in the art, according to this The thought of application, the most all will change, in sum, and this Description should not be construed as the restriction to the application.

Claims

1. the verification method of a user profile, it is characterised in that including:

Method the most according to claim 1, it is characterised in that wrap in described first checking request Including authorization data, described second checking request includes authorization data.

Method the most according to claim 1, it is characterised in that described lookup is first flat with described The step of one or more second service for checking credentials marks of station identification and described first service for checking credentials identity map Suddenly include:

4. according to the method described in claim 1 or 2 or 3, it is characterised in that described at least use The one or more second service for checking credentials mark and described first user information, generates one or more the The step of two checking requests includes:

Method the most according to claim 4, it is characterised in that described second platform is by following Mode is verified:

Method the most according to claim 1, it is characterised in that described first user information is by referring to Fixed PKI is encrypted generation, and described second platform is verified in the following manner:

7. according to the method described in claim 1 or 5 or 6, it is characterised in that described first checking Result includes at least one in logic checking result, Numerical Validation result.

8. according to the method described in claim 1 or 2 or 3 or 5 or 6, it is characterised in that also wrap Include:

Described second the result is returned to described first platform.

9. according to the method described in claim 1 or 2 or 3 or 5 or 6, it is characterised in that also wrap Include:

Method the most according to claim 8 or claim 9, it is characterised in that described normalization includes At least one in logic normalization, numerical value normalization.

The checking device of 11. 1 kinds of user profile, it is characterised in that including:

12. devices according to claim 11, it is characterised in that in described first checking request Including authorization data, described second checking request includes authorization data.

13. devices according to claim 11, it is characterised in that described second service for checking credentials mark Know lookup module to include:

14. according to the device described in claim 11 or 12 or 13, it is characterised in that described second Checking request generation module includes:

15. devices according to claim 14, it is characterised in that described second platform by with Under type is verified:

16. devices according to claim 11, it is characterised in that described first user information by The PKI specified is encrypted generation, and described second platform is verified in the following manner:

17. according to the device described in claim 11 or 12 or 13 or 15 or 16, it is characterised in that Also include:

18. according to the device described in claim 11 or 12 or 13 or 15 or 16, it is characterised in that Also include:

The checking system of 19. 1 kinds of user profile, it is characterised in that described system include the first platform, Hinge platform, one or more second platform；Wherein,

Described first platform includes:

Described hinge platform includes:

Described second platform includes:

20. systems as claimed in claim 19, it is characterised in that described first platform also includes: