CN106453209A - Identity verifying method and apparatus - Google Patents

Identity verifying method and apparatus Download PDF

Info

Publication number
CN106453209A
CN106453209A CN201510484947.9A CN201510484947A CN106453209A CN 106453209 A CN106453209 A CN 106453209A CN 201510484947 A CN201510484947 A CN 201510484947A CN 106453209 A CN106453209 A CN 106453209A
Authority
CN
China
Prior art keywords
user
legal
face picture
audio
interference
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510484947.9A
Other languages
Chinese (zh)
Other versions
CN106453209B (en
Inventor
江璇
林述民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN202010048945.6A priority Critical patent/CN111241517B/en
Priority to CN201510484947.9A priority patent/CN106453209B/en
Publication of CN106453209A publication Critical patent/CN106453209A/en
Application granted granted Critical
Publication of CN106453209B publication Critical patent/CN106453209B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The application provides an identity verifying method and apparatus. The method comprises the following steps: receiving an identity verifying request initiated by a user, wherein the identity verifying request carries the user account information of the user; extracting a plurality of verifying modes from a verification question and answer database corresponding to the user account information, and sending the plurality of verifying modes to the user for verification, wherein the plurality of verification modes includes at least two of the following: a face picture verification method, an audio verification method, a question authentication method based on user's historical behaviors, a fingerprint feature verification method, an iris feature verification mode; receiving feedback information returned by the user and confirming that the user identity is valid when the feedback information is correct. The identity verifying method and apparatus adopt a multi-dimensional verification method and and are good in security.

Description

A kind of auth method and device
Technical field
The application is related to communication technical field, more particularly, to a kind of auth method and device.
Background technology
With the fast development of Internet technology, safety problem is especially prominent.People are carried out in the Internet During miscellaneous service operation, generally to be logged in based on user account registered in advance, and in Successful login After carry out miscellaneous service operation.Logged in or during the operation such as Modify password in user, needed to user Identity carry out legitimate verification.
At present, during carrying out identity legitimacy checking, validation problem, third party's mouth are generally adopted The single modes such as order checking are verified, accuracy is poor.
Content of the invention
In view of this, the application provides a kind of auth method and device.
Specifically, the application is achieved by the following technical solution:
A kind of auth method, methods described includes:
The authentication request that receive user is initiated, carries described user's in described authentication request User account information;
Extract multiple verification modes from described user account information corresponding checking question and answer storehouse, and be sent to User is verified, described multiple verification modes include set forth below at least two:Face picture is tested Card mode, audio authentication mode, the problem verification mode based on user's history behavior, fingerprint characteristic checking Mode, iris feature verification mode;
Receive the feedback information that described user returns, when described feedback information is correct, confirm user identity Legal.
Optionally, after receiving Client-initiated authentication request, also include:
Judge that described user account whether there is according to the behavioural information that user initiates described authentication request Risk, if so, then extracts multiple verification modes from described user account information corresponding checking question and answer storehouse And be sent to user and verified;
Wherein, described behavioural information includes:Request device identification, IP address requesting.
Optionally, the building process of described face picture verification mode includes:
Receive the legal face picture that the legal user of identity uploads;
According to human face similarity degree algorithm, it is that described legal face picture selects interference face picture;
Described face picture verification mode includes:One or more legal face picture and one or more Interference face picture.
Optionally, described for legal face picture select interference face picture, including:
According to human face similarity degree algorithm, calculate described legal face picture and every alternative interference face respectively The human face similarity degree of picture;
According to the order that described human face similarity degree is ascending, select the alternative interference face figure of predetermined number Piece is as described interference face picture.
Optionally, the building process of described audio authentication mode includes:
Receive the legal audio frequency that the legal user of identity uploads;
According to audio similarity algorithm, it is described legal audio selection interference tones;
Described audio authentication mode includes:One or more legal audio frequency and one or more interference tones.
Optionally, described for legal audio selection interference tones, including:
Calculate the audio similarity of described legal audio frequency and each alternative audio respectively;
According to the order that described audio similarity is ascending, the alternative interference tones of predetermined number are selected to make For described interference tones.
A kind of authentication means, described device includes:
Request reception unit, the authentication request that receive user is initiated, take in described authentication request User account information with described user;
Extract transmitting element, from described user account information corresponding checking question and answer storehouse, extract multiple checkings Mode, and be sent to user and verified, described multiple verification modes include set forth below at least two Kind:Face picture verification mode, audio authentication mode, the problem verification mode based on user's history behavior, Fingerprint characteristic verification mode, iris feature verification mode;
Legal confirmation unit, receives the feedback information that described user returns, when described feedback information is correct, Confirm that user identity is legal.
Optionally, described device also includes:
Risk judgment unit, after receiving Client-initiated authentication request, initiates according to user The behavioural information of described authentication request judges that described user account whether there is risk, if so, then adjusts With extracting transmitting element;
Wherein, described behavioural information includes:Request device identification, IP address requesting.
Optionally, described device also includes:
First construction unit, receives the legal face picture that the legal user of identity uploads, according to face phase Like degree algorithm, it is that described legal face picture selects interference face picture;
Described face picture verification mode includes:One or more legal face picture and one or more Interference face picture.
Optionally, described first construction unit, with specific reference to human face similarity degree algorithm, calculates described respectively Legal face picture and every alternative human face similarity degree disturbing face picture;According to described human face similarity degree Ascending order, the alternative interference face picture selecting predetermined number is as described interference face picture.
Optionally, described device also includes:
Second construction unit, receives the legal audio frequency that the legal user of identity uploads, according to audio similarity Algorithm, is described legal audio selection interference tones;
Described audio authentication mode includes:One or more legal audio frequency and one or more interference tones.
Optionally, described second construction unit, specifically calculates described legal audio frequency and each alternative sound respectively The audio similarity of frequency;According to the order that described audio similarity is ascending, select the standby of predetermined number Select interference tones as described interference tones.
By above description as can be seen that the application is after receiving Client-initiated authentication request, can To extract multiple verification modes from user account information corresponding checking question and answer storehouse and to be sent to user and carry out Checking, using the verification mode of various dimensions, safety is good.
Brief description
Fig. 1 is a kind of schematic flow sheet of the auth method shown in the application one exemplary embodiment.
Fig. 2 is a kind of flow process of the structure face picture verification mode shown in the application one exemplary embodiment Schematic diagram.
Fig. 3 is that a kind of flow process of the structure audio authentication mode shown in the application one exemplary embodiment is illustrated Figure.
Fig. 4 is a kind of schematic flow sheet of the auth method shown in the application one exemplary embodiment.
Fig. 5 is a kind of structural representation of the service end shown in the application one exemplary embodiment.
Fig. 6 is a kind of structural representation of the authentication means shown in the application one exemplary embodiment.
Specific embodiment
Here will in detail exemplary embodiment be illustrated, its example is illustrated in the accompanying drawings.Following When description is related to accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous Key element.Embodiment described in following exemplary embodiment does not represent the institute consistent with the application There is embodiment.On the contrary, they be only with such as appended claims in described in detail, the application one The example of a little consistent apparatus and method of aspect.
It is the purpose only merely for description specific embodiment in term used in this application, and be not intended to be limiting The application." a kind of " of singulative used in the application and appended claims, " institute State " and " being somebody's turn to do " be also intended to including most forms, unless context clearly shows that other implications.Also should Work as understanding, term "and/or" used herein refers to and comprises one or more associated to list item Any or all possible combination of purpose.
It will be appreciated that though may be described various using term first, second, third, etc. in the application Information, but these information should not necessarily be limited by these terms.These terms only be used for by same type of information that This distinguishes.For example, in the case of without departing from the application scope, the first information can also be referred to as Two information, similarly, the second information can also be referred to as the first information.Depending on linguistic context, as in this institute Use word " if " can be construed to " and ... when " or " when ... when " or " response In determination ".
At present, the authentication mode providing in correlation technique mainly has several as follows:
Character password is verified:Whether it is the legal user setup of identity by the character that judges user input Character is verified.However, character password is easily forgotten by user, also easily by hack.
Third party's password authentication:Disposable mouth is sent by third party's channel such as note, phone or mail Make to user, user is verified by inputting password.However, third party's password often cannot send in time Reach, Consumer's Experience is poor.
Hardware verification:Carried out by judging whether user holds the hardware such as legal smart card, safe U disc Checking.However, hardware is inconvenient to carry, Consumer's Experience is poor.
Biological characteristic validation:By judging whether the biological characteristics such as face, the fingerprint of user's offer mate body The biological characteristic of the legal user setup of part is verified.However, the recognition efficiency of biological characteristic validation is relatively Low, and accuracy is poor.
Validation problem is verified:There is provided validation problem to user, pre- by judging whether the answer of user mates If answer verified.However, the personal information that validation problem is often based on user is configured, This type of information is easily revealed by social activity, and security risk is very big.
In view of this, the application provides a kind of authentication scheme, by providing the verification mode of various dimensions To improve the accuracy of authentication, lift Consumer's Experience simultaneously.
Fig. 1 is a kind of schematic flow sheet of the auth method shown in the application one exemplary embodiment.
Refer to Fig. 1, described auth method can be used for service end, comprises the following steps:
Step 101, the authentication request that receive user is initiated, carry in described authentication request The user account information of described user.
In the present embodiment, user can send authentication when login or Modify password Ask to service end, service end receives described authentication request.Wherein, in described authentication request Generally carry the user account information of user, described user account information can include:Account ID, account Family password etc..
Step 102, extracts multiple verification modes from described user account information corresponding checking question and answer storehouse, And be sent to user and verified.
Based on abovementioned steps 101, service end, can be according to institute after receiving described authentication request State user account information and extract multiple verification modes from user account information corresponding checking question and answer storehouse, and Multiple verification modes described are sent to user, so that user selects or inputs the information for checking.
In the present embodiment, for each user account, service end can build checking question and answer storehouse in advance, Multiple verification modes are included, such as in described checking question and answer storehouse:Face picture verification mode, audio frequency are tested Card mode, the problem verification mode based on user's history behavior, fingerprint characteristic verification mode, iris feature Verification mode etc..In this step, service end can be chosen the checking of at least the above two kinds of verification modes and ask Topic and alternative answer.
Wherein, the described problem verification mode based on user's history behavior is by the history service number of user account According to generation, such as:" whether you logged in system yesterday?" etc..Described fingerprint characteristic verification mode with And described iris feature verification mode needs user to pre-enter legal fingerprint characteristic and legal iris Feature, service end preserves features described above, subsequently to verify to user.
In this step, described face picture verification mode can for providing multiple face picture to user, One or multiple legal face picture and one or more dry are included in multiple face picture wherein said Disturb face picture, user needs to select legal face picture in multiple face picture described.Described audio frequency Verification mode can include one or many for providing multiple audio frequency to user in wherein said multiple audio frequency Individual legal audio frequency and one or more illegal audio frequency, it is legal that user's needs select in the plurality of audio frequency Audio frequency.
Optionally, in this step, service end is after receiving Client-initiated authentication request, Can first judge that user account whether there is risk, when user account has risk, from user account letter Extract multiple verification modes in breath corresponding checking question and answer storehouse and be sent to user.When user account does not exist During risk, if the checking password of user input is correct, can confirm that user identity is legal.Specifically, According to the behavioural information that user initiates described authentication request, service end can judge that described user account is No have risk, and described behavioural information includes:Request device identification, IP address requesting etc..Such as:Clothes Business end can according to request device identification or IP address requesting judge user be whether using common equipment or Person is to send described authentication request often in place, if it is, can confirm that user account is not deposited In risk, if it is not, then can confirm that user account has risk.Certainly, in actual applications, Using other modes, those skilled in the art can also judge that user account whether there is risk, the application This is not particularly limited.
Step 103, receives the feedback information that described user returns, when described feedback information is correct, really Recognize user identity legal.
The feedback information that service end receive user is returned based on described multiple verification modes, and judge described anti- Whether feedforward information is correct, if described feedback information is correct, can confirm that user identity is legal, such as: User have selected legal face picture in multiple face picture, that user have selected in multiple audio frequency is legal Audio frequency etc..If described feedback information is incorrect, can confirm that user identity is illegal.
By above description as can be seen that the application is after receiving Client-initiated authentication request, can To extract multiple verification modes from user account information corresponding checking question and answer storehouse and to be sent to user and carry out Checking, using the verification mode of various dimensions, safety is good.
Realize process with reference to what specific embodiment to describe the application.
The above-mentioned auth method that the application provides can also include two processes, and one is to carry out body Before part checking, service end builds the process of face picture verification mode or audio authentication mode;Another It is the process that user carries out authentication.Individually below this two processes are described.
Fig. 2 is a kind of flow process of the structure face picture verification mode shown in the application one exemplary embodiment Schematic diagram.
Refer to Fig. 2, in the optional example of the application one, service end builds face picture verification mode Process may comprise steps of:
Step 201, receives the legal face picture that the legal user of identity uploads.
In the present embodiment, user can upload and close when login account or modification accounts information Method face picture, such as:The head portrait photo of oneself can be uploaded by user as described legal face picture To service end.
Step 202, according to human face similarity degree algorithm, is that described legal face picture selects interference face figure Piece.
Based on abovementioned steps S201, service end is after the legal face picture receiving user's upload, permissible Randomly select several alternative interference face picture from default face picture storehouse, then according to face phase Like degree algorithm, calculate described legal face picture and every alternative human face similarity disturbing face picture respectively Degree.Wherein, the quantity of the alternative interference face picture of selection can be configured by developer, this Shen Please this is not particularly limited.Described human face similarity degree algorithm can adopt SDM (Supervised Descent Method, supervises descending method) algorithm, AAM (Active Appearance Model, main Dynamic list item model) algorithm, ASM (Active Shape Model, active shape model) algorithm etc., this Application is also not particularly limited to this.
After being calculated described legal face picture and the human face similarity degree of alternative interference face picture, Relatively small standby of several human face similarity degrees can be selected according to the ascending order of human face similarity degree Choosing interference face picture is using the interference face picture as described legal face picture.Wherein, selection is dry The quantity disturbing face picture can also be configured by developer, such as:20 or 30.? In the application, select the human face similarity degree less interference face picture with legal face picture, can keep away Exempting from interference, face picture is too high with the human face similarity degree of legal face picture leads to user to obscure, reduction user The problems such as experience.
Fig. 3 is that a kind of flow process of the structure audio authentication mode shown in the application one exemplary embodiment is illustrated Figure.
Refer to Fig. 3, in the optional example of the application one, service end builds the mistake of audio authentication mode Journey may comprise steps of:
Step 301, receives the legal audio frequency that validated user uploads.
In the present embodiment, user can upload and close when login account or modification accounts information Method audio frequency, such as:User can record one section of realAudio of oneself, and using this realAudio as institute State legal audio frequency and upload to service end.
Step 302, according to audio similarity algorithm, is described legal audio selection interference tones.
Based on abovementioned steps 301, service end, can be from pre- after the legal audio frequency receiving user's upload If audio repository in randomly select several alternative interference tones, then according to audio similarity algorithm, point Do not calculate the audio similarity of described legal audio frequency and each alternative audio.Wherein, the alternative interference of selection The quantity of audio frequency can be configured by developer, and the application is not particularly limited to this.
After being calculated the audio similarity of described legal audio frequency and alternative interference tones, can be according to Audio similarity, by the order of little arrival, selects the alternative interference tones that several audio similarities are relatively small Frequency is using the interference tones as described legal audio frequency.Wherein, the quantity of the interference tones of selection can also be by Developer is configured, such as:20 or 30.In this application, select and legal audio frequency The less interference tones of audio similarity, audio frequency can be avoided interference too high with the similarity of legal audio frequency Lead to user to obscure, reduce Consumer's Experience the problems such as.
Fig. 4 is a kind of schematic flow sheet of the auth method shown in the application one exemplary embodiment.
Refer to Fig. 4, described auth method can be used for service end, comprises the following steps:
Step 401, the authentication request that receive user is initiated, carry in described authentication request The user account information of described user.
In the present embodiment, the authentication request that service end receive user is initiated, described authentication please Ask and can include:Logging request, the logging request forgetting Password, replacement password request etc..Such as:When When user forgets the login password of user account, the button forgetting Password can be clicked on, service end is receiving Click on after the instruction of the button that forgets Password to user, be considered as receiving described authentication request.
Step 402, extracts multiple face picture from described user account information corresponding checking question and answer storehouse, So that user selects.
In this step, service end can extract multiple face picture comprising legal face picture, for User selects described legal face picture in multiple face picture described.Wherein, the people that service end is extracted The quantity of face picture can be configured by developer, such as:Service end can extract 4 face figures Piece, includes 1 opening and closing method face picture in this 4 face picture, service end can also extract 6 people Face picture, includes 2 opening and closing method face picture etc. in this 6 face picture.
It is understood that service end extracts multiple the face figures comprising legal face picture in this application The process of piece is usually service end and multiple face picture comprising legal face picture is sent to user's transmission The terminal of the instruction of authentication, multiple face picture described are showed user by terminal, for user's choosing Select, and the result that user is selected returns to service end.In this application, for purposes of illustration only, describing The process that middle omission service end is interacted with terminal.
Step 403, extracts from described user account information corresponding checking question and answer storehouse and comprises legal audio frequency Multiple audio frequency, for user select.
In the present embodiment, service end can extract the multiple audio frequency comprising legal audio frequency, so that user exists Described legal audio frequency is selected in the plurality of audio frequency.The quantity of the audio frequency that service end is extracted can also be by developing Personnel are configured, such as:Service end extract 4 audio frequency, include in this 4 audio frequency 1 legal Audio frequency, service end can also extract 6 audio frequency, includes 2 legal audio frequency etc. in this 6 audio frequency.
Step 404, extracts from described user account information corresponding checking question and answer storehouse and is based on user's history The validation problem of behavior, so that user answers.
In the present embodiment, service end can also extract one or more checkings based on user's history behavior Problem, so that user answers.The potential safety hazard being led in order to avoid the leakage of personal information of user, In the present embodiment, described validation problem can be generated according to the business datum of user.Described business datum can To be the various data that user carries out business operation, such as:User carries out the object of business operation, the amount of money And the information such as frequency.Described validation problem can be for " junior partner often carrying out service interaction with you is Who ", " which the article that you did not buy have " etc..Business datum according to user generates checking and asks Topic, can be prevented effectively from the potential safety hazard that the answer leakage of validation problem causes.
Step 405, the feedback information that receive user returns.
The feedback information being returned based on abovementioned steps 402 to 404, service end receive user, wherein, institute State and include user in feedback information and be based on multiple face picture described, multiple audio frequency, one or more test The selection of card problem or answer result.
Step 406, when described feedback information is correct, confirms that user identity is legal.
In this step, service end is verified to described feedback information.Specifically, service end checking is used Whether the face picture that family selects in multiple face picture described is legal face picture, verifies that user exists In the plurality of audio frequency select audio frequency whether be legal audio frequency, verify user answer one or Whether multiple validation problems are correct.When user choose all legal face picture, all legal audio frequency with And all validation problems is when all answering correct, confirm that user identity is legal.
Optionally, in another example, when service end is supplied to the multiple validation problem of user, service End can confirm that user identity is legal when a part of validation problem answers correct wherein.Assume service end There is provided 5 validation problems to user, if user answers correct 3 or more than 3, can be true Recognize the checking by validation problem.
It should be noted that the application is not intended to limit the execution sequence of abovementioned steps 402 to 404, at this Apply for it is also possible to first carry out step 404 in another example, then execution step 403, finally execute step Rapid 401.
By above description as can be seen that after the application receives Client-initiated authentication request, permissible Extract multiple verification modes from user account information corresponding checking question and answer storehouse and be sent to user and tested Card, using the verification mode of various dimensions, safety is good.Meanwhile, raw using face picture and audio frequency etc. The verification mode of thing feature, easily arouses the memory of user, and availability is high.
Corresponding with the embodiment of aforementioned auth method, present invention also provides authentication means Embodiment.
The embodiment of the application authentication means can be applied in service end.Device embodiment can be led to Cross software to realize it is also possible to realize by way of hardware or software and hardware combining.As a example implemented in software, As the device on a logical meaning, it is by non-volatile memories by the processor of its place service end In device, corresponding computer program instructions read and run formation in internal memory.For hardware view, such as Shown in Fig. 5, it is a kind of hardware structure diagram of the application authentication means place service end, except Fig. 5 Outside shown processor, internal memory, network interface and nonvolatile memory, device in embodiment The service end being located, generally according to the actual functional capability of this service end, can also include other hardware, to this not Repeat again.
Fig. 6 is a kind of structural representation of the authentication means shown in the application one exemplary embodiment.
Refer to Fig. 6, the authentication means 500 of described various dimensions can include:Request reception unit 501st, transmitting element 502, legal confirmation unit 503, risk judgment unit 504, first structure are extracted Unit 505 and the second construction unit 506.
Wherein, described request reception unit 501, the authentication request that receive user is initiated, described body The user account information of described user is carried in part checking request;
Described extraction transmitting element 502, extracts from described user account information corresponding checking question and answer storehouse Multiple verification modes, and be sent to user and verified, described multiple verification modes include set forth below in At least two:Face picture verification mode, audio authentication mode, the problem based on user's history behavior Verification mode, fingerprint characteristic verification mode, iris feature verification mode;
Described legal confirmation unit 503, receives the feedback information that described user returns, when described feedback letter When ceasing correct, confirm that user identity is legal.
Described risk judgment unit 504, after receiving Client-initiated authentication request, according to The behavioural information that user initiates described authentication request judges that described user account whether there is risk, if It is then to call extraction transmitting element;
Wherein, described behavioural information includes:Request device identification, IP address requesting.
Described first construction unit 505, receives the legal face picture that the legal user of identity uploads, root According to human face similarity degree algorithm, it is that described legal face picture selects interference face picture;
Described face picture verification mode includes:One or more legal face picture and one or more Interference face picture.
Optionally, described first construction unit 505, with specific reference to human face similarity degree algorithm, calculates respectively Described legal face picture and every alternative human face similarity degree disturbing face picture;According to described face phase Seemingly spend ascending order, the alternative interference face picture selecting predetermined number is as described interference face Picture.
Described second construction unit 506, receives the legal audio frequency that the legal user of identity uploads, according to sound Frequency similarity algorithm, is described legal audio selection interference tones;
Described audio authentication mode includes:One or more legal audio frequency and one or more interference tones.
Optionally, described second construction unit 506, specifically calculates described legal audio frequency respectively and each is standby Select the audio similarity of audio frequency;According to the order that described audio similarity is ascending, select predetermined number Alternative interference tones as described interference tones.
In said apparatus, the process of realizing of the function of unit and effect specifically refers to correspondence in said method Step realize process, will not be described here.
For device embodiment, because it corresponds essentially to embodiment of the method, so related part ginseng See that the part of embodiment of the method illustrates.Device embodiment described above is only schematically, The wherein said unit illustrating as separating component can be or may not be physically separate, make For the part that unit shows can be or may not be physical location, you can with positioned at a place, Or can also be distributed on multiple NEs.Can select according to the actual needs part therein or The whole module of person is realizing the purpose of application scheme.Those of ordinary skill in the art are not paying creativeness In the case of work, you can to understand and to implement.
The foregoing is only the preferred embodiment of the application, not in order to limit the application, all this Within the spirit of application and principle, any modification, equivalent substitution and improvement done etc., should be included in Within the scope of the application protection.

Claims (12)

1. a kind of auth method is it is characterised in that methods described includes:
The authentication request that receive user is initiated, carries described user's in described authentication request User account information;
Extract multiple verification modes from described user account information corresponding checking question and answer storehouse, and be sent to User is verified, described multiple verification modes include set forth below at least two:Face picture is tested Card mode, audio authentication mode, the problem verification mode based on user's history behavior, fingerprint characteristic checking Mode, iris feature verification mode;
Receive the feedback information that described user returns, when described feedback information is correct, confirm user identity Legal.
2. method according to claim 1 is it is characterised in that receiving Client-initiated identity After checking request, also include:
Judge that described user account whether there is according to the behavioural information that user initiates described authentication request Risk, if so, then extracts multiple verification modes from described user account information corresponding checking question and answer storehouse And be sent to user and verified;
Wherein, described behavioural information includes:Request device identification, IP address requesting.
3. method according to claim 1 is it is characterised in that described face picture verification mode Building process includes:
Receive the legal face picture that the legal user of identity uploads;
According to human face similarity degree algorithm, it is that described legal face picture selects interference face picture;
Described face picture verification mode includes:One or more legal face picture and one or more Interference face picture.
4. method according to claim 3 is it is characterised in that described select for legal face picture Interference face picture, including:
According to human face similarity degree algorithm, calculate described legal face picture and every alternative interference face respectively The human face similarity degree of picture;
According to the order that described human face similarity degree is ascending, select the alternative interference face figure of predetermined number Piece is as described interference face picture.
5. method according to claim 1 is it is characterised in that the structure of described audio authentication mode Process includes:
Receive the legal audio frequency that the legal user of identity uploads;
According to audio similarity algorithm, it is described legal audio selection interference tones;
Described audio authentication mode includes:One or more legal audio frequency and one or more interference tones.
6. method according to claim 5 is it is characterised in that described disturb for legal audio selection Audio frequency, including:
Calculate the audio similarity of described legal audio frequency and each alternative audio respectively;
According to the order that described audio similarity is ascending, the alternative interference tones of predetermined number are selected to make For described interference tones.
7. a kind of authentication means are it is characterised in that described device includes:
Request reception unit, the authentication request that receive user is initiated, take in described authentication request User account information with described user;
Extract transmitting element, from described user account information corresponding checking question and answer storehouse, extract multiple checkings Mode, and be sent to user and verified, described multiple verification modes include set forth below at least two Kind:Face picture verification mode, audio authentication mode, the problem verification mode based on user's history behavior, Fingerprint characteristic verification mode, iris feature verification mode;
Legal confirmation unit, receives the feedback information that described user returns, when described feedback information is correct, Confirm that user identity is legal.
8. device according to claim 7 is it is characterised in that described device also includes:
Risk judgment unit, after receiving Client-initiated authentication request, initiates according to user The behavioural information of described authentication request judges that described user account whether there is risk, if so, then adjusts With extracting transmitting element;
Wherein, described behavioural information includes:Request device identification, IP address requesting.
9. device according to claim 7 is it is characterised in that described device also includes:
First construction unit, receives the legal face picture that the legal user of identity uploads, according to face phase Like degree algorithm, it is that described legal face picture selects interference face picture;
Described face picture verification mode includes:One or more legal face picture and one or more Interference face picture.
10. device according to claim 9 it is characterised in that
Described first construction unit, with specific reference to human face similarity degree algorithm, calculates described legal face respectively Picture and every alternative human face similarity degree disturbing face picture;Ascending according to described human face similarity degree Order, select predetermined number alternative interference face picture as described interference face picture.
11. devices according to claim 7 are it is characterised in that described device also includes:
Second construction unit, receives the legal audio frequency that the legal user of identity uploads, according to audio similarity Algorithm, is described legal audio selection interference tones;
Described audio authentication mode includes:One or more legal audio frequency and one or more interference tones.
12. devices according to claim 11 it is characterised in that
Described second construction unit, specifically calculates the audio frequency of described legal audio frequency and each alternative audio respectively Similarity;According to the order that described audio similarity is ascending, select the alternative interference tones of predetermined number Frequency is as described interference tones.
CN201510484947.9A 2015-08-07 2015-08-07 Identity verification method and device Active CN106453209B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010048945.6A CN111241517B (en) 2015-08-07 2015-08-07 Method and device for constructing biological feature verification question-answer library
CN201510484947.9A CN106453209B (en) 2015-08-07 2015-08-07 Identity verification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510484947.9A CN106453209B (en) 2015-08-07 2015-08-07 Identity verification method and device

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202010048945.6A Division CN111241517B (en) 2015-08-07 2015-08-07 Method and device for constructing biological feature verification question-answer library

Publications (2)

Publication Number Publication Date
CN106453209A true CN106453209A (en) 2017-02-22
CN106453209B CN106453209B (en) 2020-01-21

Family

ID=58093108

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202010048945.6A Active CN111241517B (en) 2015-08-07 2015-08-07 Method and device for constructing biological feature verification question-answer library
CN201510484947.9A Active CN106453209B (en) 2015-08-07 2015-08-07 Identity verification method and device

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202010048945.6A Active CN111241517B (en) 2015-08-07 2015-08-07 Method and device for constructing biological feature verification question-answer library

Country Status (1)

Country Link
CN (2) CN111241517B (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106911725A (en) * 2017-05-02 2017-06-30 北京汇通金财信息科技有限公司 A kind of multiple-factor authentication method and device
CN107742068A (en) * 2017-09-01 2018-02-27 中国科学院信息工程研究所 A kind of implicit identity authorization system of the multi-source of smart machine and method
CN107846393A (en) * 2017-09-11 2018-03-27 阿里巴巴集团控股有限公司 Real people's authentication method and device
CN107994994A (en) * 2017-11-24 2018-05-04 深圳中兴网信科技有限公司 Image authentication code verification method, system, server and terminal
CN108173864A (en) * 2017-12-29 2018-06-15 咪咕文化科技有限公司 A kind of Information Authentication mode method of adjustment and device and storage medium
CN108429745A (en) * 2018-03-05 2018-08-21 广州杰赛科技股份有限公司 The authentication method and Verification System of login, webpage login method and system
CN109165328A (en) * 2018-07-27 2019-01-08 阿里巴巴集团控股有限公司 A kind of method for authenticating user identity and device
CN109784031A (en) * 2018-12-14 2019-05-21 北京奇安信科技有限公司 A kind of account authentication process method and device
CN109840406A (en) * 2017-11-29 2019-06-04 百度在线网络技术(北京)有限公司 Living body verification method, device and computer equipment
CN109858210A (en) * 2019-01-07 2019-06-07 平安科技(深圳)有限公司 Information Authentication method, apparatus, computer equipment and storage medium
CN109978557A (en) * 2017-12-27 2019-07-05 金联汇通信息技术有限公司 Method, system and the method for membership's verifying of member registration
CN111669404A (en) * 2020-06-24 2020-09-15 深圳前海微众银行股份有限公司 Verification method and device for digital certificate installation
CN111784355A (en) * 2020-07-17 2020-10-16 支付宝(杭州)信息技术有限公司 Transaction security verification method and device based on edge calculation
CN112990051A (en) * 2021-03-26 2021-06-18 国网河北省电力有限公司信息通信分公司 Auxiliary authentication method and device, electronic equipment and storage medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112699348A (en) * 2020-12-25 2021-04-23 中国平安人寿保险股份有限公司 Method and device for verifying nuclear body information, computer equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101291225A (en) * 2007-04-27 2008-10-22 丁洪涛 Authentication method adopting complex cryptographic technique
CN101697514A (en) * 2009-10-22 2010-04-21 中兴通讯股份有限公司 Method and system for identity authentication
CN101867475A (en) * 2010-05-27 2010-10-20 华为终端有限公司 Access authentication method and related device of remote control terminal service and communication system
CN104468101A (en) * 2013-09-12 2015-03-25 深圳市腾讯计算机系统有限公司 User identity authentication method and device and authentication service system

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002109541A (en) * 2000-09-28 2002-04-12 Institute Of Tsukuba Liaison Co Ltd Comparison/authentication device of image and its method
JP2003006167A (en) * 2001-06-25 2003-01-10 Sharp Corp Question-and-answer type authenticating device
CN100483996C (en) * 2005-05-20 2009-04-29 北京金山软件有限公司 Method for authentication of identity of network user
JP2011516966A (en) * 2008-04-02 2011-05-26 グーグル インコーポレイテッド Method and apparatus for incorporating automatic face recognition in a digital image collection
CN101770613A (en) * 2010-01-19 2010-07-07 北京智慧眼科技发展有限公司 Social insurance identity authentication method based on face recognition and living body detection
CN102438024A (en) * 2012-01-05 2012-05-02 重庆大学 Voice verification method based on nonlinguistic characteristics
CN103426191B (en) * 2012-05-26 2016-04-27 百度在线网络技术(北京)有限公司 A kind of picture mask method and system
US9632574B2 (en) * 2012-10-31 2017-04-25 Sony Corporation Device and method for authenticating a user

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101291225A (en) * 2007-04-27 2008-10-22 丁洪涛 Authentication method adopting complex cryptographic technique
CN101697514A (en) * 2009-10-22 2010-04-21 中兴通讯股份有限公司 Method and system for identity authentication
CN101867475A (en) * 2010-05-27 2010-10-20 华为终端有限公司 Access authentication method and related device of remote control terminal service and communication system
CN104468101A (en) * 2013-09-12 2015-03-25 深圳市腾讯计算机系统有限公司 User identity authentication method and device and authentication service system

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106911725A (en) * 2017-05-02 2017-06-30 北京汇通金财信息科技有限公司 A kind of multiple-factor authentication method and device
CN107742068A (en) * 2017-09-01 2018-02-27 中国科学院信息工程研究所 A kind of implicit identity authorization system of the multi-source of smart machine and method
CN107846393A (en) * 2017-09-11 2018-03-27 阿里巴巴集团控股有限公司 Real people's authentication method and device
TWI695288B (en) * 2017-09-11 2020-06-01 香港商阿里巴巴集團服務有限公司 Real person authentication method and device
CN107846393B (en) * 2017-09-11 2020-01-14 阿里巴巴集团控股有限公司 Real person authentication method and device
WO2019047880A1 (en) * 2017-09-11 2019-03-14 阿里巴巴集团控股有限公司 Real person authentication method and apparatus
CN107994994A (en) * 2017-11-24 2018-05-04 深圳中兴网信科技有限公司 Image authentication code verification method, system, server and terminal
CN109840406B (en) * 2017-11-29 2022-05-17 百度在线网络技术(北京)有限公司 Living body verification method and device and computer equipment
CN109840406A (en) * 2017-11-29 2019-06-04 百度在线网络技术(北京)有限公司 Living body verification method, device and computer equipment
CN109978557A (en) * 2017-12-27 2019-07-05 金联汇通信息技术有限公司 Method, system and the method for membership's verifying of member registration
CN108173864A (en) * 2017-12-29 2018-06-15 咪咕文化科技有限公司 A kind of Information Authentication mode method of adjustment and device and storage medium
CN108173864B (en) * 2017-12-29 2020-12-15 咪咕文化科技有限公司 Information verification mode adjusting method and device and storage medium
CN108429745A (en) * 2018-03-05 2018-08-21 广州杰赛科技股份有限公司 The authentication method and Verification System of login, webpage login method and system
CN108429745B (en) * 2018-03-05 2021-08-10 广州杰赛科技股份有限公司 Login authentication method and system, and webpage login method and system
CN109165328A (en) * 2018-07-27 2019-01-08 阿里巴巴集团控股有限公司 A kind of method for authenticating user identity and device
CN109784031A (en) * 2018-12-14 2019-05-21 北京奇安信科技有限公司 A kind of account authentication process method and device
CN109784031B (en) * 2018-12-14 2021-08-17 奇安信科技集团股份有限公司 Account identity verification processing method and device
CN109858210A (en) * 2019-01-07 2019-06-07 平安科技(深圳)有限公司 Information Authentication method, apparatus, computer equipment and storage medium
CN111669404A (en) * 2020-06-24 2020-09-15 深圳前海微众银行股份有限公司 Verification method and device for digital certificate installation
CN111784355A (en) * 2020-07-17 2020-10-16 支付宝(杭州)信息技术有限公司 Transaction security verification method and device based on edge calculation
CN111784355B (en) * 2020-07-17 2023-03-10 支付宝(杭州)信息技术有限公司 Transaction security verification method and device based on edge calculation
CN112990051A (en) * 2021-03-26 2021-06-18 国网河北省电力有限公司信息通信分公司 Auxiliary authentication method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN111241517A (en) 2020-06-05
CN111241517B (en) 2023-10-27
CN106453209B (en) 2020-01-21

Similar Documents

Publication Publication Date Title
CN106453209A (en) Identity verifying method and apparatus
AU2019202631B2 (en) Toggling biometric authentication
US11238349B2 (en) Conditional behavioural biometrics
US11676150B1 (en) Selective passive voice authentication
US11055395B2 (en) Step-up authentication
CN107800672B (en) Information verification method, electronic equipment, server and information verification system
CN106453205B (en) identity verification method and device
US10122719B1 (en) Wearable device-based user authentication
US20090150983A1 (en) System and method for monitoring human interaction
US9747434B1 (en) Authenticating with an external device by providing a message having message fields arranged in a particular message field order
CN105592014B (en) A kind of trusted terminal verification method, device
US9667613B1 (en) Detecting mobile device emulation
CN106790129A (en) A kind of identity authentication method and device
CN105701692A (en) Electronic transaction writing-off method, electronic transaction writing-off client, electronic transaction writing-off server and electronic transaction writing-off system
CN105337739B (en) Safe login method, device, server and terminal
CN105205367B (en) Information processing method and electronic equipment
CN108960820A (en) A kind of real name identification method based on block chain, system and storage medium
CN107196971A (en) Information processing method, device, electronic equipment and server
CN110120928A (en) A kind of identity authentication method, device, server and computer-readable medium
CN105187412B (en) A kind of login authentication method based on gesture identification, apparatus and system
US10778434B2 (en) Smart login method using messenger service and apparatus thereof
CN109684802A (en) A kind of method and system providing a user artificial intelligence platform
CN107391987A (en) Application guard method, device and electronic equipment based on living things feature recognition
CN110519061A (en) A kind of identity identifying method based on biological characteristic, equipment and system
US20180357410A1 (en) Secure multiple-party communication and data orchestration

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20200918

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee before: Advanced innovation technology Co.,Ltd.

Effective date of registration: 20200918

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Patentee before: Alibaba Group Holding Ltd.

TR01 Transfer of patent right