CN106453209B - Identity verification method and device - Google Patents
Identity verification method and device Download PDFInfo
- Publication number
- CN106453209B CN106453209B CN201510484947.9A CN201510484947A CN106453209B CN 106453209 B CN106453209 B CN 106453209B CN 201510484947 A CN201510484947 A CN 201510484947A CN 106453209 B CN106453209 B CN 106453209B
- Authority
- CN
- China
- Prior art keywords
- user
- verification
- legal
- audio
- face
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Biodiversity & Conservation Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Collating Specific Patterns (AREA)
Abstract
The application provides an identity authentication method and device. The method comprises the following steps: receiving an identity authentication request initiated by a user, wherein the identity authentication request carries user account information of the user; extracting multiple verification modes from a verification question-answer library corresponding to the user account information and sending the multiple verification modes to the user for verification, wherein the multiple verification modes comprise at least two of the following modes: a face picture verification mode, an audio verification mode, a problem verification mode based on user historical behaviors, a fingerprint feature verification mode and an iris feature verification mode; and receiving feedback information returned by the user, and confirming that the user identity is legal when the feedback information is correct. The method adopts a multi-dimensional verification mode, and is good in safety.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to an identity authentication method and apparatus.
Background
With the rapid development of internet technology, security issues are particularly prominent. When people perform various business operations on the internet, login is generally performed based on a user account registered in advance, and after login is successfully performed, various business operations are performed. When a user performs operations such as login or password modification, the identity of the user needs to be validated.
At present, in the process of identity validity verification, single modes such as verification problems and third party password verification are generally adopted for verification, and the accuracy is poor.
Disclosure of Invention
In view of the above, the present application provides an identity authentication method and apparatus.
Specifically, the method is realized through the following technical scheme:
a method of identity verification, the method comprising:
receiving an identity authentication request initiated by a user, wherein the identity authentication request carries user account information of the user;
extracting multiple verification modes from a verification question-answer library corresponding to the user account information and sending the multiple verification modes to the user for verification, wherein the multiple verification modes comprise at least two of the following modes: a face picture verification mode, an audio verification mode, a problem verification mode based on user historical behaviors, a fingerprint feature verification mode and an iris feature verification mode;
and receiving feedback information returned by the user, and confirming that the user identity is legal when the feedback information is correct.
Optionally, after receiving an authentication request initiated by a user, the method further includes:
judging whether the user account has risks according to the behavior information of the identity verification request initiated by the user, if so, extracting multiple verification modes from a verification question-answer library corresponding to the user account information and sending the verification modes to the user for verification;
wherein the behavior information includes: requesting device identification, requesting IP address.
Optionally, the construction process of the face image verification method includes:
receiving a legal face picture uploaded by a user with a legal identity;
selecting an interference face picture for the legal face picture according to a face similarity algorithm;
the face picture verification method comprises the following steps: one or more legal face pictures and one or more interference face pictures.
Optionally, the selecting an interference face picture for a legal face picture includes:
respectively calculating the face similarity of the legal face picture and each alternative interference face picture according to a face similarity algorithm;
and selecting a preset number of alternative interference face pictures as the interference face pictures according to the sequence of the face similarity from small to large.
Optionally, the audio verification method includes:
receiving legal audio uploaded by a user with a legal identity;
selecting an interfering audio for the legitimate audio according to an audio similarity algorithm;
the audio verification method comprises the following steps: one or more legitimate audios and one or more interfering audios.
Optionally, the selecting an interfering audio for a legal audio includes:
respectively calculating the audio similarity of the legal audio and each alternative audio;
and selecting a preset number of alternative interference audios as the interference audios according to the sequence of the audio similarity from small to large.
An authentication apparatus, the apparatus comprising:
the system comprises a request receiving unit, a verification unit and a verification unit, wherein the request receiving unit is used for receiving an identity verification request initiated by a user, and the identity verification request carries user account information of the user;
the extraction and sending unit is used for extracting a plurality of verification modes from a verification question-answer library corresponding to the user account information and sending the verification modes to the user for verification, wherein the plurality of verification modes comprise at least two of the following modes: a face picture verification mode, an audio verification mode, a problem verification mode based on user historical behaviors, a fingerprint feature verification mode and an iris feature verification mode;
and the legal confirmation unit is used for receiving the feedback information returned by the user and confirming that the user identity is legal when the feedback information is correct.
Optionally, the apparatus further comprises:
the risk judgment unit is used for judging whether the user account has risks or not according to the behavior information of the identity authentication request initiated by the user after receiving the identity authentication request initiated by the user, and if so, the extraction and sending unit is called;
wherein the behavior information includes: requesting device identification, requesting IP address.
Optionally, the apparatus further comprises:
the first construction unit is used for receiving a legal face picture uploaded by a user with a legal identity and selecting an interference face picture for the legal face picture according to a face similarity algorithm;
the face picture verification method comprises the following steps: one or more legal face pictures and one or more interference face pictures.
Optionally, the first constructing unit calculates face similarity of the legal face picture and each alternative interference face picture respectively according to a face similarity algorithm; and selecting a preset number of alternative interference face pictures as the interference face pictures according to the sequence of the face similarity from small to large.
Optionally, the apparatus further comprises:
the second construction unit is used for receiving legal audio uploaded by a user with a legal identity and selecting interference audio for the legal audio according to an audio similarity algorithm;
the audio verification method comprises the following steps: one or more legitimate audios and one or more interfering audios.
Optionally, the second constructing unit specifically calculates audio similarity of the legal audio and each alternative audio respectively; and selecting a preset number of alternative interference audios as the interference audios according to the sequence of the audio similarity from small to large.
The above description shows that after receiving an identity authentication request initiated by a user, the method and the device can extract a plurality of authentication modes from the authentication question-answer library corresponding to the user account information and send the authentication question-answer library to the user for authentication, and the method and the device adopt a multi-dimensional authentication mode, so that the security is good.
Drawings
Fig. 1 is a flowchart illustrating an authentication method according to an exemplary embodiment of the present application.
Fig. 2 is a schematic flow chart of a verification method for constructing a face picture according to an exemplary embodiment of the present application.
Fig. 3 is a flowchart illustrating a method for constructing an audio verification according to an exemplary embodiment of the present application.
Fig. 4 is a flowchart illustrating an authentication method according to an exemplary embodiment of the present application.
Fig. 5 is a schematic structural diagram of a server according to an exemplary embodiment of the present application.
Fig. 6 is a schematic structural diagram of an authentication apparatus according to an exemplary embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
At present, the authentication methods provided in the related art mainly include the following:
and (3) character password verification: and verifying by judging whether the characters input by the user are the characters set by the user with legal identity. However, the character password is easily forgotten by a user and also easily cracked by a hacker.
Third party password verification: and sending the one-time password to the user through a third-party channel such as a short message, a telephone or a mail, and the user carries out verification by inputting the password. However, the third party password is often not delivered in time, and the user experience is poor.
Hardware verification: and verifying by judging whether the user holds a legal smart card, a safe U disk and other hardware. However, the hardware is inconvenient to carry, and the user experience is poor.
And (3) biometric verification: and verifying by judging whether the biological characteristics such as the face and the fingerprint provided by the user are matched with the biological characteristics set by the user with a legal identity. However, biometric authentication is inefficient and less accurate to identify.
Verifying the verification problem: providing a verification question for the user, and verifying by judging whether the answer of the user is matched with a preset answer. However, the authentication problem is often set based on personal information of the user, which is easily leaked through social contact and has a large security risk.
In view of this, the present application provides an identity authentication scheme, which improves accuracy of identity authentication and improves user experience by providing a multidimensional authentication manner.
Fig. 1 is a flowchart illustrating an authentication method according to an exemplary embodiment of the present application.
Referring to fig. 1, the identity authentication method may be applied to a server, and includes the following steps:
step 101, receiving an authentication request initiated by a user, where the authentication request carries user account information of the user.
In this embodiment, the user may send an authentication request to the server when logging in or modifying a password, and the server receives the authentication request. The identity authentication request usually carries user account information of the user, where the user account information may include: account ID, account password, etc.
And 102, extracting a plurality of verification modes from a verification question-answering library corresponding to the user account information, and sending the verification modes to the user for verification.
Based on the foregoing step 101, after receiving the identity authentication request, the server may extract multiple authentication manners from an authentication question-answer library corresponding to the user account information according to the user account information, and send the multiple authentication manners to the user, so that the user may select or input information for authentication.
In this embodiment, for each user account, the server may pre-construct a verification question-answer library, where the verification question-answer library includes multiple verification methods, such as: a face picture verification mode, an audio verification mode, a problem verification mode based on the historical behaviors of the user, a fingerprint characteristic verification mode, an iris characteristic verification mode and the like. In this step, the server may select at least two verification methods of the verification question and the alternative answer.
The problem verification mode based on the user historical behavior is generated by historical business data of a user account, such as: "do you log in to the system yesterday? "and the like. The fingerprint characteristic verification mode and the iris characteristic verification mode require that a user inputs legal fingerprint characteristics and legal iris characteristics in advance, and the server stores the characteristics so as to verify the user in the following.
In this step, the face picture verification method may be to provide a plurality of face pictures to the user, where the plurality of face pictures include one or more legal face pictures and one or more interference face pictures, and the user needs to select a legal face picture from the plurality of face pictures. The audio verification method may be to provide multiple audios to a user, where the multiple audios include one or more legal audios and one or more illegal audios, and the user needs to select a legal audio from the multiple audios.
Optionally, in this step, after receiving the identity authentication request initiated by the user, the server may first determine whether the user account has a risk, and when the user account has a risk, extract a plurality of authentication manners from the authentication question-answer library corresponding to the user account information and send the authentication manners to the user. When the user account has no risk, if the verification password input by the user is correct, the identity of the user can be confirmed to be legal. Specifically, the server may determine whether the user account has a risk according to behavior information of the user initiating the authentication request, where the behavior information includes: requesting device identification, requesting IP address, etc. Such as: the server side can judge whether the user uses the common equipment or sends the identity authentication request at a common place or not according to the request equipment identification or the request IP address, if so, the server side can confirm that the user account has no risk, and if not, the server side can confirm that the user account has the risk. Of course, in practical applications, a person skilled in the art may also determine whether the user account is at risk in other manners, which is not limited in this application.
And 103, receiving feedback information returned by the user, and confirming that the user identity is legal when the feedback information is correct.
The server receives feedback information returned by the user based on the multiple verification modes, and judges whether the feedback information is correct, if the feedback information is correct, the identity of the user can be confirmed to be legal, for example: the user selects legal face pictures from a plurality of face pictures, the user selects legal audio from a plurality of audios and the like. If the feedback information is incorrect, it can be confirmed that the user identity is illegal.
The above description shows that after receiving an identity authentication request initiated by a user, the method and the device can extract a plurality of authentication modes from the authentication question-answer library corresponding to the user account information and send the authentication question-answer library to the user for authentication, and the method and the device adopt a multi-dimensional authentication mode, so that the security is good.
The implementation of the present application is described below with reference to specific embodiments.
The authentication method provided by the application can also comprise two processes, wherein one process is a process that the server side constructs a face picture authentication mode or an audio authentication mode before authentication is carried out; the other is the process of authentication of the user. These two processes are described separately below.
Fig. 2 is a schematic flow chart of a verification method for constructing a face picture according to an exemplary embodiment of the present application.
Referring to fig. 2, in an optional example of the present application, a process of constructing a face image verification method by a server may include the following steps:
step 201, receiving a legal face picture uploaded by a user with a legal identity.
In this embodiment, the user may upload a legal face picture when registering an account or modifying account information, for example: the user can take the head portrait photo of the user as the legal face photo to be uploaded to the server side.
Step 202, selecting an interference face picture for the legal face picture according to a face similarity algorithm.
Based on the step S201, after receiving the legal face picture uploaded by the user, the server may randomly select a plurality of candidate interference face pictures from a preset face picture library, and then respectively calculate the face similarity of the legal face picture and each candidate interference face picture according to a face similarity algorithm. The number of the selected alternative interference face pictures can be set by a developer, and the application is not particularly limited in this respect. The face similarity algorithm may adopt an SDM (supervisory drop Method) algorithm, an AAM (Active application Model) algorithm, an ASM (Active Shape Model) algorithm, and the like, which is not limited in this application.
After the face similarity between the legal face picture and the alternative interference face picture is obtained through calculation, a plurality of alternative interference face pictures with relatively small face similarity can be selected as the interference face pictures of the legal face picture according to the sequence from small face similarity to large face similarity. The number of the selected interference face pictures can also be set by a developer, for example: 20 or 30. According to the method and the device, the interference face picture with small face similarity with the legal face picture is selected, so that the problems that the interference face picture is too high in face similarity with the legal face picture to cause user confusion, user experience is reduced and the like can be avoided.
Fig. 3 is a flowchart illustrating a method for constructing an audio verification according to an exemplary embodiment of the present application.
Referring to fig. 3, in an alternative example of the present application, a process of the server building an audio verification method may include the following steps:
step 301, receiving a legal audio uploaded by a legal user.
In this embodiment, the user may upload legitimate audio when registering an account or modifying account information, such as: the user can record a piece of real audio of the user, and the real audio is taken as the legal audio to be uploaded to the server side.
Step 302, selecting an interfering audio for the legitimate audio according to an audio similarity algorithm.
Based on the foregoing step 301, after receiving the legal audio uploaded by the user, the server may randomly select a plurality of candidate interfering audios from a preset audio library, and then respectively calculate the audio similarity between the legal audio and each candidate audio according to an audio similarity calculation method. The number of the selected candidate interfering tones may be set by a developer, and the application is not particularly limited thereto.
After the audio similarity between the legal audio and the alternative interfering audio is obtained through calculation, a plurality of alternative interfering audios with relatively low audio similarity can be selected as the interfering audio of the legal audio according to the sequence of the audio similarity from small to small. The number of the selected interfering tones can also be set by a developer, for example: 20 or 30. In the method and the device, the interference audio with smaller audio similarity with the legal audio is selected, so that the problems that the user is confused, the user experience is reduced and the like caused by the fact that the similarity of the interference audio and the legal audio is too high can be avoided.
Fig. 4 is a flowchart illustrating an authentication method according to an exemplary embodiment of the present application.
Referring to fig. 4, the identity authentication method may be applied to a server, and includes the following steps:
step 401, receiving an authentication request initiated by a user, where the authentication request carries user account information of the user.
In this embodiment, the server receives an authentication request initiated by a user, where the authentication request may include: a login request, a login request with a forgotten password, a password reset request, etc. Such as: when the user forgets the login password of the user account, the button for forgetting the password can be clicked, and the server side is regarded as receiving the authentication request after receiving the instruction of clicking the button for forgetting the password by the user.
Step 402, extracting a plurality of face pictures from the verification question-answering library corresponding to the user account information for selection by the user.
In this step, the server may extract a plurality of face pictures including legal face pictures, so that the user may select the legal face pictures from the plurality of face pictures. The number of the face pictures extracted by the server can be set by developers, such as: the server side can extract 4 face pictures, the 4 face pictures comprise 1 legal face picture, the server side can also extract 6 face pictures, and the 6 face pictures comprise 2 legal face pictures and the like.
It can be understood that, in the present application, the process of extracting, by the server, a plurality of face pictures including a legal face picture is generally that the server sends the plurality of face pictures including the legal face picture to the terminal where the user sends an instruction for authentication, and the terminal displays the plurality of face pictures to the user for selection by the user and returns a result selected by the user to the server. In the present application, for convenience of explanation, the process of the server interacting with the terminal is omitted in the description.
Step 403, extracting multiple audios including legal audio from the verification question-answering library corresponding to the user account information for user selection.
In this embodiment, the server may extract a plurality of audios including legal audios, so that the user may select the legal audios from the plurality of audios. The amount of audio extracted by the server can also be set by a developer, such as: the server side extracts 4 audios, the 4 audios comprise 1 legal audio, the server side can also extract 6 audios, and the 6 audios comprise 2 legal audios and the like.
Step 404, extracting the verification questions based on the user historical behaviors from the verification question-answering library corresponding to the user account information for the user to answer.
In this embodiment, the server may further extract one or more verification questions based on the user's historical behavior for the user to answer. In order to avoid the potential safety hazard caused by the leakage of the personal information of the user, in this embodiment, the verification problem may be generated according to the service data of the user. The service data may be various data for the user to perform service operations, such as: the object, amount and frequency of the business operation performed by the user. The verification question may be "who is a buddy who frequently interacts with you for business", "what are items you have not purchased", etc. The verification problem is generated according to the service data of the user, and potential safety hazards caused by the fact that answers of the verification problem are leaked can be effectively avoided.
And step 405, receiving feedback information returned by the user.
Based on the foregoing steps 402 to 404, the server receives feedback information returned by the user, where the feedback information includes a selection or an answer result of the user based on the plurality of face pictures, the plurality of audios, and the one or more verification questions.
And 406, when the feedback information is correct, confirming that the user identity is legal.
In this step, the server verifies the feedback information. Specifically, the server side verifies whether the face picture selected by the user from the plurality of face pictures is a legal face picture, verifies whether the audio selected by the user from the plurality of audios is a legal audio, and verifies whether the one or more verification questions answered by the user are correct. And when the user selects that all the legal face pictures, all the legal audios and all the verification questions are answered correctly, confirming that the user identity is legal.
Optionally, in another example, when the server provides the user with a plurality of authentication questions, the server may confirm that the user identity is legal when a part of the authentication questions is answered correctly. Assuming that the server provides 5 authentication questions to the user, if the user answers 3 or more than 3 correct questions, the authentication of the passing authentication questions can be confirmed.
It should be noted that the present application does not limit the execution sequence of the foregoing steps 402 to 404, and in another example of the present application, the step 404 may be executed first, then the step 403 is executed, and finally the step 401 is executed.
The above description shows that after receiving an identity authentication request initiated by a user, the method and the device can extract multiple authentication modes from an authentication question-answer library corresponding to user account information and send the authentication question-answer library to the user for authentication, and the method and the device adopt a multi-dimensional authentication mode, so that the security is good. Meanwhile, the verification mode of biological characteristics such as face pictures, audio and the like is adopted, the memory of the user is easily aroused, and the usability is high.
Corresponding to the embodiment of the identity authentication method, the application also provides an embodiment of the identity authentication device.
The embodiment of the identity authentication device can be applied to a server. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. The software implementation is taken as an example, and as a device in a logical sense, a processor of a service end reads corresponding computer program instructions in a nonvolatile memory into a memory for operation. From a hardware aspect, as shown in fig. 5, the hardware structure diagram of the service end where the identity authentication device is located in the present application is shown, except for the processor, the memory, the network interface, and the nonvolatile memory shown in fig. 5, the service end where the device is located in the embodiment may also include other hardware according to the actual function of the service end, which is not described again.
Fig. 6 is a schematic structural diagram of an authentication apparatus according to an exemplary embodiment of the present application.
Referring to fig. 6, the multi-dimensional authentication apparatus 500 may include: a request receiving unit 501, an extraction transmitting unit 502, a validity confirming unit 503, a risk judging unit 504, a first constructing unit 505, and a second constructing unit 506.
The request receiving unit 501 receives an authentication request initiated by a user, where the authentication request carries user account information of the user;
the extracting and sending unit 502 extracts a plurality of verification methods from the verification question-answer library corresponding to the user account information, and sends the verification methods to the user for verification, where the plurality of verification methods includes at least two of the following: a face picture verification mode, an audio verification mode, a problem verification mode based on user historical behaviors, a fingerprint feature verification mode and an iris feature verification mode;
the validity confirming unit 503 receives the feedback information returned by the user, and confirms that the user identity is valid when the feedback information is correct.
The risk judgment unit 504 is configured to, after receiving an authentication request initiated by a user, judge whether a risk exists in the user account according to behavior information of the authentication request initiated by the user, and if so, invoke an extraction and transmission unit;
wherein the behavior information includes: requesting device identification, requesting IP address.
The first construction unit 505 receives a legal face picture uploaded by a user with a legal identity, and selects an interference face picture for the legal face picture according to a face similarity algorithm;
the face picture verification method comprises the following steps: one or more legal face pictures and one or more interference face pictures.
Optionally, the first constructing unit 505 calculates face similarity of the legal face picture and each candidate interference face picture respectively according to a face similarity algorithm; and selecting a preset number of alternative interference face pictures as the interference face pictures according to the sequence of the face similarity from small to large.
The second constructing unit 506 receives a legal audio uploaded by a user with a legal identity, and selects an interference audio for the legal audio according to an audio similarity algorithm;
the audio verification method comprises the following steps: one or more legitimate audios and one or more interfering audios.
Optionally, the second constructing unit 506 specifically and respectively calculates audio similarity between the legal audio and each alternative audio; and selecting a preset number of alternative interference audios as the interference audios according to the sequence of the audio similarity from small to large.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.
Claims (8)
1. An identity verification method, the method comprising:
receiving an identity authentication request initiated by a user, wherein the identity authentication request carries user account information of the user;
extracting multiple verification modes from a verification question-answer library corresponding to the user account information and sending the multiple verification modes to the user for verification, wherein the multiple verification modes comprise at least two of the following modes: a face picture verification mode, an audio verification mode, a problem verification mode based on user historical behaviors, a fingerprint feature verification mode and an iris feature verification mode;
receiving feedback information returned by the user, and confirming that the user identity is legal when the feedback information is correct;
the construction process of the face image verification mode comprises the following steps:
receiving a legal face picture uploaded by a user with a legal identity;
selecting an interference face picture for the legal face picture according to a face similarity algorithm;
the face picture verification method comprises the following steps: one or more legal face pictures and one or more interference face pictures;
the selecting of the interference face picture for the legal face picture comprises the following steps:
selecting a plurality of alternative interference face pictures from a preset face picture library;
respectively calculating the face similarity of the legal face picture and each alternative interference face picture according to a face similarity algorithm;
and selecting a preset number of alternative interference face pictures as the interference face pictures according to the sequence of the face similarity from small to large.
2. The method of claim 1, further comprising, after receiving a user-initiated authentication request:
judging whether the user account has risks according to the behavior information of the identity verification request initiated by the user, if so, extracting multiple verification modes from a verification question-answer library corresponding to the user account information and sending the verification modes to the user for verification;
wherein the behavior information includes: requesting device identification, requesting IP address.
3. The method according to claim 1, wherein the audio verification mode is constructed by:
receiving legal audio uploaded by a user with a legal identity;
selecting an interfering audio for the legitimate audio according to an audio similarity algorithm;
the audio verification method comprises the following steps: one or more legitimate audios and one or more interfering audios.
4. The method of claim 3, wherein selecting the interfering tone for the legitimate tone comprises:
respectively calculating the audio similarity of the legal audio and each alternative audio;
and selecting a preset number of alternative interference audios as the interference audios according to the sequence of the audio similarity from small to large.
5. An authentication apparatus, the apparatus comprising:
the system comprises a request receiving unit, a verification unit and a verification unit, wherein the request receiving unit is used for receiving an identity verification request initiated by a user, and the identity verification request carries user account information of the user;
the extraction and sending unit is used for extracting a plurality of verification modes from a verification question-answer library corresponding to the user account information and sending the verification modes to the user for verification, wherein the plurality of verification modes comprise at least two of the following modes: a face picture verification mode, an audio verification mode, a problem verification mode based on user historical behaviors, a fingerprint feature verification mode and an iris feature verification mode;
the legality confirming unit is used for receiving feedback information returned by the user and confirming that the user identity is legal when the feedback information is correct;
the first construction unit is used for receiving a legal face picture uploaded by a user with a legal identity and selecting an interference face picture for the legal face picture according to a face similarity algorithm;
the face picture verification method comprises the following steps: one or more legal face pictures and one or more interference face pictures;
the first construction unit specifically selects a plurality of alternative interference face pictures from a preset face picture library; respectively calculating the face similarity of the legal face picture and each alternative interference face picture according to a face similarity algorithm; and selecting a preset number of alternative interference face pictures as the interference face pictures according to the sequence of the face similarity from small to large.
6. The apparatus of claim 5, further comprising:
the risk judgment unit is used for judging whether the user account has risks or not according to the behavior information of the identity authentication request initiated by the user after receiving the identity authentication request initiated by the user, and if so, the extraction and sending unit is called;
wherein the behavior information includes: requesting device identification, requesting IP address.
7. The apparatus of claim 5, further comprising:
the second construction unit is used for receiving legal audio uploaded by a user with a legal identity and selecting interference audio for the legal audio according to an audio similarity algorithm;
the audio verification method comprises the following steps: one or more legitimate audios and one or more interfering audios.
8. The apparatus of claim 7,
the second construction unit specifically calculates the audio similarity of the legal audio and each alternative audio respectively; and selecting a preset number of alternative interference audios as the interference audios according to the sequence of the audio similarity from small to large.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010048945.6A CN111241517B (en) | 2015-08-07 | 2015-08-07 | Method and device for constructing biological feature verification question-answer library |
| CN201510484947.9A CN106453209B (en) | 2015-08-07 | 2015-08-07 | Identity verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510484947.9A CN106453209B (en) | 2015-08-07 | 2015-08-07 | Identity verification method and device |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010048945.6A Division CN111241517B (en) | 2015-08-07 | 2015-08-07 | Method and device for constructing biological feature verification question-answer library |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106453209A CN106453209A (en) | 2017-02-22 |
| CN106453209B true CN106453209B (en) | 2020-01-21 |
Family
ID=58093108
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010048945.6A Active CN111241517B (en) | 2015-08-07 | 2015-08-07 | Method and device for constructing biological feature verification question-answer library |
| CN201510484947.9A Active CN106453209B (en) | 2015-08-07 | 2015-08-07 | Identity verification method and device |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010048945.6A Active CN111241517B (en) | 2015-08-07 | 2015-08-07 | Method and device for constructing biological feature verification question-answer library |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN111241517B (en) |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106911725B (en) * | 2017-05-02 | 2021-03-26 | 北京汇通金财信息科技有限公司 | Multi-factor authentication method and device |
| CN107742068A (en) * | 2017-09-01 | 2018-02-27 | 中国科学院信息工程研究所 | A kind of implicit identity authorization system of the multi-source of smart machine and method |
| CN107846393B (en) * | 2017-09-11 | 2020-01-14 | 阿里巴巴集团控股有限公司 | Real person authentication method and device |
| CN107994994A (en) * | 2017-11-24 | 2018-05-04 | 深圳中兴网信科技有限公司 | Image authentication code verification method, system, server and terminal |
| CN109840406B (en) * | 2017-11-29 | 2022-05-17 | 百度在线网络技术(北京)有限公司 | Living body verification method and device and computer equipment |
| CN109978557A (en) * | 2017-12-27 | 2019-07-05 | 金联汇通信息技术有限公司 | Method, system and the method for membership's verifying of member registration |
| CN108173864B (en) * | 2017-12-29 | 2020-12-15 | 咪咕文化科技有限公司 | Information verification mode adjusting method and device and storage medium |
| CN108429745B (en) * | 2018-03-05 | 2021-08-10 | 广州杰赛科技股份有限公司 | Login authentication method and system, and webpage login method and system |
| CN109165328A (en) * | 2018-07-27 | 2019-01-08 | 阿里巴巴集团控股有限公司 | A kind of method for authenticating user identity and device |
| CN109784031B (en) * | 2018-12-14 | 2021-08-17 | 奇安信科技集团股份有限公司 | Account identity verification processing method and device |
| CN109858210A (en) * | 2019-01-07 | 2019-06-07 | 平安科技(深圳)有限公司 | Information Authentication method, apparatus, computer equipment and storage medium |
| CN111669404A (en) * | 2020-06-24 | 2020-09-15 | 深圳前海微众银行股份有限公司 | Verification method and device for digital certificate installation |
| CN111784355B (en) * | 2020-07-17 | 2023-03-10 | 支付宝(杭州)信息技术有限公司 | Transaction security verification method and device based on edge calculation |
| CN112699348A (en) * | 2020-12-25 | 2021-04-23 | 中国平安人寿保险股份有限公司 | Method and device for verifying nuclear body information, computer equipment and storage medium |
| CN112990051A (en) * | 2021-03-26 | 2021-06-18 | 国网河北省电力有限公司信息通信分公司 | Auxiliary authentication method and device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101291225A (en) * | 2007-04-27 | 2008-10-22 | 丁洪涛 | Authentication method adopting complex cryptographic technique |
| CN101697514A (en) * | 2009-10-22 | 2010-04-21 | 中兴通讯股份有限公司 | Method and system for identity authentication |
| CN104468101A (en) * | 2013-09-12 | 2015-03-25 | 深圳市腾讯计算机系统有限公司 | User identity authentication method and device and authentication service system |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002109541A (en) * | 2000-09-28 | 2002-04-12 | Institute Of Tsukuba Liaison Co Ltd | Comparison/authentication device of image and its method |
| JP2003006167A (en) * | 2001-06-25 | 2003-01-10 | Sharp Corp | Question-and-answer type authenticating device |
| CN100483996C (en) * | 2005-05-20 | 2009-04-29 | 北京金山软件有限公司 | Method for authentication of identity of network user |
| JP2011516966A (en) * | 2008-04-02 | 2011-05-26 | グーグル インコーポレイテッド | Method and apparatus for incorporating automatic face recognition in a digital image collection |
| CN101770613A (en) * | 2010-01-19 | 2010-07-07 | 北京智慧眼科技发展有限公司 | Social insurance identity authentication method based on face recognition and living body detection |
| CN101867475B (en) * | 2010-05-27 | 2013-04-24 | 华为终端有限公司 | Access authentication method and related device of remote control terminal service and communication system |
| CN102438024A (en) * | 2012-01-05 | 2012-05-02 | 重庆大学 | Voice verification method based on nonlinguistic characteristics |
| CN103426191B (en) * | 2012-05-26 | 2016-04-27 | 百度在线网络技术(北京)有限公司 | A kind of picture mask method and system |
| US9632574B2 (en) * | 2012-10-31 | 2017-04-25 | Sony Corporation | Device and method for authenticating a user |
-
2015
- 2015-08-07 CN CN202010048945.6A patent/CN111241517B/en active Active
- 2015-08-07 CN CN201510484947.9A patent/CN106453209B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101291225A (en) * | 2007-04-27 | 2008-10-22 | 丁洪涛 | Authentication method adopting complex cryptographic technique |
| CN101697514A (en) * | 2009-10-22 | 2010-04-21 | 中兴通讯股份有限公司 | Method and system for identity authentication |
| CN104468101A (en) * | 2013-09-12 | 2015-03-25 | 深圳市腾讯计算机系统有限公司 | User identity authentication method and device and authentication service system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111241517A (en) | 2020-06-05 |
| CN111241517B (en) | 2023-10-27 |
| CN106453209A (en) | 2017-02-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106453209B (en) | Identity verification method and device | |
| CN106453205B (en) | identity verification method and device | |
| AU2017203608B2 (en) | Mobile human challenge-response test | |
| US8990909B2 (en) | Out-of-band challenge question authentication | |
| US9979721B2 (en) | Method, server, client and system for verifying verification codes | |
| US9356930B2 (en) | Secure randomized input | |
| US20180253542A1 (en) | Variation Analysis-Based Public Turing Test to Tell Computers and Humans Apart | |
| CN105141427B (en) | A kind of login authentication method, apparatus and system based on Application on Voiceprint Recognition | |
| EP3211825B1 (en) | Trusted terminal verification method and apparatus | |
| TW201322158A (en) | Providing verification of user identification information | |
| US10296733B2 (en) | Access code obfuscation using speech input | |
| WO2017076186A1 (en) | Sliding verification method and apparatus for handheld mobile device | |
| CN106790129A (en) | A kind of identity authentication method and device | |
| CN106469261A (en) | A kind of auth method and device | |
| CN112187702A (en) | Method and device for verifying client | |
| CN105337739B (en) | Safe login method, device, server and terminal | |
| CN110120928A (en) | A kind of identity authentication method, device, server and computer-readable medium | |
| CN112507316A (en) | User verification method and device, readable storage medium and electronic equipment | |
| EP3118760B1 (en) | Authentication information management system, authentication information management device, program, recording medium, and authentication information management method | |
| CN104079527A (en) | Information processing method and electronic equipment | |
| CN107231358B (en) | Questionnaire data acquisition method, server and mobile terminal | |
| CN104980279A (en) | Identity authentication method, and related equipment and system | |
| CN106888207A (en) | Authentication method, system and SIM | |
| CN106878018B (en) | Operation verification method and device | |
| WO2023092345A1 (en) | Identity authentication method and apparatus, and terminal, storage medium and program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200918 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Patentee after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Patentee before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20200918 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Patentee after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Patentee before: Alibaba Group Holding Ltd. |
|
| TR01 | Transfer of patent right |