CN106570384B - A kind of identity verification method and device - Google Patents

A kind of identity verification method and device Download PDF

Info

Publication number
CN106570384B
CN106570384B CN201510645109.5A CN201510645109A CN106570384B CN 106570384 B CN106570384 B CN 106570384B CN 201510645109 A CN201510645109 A CN 201510645109A CN 106570384 B CN106570384 B CN 106570384B
Authority
CN
China
Prior art keywords
attribute information
identity attribute
identity
security
secure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510645109.5A
Other languages
Chinese (zh)
Other versions
CN106570384A (en
Inventor
郑丹丹
林述明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201510645109.5A priority Critical patent/CN106570384B/en
Publication of CN106570384A publication Critical patent/CN106570384A/en
Application granted granted Critical
Publication of CN106570384B publication Critical patent/CN106570384B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • G06F21/335User authentication using certificates for accessing specific resources, e.g. using Kerberos tickets

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

This application involves information discriminating technology field more particularly to a kind of identity verification method and devices, and to solve the problems, such as existing identity verification method, there is be limited to identification card number matching.Identity verification method provided by the embodiments of the present application includes: to receive multiple identity attribute information of user's input;Configure at least one identity attribute information aggregate, and the subscriber identity information library based on storage, the each identity attribute information belonged in same identity attribute information aggregate is bound together and carries out the first safety detection, obtains the safety loading coefficient of each identity attribute information aggregate;And the subscriber identity information library based on storage, the second safety detection is individually carried out at least one identity attribute information in multiple identity attribute information, obtains the risk property coefficient of each identity attribute information;The risk property coefficient of safety loading coefficient and each identity attribute information based on obtained each identity attribute information aggregate determines the result that identity verification is carried out to user.

Description

A kind of identity verification method and device
Technical field
This application involves information identification field more particularly to a kind of identity verification method and devices.
Background technique
With the rapid development of Internet information technique, each service side provides business by network Development user, for user It becomes increasingly prevalent.But by network Development user, provide business for user during, each universal face of service side Face the authenticity that can not judge user identity, that is, whether the identity information that can not judge user's input is the true of the user Whether effectively real information (such as identity information, the information for whether having falsely used other people etc.), often face so as to cause business service The problem of various risks.
Currently, judging user information authenticity, it is mainly based upon the identification card number of user's input, is looked into identity information library Look for the other information for matching the identification card number, and judge the other information that finds and user's input corresponding informance whether one Cause, for example whether name, cell-phone number etc. consistent, if unanimously, then it is assumed that the identity information of user input be it is true, otherwise, Think that the identity information of user input is false.But in actual implementation, the user stored in identity information library believes Breath is much not the information of system of real name user, for example, only storing its cell-phone number, register account number, the pet name for many users Deng, can not match user input identification card number when, also can not just be obtained from identity information library corresponding with the identification card number Other information, and then can not to the user carry out identity verification.
As it can be seen that there is centainly restricted in existing identity verification method, in the identification card number that can not match user's input In the case where, it will be unable to carry out identity verification to the user.
Summary of the invention
The embodiment of the present application provides a kind of identity verification method and device, exists to solve existing identity verification method Certain is restricted, in the case where that can not match the identification card number of user's input, will be unable to carry out identity verification to the user The problem of.
The embodiment of the present application provides a kind of identity verification method, comprising:
Receive multiple identity attribute information of user's input;
Based on the multiple identity attribute information, at least one identity attribute information aggregate, and the use based on storage are configured The each identity attribute information belonged in same identity attribute information aggregate is bound together carry out first by family identity information library Safety detection obtains the safety loading coefficient of each identity attribute information aggregate at least one described identity attribute information aggregate; Wherein, identity attribute information is contained at least two in each identity attribute information aggregate;And
At least one identity attribute in the multiple identity attribute information is believed in subscriber identity information library based on storage Breath individually carries out the second safety detection, obtains the wind of each identity attribute information at least one described identity attribute information Dangerous coefficient;
Safety based on each identity attribute information aggregate at least one identity attribute information aggregate described in obtaining The risk property coefficient of each identity attribute information in coefficient and at least one described identity attribute information is determined to the user Carry out the result of identity verification.
Optionally, first safety detection includes that the first validation checking and/or first emit expenditure detection;Wherein, institute It states safety loading coefficient and is positively correlated with the result for carrying out first validation checking, emit expenditure detection with carrying out described first As a result negatively correlated;Second safety detection includes that the second validation checking and/or second emit expenditure detection;Wherein, described Risk property coefficient is positively correlated with the result for carrying out second validation checking, after emitting expenditure detection with progress described second As a result it is positively correlated.
Optionally, the subscriber identity information library based on storage, at least one in the multiple identity attribute information A identity attribute information individually carries out the second safety detection, obtains each identity at least one described identity attribute information The risk property coefficient of attribute information, comprising:
Subscriber identity information library based on storage, to each identity attribute information in the multiple identity attribute information point The second safety detection is not carried out not individually, obtains the risk system of each identity attribute information in the multiple identity attribute information Number;
The peace based on each identity attribute information aggregate at least one identity attribute information aggregate described in obtaining The risk property coefficient of each identity attribute information in full property coefficient and at least one described identity attribute information is determined to described The result of user's progress identity verification, comprising:
Based on the safety loading coefficient of obtained each identity attribute information aggregate, from the identity attribute information aggregate of configuration In, each secure identity attribute information set is determined, wherein the safety loading coefficient of each secure identity attribute information set is greater than Given threshold;
From the multiple identity attribute information that user inputs, determining each secure identity attribute information set is removed Corresponding identity attribute information obtains each non-security identity attribute information;
From the risk property coefficient of identity attribute information each in the multiple identity attribute information, each non-peace is found The risk property coefficient of whole body part attribute information;
Safety loading coefficient and each non-security identity attribute information based on each secure identity attribute information set Risk property coefficient determines the result that identity verification is carried out to the user.
Optionally, the subscriber identity information library based on storage, at least one in the multiple identity attribute information A identity attribute information individually carries out the second safety detection, comprising:
Based on the safety loading coefficient of obtained each identity attribute information aggregate, from the identity attribute information aggregate of configuration In, each secure identity attribute information set is determined, wherein the safety loading coefficient of each secure identity attribute information set is greater than Given threshold;
From the multiple identity attribute information that user inputs, determining each secure identity attribute information set is removed The identity attribute information for being included obtains each non-security identity attribute information, believes obtained each non-security identity attribute Breath individually carries out the second safety detection;
The wind of the safety loading coefficient based on obtained each identity attribute information aggregate and each identity attribute information Dangerous coefficient determines the result that identity verification is carried out to the user, comprising:
Safety loading coefficient and each non-security identity attribute information based on each secure identity attribute information set Risk property coefficient determines the result that identity verification is carried out to the user.
Optionally, the safety loading coefficient and each non-security body based on each secure identity attribute information set The risk property coefficient of part attribute information, determines the result that identity verification is carried out to the user, comprising:
Safety loading coefficient based on each secure identity attribute information set and be each secure identity attribute information set The different degree of setting determines the safe score of each secure identity attribute information set;And
Risk property coefficient based on each non-security identity attribute information and be each non-security identity attribute information setting Different degree, determine the non-security score value of each non-security identity attribute information;
Safe score and each non-security identity attribute information based on determining each secure identity attribute information set Non-security score value, determine to the user carry out identity verification result.
Optionally, the safety loading coefficient based on each secure identity attribute information set and be each secure identity category Property information aggregate setting different degree, determine the safe score of each secure identity attribute information set, comprising:
For each secure identity attribute information set, by the safety loading coefficient of the secure identity attribute information set and again The product after being multiplied is spent, the safe score of the secure identity attribute information set is determined as;
Risk property coefficient based on each non-security identity attribute information and be each non-security identity attribute information setting Different degree, determine the non-security score value of each non-security identity attribute information, comprising:
For each non-security identity attribute information, by the risk property coefficient and different degree of the non-security identity attribute information Product after multiplication is determined as the non-security score value of the non-security identity attribute information.
Optionally, the safe score based on determining each secure identity attribute information set and each non-security identity The non-security score value of attribute information determines the result that identity verification is carried out to the user, comprising:
The safe score of determining each secure identity attribute information set is added, first and value are obtained;And
The non-security score value of each of determining non-security identity attribute information is added, second and value are obtained;
By described first and value with described second and value difference, be determined as to the user progress identity verification after body Part confidence level score value.
Optionally, each identity attribute information aggregate of configuration includes two identity attribute information;Alternatively,
There are many identity attribute information aggregate, every kind of identity attribute information aggregate corresponds to a kind of identity attribute information for configuration Number;Wherein, every two identity attribute information at most belongs to a secure identity attribute information set.
The embodiment of the present application provides a kind of identity verification device, comprising:
Receiving module, for receiving multiple identity attribute information of user's input;
First detection module configures at least one identity attribute information collection for being based on the multiple identity attribute information It closes, and the subscriber identity information library based on storage, each identity attribute information that will belong in same identity attribute information aggregate It binds together and carries out the first safety detection, obtain each identity attribute information at least one described identity attribute information aggregate The safety loading coefficient of set;Wherein, identity attribute information is contained at least two in each identity attribute information aggregate;And
Second detection module, for the subscriber identity information library based on storage, in the multiple identity attribute information At least one identity attribute information individually carries out the second safety detection, obtains every at least one described identity attribute information The risk property coefficient of a identity attribute information;
Determining module, for based on each identity attribute information at least one identity attribute information aggregate described in obtaining The risk property coefficient of each identity attribute information in the safety loading coefficient of set and at least one described identity attribute information, really The fixed result that identity verification is carried out to the user.
The basic thought of the embodiment of the present application is, respectively to the identity attribute information of user's input carry out detection bonded and Single detection is detected with individually detecting based on bonded as a result, to determine to user's progress identity verification as a result, to not It will receive the limitation that must match this scene of identification card number, expand usage scenario;Also, the embodiment of the present application is sufficiently sharp With the associate feature and autonomous behavior of various identity attribute information, subscriber identity information can be relatively accurately detected Authenticity.
Detailed description of the invention
Fig. 1 is the identity verification method flow diagram that the embodiment of the present application one provides;
Fig. 2 is the identity verification method flow diagram that the embodiment of the present application two provides;
Fig. 3 is that the result after carrying out the first safety detection and the second safety detection shows schematic diagram;
Fig. 4 is the identity verification method flow diagram that the embodiment of the present application three provides;
Fig. 5 is the identity verification apparatus structure schematic diagram that the embodiment of the present application four provides.
Specific embodiment
The basic thought of the embodiment of the present application is, respectively to the identity attribute information of user's input carry out detection bonded and Single detection is detected with individually detecting based on bonded as a result, to determine the result for carrying out identity verification to user.For example, If being used repeatedly by same user security simultaneously before multiple identity attribute information of an identity attribute information aggregate, say The safety of this bright identity attribute information aggregate is higher namely authenticity is higher;And for single identity attribute information, if In identity information library, the corresponding letter of the other information of the secured user to match with the identity attribute information and user input Cease it is inconsistent (for example, in identity information library, name corresponding with the identification card number of user's input is A1, cell-phone number B1, and The name that user actually enters is A2, cell-phone number B2), then illustrate that a possibility that identity attribute information is falsely used is very big.
The embodiment of the present application is based on above-mentioned thought, proposes following technical scheme.With reference to the accompanying drawings of the specification to this Shen Please embodiment be described in further detail.
Embodiment one
As shown in Figure 1, the identity verification method flow diagram provided for the embodiment of the present application one, comprising the following steps:
S101: multiple identity attribute information of user's input are received.
Here, multiple identity attribute information of user's input may include: identification card number, name, cell-phone number, address, postal Case, address etc..
S102: being based on the multiple identity attribute information, configures at least one identity attribute information aggregate, and based on storage Subscriber identity information library, each identity attribute information belonged in same identity attribute information aggregate is bound together into progress First safety detection obtains the safety system of each identity attribute information aggregate at least one described identity attribute information aggregate Number;Wherein, identity attribute information is contained at least two in each identity attribute information aggregate.
In specific implementation, by multiple identity attribute information configurations of user's input at multiple identity attribute information aggregates, Each identity attribute information in each identity attribute information aggregate is bound together and carries out the first safety detection, that is, logical It crosses from subscriber identity information library, searches existing each identity attribute information matches with the identity attribute information aggregate Same user information, the first safety detection of Lai Jinhang, here, the first safety detection may include the first validation checking And/or first emit expenditure detection;Wherein, the result of the safety loading coefficient and progress first validation checking is in positive It closes, the result for emitting expenditure detection with progress described first is negatively correlated.For example, being matched if it exists with the identity attribute information aggregate Same user information, and from these information it can be concluded that the identity attribute information aggregate is made within nearest a period of time The frequency is higher, it can be deduced that the validity of the identity attribute information aggregate is higher, then to the identity attribute information aggregate into The safety loading coefficient obtained after the first safety detection of row is higher, on the contrary, matched with the identity attribute information aggregate if it does not exist The information of same user, then it is assumed that the validity of the identity attribute information aggregate is lower, then to the identity attribute information aggregate into The safety loading coefficient obtained after the first safety detection of row is lower;It for another example, include mailbox, surname in the identity attribute information aggregate Name, and the information in identity-based information bank is it is found that the critical field in the mailbox is by the shared field used of multiple mailboxes (for example mailbox is AAA4, and the mailbox of AAA1, AAA2, AAA3 are had recorded in identity information library), name is the folded word of not surname (for example be joyous joyous), then illustrate the identity attribute information aggregate to emit expenditure higher, then the identity attribute information aggregate is carried out The safety loading coefficient obtained after first safety detection is lower.
S103: the subscriber identity information library based on storage, at least one identity in the multiple identity attribute information Attribute information individually carries out the second safety detection, obtains each identity attribute letter at least one described identity attribute information The risk property coefficient of breath.
In specific implementation, the second safety detection carried out respectively to single identity attribute information, the second safety detection can be with Expenditure detection is emitted including the second validation checking and/or second;Wherein, the risk property coefficient and progress second validity The result of detection is positively correlated, and is positively correlated with the result that described second emits after expenditure detection is carried out;For example, detecting some body The frequency that part attribute information is used recently is higher, then illustrates that the validity of the identity attribute information is higher;But it is based on the identity Attribute information, what the other information corresponding with the identity attribute information found in identity information library was all inputted with user Corresponding informance is inconsistent, then it is assumed that the identity attribute information to emit expenditure higher.For example, detecting use in identity information library The identification card number that family 1 inputs is frequently used always recently, still, recording in identity information library, use the identification card number User 2 used in the name, the shipping address that are inputted with user 1 such as name, shipping address etc. it is inconsistent, then illustrate user 1 The identification card number of user 2 is probably falsely used, then it is assumed that the risk property coefficient of the identity attribute information is higher.
S104: the peace based on each identity attribute information aggregate at least one identity attribute information aggregate described in obtaining The risk property coefficient of each identity attribute information in full property coefficient and at least one described identity attribute information is determined to described The result of user's progress identity verification.
For example, being subtracted each single after being directly added the safety loading coefficient of each secure identity attribute information set The risk property coefficient of identity attribute information obtains carrying out user the identity confidence level score value after identity verification, other preferred Embodiment is specifically shown in the explanation of following example.
It in specific implementation, can directly using confidence level score value as the output of the result of identity verification, (for example notice be to being asked Ask obtain the confidence level score value service side), can also be based on the identity confidence level score value, determine carry out identity verification behind to User's as a result, such as authentication passes through, authentication does not pass through, and refuses the service request of user, in addition to this, it is also possible to It can be directly based upon the identity attribute information of user's input, confirmation user inputs information format mistake or loss of learning etc., and will be true The result recognized is prompted to user.
Embodiment two
As shown in Fig. 2, the identity verification method flow diagram provided for the embodiment of the present application two, comprising the following steps:
S201: multiple identity attribute information of user's input are received.
S202: being based on the multiple identity attribute information, configures at least one identity attribute information aggregate, and based on storage Subscriber identity information library, each identity attribute information belonged in same identity attribute information aggregate is bound together into progress First safety detection obtains the safety system of each identity attribute information aggregate at least one described identity attribute information aggregate Number;Wherein, identity attribute information is contained at least two in each identity attribute information aggregate.
S203: the subscriber identity information library based on storage, to each identity attribute in the multiple identity attribute information Information individually carries out the second safety detection, obtains the risk of each identity attribute information in the multiple identity attribute information Property coefficient.
S204: the safety loading coefficient based on obtained each identity attribute information aggregate, from the identity attribute information of configuration In set, each secure identity attribute information set is determined, wherein the safety loading coefficient of each secure identity attribute information set Greater than given threshold.
In specific implementation, there are two types of modes for configuration identity attribute information aggregate:
Mode one: configuring each identity attribute information aggregate includes two identity attribute information;
In this manner, the first safety detection is carried out respectively to each identity attribute information aggregate, as to each body Part attribute information carries out detection bonded two-by-two, and each identity attribute information aggregate is an identity attribute information pair.Such as Fig. 3 It is shown, schematic diagram is shown to carry out the result after the first safety detection and the second safety detection, and in figure, user A carries out the first peace The secure identity attribute information set that full inspection obtains after surveying is relatively more, and user B is secondly, user C is minimum, and there are two in user C Identity attribute information is not present in any secure identity attribute information set, belongs to non-security identity attribute information.In figure Connecting line between two identity attribute information indicates that the two identity attribute information form a secure identity attribute information collection It closes, the number on line represents the safety loading coefficient of the secure identity attribute information set, beside single identity attribute information The risk property coefficient of the digital representation identity attribute information.
Mode two: configuring a variety of identity attribute information aggregates, and every kind of identity attribute information aggregate corresponds to a kind of identity attribute Information number;Wherein, every two identity attribute information at most belongs to a secure identity attribute information set.
In order to meet the condition that every two identity attribute information at most belongs to a secure identity attribute information set, It, can be using one of following manner when concrete configuration identity attribute information aggregate and determining secure identity attribute information set:
1) it, is directed to each identity attribute information number, execute respectively: multiple identity attribute information based on acquisition are matched Set each identity attribute information aggregate under this kind of identity attribute information number;For every kind of identity attribute information aggregate, respectively First information safety detection is carried out to wherein each identity attribute information aggregate, obtains each first secure identity attribute information Set;From obtained each first secure identity attribute information set, according to comprising identity attribute information number by greatly to Small sequence successively filters out every kind of second secure identity attribute information set, so that each second secure identity filtered out In attribute information set, every two identity attribute information at most belongs to a second secure identity attribute information set, will sieve The the second secure identity attribute information set selected is as each secure identity attribute information set finally determined.
Alternatively, using:
2), to comprising identity attribute information number be N identity attribute information aggregate carry out first information safety inspection It surveys, obtains each secure identity attribute information set that identity attribute information number is N, N is the positive integer more than or equal to 3; Based on each identity attribute information for being not belonging to any secure identity attribute information set, the identity attribute information for including is configured Number is the identity attribute information aggregate of N-1, obtains each secure identity attribute information collection that identity attribute information number is N-1 Close, and after N is updated to N-1, return to comprising identity attribute information number be N identity attribute information aggregate carry out first The step of information security detects.
S205: from the multiple identity attribute information that user inputs, determining each secure identity attribute letter is removed The corresponding identity attribute information of breath set, obtains each non-security identity attribute information;From the multiple identity attribute information In each identity attribute information risk property coefficient in, find the risk property coefficient of each non-security identity attribute information.
S206: safety loading coefficient and each non-security identity attribute based on each secure identity attribute information set The risk property coefficient of information determines the result that identity verification is carried out to the user.
In specific implementation, in addition to safety loading coefficient and risk property coefficient, it is also contemplated that different identity attribute information collection The different degree of conjunction and identity attribute information, for example, identification card number is since with uniqueness, different degree is than name, cell-phone number Etc. identity attributes information different degree it is high, for another example, identity attribute information aggregate identification card number+name different degree is higher than account Number+different degree of mailbox.
It in specific implementation, can safety loading coefficient based on each secure identity attribute information set and be each safety The different degree of identity attribute information aggregate setting, determines the safe score of each secure identity attribute information set (for example, being directed to Each secure identity attribute information set, after the safety loading coefficient of the secure identity attribute information set is multiplied with different degree Product is determined as the safe score of the secure identity attribute information set);And based on each non-security identity attribute information Risk property coefficient and the different degree being arranged for each non-security identity attribute information, determine each non-security identity attribute information Non-security score value is (for example, be directed to each non-security identity attribute information, by the risk property coefficient of the non-security identity attribute information Product after being multiplied with different degree is determined as the non-security score value of the non-security identity attribute information);Based on determining each peace The non-security score value of the safe score of whole body part attribute information set and each non-security identity attribute information is determined to described The result of user's progress identity verification.
It is possible to further which the safe score of each secure identity attribute information set determined to be added, first is obtained And value;And be added the non-security score value of each of determining non-security identity attribute information, obtain second and value;By described first With value and described second and the difference of value, it is determined as carrying out the user identity confidence level score value after identity verification.
In specific implementation, above-described embodiment two can be used, second is carried out respectively to each identity attribute information first Safety detection obtains each risk property coefficient, then, each from what is obtained after determining each non-security identity attribute information The risk property coefficient of each non-security identity attribute information is found out in a risk property coefficient;Alternatively, following realities can also be used Example three is applied, the safety loading coefficient of each identity attribute information aggregate is primarily based on, determines each secure identity attribute information set, It is then right using the identity attribute information not within each secure identity attribute information set as non-security identity attribute information Each non-security identity attribute information carries out the second safety detection respectively, obtains the risk of each non-security identity attribute information Coefficient.
Following embodiments three are approximate with the specific implementation of embodiment two or overlaps will not be repeated.
Embodiment three
As shown in figure 4, the identity verification method flow diagram provided for the embodiment of the present application three, comprising the following steps:
S401: multiple identity attribute information of user's input are received.
S402: being based on the multiple identity attribute information, configures at least one identity attribute information aggregate, and based on storage Subscriber identity information library, each identity attribute information belonged in same identity attribute information aggregate is bound together into progress First safety detection obtains the safety system of each identity attribute information aggregate at least one described identity attribute information aggregate Number;Wherein, identity attribute information is contained at least two in each identity attribute information aggregate.
S403: the safety loading coefficient based on obtained each identity attribute information aggregate, from the identity attribute information of configuration In set, each secure identity attribute information set is determined, wherein the safety loading coefficient of each secure identity attribute information set Greater than given threshold.
S404: from the multiple identity attribute information that user inputs, determining each secure identity attribute letter is removed Breath gathers included identity attribute information, each non-security identity attribute information is obtained, to obtained each non-security identity Attribute information individually carries out the second safety detection.
S405: safety loading coefficient based on each secure identity attribute information set and be each secure identity attribute information The different degree for gathering setting, determines the safe score of each secure identity attribute information set;And it is based on each non-security identity The risk property coefficient of attribute information and the different degree being arranged for each non-security identity attribute information, determine each non-security identity The non-security score value of attribute information.
S406: safe score and each non-security identity category based on determining each secure identity attribute information set Property information non-security score value, determine to the user carry out identity verification result.
Here it is possible to which the safe score of determining each secure identity attribute information set is added, first and value are obtained; And be added the non-security score value of each of determining non-security identity attribute information, obtain second and value;By described first and value With described second and the difference of value, it is determined as carrying out the user identity confidence level score value after identity verification.
Based on the same inventive concept, a kind of identity core corresponding with identity verification method is additionally provided in the embodiment of the present application Actual load is set, since the principle that the device solves the problems, such as is similar to the embodiment of the present application identity verification method, the reality of the device The implementation for the method for may refer to is applied, overlaps will not be repeated.
Example IV
As shown in figure 5, the identity verification apparatus structure schematic diagram provided for the embodiment of the present application four, comprising:
Receiving module 51, for receiving multiple identity attribute information of user's input;
First detection module 52 configures at least one identity attribute information for being based on the multiple identity attribute information Set, and the subscriber identity information library based on storage believe each identity attribute belonged in same identity attribute information aggregate Breath, which is bound together, carries out the first safety detection, obtains each identity attribute letter at least one described identity attribute information aggregate Cease the safety loading coefficient of set;Wherein, identity attribute information is contained at least two in each identity attribute information aggregate;And
Second detection module 53, for the subscriber identity information library based on storage, in the multiple identity attribute information At least one identity attribute information individually carry out the second safety detection, obtain at least one described identity attribute information The risk property coefficient of each identity attribute information;
Determining module 54, for based on identity attribute letter each at least one identity attribute information aggregate described in obtaining The risk property coefficient of each identity attribute information in the safety loading coefficient and at least one described identity attribute information of set is ceased, Determine the result that identity verification is carried out to the user.
Optionally, first safety detection includes that the first validation checking and/or first emit expenditure detection;Wherein, institute It states safety loading coefficient and is positively correlated with the result for carrying out first validation checking, emit expenditure detection with carrying out described first As a result negatively correlated;Second safety detection includes that the second validation checking and/or second emit expenditure detection;Wherein, described Risk property coefficient is positively correlated with the result for carrying out second validation checking, after emitting expenditure detection with progress described second As a result it is positively correlated.
Optionally, second detection module 53 is specifically used for:
Subscriber identity information library based on storage, to each identity attribute information in the multiple identity attribute information point The second safety detection is not carried out not individually, obtains the risk system of each identity attribute information in the multiple identity attribute information Number;
The determining module 54 is specifically used for:
Based on the safety loading coefficient of obtained each identity attribute information aggregate, from the identity attribute information aggregate of configuration In, each secure identity attribute information set is determined, wherein the safety loading coefficient of each secure identity attribute information set is greater than Given threshold;From the multiple identity attribute information that user inputs, determining each secure identity attribute information collection is removed Corresponding identity attribute information is closed, each non-security identity attribute information is obtained;It is every from the multiple identity attribute information In the risk property coefficient of a identity attribute information, the risk property coefficient of each non-security identity attribute information is found;Based on each The risk property coefficient of the safety loading coefficient of a secure identity attribute information set and each non-security identity attribute information, really The fixed result that identity verification is carried out to the user.
Optionally, second detection module 53 is specifically used for:
Based on the safety loading coefficient of obtained each identity attribute information aggregate, from the identity attribute information aggregate of configuration In, each secure identity attribute information set is determined, wherein the safety loading coefficient of each secure identity attribute information set is greater than Given threshold;From the multiple identity attribute information that user inputs, determining each secure identity attribute information collection is removed Included identity attribute information is closed, each non-security identity attribute information is obtained, to obtained each non-security identity attribute Information individually carries out the second safety detection;
The determining module 54 is specifically used for:
Safety loading coefficient and each non-security identity attribute information based on each secure identity attribute information set Risk property coefficient determines the result that identity verification is carried out to the user.
Optionally, the determining module 54 is specifically used for:
Safety loading coefficient based on each secure identity attribute information set and be each secure identity attribute information set The different degree of setting determines the safe score of each secure identity attribute information set;And it is based on each non-security identity attribute The risk property coefficient of information and the different degree being arranged for each non-security identity attribute information, determine each non-security identity attribute The non-security score value of information;Based on the safe score and each non-security body of determining each secure identity attribute information set The non-security score value of part attribute information, determines the result that identity verification is carried out to the user.
Optionally, the determining module 54 is specifically used for:
For each secure identity attribute information set, by the safety loading coefficient of the secure identity attribute information set and again The product after being multiplied is spent, the safe score of the secure identity attribute information set is determined as;
For each non-security identity attribute information, by the risk property coefficient and different degree of the non-security identity attribute information Product after multiplication is determined as the non-security score value of the non-security identity attribute information.
Optionally, the determining module 54 is specifically used for:
The safe score of determining each secure identity attribute information set is added, first and value are obtained;And it will determine Each of non-security identity attribute information non-security score value be added, obtain second and value;By described first and value and described the Two and value difference, be determined as to the user carry out identity verification after identity confidence level score value.
Optionally, each identity attribute information aggregate of configuration includes two identity attribute information;Alternatively,
There are many identity attribute information aggregate, every kind of identity attribute information aggregate corresponds to a kind of identity attribute information for configuration Number;Wherein, every two identity attribute information at most belongs to a secure identity attribute information set.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The application is process of the reference according to method, apparatus (system) and computer program product of the embodiment of the present application Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Although the preferred embodiment of the application has been described, it is created once a person skilled in the art knows basic Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as It selects embodiment and falls into all change and modification of the application range.
Obviously, those skilled in the art can carry out various modification and variations without departing from the essence of the application to the application Mind and range.In this way, if these modifications and variations of the application belong to the range of the claim of this application and its equivalent technologies Within, then the application is also intended to include these modifications and variations.

Claims (16)

1. a kind of identity verification method, which is characterized in that this method comprises:
Receive multiple identity attribute information of user's input;
Based on the multiple identity attribute information, at least one identity attribute information aggregate is configured, and user's body based on storage The each identity attribute information belonged in same identity attribute information aggregate is bound together the first safety of progress by part information bank Detection obtains the safety loading coefficient of each identity attribute information aggregate at least one described identity attribute information aggregate;Wherein, Identity attribute information is contained at least two in each identity attribute information aggregate;And
Subscriber identity information library based on storage, at least one identity attribute information in the multiple identity attribute information point The second safety detection is not carried out not individually, obtains the risk of each identity attribute information at least one described identity attribute information Coefficient;
Based on the safety loading coefficient of each identity attribute information aggregate at least one identity attribute information aggregate described in obtaining, With the risk property coefficient of each identity attribute information at least one described identity attribute information, determines and body is carried out to the user The result that part is verified.
2. the method as described in claim 1, which is characterized in that first safety detection include the first validation checking and/ Or first emit expenditure detection;Wherein, the safety loading coefficient is positively correlated with the result for carrying out first validation checking, with Carry out described first emit expenditure detection result it is negatively correlated;Second safety detection include the second validation checking and/or Second emits expenditure detection;Wherein, the risk property coefficient and carry out the result of second validation checking and be positively correlated, with into The result that row described second emits expenditure detection is positively correlated, wherein the result of second validation checking is described for characterizing The frequency of usage of identity attribute information.
3. the method as described in claim 1, which is characterized in that the subscriber identity information library based on storage, to described more At least one identity attribute information in a identity attribute information individually carries out the second safety detection, obtains described at least one The risk property coefficient of each identity attribute information in a identity attribute information, comprising:
Subscriber identity information library based on storage, it is single respectively to each identity attribute information in the multiple identity attribute information The second safety detection is solely carried out, the risk property coefficient of each identity attribute information in the multiple identity attribute information is obtained;
The safety based on each identity attribute information aggregate at least one identity attribute information aggregate described in obtaining The risk property coefficient of each identity attribute information in coefficient and at least one described identity attribute information is determined to the user Carry out the result of identity verification, comprising:
Based on the safety loading coefficient of obtained each identity attribute information aggregate, from the identity attribute information aggregate of configuration, really Fixed each secure identity attribute information set, wherein the safety loading coefficient of each secure identity attribute information set is greater than setting threshold Value;
From the multiple identity attribute information that user inputs, removes determining each secure identity attribute information set and wrapped The identity attribute information contained obtains each non-security identity attribute information;
From in the risk property coefficient of each identity attribute information, being found each non-in obtained the multiple identity attribute information The risk property coefficient of secure identity attribute information;
The risk of safety loading coefficient and each non-security identity attribute information based on each secure identity attribute information set Property coefficient determines the result that identity verification is carried out to the user.
4. the method as described in claim 1, which is characterized in that the subscriber identity information library based on storage, to described more At least one identity attribute information in a identity attribute information individually carries out the second safety detection, comprising:
Based on the safety loading coefficient of obtained each identity attribute information aggregate, from the identity attribute information aggregate of configuration, really Fixed each secure identity attribute information set, wherein the safety loading coefficient of each secure identity attribute information set is greater than setting threshold Value;
From the multiple identity attribute information that user inputs, removes determining each secure identity attribute information set and wrapped The identity attribute information contained obtains each non-security identity attribute information, to obtained each non-security identity attribute information point The second safety detection is not carried out not individually;
Based on the safety loading coefficient of each identity attribute information aggregate at least one identity attribute information aggregate described in obtaining, With the risk property coefficient of each identity attribute information at least one described identity attribute information, determines and body is carried out to the user The result that part is verified, comprising:
The risk of safety loading coefficient and each non-security identity attribute information based on each secure identity attribute information set Property coefficient determines the result that identity verification is carried out to the user.
5. the method as claimed in claim 3 or 4, which is characterized in that described based on each secure identity attribute information set The risk property coefficient of safety loading coefficient and each non-security identity attribute information determines and carries out identity verification to the user Result, comprising:
Safety loading coefficient based on each secure identity attribute information set and it is arranged for each secure identity attribute information set Different degree, determine the safe score of each secure identity attribute information set;And
Risk property coefficient based on each non-security identity attribute information and the weight for each non-security identity attribute information setting It spends, determines the non-security score value of each non-security identity attribute information;
Safe score and each non-security identity attribute information based on determining each secure identity attribute information set it is non- Safe score determines the result that identity verification is carried out to the user.
6. method as claimed in claim 5, which is characterized in that the safety based on each secure identity attribute information set Property coefficient and the different degree being arranged for each secure identity attribute information set, determine each secure identity attribute information set Safe score, comprising:
For each secure identity attribute information set, by the safety loading coefficient and different degree of the secure identity attribute information set Product after multiplication is determined as the safe score of the secure identity attribute information set;
Risk property coefficient based on each non-security identity attribute information and the weight for each non-security identity attribute information setting It spends, determines the non-security score value of each non-security identity attribute information, comprising:
For each non-security identity attribute information, the risk property coefficient of the non-security identity attribute information is multiplied with different degree Product afterwards is determined as the non-security score value of the non-security identity attribute information.
7. method as claimed in claim 6, which is characterized in that based on the peace of determining each secure identity attribute information set The non-security score value of full score value and each non-security identity attribute information, determine to the user carry out identity verification as a result, Include:
The safe score of determining each secure identity attribute information set is added, first and value are obtained;And
The non-security score value of each of determining non-security identity attribute information is added, second and value are obtained;
By described first and value with described second and value difference, be determined as to the user progress identity verification after identity can Reliability score value.
8. the method as described in any in claim 3~4,6, which is characterized in that each identity attribute information aggregate packet Containing two identity attribute information;Alternatively,
There are many identity attribute information aggregate, every kind of identity attribute information aggregates to correspond to a kind of identity attribute information number for configuration; Wherein, every two identity attribute information at most belongs to a secure identity attribute information set.
9. a kind of identity verification device, which is characterized in that the device includes:
Receiving module, for receiving multiple identity attribute information of user's input;
First detection module, for configuring at least one identity attribute information aggregate based on the multiple identity attribute information, and The each identity attribute information belonged in same identity attribute information aggregate is bundled in by the subscriber identity information library based on storage The first safety detection is carried out together, obtains each identity attribute information aggregate at least one described identity attribute information aggregate Safety loading coefficient;Wherein, identity attribute information is contained at least two in each identity attribute information aggregate;And
Second detection module, for the subscriber identity information library based on storage, in the multiple identity attribute information at least One identity attribute information individually carries out the second safety detection, obtains each body at least one described identity attribute information The risk property coefficient of part attribute information;
Determining module, for based on each identity attribute information aggregate at least one identity attribute information aggregate described in obtaining Safety loading coefficient and at least one described identity attribute information in each identity attribute information risk property coefficient, determine pair The user carries out the result of identity verification.
10. device as claimed in claim 9, which is characterized in that first safety detection include the first validation checking and/ Or first emit expenditure detection;Wherein, the safety loading coefficient is positively correlated with the result for carrying out first validation checking, with Carry out described first emit expenditure detection result it is negatively correlated;Second safety detection include the second validation checking and/or Second emits expenditure detection;Wherein, the risk property coefficient and carry out the result of second validation checking and be positively correlated, with into The result that row described second emits after expenditure detection is positively correlated, wherein the result of second validation checking is for characterizing institute State the frequency of usage of identity attribute information.
11. device as claimed in claim 9, which is characterized in that second detection module is specifically used for:
Subscriber identity information library based on storage, it is single respectively to each identity attribute information in the multiple identity attribute information The second safety detection is solely carried out, the risk property coefficient of each identity attribute information in the multiple identity attribute information is obtained;
The determining module is specifically used for:
Based on the safety loading coefficient of obtained each identity attribute information aggregate, from the identity attribute information aggregate of configuration, really Fixed each secure identity attribute information set, wherein the safety loading coefficient of each secure identity attribute information set is greater than setting threshold Value;From the multiple identity attribute information that user inputs, it is right to remove determining each secure identity attribute information set institute The identity attribute information answered obtains each non-security identity attribute information;Each identity from the multiple identity attribute information In the risk property coefficient of attribute information, the risk property coefficient of each non-security identity attribute information is found;Based on each safety The risk property coefficient of the safety loading coefficient of identity attribute information aggregate and each non-security identity attribute information is determined to institute State the result that user carries out identity verification.
12. device as claimed in claim 9, which is characterized in that second detection module is specifically used for:
Based on the safety loading coefficient of obtained each identity attribute information aggregate, from the identity attribute information aggregate of configuration, really Fixed each secure identity attribute information set, wherein the safety loading coefficient of each secure identity attribute information set is greater than setting threshold Value;From the multiple identity attribute information that user inputs, removes determining each secure identity attribute information set and wrapped The identity attribute information contained obtains each non-security identity attribute information, to obtained each non-security identity attribute information point The second safety detection is not carried out not individually;
The determining module is specifically used for:
The risk of safety loading coefficient and each non-security identity attribute information based on each secure identity attribute information set Property coefficient determines the result that identity verification is carried out to the user.
13. the device as described in claim 11 or 12, which is characterized in that the determining module is specifically used for:
Safety loading coefficient based on each secure identity attribute information set and it is arranged for each secure identity attribute information set Different degree, determine the safe score of each secure identity attribute information set;And it is based on each non-security identity attribute information Risk property coefficient and different degree for each non-security identity attribute information setting, determine each non-security identity attribute information Non-security score value;Safe score and each non-security identity category based on determining each secure identity attribute information set Property information non-security score value, determine to the user carry out identity verification result.
14. device as claimed in claim 13, which is characterized in that the determining module is specifically used for:
For each secure identity attribute information set, by the safety loading coefficient and different degree of the secure identity attribute information set Product after multiplication is determined as the safe score of the secure identity attribute information set;
For each non-security identity attribute information, the risk property coefficient of the non-security identity attribute information is multiplied with different degree Product afterwards is determined as the non-security score value of the non-security identity attribute information.
15. device as claimed in claim 14, which is characterized in that the determining module is specifically used for:
The safe score of determining each secure identity attribute information set is added, first and value are obtained;And it will be determining every The non-security score value of a non-security identity attribute information is added, and obtains second and value;By described first and value with described second and The difference of value is determined as carrying out the user identity confidence level score value after identity verification.
16. the device as described in any in claim 11~12,14, which is characterized in that each identity attribute information of configuration Set includes two identity attribute information;Alternatively,
There are many identity attribute information aggregate, every kind of identity attribute information aggregates to correspond to a kind of identity attribute information number for configuration; Wherein, every two identity attribute information at most belongs to a secure identity attribute information set.
CN201510645109.5A 2015-10-08 2015-10-08 A kind of identity verification method and device Active CN106570384B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510645109.5A CN106570384B (en) 2015-10-08 2015-10-08 A kind of identity verification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510645109.5A CN106570384B (en) 2015-10-08 2015-10-08 A kind of identity verification method and device

Publications (2)

Publication Number Publication Date
CN106570384A CN106570384A (en) 2017-04-19
CN106570384B true CN106570384B (en) 2019-09-20

Family

ID=58507564

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510645109.5A Active CN106570384B (en) 2015-10-08 2015-10-08 A kind of identity verification method and device

Country Status (1)

Country Link
CN (1) CN106570384B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674302A (en) * 2009-09-25 2010-03-17 联想网御科技(北京)有限公司 Method and device for conducting security identification on information system
CN104123565A (en) * 2014-07-30 2014-10-29 中山艺展装饰工程有限公司 Identity card authentication and holder identity authentication method based on multimodal identification
CN104243462A (en) * 2014-09-05 2014-12-24 中国科学院计算机网络信息中心 User identity authentication method and system for discovery service
CN104301110A (en) * 2014-10-10 2015-01-21 刘文清 Authentication method, authentication device and system applied to intelligent terminal
CN104426884A (en) * 2013-09-03 2015-03-18 深圳市腾讯计算机系统有限公司 Method for authenticating identity and device for authenticating identity
EP2876571A1 (en) * 2013-11-26 2015-05-27 Thomson Licensing Method for authenticating a user by using an access code, corresponding terminal.

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7487361B2 (en) * 2004-06-30 2009-02-03 International Business Machines Corporation Dynamic cache lookup based on dynamic data
US8185951B2 (en) * 2006-12-20 2012-05-22 International Business Machines Corporation Method of handling user groups in desktop and web based applications in a heterogeneous authentication environment
US8001383B2 (en) * 2007-02-01 2011-08-16 Microsoft Corporation Secure serial number

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674302A (en) * 2009-09-25 2010-03-17 联想网御科技(北京)有限公司 Method and device for conducting security identification on information system
CN104426884A (en) * 2013-09-03 2015-03-18 深圳市腾讯计算机系统有限公司 Method for authenticating identity and device for authenticating identity
EP2876571A1 (en) * 2013-11-26 2015-05-27 Thomson Licensing Method for authenticating a user by using an access code, corresponding terminal.
CN104123565A (en) * 2014-07-30 2014-10-29 中山艺展装饰工程有限公司 Identity card authentication and holder identity authentication method based on multimodal identification
CN104243462A (en) * 2014-09-05 2014-12-24 中国科学院计算机网络信息中心 User identity authentication method and system for discovery service
CN104301110A (en) * 2014-10-10 2015-01-21 刘文清 Authentication method, authentication device and system applied to intelligent terminal

Also Published As

Publication number Publication date
CN106570384A (en) 2017-04-19

Similar Documents

Publication Publication Date Title
CN106469261B (en) Identity verification method and device
CN105635126B (en) Malice network address accesses means of defence, client, security server and system
CN104320375B (en) A kind of method and apparatus for preventing from illegally registering
CN109583226A (en) Data desensitization process method, apparatus and electronic equipment
WO2016015680A1 (en) Security detection method and security detection apparatus for mobile terminal input window
CN109561085A (en) A kind of auth method based on EIC equipment identification code, server and medium
CN103929411B (en) Information displaying method, terminal, safety server and system
CN105701876B (en) Apparatus and method for processing multiple recording strategies
CN110046509B (en) Method and device for hiding transaction written into block chain
CN103957217A (en) Internet-electronic-business-transaction-oriented method and system
CN104836777B (en) Identity verification method and system
CN105262731A (en) Identity information verification system based on fingerprints
CN108234441B (en) Method, apparatus, electronic device and storage medium for determining forged access request
CN104703173B (en) The configuration of terminal applies account and detection method, apparatus and system
CN106295423A (en) A kind of method for exhibiting data and client
CN106570384B (en) A kind of identity verification method and device
CN106130968B (en) A kind of identity identifying method and system
CN107133163A (en) A kind of method and apparatus for verifying description class API
CN106599637A (en) Method and device for inputting verification code into verification interface
CN106878248A (en) A kind of verification method and equipment
CN106098070A (en) A kind of identity identifying method and network system
CN114153396B (en) Data processing method and device, data storage device and terminal device
CN110033264B (en) Merkel tree corresponding to building block and simple payment verification method and device
WO2020228564A1 (en) Application service method and device
CN105871928B (en) A kind of method of controlling security and system of distributed network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1235493

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20200923

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee before: Advanced innovation technology Co.,Ltd.

Effective date of registration: 20200923

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Patentee after: Advanced innovation technology Co.,Ltd.

Address before: Cayman Islands Grand Cayman capital building, a four storey No. 847 mailbox

Patentee before: Alibaba Group Holding Ltd.

TR01 Transfer of patent right