CN107079034A - A kind of identity authentication method, terminal device, certificate server and electronic equipment - Google Patents

A kind of identity authentication method, terminal device, certificate server and electronic equipment Download PDF

Info

Publication number
CN107079034A
CN107079034A CN201680002681.2A CN201680002681A CN107079034A CN 107079034 A CN107079034 A CN 107079034A CN 201680002681 A CN201680002681 A CN 201680002681A CN 107079034 A CN107079034 A CN 107079034A
Authority
CN
China
Prior art keywords
user
biological characteristic
terminal device
certificate server
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201680002681.2A
Other languages
Chinese (zh)
Other versions
CN107079034B (en
Inventor
张站朝
王振凯
鄂鹏
陈超
李静
李坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cloudminds Shanghai Robotics Co Ltd
Original Assignee
Shenzhen City Science And Technology Holdings Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen City Science And Technology Holdings Ltd filed Critical Shenzhen City Science And Technology Holdings Ltd
Publication of CN107079034A publication Critical patent/CN107079034A/en
Application granted granted Critical
Publication of CN107079034B publication Critical patent/CN107079034B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Collating Specific Patterns (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a kind of identity authentication method, terminal device, certificate server and electronic equipment, this method includes:The biological characteristic of the first user of input is received, and obtains the account information of the first user and the device identification of terminal device;ID authentication request is sent to certificate server;Receive the identification information that certificate server is returned;Receive the biological characteristic of the second user of input;Checking request is sent to certificate server;The logging-in code that certificate server is returned is received, second user is logged in reference to the logging-in code.Through the above way, the present invention can be on the successful terminal device of the first user authentication, the terminal device is authenticated to the equipment of login as second user, pass through the user of priority certification first on the same device and second user identity, realize on the premise of the first user tenders guarantee, second user can be logged in smoothly, it is ensured that second user is logged in using safety means, so as to ensure safety and reliability.

Description

A kind of identity authentication method, terminal device, certificate server and electronic equipment
Technical field
The present invention relates to field of computer technology, more particularly to a kind of identity authentication method, terminal device, certification clothes Business device and electronic equipment.
Background technology
Mobile office refers to the office mode handled official business using terminal device wireless access mobile communications network.Due to moving Time and place limitation are broken away from dynamic office, and company management and communication that clerical workforce can be changed with oneself at any time greatly improve and done The efficiency of office attendants person, therefore, mobile office is well received.
For the higher field of safety requirements, for example:Financial field, if clerical workforce optionally enter by using terminal equipment Row office, can increase the risk of financial concerning security matters.It is usually in need to move in order to improve the security of mobile office in financial field Clerical workforce's configurating terminal device of dynamic office, and the account of terminal device, the fingerprint of clerical workforce and clerical workforce is entered Row certification is bound, and only permits the clerical workforce to be handled official business using the terminal device and account of binding.But, in financial field, The situation that supervisor is authenticated authorisation process to subordinate would generally be related to, if supervisor and subordinate go out, and supervisor does not carry The terminal device of itself configuration, then can not realize and carry out authorisation process to subordinate, even the terminal of subordinate itself configuration is set Standby is reliable equipment, but supervisor still can not use the terminal device that subordinate itself configures, and supervisor can only return to office Or fetch itself configuration terminal device can just be authenticated authorisation process, largely effect on office efficiency.
The content of the invention
The present invention solves the technical problem of provide a kind of identity authentication method, terminal device, certificate server And electronic equipment, its purpose aims to solve the problem that existing identity authentication method just for independent personal authentication, when needing certification people Carry out authentication, and the terminal device of certification people not at one's side when, certification people can not pass through other-end equipment carry out identity Certification or the technical problem of mandate.
In order to solve the above technical problems, one aspect of the present invention is:A kind of side for awarding authentication is provided Method, including:The first biological characteristic of the first user inputted on the terminal device is received, and obtains the account of first user The device identification of number information and the terminal device;According to the account information, device identification and the first biological characteristic, to recognizing Demonstrate,prove server and send ID authentication request;Receive the certificate server and confirm that described first uses according to the ID authentication request The identification information returned after the legal identity at family;Receive the second life of the second user inputted on the terminal device Thing feature;According to second biological characteristic, checking request is sent to the certificate server;The certificate server is received to exist The logging-in code for confirming to return after the legitimacy of second biological characteristic according to the checking request, so that the second user Logged in reference to the logging-in code.
Alternatively, the ID authentication request is to account information, first according to the private key bound in the first biological characteristic Generation is encrypted in biological characteristic and device identification.
Alternatively, the private key is examined by acquiring afterwards in first biological characteristic.
Alternatively, the checking request is that second biological characteristic is entered according to the private key bound in the first biological characteristic Row encryption generation.
In order to solve the above technical problems, another technical solution used in the present invention is:A kind of side of authentication is provided Method, including:The authentication information that receiving terminal apparatus is sent, the authentication information carries the account of first user The device identification of information, the first biological characteristic of the first user and the terminal device;True according to the authentication information After the legal identity for recognizing first user, identification information is returned to the terminal device;Receive the terminal device The checking request of transmission, the checking request carries the second biological characteristic of second user;Confirm according to the checking request After the legitimacy of second biological characteristic, logging-in code corresponding with the second user is generated;Sent out to the terminal device The logging-in code is sent, so that the second user is logged in reference to the logging-in code.
Alternatively, the identification information is to determine the account information, the first biological characteristic of the first user and institute State device identification and have what is generated during corresponding relation.
In order to solve the above technical problems, another technical solution used in the present invention is:A kind of terminal device is provided, wrapped Include:Biological characteristic recognition module, for carrying out living things feature recognition;First receiving module, it is defeated on the terminal device for receiving The first biological characteristic of the first user entered;First acquisition module, account information and institute for obtaining first user State the device identification of terminal device;First sending module, for biological special according to the account information, device identification and first Levy, ID authentication request is sent to certificate server;Second receiving module, for receiving the certificate server according to the body Part certification request confirms the identification information returned after the legal identity of first user;3rd receiving module, is used for Receive the second biological characteristic of the second user inputted on the terminal device;Second sending module, for according to described Two biological characteristics, checking request is sent to the certificate server;4th receiving module, exists for receiving the certificate server The logging-in code for confirming to return after the legitimacy of second biological characteristic according to the checking request, so that the second user Logged in reference to the logging-in code.
Alternatively, the terminal device also includes:First encrypting module, for according to the private bound in the first biological characteristic Account information, the first biological characteristic and device identification are encrypted key.
Alternatively, the terminal device also includes:Second acquisition module is logical for being examined in first biological characteristic After crossing, the private key is obtained.
Alternatively, the terminal device also includes:Second encrypting module, for according to the private bound in the first biological characteristic Second biological characteristic is encrypted key.
In order to solve the above technical problems, another technical solution used in the present invention is:A kind of certificate server is provided, wrapped Include:First receiving module, the authentication information sent for receiving terminal apparatus, the authentication information carries described the The device identification of the account information of one user, the first biological characteristic of the first user and the terminal device;First returns to module, For after the legal identity of first user is confirmed according to the authentication information, body to be returned to the terminal device Part confirmation;Second receiving module, for receiving the checking request that the terminal device is sent, the checking request carries the The second biological characteristic of two users;Generation module, for confirming the conjunction of second biological characteristic according to the checking request After method, logging-in code corresponding with the second user is generated;Second returns to module, for sending institute to the terminal device Logging-in code is stated, so that the second user is logged in reference to the logging-in code.
In order to solve the above technical problems, another technical solution used in the present invention is:A kind of electronic equipment, bag are provided Include:At least one processor;And, the memory being connected with least one described processor communication;Wherein, the memory is deposited Containing can be by the instruction of at least one computing device, and the instruction is by least one described computing device, so that institute State at least one processor and be able to carry out the above method.
In order to solve the above technical problems, another technical solution used in the present invention is:A kind of non-volatile calculating is provided Machine readable storage medium storing program for executing, the computer-readable recording medium storage has computer executable instructions, and the computer is executable to be referred to Order is executed by one or more processors, so that at least one described processor is able to carry out the above method.
In order to solve the above technical problems, another technical solution used in the present invention is:A kind of computer program production is provided Product, the computer program product includes the computer program being stored on non-volatile computer readable storage medium storing program for executing, described Computer program includes programmed instruction, and the programmed instruction is executed by one or more processors, so that at least one described processing Device performs the above method.
The beneficial effects of the invention are as follows:The situation of prior art is different from, the present invention can be gathered formerly by terminal device The first biological characteristic of first user, obtains the account information of the first user and the device identification of the terminal device, then According to the first biological characteristic, account information and device identification, the legal identity of the first user is authenticated to, and determine terminal device Belong to first user to own, so that it is determined that the reliability of the terminal device, and the first user is played to subsequent authentication Play a part of guarantee during the identity of second user, second user makes the second biology of reliable mobile terminal collection second user Feature, and be authenticated, the security of the data of second user is advantageously ensured that, the data for being effectively reduced second user are stolen Risk surreptitiously, in addition, second user carries out biological identification by using reliable second party terminal device, can cause the second use Family, which can depart from, forces the terminal device of configuration to carry out biological identification, facilitates the operation of second user.
Brief description of the drawings
Fig. 1 is a kind of application scenario diagram for authentication that the embodiment of the present invention one is provided;
Fig. 2 is the flow that the first user that the embodiment of the present invention one is provided is registered by terminal device to certificate server Figure;
Fig. 3 is a kind of structural representation for terminal device embodiment that the embodiment of the present invention two is provided;
Fig. 4 is a kind of structural representation for certificate server embodiment that the embodiment of the present invention three is provided;
Fig. 5 is a kind of schematic flow sheet for identity identifying method that the embodiment of the present invention four is provided;
Fig. 6 is a kind of schematic flow sheet for identity identifying method that the embodiment of the present invention five is provided;
Fig. 7 is a kind of schematic flow sheet for identity identifying method that the embodiment of the present invention six is provided;
Fig. 8 is a kind of structural representation of the electronic equipment for execution identity identifying method that the embodiment of the present invention seven is provided.
Specific embodiment
The present invention is described in detail with reference to the accompanying drawings and examples.
Embodiment one
Referring to Fig. 1, Fig. 1 is a kind of application scenario diagram of authentication provided in an embodiment of the present invention.The authentication System 20 includes terminal device 21 and certificate server 22, wherein, terminal device 21 is configured with biological characteristic recognition module, the life Thing feature recognition module is used to recognize biological characteristic, wherein, biological characteristic refers to the feature that unique identification is carried out to user, In the present embodiment, biological characteristic can include the features such as fingerprint, image surface, iris or palmmprint.Terminal device 21 can be intelligence Mobile phone, tablet personal computer, PDA (Personal Digital Assistant, palm PC) etc..
Terminal device 21 receives the first biological characteristic of the first user of input, and obtains the account letter of first user The device identification of breath and the terminal device 21.For example, the terminal device of this in the present embodiment 21 is configured with fingerprint identification module, should Fingerprint identification module can recognize fingerprint.First user enters fingerprint recognition interface, biological characteristic first on terminal device 21 Identification module obtains finger print information by scanning the interface finger, and verifies the finger print information.The first of first user is biological special Levy after i.e. finger print information is proved to be successful, terminal device 21 passes through the finger print information and obtains account letter corresponding with the finger print information Breath, specific account information can be, the name of first user, sex, the age, the information such as job overall.Terminal device 21 The device identification of the equipment is further obtained, for example the terminal device 21 is smart mobile phone, then obtains the mobile phone of the smart mobile phone Model, mobile phone title, the sequence number that dispatches from the factory, date of manufacture etc. prove the device identification of the smart mobile phone.In the present embodiment, first The account information of user can also be acquired by directly inputting.
After the device identification of account information, biological characteristic and the equipment of the first user is got, terminal device 21 enters One step to certificate server 22 send ID authentication request, wherein, the ID authentication request carry the first user account letter The device identification of breath, biological characteristic and the terminal device.
Certificate server 22 is according to the device identification of the account information got, biological characteristic and terminal device 21 to verify The identity of first user it is whether true and judge first user whether be the terminal device 21 owner, when the first user's Identity is true and is the owner of the terminal device 21, then returning to authentication to terminal device 21 passes through message.
The authentication that terminal device 21 receives the return of certificate server 22 passes through message.By carrying out body to the first user Part certification, it was demonstrated that the first user identity is true, and the first user is the owner of the terminal device 21, so as to ensure that terminal is set Standby 21 reliability.
Terminal device 21 further receives the biological characteristic of the second user of input by biological characteristic recognition module, to obtain Take the biological characteristic of second user, acquisition methods of the specific acquisition methods with the first user.Second in second user is biological After feature is obtained successfully, checking request is sent to certificate server 22, wherein, the biology that the checking request carries second user is special Levy, by the checking request, certificate server 22 is able to verify that the legitimacy of the second biological characteristic, to determine the body of second user Whether part is true.
Further, after the legitimacy of the second biological characteristic is confirmed, the generation of certificate server 22 and second user pair The logging-in code answered, and return to the logging-in code to terminal device 21.Terminal device 21 receives the logging-in code that certificate server 22 is returned, Second user can then be logged in by the logging-in code on terminal device 21, specifically, the logging-in code can be Quick Response Code, Can also be short message verification code etc..
The embodiment of the present invention is to the owner of terminal device 21, as the first user, carries out authentication, confirm this The identity of one user is true and owner for the terminal device 21 after, then the biological characteristic of second user is received, according to the The biological characteristic of two users carries out authentication to second user.Second user authentication after, second user Further it can be logged in the terminal device as the equipment of login, to solve the terminal device of oneself not at one's side, nothing The problem of method is logged in.By the user of priority certification first on the same device and second user identity, load is provided in the first user On the premise of guarantor so that second user can be logged in smoothly, it is ensured that second user is logged in using safety means, so as to protect Demonstrate,prove safety and reliability.
, can be to terminal device in order to improve the security for the data transmitted between terminal device 21 and certificate server 22 The data transmitted between 21 and certificate server 22 are encrypted.Specifically, terminal device 21 first verifies the first user's First biological characteristic, after being verified, according to the private key bound in the first biological characteristic to the account information of the first user, first The device identification of biological characteristic and terminal device 21 is encrypted, and generates the first encryption data, and according to the first encryption data Generate ID authentication request.
Further, terminal device 21 is sending the ID authentication request to certificate server 22.Specifically, terminal device 21 include the step of sending ID authentication request to certificate server 22:Terminal device 21 sends to certificate server 22 and carries the The ID authentication request of one encryption data;Certificate server 22 is after ID authentication request is received, to ID authentication request Explain, obtain the first encryption data, then processing acquisition first first encryption data is decrypted by default public key and use The device identification of the account information at family, the first biological characteristic and terminal device 21, then according to the account information of the first user, The device identification of first biological characteristic and terminal device 21 carries out authentication to the identity of the first user.
Certainly, the biological characteristic of second user can also be tested by being sent after default key encryption to certificate server Card.Specifically, the biological characteristic of second user is encrypted by default private key first for terminal device 21, generation second is encrypted Data, and checking request is generated according to the second encryption data, and the checking request is sent to certificate server 22, wherein, should Checking request carries the second encryption data.Certificate server 22 the second encryption data is decrypted acquisition according to default public key The biological characteristic of two users.
It should be noted that:Public key and private key are just obtained when user registers in authentication service.The present embodiment institute The public key and private key of finger are all default, wherein, it is pairing key to preset public key and default private key, and default private key is with recognizing Card server 22 is matched, and default public key is matched with terminal device 21.Certificate server 22 is receiving authentication During request, the default public key of pairing is selected according to the source address of ID authentication request.First user and second user have and it The terminal device 21 of binding, the record of certificate server 22 has the binding relationship, the binding relationship that certificate server 22 is recorded Certificate server 22 can be directly inputted into by manager with the default public key of pairing, can also the first user and second user from Row carries out registration formation to certificate server 22, voluntarily arrives the process that certificate server 22 is registered to the first user below It is specifically described, referring to Fig. 2, including:
Step S101:Receive device identification, account information and password that the first user inputs registration on terminal device 21;
Step S102:The device identification, account information and password are sent to certificate server 22;
Step S103:22 pairs of device identifications of certificate server, account information and password are verified;
Step S104:After being verified, the account for returning to terminal device 21 is verified message and transmission one Individual random code;
Step S105:Receive the biological characteristic of the first user typing in terminal device 21;
Step S106:Terminal device 21 generates corresponding public key and private key according to the biological characteristic of the first user;
Step S107:The public key and biological characteristic value that first user is generated are sent to certificate server 22.
Step S108:Certificate server 22 sets up the first user and end according to the device identification and account information of the first user The binding relationship of end equipment 21;Certificate server 22 sets up close corresponding with the first user according to the biological characteristic value of the first user System.
As:The biological characteristic of the device identification of mobile device terminal equipment 21, user's mark of user and user is set up Binding relationship, the device identification of mobile device terminal equipment 21 sets up corresponding relation with the public key received.
Alternatively, after the first user carries out successful registration to certificate server 22, terminal device 21 locally can also Retain the biological characteristic of the first user, when receiving the biological characteristic of the first user of input, first judge the biology received Whether feature matches with the biological characteristic that terminal device 21 is locally stored, if matching, local authentication passes through, if mismatching, Prompting active user is not the prompt message of the owner of terminal device 21.
Alternatively, certificate server 22 according to checking request confirm the second biological characteristic legitimacy after, generation with The corresponding logging-in code of second user, and the logging-in code is returned to terminal device 21, the logging-in code can also carry second user Account information.Terminal device 21 can also show the account information of second user after logging-in code is received, so that first uses Family knows that whom current second user is, and whether second user is reliable.
Alternatively, certificate server 22 according to checking request confirm the second biological characteristic legitimacy after, generation with The corresponding logging-in code of second user, and the logging-in code is returned to terminal device 21, certificate server 22 can also be to terminal device 21 return to the information for being logged in the certification of terminal device 21 for second user.
Alternatively, terminal device 21 can send the log-on message of second user, certificate server to certificate server 22 22 to determine second user according to the log-on message logged in by the equipment oneself bound, but other by what is authenticated Reliable terminal device 21 is logged in.
What deserves to be explained is:Performed each on each performed operation and certificate server 22 on terminal device 21 Operation all by log recording, with when facilitating that audit is reviewed afterwards, can view when, whose certification who, which is used The operation such as process of whole authentication that equipment is carried out.
The embodiment of the present invention is to the owner of terminal device 21, as the first user, carries out authentication, confirm this The identity of one user is true and owner for the terminal device 21 after, then the biological characteristic of second user is received, according to the The biological characteristic of two users carries out authentication to second user.Second user authentication after, second user Further it can be logged in the terminal device as the equipment of login, to solve the terminal device of oneself not at one's side, nothing The problem of method is logged in.By the user of priority certification first on the same device and second user identity, load is provided in the first user On the premise of guarantor so that second user can be logged in smoothly, it is ensured that the safety and reliability of whole verification process.
During ID authentication request and the checking request of second user entirely to the first user, certificate server profit Logging-in code is encrypted the public key being previously sent with terminal device, is sent to terminal device, due to the private of terminal device Key is existed only in terminal device, even if the logging-in code that this section is crossed by public key encryption is in plain text, is maliciously intercepted, interception side also without Method parses this section of ciphertext by way of as parsing symmetric cryptography, it is ensured that the logging-in code ciphertext is capable of safety, is only gathered around There is the terminal device of private key to parse correct logging-in code.Simultaneously for public key, either certificate server or terminal are set All it is disclosed for standby, therefore reliable channel need not be considered as and carry out password distribution, greatly reduces development difficulty.
Embodiment two
Referring to Fig. 3, Fig. 3 is a kind of structural representation for terminal device that the embodiment of the present invention two is provided.Terminal device 30 include biological characteristic recognition module 301, the first receiving module 302, the first acquisition module 303, the first sending module 304, the Two receiving modules 305, the 3rd receiving module 306, the second sending module 307 and the 4th receiving module 308.
Biological characteristic recognition module 301, for carrying out living things feature recognition.Wherein, biological characteristic refers to carry out user The feature of unique identification, in the present embodiment, biological characteristic can include the features such as fingerprint, image surface, iris or palmmprint.Eventually End equipment 21 can be smart mobile phone, tablet personal computer, PDA (Personal Digital Assistant, palm PC) etc..
First receiving module 302, it is special for receiving the biology of the first user of input by biological characteristic recognition module 301 Levy.
First acquisition module 303, for obtaining the account information of the first user and the device identification of terminal device.Specifically Account information can be, the name of first user, sex, age, the information such as job overall.Terminal device, for example, intelligence Can mobile phone, then obtain mobile phone model, mobile phone title, the sequence number that dispatches from the factory, date of manufacture of the smart mobile phone etc. prove the intelligent hand The device identification of machine.
First sending module 304, for sending ID authentication request to certificate server, wherein, ID authentication request is taken The device identification of biological characteristic, account information and terminal device with the first user.
Second receiving module 305, for receive certificate server the biological characteristic according to the first user, account information with And the device identification of terminal device passes through message to the authentication returned after the identity success identity of the first user.
3rd receiving module 306, it is special for receiving the biology of second user of input by biological characteristic recognition module 301 Levy.
Second sending module 307, for sending checking request to certificate server, wherein, the checking request carries second The biological characteristic of user.
4th receiving module 308, the conjunction of the second biological characteristic is being confirmed according to checking request for receiving certificate server The logging-in code returned after method, second user can be logged in reference to the logging-in code.
In order to improve the security for the data transmitted between terminal device and certificate server, terminal device and authentication service The data transmitted between device can be encrypted, and terminal device 30 can also include the first encrypting module 309, and second obtains The encrypting module 311 of module 310 and second.
First encrypting module 309, for special to account information, the first biology according to the private key bound in the first biological characteristic Device identification of seeking peace is encrypted.
Second acquisition module 310, after being examined and passing through in the first biological characteristic, obtains private key.
Second encrypting module 311, for being added according to the private key bound in the first biological characteristic to the second biological characteristic It is close.
The terminal device that the present embodiment is provided, the identity that confirms first user is true and institute for the terminal device 21 After someone, then the biological characteristic of second user is received, carrying out identity to second user according to the biological characteristic of second user tests Card.Second user authentication after, second user can further using the terminal device as login equipment Logged in, to solve the terminal device of oneself not at one's side, it is impossible to the problem of logging in.Meanwhile, using private key to the first user Account information, the first biological characteristic and device identification and the second biological characteristic of second user be encrypted, it is ensured that transmission Security, when being sent to receiving terminal, file is maliciously intercepted, and also can guarantee that security.
Embodiment three
Referring to Fig. 4, Fig. 4 is a kind of schematic diagram for certificate server that the embodiment of the present invention three is provided.Certificate server 40, which include the first receiving module 401, first, returns to module 402, the second receiving module 403, the return mould of generation module 404, second Block 405.
First receiving module 401, the authentication information sent for receiving terminal apparatus, authentication information is carried The account information of first user, the first biological characteristic of the first user and the device identification of terminal device.
First returns to module 402, for after the legal identity of the first user is confirmed according to authentication information, to end End equipment returns to identification information.
Second receiving module 403, the checking request sent for receiving terminal apparatus, checking request carries second user The second biological characteristic.
Generation module 404, for after the legitimacy of second biological characteristic is confirmed according to checking request, generation with The corresponding logging-in code of second user.
Second returns to module 405, for sending the logging-in code to the terminal device, so that the second user is combined The logging-in code is logged in.
The certificate server that the present embodiment is provided is by carrying out authentication to the first user and second user being tested Card, second user authentication after so that on the premise of the first user tenders guarantee, second user can be suitable Profit is logged in, it is ensured that the safety and reliability of whole verification process.
Example IV
Referring to Fig. 5, Fig. 5 is a kind of schematic flow sheet for identity identifying method that the embodiment of the present invention four is provided, the party Method includes:
Step S501:Receive the first biological characteristic of the first user inputted on the terminal device, and obtain described the The device identification of the account information of one user and the terminal device;
Terminal device 21 is configured with biological characteristic recognition module, and the biological characteristic recognition module is used to recognize biological characteristic, Wherein, biological characteristic refers to the feature that unique identification is carried out to user, in the present embodiment, and biological characteristic can include referring to The features such as line, image surface, iris or palmmprint.Terminal device 21 can be smart mobile phone, tablet personal computer, PDA (Personal Digital Assistant, palm PC) etc..Terminal device 21 receives the first biological characteristic of the first user of input, and And obtain the account information of first user and the device identification of the terminal device 21.For example, the terminal of this in the present embodiment is set Standby 21 are configured with fingerprint identification module, and the fingerprint identification module can recognize fingerprint.First user is first on terminal device 21 Into fingerprint recognition interface, biological characteristic recognition module obtains finger print information by scanning the interface finger, and verifies the fingerprint Information.The first biological characteristic of first user is that after finger print information is proved to be successful, terminal device 21 is obtained by the finger print information Account information corresponding with the finger print information, specific account information can be, the name of first user, sex, age, work Make the information such as position.Terminal device 21 further obtains the device identification of the equipment, and such as terminal device 21 is smart mobile phone, The equipment for then obtaining the proof such as mobile phone model, mobile phone title, the sequence number that dispatches from the factory, date of manufacture of the smart mobile phone smart mobile phone Mark.In the present embodiment, the account information of the first user can also be acquired by directly inputting.
Step S502:According to the account information, device identification and the first biological characteristic, identity is sent to certificate server Certification request;
After the device identification of account information, biological characteristic and the equipment of the first user is got, terminal device 21 enters One step to certificate server 22 send ID authentication request, ID authentication request user be used for certificate server request pair The identity of first user is authenticated.Wherein, the ID authentication request carries the account information of the first user, biological characteristic and should The device identification of terminal device.Certificate server 22 is set according to the account information got, biological characteristic and terminal device 21 Standby mark with verify whether the identity of the first user true and judge first user whether be the terminal device 21 owner.
Step S503:Certificate server is received to be confirmed to return after the legal identity of the first user according to ID authentication request Identification information;
Step S504:Receive the second biological characteristic of the second user inputted on the terminal device;
Terminal device 21 further receives the biological characteristic of the second user of input by biological characteristic recognition module, to obtain Take the biological characteristic of second user, acquisition methods of the specific acquisition methods with the first user.
Step S505:According to the second biological characteristic, checking request is sent to certificate server;
After the second biological characteristic of second user is obtained successfully, checking request is sent to certificate server 22, wherein, should Checking request carries the biological characteristic of second user, by the checking request, and certificate server 22 is able to verify that second is biological special The legitimacy levied.
Step S506:Certificate server is received to return after the legitimacy of the second biological characteristic is confirmed according to checking request Logging-in code so that second user is logged in reference to the logging-in code.
Specifically, the logging-in code can be Quick Response Code, or short message verification code etc..
The terminal device that the present embodiment is provided, the identity that confirms first user is true and institute for the terminal device 21 After someone, then the biological characteristic of second user is received, carrying out identity to second user according to the biological characteristic of second user tests Card.Second user authentication after, second user can further using the terminal device as login equipment Logged in, to solve the terminal device of oneself not at one's side, it is impossible to the problem of logging in.Meanwhile, using private key to the first user Account information, the first biological characteristic and device identification and the second biological characteristic of second user be encrypted, it is ensured that transmission Security, when being sent to receiving terminal, file is maliciously intercepted, and also can guarantee that security.
Embodiment five
Referring to Fig. 6, Fig. 6 is a kind of schematic flow sheet for identity identifying method that the embodiment of the present invention five is provided, it is above-mentioned It is equally applicable in the present embodiment to the explanation of each step in embodiment, in the present embodiment, for identity authentication method with Identical part is not described in above-described embodiment, and the emphasis part different to identity authentication method is illustrated, this method Including:
Step S601:Receive the biological characteristic of the first user inputted on the mobile apparatus.
Step S602:Obtain the biological characteristic that mobile device is locally stored.
Step S603:Whether the biological characteristic that the biological characteristic and mobile device for judging the first user are locally stored matches, Step S604 is performed if mismatching, if matching, step S605 is performed.
S604:First user does not have access right information alert.
When the biological characteristic of the first user matches with the biological characteristic that terminal device is locally stored, it was demonstrated that the first user For the owner of terminal device, mismatch and do not have access right then.
S605:Obtain the account information of the first user and the device identification of terminal device.
S606:By presetting biological characteristic of the private key to the first user, the device identification of account information and terminal device is entered Row encryption generation encryption data, ID authentication request is generated according to encryption data.
S607:ID authentication request is sent to certificate server.
The ID authentication request for carrying the first encryption data is sent to certificate server, is preset so that certificate server passes through Public key the first encryption data is decrypted setting for biological characteristic, account information and the terminal device of processing the first user of acquisition Standby mark, and according to the device identification of the biological characteristic of the first user, account information and terminal device to the first user's Identity is authenticated processing, wherein, it is pairing key to preset public key and default private key, and default private key is stored in advance in terminal and set Standby, default public key is stored in advance in certificate server, and be stored with default public key and terminal device of certificate server has pair It should be related to, certificate server is after ID authentication request is received, by obtaining the source address of ID authentication request, and obtaining should Which terminal device is ID authentication request derive from, and is decrypted so as to obtain default public key corresponding with the terminal device.
It should be noted that each first user and terminal device to certificate server before the use, it is necessary to first enter Row registration, certificate server only permits the terminal device and the first user access authentication server of certification, it is ensured that terminal device and the The reliability of one user, so as to improve security.Default private key and default public key can the first user by terminal device to What certificate server was generated when registering, and default private key is stored in the local of terminal device, and default public key is stored in certification clothes Business device.When the first user is registered by terminal device to certificate server, certificate server is by the biology of the first user Bound, during follow-up progress authentication, mainly passed through between the device identification three of feature, account information and terminal device Binding relationship between biological characteristic, account information and device identification three is carried out.
S608:Receive the body that certificate server confirms to return after the legal identity of the first user according to ID authentication request Part confirmation.
S609:Receive the second biological characteristic of the second user inputted on the terminal device.
S610:According to the second biological characteristic, checking request is sent to certificate server.
The biological characteristic of the second user is encrypted by default private key, the second encryption data is generated, according to the Two encryption datas generate checking request, and send malarial region request to certificate server, wherein, checking request carries described second Encryption data.
S611:The certificate server is received to return after the legitimacy of the second biological characteristic is confirmed according to checking request Logging-in code so that second user is logged in reference to the logging-in code.
The embodiment of the present invention is to the owner of terminal device, as the first user, carries out authentication, confirm this first The identity of user is true and owner for the terminal device after, then receive the biological characteristic of second user, used according to second The biological characteristic at family carries out authentication to second user.Second user authentication after, second user can Further logged in the terminal device as the equipment of login, to solve the terminal device of oneself not at one's side, it is impossible to step on The problem of record.By the user of priority certification first on the same device and second user identity, tendered guarantee in the first user Under the premise of so that second user can be logged in smoothly, it is ensured that the safety and reliability of whole verification process.
During ID authentication request and the checking request of second user entirely to the first user, certificate server profit Logging-in code is encrypted the public key being previously sent with terminal device, is sent to terminal device, due to the private of terminal device Key is existed only in terminal device, even if the logging-in code that this section is crossed by public key encryption is in plain text, is maliciously intercepted, interception side also without Method parses this section of ciphertext by way of as parsing symmetric cryptography, it is ensured that the logging-in code ciphertext is capable of safety, is only gathered around There is the terminal device of private key to parse correct logging-in code.Simultaneously for public key, either certificate server or terminal are set All it is disclosed for standby, therefore reliable channel need not be considered as and carry out password distribution, greatly reduces development difficulty.
Embodiment six
Referring to Fig. 7, Fig. 7 is a kind of schematic flow sheet for identity identifying method that the embodiment of the present invention five is provided, the party Method includes:
Step S701:The authentication information that receiving terminal apparatus is sent, the authentication information carries the first user's Account information, the first biological characteristic of the first user and the device identification of terminal device.
It should be noted that certificate server prestore the biological characteristic of each the first user, device identification and with Binding relationship between the device identification three of terminal device, the binding relationship can from the first user by terminal device to recognizing Generate during card server registration, can also administrative staff directly input.Certificate server is by judging the life of the first user Whether thing feature, device identification and the device identification of terminal device there is binding relationship to realize is carried out to the identity of the first user Certification.
Step S702:After the legal identity of the first user is confirmed according to authentication information, returned to terminal device Identification information;
Step S703:The checking request that receiving terminal apparatus is sent, the checking request carries the second biology of second user Feature;
Step S704:After the legitimacy of the second biological characteristic is confirmed according to the checking request, generation and second use The corresponding logging-in code in family.
Step S705:Logging-in code is sent to terminal device, so that second user is logged in reference to the logging-in code.
The certificate server that the present embodiment is provided is by carrying out authentication to the first user and second user being tested Card, second user authentication after so that on the premise of the first user tenders guarantee, second user can be suitable Profit is logged in, it is ensured that the safety and reliability of whole verification process.
Embodiment seven
Fig. 8 is refer to, Fig. 8 is a kind of knot of the electronic equipment for execution identity identifying method that the embodiment of the present invention seven is provided Structure schematic diagram.
Electronic equipment 80 includes:It is with a processor 81 in one or more processors 81 and memory 82, Fig. 8 Example.
Processor 81 and memory 82 can be connected by bus or other modes, to be connected as by bus in Fig. 8 Example.
Memory 82 is as a kind of non-volatile computer readable storage medium storing program for executing, available for storage non-volatile software journey The corresponding program of identity identifying method in sequence, non-volatile computer executable program and module, such as embodiment of the present invention Instruction/module (for example, module 301-311 shown in accompanying drawing 3, the module 401-405 shown in accompanying drawing 4).Processor 81 passes through fortune Row is stored in non-volatile software program, instruction and module in memory 82, so that the various functions of execute server should With and data processing, that is, realize above method embodiment file read method.
Memory 82 can include storing program area and storage data field, wherein, storing program area can storage program area, Application program required at least one function;Storage data field can be stored uses created number according to data storage device According to etc..In addition, memory 82 can include high-speed random access memory, nonvolatile memory can also be included, for example extremely Few storage memory device, flush memory device or other non-volatile solid state memory parts.In certain embodiments, memory 82 is optional including the memory remotely located relative to processor 81, and these remote memories can pass through network connection to data Storage device.The example of above-mentioned network includes but is not limited to internet, intranet, LAN, mobile radio communication and its group Close.
One or more of modules are stored in the memory 82, when by one or more of processors 81 During execution, the identity identifying method in above-mentioned any means embodiment is performed, for example, performing the method in Fig. 5 described above Method and step S701 to step S705 in method and step S601 to step S611 in step S501 to S506, Fig. 6, Fig. 7, it is real The function of the module 401-405 in module 301-311, Fig. 4 in existing Fig. 3.
The said goods can perform the method that the embodiment of the present invention is provided, and possesses the corresponding functional module of execution method and has Beneficial effect.Not ins and outs of detailed description in the present embodiment, reference can be made to the method that the embodiment of the present invention is provided.
The electronic equipment of the embodiment of the present invention can be server, that is, the equipment for providing the service of calculating.The composition of server Including processor, hard disk, internal memory, system bus etc., server is similar with general computer architecture, but is due to need to provide Highly reliable service, therefore required in terms of disposal ability, stability, reliability, security, scalability, manageability It is higher.
The electronic equipment that the present embodiment is provided:The terminal can be set on the successful terminal device of the first user authentication The standby equipment for being authenticated logging in as second user, passes through the user of priority certification first on the same device and second user body Part, on the premise of the first user tenders guarantee so that second user can be logged in smoothly, it is ensured that the peace of whole verification process Full property and reliability.
The embodiments of the invention provide a kind of non-volatile computer readable storage medium storing program for executing, the computer-readable storage medium Matter is stored with computer executable instructions, and the computer executable instructions are executed by one or more processors, such as in Fig. 8 One processor 81, may be such that said one or multiple processors can perform what the file in above-mentioned any means embodiment was read Method, for example, performing method and step S601 in the method and step S501 to S506 in Fig. 5 described above, Fig. 6 to step Method and step S701 to step S705 in S611, Fig. 7, realizes the module 401-405 in module 301-311, Fig. 4 in Fig. 3 Function.
The embodiments of the invention provide a kind of computer program product, when computer program is performed, above-mentioned is realized The method of data storage in embodiment of the method for anticipating, for example, method and step S501 in Fig. 5 described above is performed to S506, Method and step S701 to step S705 in method and step S601 to step S611 in Fig. 6, Fig. 7, realizes the module in Fig. 3 The function of module 401-405 in 301-311, Fig. 4.
Device embodiment described above is only schematical, wherein the unit illustrated as separating component can To be or may not be physically separate, the part shown as unit can be or may not be physics list Member, you can with positioned at a place, or can also be distributed on multiple NEs.It can be selected according to the actual needs In some or all of module realize the purpose of this embodiment scheme.
The description of embodiment more than, those of ordinary skill in the art can be understood that each embodiment can be borrowed The mode of software plus general hardware platform is helped to realize, naturally it is also possible to pass through hardware.Those of ordinary skill in the art can manage Solution realizes that all or part of flow in above-described embodiment method can be by computer program to instruct the hardware of correlation Complete, described program can be stored in a computer read/write memory medium, and the program is upon execution, it may include each as described above The flow of the embodiment of method.Wherein, described storage medium can be magnetic disc, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access Memory, RAM) etc..
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;At this Under the thinking of invention, it can also be combined between the technical characteristic in above example or non-be the same as Example, step can be with Realized with random order, and there are many other changes of the different aspect of the present invention as described above, for simplicity, they do not have Have and provided in details;Although the present invention is described in detail with reference to the foregoing embodiments, the ordinary skill people of this area Member should be understood:It can still modify to the technical scheme described in foregoing embodiments, or to which part skill Art feature carries out equivalent substitution;And these modifications or replacement, the essence of appropriate technical solution is departed from each reality of the invention Apply the scope of a technical scheme.
It should be noted that the preferred embodiment of the present invention is given in the specification and its accompanying drawing of the present invention, still, The present invention can be realized by many different forms, however it is not limited to the embodiment described by this specification, these embodiments There is provided the purpose of these embodiments it is to make the understanding to the disclosure not as the extra limitation to present invention It is more thorough comprehensive.Also, above-mentioned each technical characteristic continues to be mutually combined, the various embodiments not being enumerated above are formed, It is considered as the scope of description of the invention record;Further, for those of ordinary skills, can be according to the above description Improved or converted, and all these modifications and variations should all belong to the protection domain of appended claims of the present invention.

Claims (16)

1. a kind of identity authentication method, it is characterised in that including:
The first biological characteristic of the first user inputted on the terminal device is received, and obtains the account letter of first user The device identification of breath and the terminal device;
According to the account information, device identification and the first biological characteristic, ID authentication request is sent to certificate server;
The certificate server is received to be confirmed to return after the legal identity of first user according to the ID authentication request Identification information;
Receive the second biological characteristic of the second user inputted on the terminal device;
According to second biological characteristic, checking request is sent to the certificate server;
The certificate server is received to return after the legitimacy of second biological characteristic is confirmed according to the checking request Logging-in code so that the second user is logged in reference to the logging-in code.
2. according to the method described in claim 1, it is characterised in that
The ID authentication request to account information, the first biological characteristic and is set according to the private key bound in the first biological characteristic Generation is encrypted in standby mark.
3. method according to claim 2, it is characterised in that
The private key is examined by acquiring afterwards in first biological characteristic.
4. the method according to claim 2 or 3, it is characterised in that
The checking request is that generation is encrypted to second biological characteristic according to the private key bound in the first biological characteristic 's.
5. a kind of identity authentication method, it is characterised in that including:
The authentication information that receiving terminal apparatus is sent, the authentication information carries the account letter of first user The device identification of breath, the first biological characteristic of the first user and the terminal device;
After the legal identity of first user is confirmed according to the authentication information, body is returned to the terminal device Part confirmation;
The checking request that the terminal device is sent is received, the checking request carries the second biological characteristic of second user;
After the legitimacy of second biological characteristic is confirmed according to the checking request, generate corresponding with the second user Logging-in code;
The logging-in code is sent to the terminal device, so that the second user is logged in reference to the logging-in code.
6. method according to claim 5, it is characterised in that
The identification information is to determine that the account information, the first biological characteristic of the first user and the device identification are deposited Generated in corresponding relation.
7. method according to claim 5, it is characterised in that
The legitimacy for confirming second biological characteristic includes:
Determine biological characteristic stock in second biological characteristic.
8. a kind of terminal device, it is characterised in that including:
Biological characteristic recognition module, for carrying out living things feature recognition;
First receiving module, the first biological characteristic for receiving the first user inputted on the terminal device;
First acquisition module, for obtaining the account information of first user and the device identification of the terminal device;
First sending module, for according to the account information, device identification and the first biological characteristic, being sent to certificate server ID authentication request;
Second receiving module, for receiving the certificate server according to ID authentication request confirmation first user's The identification information returned after legal identity;
3rd receiving module, the second biological characteristic for receiving the second user inputted on the terminal device;
Second sending module, for according to second biological characteristic, checking request to be sent to the certificate server;
4th receiving module, second biological characteristic is being confirmed for receiving the certificate server according to the checking request Legitimacy after the logging-in code that returns so that the second user is logged in reference to the logging-in code.
9. terminal device according to claim 8, it is characterised in that the terminal device also includes:
First encrypting module, for according to bound in the first biological characteristic private key is to account information, the first biological characteristic and sets Standby mark is encrypted.
10. terminal device according to claim 9, it is characterised in that the terminal device also includes:
Second acquisition module, after being examined and passing through in first biological characteristic, obtains the private key.
11. the terminal device according to claim 9 or 10, it is characterised in that the terminal device also includes:
Second encrypting module, for second biological characteristic to be encrypted according to the private key bound in the first biological characteristic.
12. a kind of certificate server, it is characterised in that including:
First receiving module, the authentication information sent for receiving terminal apparatus, the authentication information carries described The device identification of the account information of first user, the first biological characteristic of the first user and the terminal device;
First returns to module, for after the legal identity of first user is confirmed according to the authentication information, to The terminal device returns to identification information;
Second receiving module, for receiving the checking request that the terminal device is sent, the checking request carries second user The second biological characteristic;
Generation module, for after the legitimacy of second biological characteristic is confirmed according to the checking request, generating and institute State the corresponding logging-in code of second user;
Second returns to module, for sending the logging-in code to the terminal device, so that the second user is stepped on reference to described Record code is logged in.
13. a kind of electronic equipment, it is characterised in that including:
At least one processor;And,
The memory being connected with least one described processor communication;Wherein,
The memory storage has can be by the instruction of at least one computing device, and the instruction is by described at least one Manage device to perform, so that at least one described processor is able to carry out the method described in claim any one of 1-4.
14. a kind of electronic equipment, it is characterised in that including:
At least one processor;And,
The memory being connected with least one described processor communication;Wherein,
The memory storage has can be by the instruction of at least one computing device, and the instruction is by described at least one Manage device to perform, so that at least one described processor is able to carry out the method described in claim any one of 5-7.
15. a kind of computer program product, it is characterised in that the computer program product includes being stored in non-volatile calculating Computer program on machine readable storage medium storing program for executing, the computer program includes programmed instruction, when described program instruction is by electronics When equipment is performed, the electronic equipment perform claim is set to require the method described in any one of 1-4.
16. a kind of computer program product, it is characterised in that the computer program product includes being stored in non-volatile calculating Computer program on machine readable storage medium storing program for executing, the computer program includes programmed instruction, when described program instruction is by electronics When equipment is performed, the electronic equipment perform claim is set to require the method described in any one of 5-7.
CN201680002681.2A 2016-11-15 2016-11-15 Identity authentication method, terminal equipment, authentication server and electronic equipment Active CN107079034B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/105886 WO2018090183A1 (en) 2016-11-15 2016-11-15 Identity authentication method, terminal device, authentication server and electronic device

Publications (2)

Publication Number Publication Date
CN107079034A true CN107079034A (en) 2017-08-18
CN107079034B CN107079034B (en) 2020-07-28

Family

ID=59624131

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201680002681.2A Active CN107079034B (en) 2016-11-15 2016-11-15 Identity authentication method, terminal equipment, authentication server and electronic equipment

Country Status (2)

Country Link
CN (1) CN107079034B (en)
WO (1) WO2018090183A1 (en)

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108446912A (en) * 2018-05-03 2018-08-24 中国工商银行股份有限公司 Safety certifying method and equipment
CN108446591A (en) * 2018-02-07 2018-08-24 北汽福田汽车股份有限公司 Driver identity recognition methods, device, storage medium and vehicle
CN108650241A (en) * 2018-04-20 2018-10-12 中国联合网络通信集团有限公司 A kind of shared authorization method and device
CN108712384A (en) * 2018-04-17 2018-10-26 北京小米移动软件有限公司 terminal authentication method, device, terminal and server
CN108989315A (en) * 2018-07-23 2018-12-11 广州视源电子科技股份有限公司 Identity identifying method, apparatus and system
CN109246133A (en) * 2018-10-19 2019-01-18 清华大学 A kind of network access verifying method based on bio-identification
CN109413058A (en) * 2018-10-17 2019-03-01 山东渔翁信息技术股份有限公司 A kind of information communicating method, device and the relevant device of server and terminal device
CN109426704A (en) * 2017-08-31 2019-03-05 京东方科技集团股份有限公司 Article uses control method, verifying equipment, terminal device and system
CN109615380A (en) * 2018-10-26 2019-04-12 深圳壹账通智能科技有限公司 Method, apparatus, computer equipment and the storage medium of user identity authentication
CN109711133A (en) * 2018-12-26 2019-05-03 广州市巽腾信息科技有限公司 Authentication method, device and the server of identity information
CN109885995A (en) * 2018-12-29 2019-06-14 弦子科技(北京)有限公司 A kind of digital identity confirmation method, device and electronic equipment
CN109951437A (en) * 2019-01-14 2019-06-28 平安科技(深圳)有限公司 Safety certifying method, device and server based on recognition of face
CN109963149A (en) * 2017-12-26 2019-07-02 安凯(广州)微电子技术有限公司 A kind of test method of video camera, test device and terminal device
CN110047211A (en) * 2018-01-15 2019-07-23 沅圣科技股份有限公司 Intelligence takes object cabinet management method
CN108284805B (en) * 2017-12-18 2019-09-10 航天新长征大道科技有限公司 A kind of car-mounted terminal abnormal login processing method, server, car-mounted terminal
CN110268407A (en) * 2017-11-29 2019-09-20 指纹卡有限公司 Two step centers of fingerprint match
CN110290134A (en) * 2019-06-25 2019-09-27 神州融安科技(北京)有限公司 A kind of identity identifying method, device, storage medium and processor
CN110297923A (en) * 2018-12-13 2019-10-01 阿里巴巴集团控股有限公司 Information processing method, device, electronic equipment and computer readable storage medium
CN110336870A (en) * 2019-06-27 2019-10-15 深圳前海微众银行股份有限公司 Method for building up, device, system and the storage medium in telecommuting O&M channel
CN110855598A (en) * 2018-08-20 2020-02-28 北京场景互娱传媒科技有限公司 Terminal application management method, terminal device, cloud server and storage medium
CN111489175A (en) * 2020-04-08 2020-08-04 支付宝(杭州)信息技术有限公司 Online identity authentication method, device, system and storage medium
CN112417394A (en) * 2020-11-09 2021-02-26 广州医科大学附属第一医院(广州呼吸中心) Intelligent explosion-proof cabinet and control method thereof
CN112580009A (en) * 2020-12-22 2021-03-30 北京八分量信息科技有限公司 Method and device for authenticating user identity in big data system and related products
CN112868018A (en) * 2018-12-31 2021-05-28 北京嘀嘀无限科技发展有限公司 System and method for device fingerprint determination in transport services
CN115085980A (en) * 2022-05-31 2022-09-20 北京融讯智晖技术有限公司 Network access management system based on fusion video cloud
CN115964687A (en) * 2022-12-14 2023-04-14 武汉卓讯互动信息科技有限公司 Block chain-based enterprise unified account authentication method and platform

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108875348A (en) * 2018-09-10 2018-11-23 中国医学科学院医学信息研究所 A kind of account logon method and system
CN110175925B (en) * 2019-04-16 2023-01-20 创新先进技术有限公司 Processing method, device, server and system for verifying user information
CN110232283A (en) * 2019-05-21 2019-09-13 深圳壹账通智能科技有限公司 The method and relevant apparatus of blacklist cloud shared authentication based on homomorphic cryptography
CN111090848A (en) * 2019-11-05 2020-05-01 深圳市文鼎创数据科技有限公司 Authentication method and authentication device
CN111226450A (en) * 2019-11-26 2020-06-02 深圳市汇顶科技股份有限公司 External security authentication device, man-machine interaction device, communication system and authentication method
CN113630369B (en) * 2020-05-08 2023-07-21 杭州海康威视数字技术股份有限公司 Identity authentication method, device and storage medium
CN111581624B (en) * 2020-05-18 2023-06-20 中科美络科技股份有限公司 Intelligent terminal user identity authentication method
CN111698224B (en) * 2020-05-22 2022-02-22 张焱 Water quality monitoring terminal user verification method and system and water quality monitoring internet of things terminal
CN113765866B (en) * 2020-07-31 2023-09-05 北京沃东天骏信息技术有限公司 Method and device for logging in remote host
CN114268445A (en) * 2020-09-15 2022-04-01 中国电信股份有限公司 Authentication method, device and system for cloud mobile phone application, authentication module and terminal
CN112328992B (en) * 2020-11-10 2022-09-13 上海亿为科技有限公司 Human body detection method based on artificial intelligence and cloud server
CN112528257B (en) * 2020-12-04 2023-08-01 百度在线网络技术(北京)有限公司 Secure debugging method and device, electronic equipment and storage medium
CN112580017B (en) * 2020-12-25 2023-12-29 深信服科技股份有限公司 Authentication method and device, electronic equipment and storage medium
CN113283920B (en) * 2021-06-11 2022-03-15 广东新禾道信息科技有限公司 House leasing information tracing method and system based on block chain and cloud platform
CN113434848A (en) * 2021-07-06 2021-09-24 李瑞强 Data acquisition method and device, storage medium and electronic equipment
CN114039748A (en) * 2021-10-25 2022-02-11 中广核工程有限公司 Identity authentication method, system, computer device and storage medium
CN117640090B (en) * 2024-01-25 2024-04-12 蓝象智联(杭州)科技有限公司 Identity verification method and system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012035813A1 (en) * 2010-09-15 2012-03-22 株式会社アルファ Power hand tool
CN102622685A (en) * 2012-03-16 2012-08-01 上海宝钢钢材贸易有限公司 Identity identification method for steel product trading system
CN103944856A (en) * 2013-01-17 2014-07-23 华为终端有限公司 Authority transfer method and device
CN104079710A (en) * 2013-03-31 2014-10-01 浙江大学 Novel totally closed card reader integrated mobile phone
CN104735065A (en) * 2015-03-16 2015-06-24 联想(北京)有限公司 Data processing method, electronic device and server
CN105025015A (en) * 2015-06-26 2015-11-04 夏健鸣 Equipment user authorization management and safety starting method and system
CN105635099A (en) * 2015-07-23 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Identity authentication method, identity authentication system, terminal and server

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8931034B2 (en) * 2010-06-25 2015-01-06 Telefonaktiebolaget L M Ericsson (Publ) System, method, and policy engine for granting temporary access to electronic content
CN104966007A (en) * 2015-05-28 2015-10-07 深圳市万普拉斯科技有限公司 Multi-user login method and apparatus
CN105931337A (en) * 2016-05-09 2016-09-07 杭州摇光科技有限公司 Electronic lock device and system and authorizing method of electronic lock system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012035813A1 (en) * 2010-09-15 2012-03-22 株式会社アルファ Power hand tool
CN102622685A (en) * 2012-03-16 2012-08-01 上海宝钢钢材贸易有限公司 Identity identification method for steel product trading system
CN103944856A (en) * 2013-01-17 2014-07-23 华为终端有限公司 Authority transfer method and device
CN104079710A (en) * 2013-03-31 2014-10-01 浙江大学 Novel totally closed card reader integrated mobile phone
CN104735065A (en) * 2015-03-16 2015-06-24 联想(北京)有限公司 Data processing method, electronic device and server
CN105025015A (en) * 2015-06-26 2015-11-04 夏健鸣 Equipment user authorization management and safety starting method and system
CN105635099A (en) * 2015-07-23 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Identity authentication method, identity authentication system, terminal and server

Cited By (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109426704A (en) * 2017-08-31 2019-03-05 京东方科技集团股份有限公司 Article uses control method, verifying equipment, terminal device and system
CN110268407B (en) * 2017-11-29 2021-04-02 指纹卡有限公司 Two-step central matching of fingerprints
CN110268407A (en) * 2017-11-29 2019-09-20 指纹卡有限公司 Two step centers of fingerprint match
CN108284805B (en) * 2017-12-18 2019-09-10 航天新长征大道科技有限公司 A kind of car-mounted terminal abnormal login processing method, server, car-mounted terminal
CN109963149A (en) * 2017-12-26 2019-07-02 安凯(广州)微电子技术有限公司 A kind of test method of video camera, test device and terminal device
CN110047211A (en) * 2018-01-15 2019-07-23 沅圣科技股份有限公司 Intelligence takes object cabinet management method
CN108446591A (en) * 2018-02-07 2018-08-24 北汽福田汽车股份有限公司 Driver identity recognition methods, device, storage medium and vehicle
CN108712384B (en) * 2018-04-17 2021-12-28 北京小米移动软件有限公司 Terminal authentication method and device, terminal and server
CN108712384A (en) * 2018-04-17 2018-10-26 北京小米移动软件有限公司 terminal authentication method, device, terminal and server
CN108650241A (en) * 2018-04-20 2018-10-12 中国联合网络通信集团有限公司 A kind of shared authorization method and device
CN108446912A (en) * 2018-05-03 2018-08-24 中国工商银行股份有限公司 Safety certifying method and equipment
CN108989315A (en) * 2018-07-23 2018-12-11 广州视源电子科技股份有限公司 Identity identifying method, apparatus and system
CN110855598A (en) * 2018-08-20 2020-02-28 北京场景互娱传媒科技有限公司 Terminal application management method, terminal device, cloud server and storage medium
CN109413058A (en) * 2018-10-17 2019-03-01 山东渔翁信息技术股份有限公司 A kind of information communicating method, device and the relevant device of server and terminal device
CN109246133A (en) * 2018-10-19 2019-01-18 清华大学 A kind of network access verifying method based on bio-identification
CN109615380A (en) * 2018-10-26 2019-04-12 深圳壹账通智能科技有限公司 Method, apparatus, computer equipment and the storage medium of user identity authentication
CN110297923A (en) * 2018-12-13 2019-10-01 阿里巴巴集团控股有限公司 Information processing method, device, electronic equipment and computer readable storage medium
CN110297923B (en) * 2018-12-13 2024-01-19 创新先进技术有限公司 Information processing method, information processing device, electronic equipment and computer readable storage medium
WO2020135114A1 (en) * 2018-12-26 2020-07-02 巽腾(广东)科技有限公司 Method and device for authenticating identity information, and server
CN109711133A (en) * 2018-12-26 2019-05-03 广州市巽腾信息科技有限公司 Authentication method, device and the server of identity information
CN109885995A (en) * 2018-12-29 2019-06-14 弦子科技(北京)有限公司 A kind of digital identity confirmation method, device and electronic equipment
CN112868018A (en) * 2018-12-31 2021-05-28 北京嘀嘀无限科技发展有限公司 System and method for device fingerprint determination in transport services
CN109951437A (en) * 2019-01-14 2019-06-28 平安科技(深圳)有限公司 Safety certifying method, device and server based on recognition of face
CN110290134B (en) * 2019-06-25 2022-05-03 神州融安科技(北京)有限公司 Identity authentication method, identity authentication device, storage medium and processor
CN110290134A (en) * 2019-06-25 2019-09-27 神州融安科技(北京)有限公司 A kind of identity identifying method, device, storage medium and processor
CN110336870A (en) * 2019-06-27 2019-10-15 深圳前海微众银行股份有限公司 Method for building up, device, system and the storage medium in telecommuting O&M channel
CN110336870B (en) * 2019-06-27 2024-03-05 深圳前海微众银行股份有限公司 Method, device and system for establishing remote office operation and maintenance channel and storage medium
CN111489175A (en) * 2020-04-08 2020-08-04 支付宝(杭州)信息技术有限公司 Online identity authentication method, device, system and storage medium
CN111489175B (en) * 2020-04-08 2022-06-03 支付宝(杭州)信息技术有限公司 Online identity authentication method, device, system and storage medium
CN112417394A (en) * 2020-11-09 2021-02-26 广州医科大学附属第一医院(广州呼吸中心) Intelligent explosion-proof cabinet and control method thereof
CN112580009A (en) * 2020-12-22 2021-03-30 北京八分量信息科技有限公司 Method and device for authenticating user identity in big data system and related products
CN115085980A (en) * 2022-05-31 2022-09-20 北京融讯智晖技术有限公司 Network access management system based on fusion video cloud
CN115085980B (en) * 2022-05-31 2024-02-27 北京融讯智晖技术有限公司 Network access management system based on converged video cloud
CN115964687A (en) * 2022-12-14 2023-04-14 武汉卓讯互动信息科技有限公司 Block chain-based enterprise unified account authentication method and platform

Also Published As

Publication number Publication date
WO2018090183A1 (en) 2018-05-24
CN107079034B (en) 2020-07-28

Similar Documents

Publication Publication Date Title
CN107079034A (en) A kind of identity authentication method, terminal device, certificate server and electronic equipment
KR102020000B1 (en) Personal information providing system using one time private key based on block chain of proof of use and method thereof
US20210314174A1 (en) System and method for verifying an identity of a user using a cryptographic challenge based on a cryptographic operation
CN107786547A (en) A kind of auth method based on block chain, device and computer-readable recording medium
US9698992B2 (en) Method for signing electronic documents with an analog-digital signature with additional verification
US9397980B1 (en) Credential management
CN110462658A (en) For providing system and method for the digital identity record to verify the identity of user
CN108235805A (en) Account unifying method and device and storage medium
TW200820716A (en) Method and apparatus for providing trusted single sign-on access to applications and internet-based services
CN107210916A (en) Condition, which is logged in, to be promoted
CN109768983A (en) Dynamic and Multi dimensional personal identification method, apparatus and system based on block chain
CN109802942A (en) A kind of voiceprint authentication method and system, mobile terminal of secret protection
CN108154351A (en) The electrical integrated seal of object and affairs examination & approval implementation method, system, platform, medium
CN108140152A (en) Computer implemented tracking mechanism and data management
US20130203037A1 (en) Examination mangement
CN109741800A (en) The method for security protection of medical data intranet and extranet interaction based on block chain technology
CN108206803A (en) Business acts on behalf processing method and processing device
CN106850693A (en) The method and real-name authentication system of a kind of real-name authentication
CN106027243A (en) Electronic certificate generation method and system, client, cloud platform, and authorization end
CN105763323A (en) System and method for generation and storage of electronic certificates
CN108369614A (en) User authen method and system for carrying out the process
CN105827571A (en) UAF (Universal Authentication Framework) protocol based multi-modal biological characteristic authentication method and equipment
CN109300199A (en) Attendance checking system and Work attendance method based on block chain
Awalu et al. Development of a distributed blockchain evoting system
US11444784B2 (en) System and method for generation and verification of a subject's identity based on the subject's association with an organization

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210121

Address after: 200000 second floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai

Patentee after: Dalu Robot Co.,Ltd.

Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.)

Patentee before: CLOUDMINDS (SHENZHEN) HOLDINGS Co.,Ltd.

TR01 Transfer of patent right
CP03 Change of name, title or address

Address after: 201111 Building 8, No. 207, Zhongqing Road, Minhang District, Shanghai

Patentee after: Dayu robot Co.,Ltd.

Address before: 200000 second floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai

Patentee before: Dalu Robot Co.,Ltd.

CP03 Change of name, title or address