CN111080923A - Identity authentication method and device for financial equipment - Google Patents

Identity authentication method and device for financial equipment Download PDF

Info

Publication number
CN111080923A
CN111080923A CN201911174303.4A CN201911174303A CN111080923A CN 111080923 A CN111080923 A CN 111080923A CN 201911174303 A CN201911174303 A CN 201911174303A CN 111080923 A CN111080923 A CN 111080923A
Authority
CN
China
Prior art keywords
financial equipment
financial
authentication
equipment
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911174303.4A
Other languages
Chinese (zh)
Inventor
胡观兵
肖群
王进
王炬华
李冲
李祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
CCB Finetech Co Ltd
Original Assignee
China Construction Bank Corp
CCB Finetech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp, CCB Finetech Co Ltd filed Critical China Construction Bank Corp
Priority to CN201911174303.4A priority Critical patent/CN111080923A/en
Publication of CN111080923A publication Critical patent/CN111080923A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses an identity authentication method and device of financial equipment, and relates to the technical field of computers. One embodiment of the method comprises: responding to identity authentication operation triggered by a user, and acquiring a secret key of the financial equipment from a server; and generating a two-dimensional code according to the identification of the financial equipment, the authentication timestamp and the secret key of the financial equipment. The implementation method can solve the technical problem that the login authentication needs to be carried with an identity card or a bank card.

Description

Identity authentication method and device for financial equipment
Technical Field
The invention relates to the technical field of computers, in particular to an identity authentication method and device for financial equipment.
Background
In recent years, expanding the service mode and service range of banks becomes one of the most main development targets of banks, and the mobile deployment type financial service cabin becomes an important way for the banks to expand service channels. The financial service cabin is a financial equipment terminal which is not limited to a bank outlet, has a fully closed operation space, can be movably deployed outside the bank outlet, such as a market, a square, a subway station and the like, and a user can self-service related business of a bank without accompanying of bank staff.
The financial service cabin has a totally enclosed operation space, and can effectively guarantee the information safety of users. The two-dimensional code scanning login mode can bring convenient operation experience to the financial service cabin, and more choices are provided for the financial equipment login mode.
In the process of implementing the invention, the inventor finds that at least the following problems exist in the prior art:
at present, login authentication is generally realized in the modes of identity card + face swiping and bank card + card password, but the authentication mode of identity card + face swiping needs a user to carry an identity card, and login authentication cannot be performed if the user does not carry the identity card. Similarly, the same problem exists in the mode of bank card and card secret.
Disclosure of Invention
In view of this, embodiments of the present invention provide an identity authentication method and apparatus for a financial device, so as to solve the technical problem that an identity card or a bank card needs to be carried for login authentication.
In order to achieve the above object, according to an aspect of an embodiment of the present invention, there is provided an identity authentication method of a financial device, applied to the financial device, including:
responding to identity authentication operation triggered by a user, and acquiring a secret key of the financial equipment from a server;
and generating a two-dimensional code according to the identification of the financial equipment, the authentication timestamp and the secret key of the financial equipment.
Optionally, the method further comprises:
polling a server to acquire the login state of the financial equipment;
and performing identity authentication according to the login state of the financial equipment.
Optionally, polling a server to obtain a login status of the financial device includes:
sending a state query request to a server at intervals of a first preset time period;
and receiving a query result returned by the server.
Optionally, performing identity authentication according to the login state of the financial device includes:
if the query result includes that the login state of the financial equipment is not logged in all the time within a second preset time period, regenerating the two-dimensional code;
and if the query result comprises the login state of the financial equipment, the user identification and the user information associated with the user identification, modifying the authentication state of the financial equipment into the authentication completion state.
In addition, according to another aspect of the embodiments of the present invention, there is provided an identity authentication method of a financial device, applied to a mobile terminal, including:
scanning and analyzing a two-dimensional code generated by financial equipment to obtain an identifier of the financial equipment, an authentication timestamp and a key of the financial equipment;
responding to a request operation triggered by a user, and sending an authentication request to a server; the authentication request carries the identification of the financial equipment, the authentication timestamp, the secret key of the financial equipment, the user identification and the request timestamp.
In addition, according to another aspect of the embodiments of the present invention, there is provided an identity authentication method for a financial device, applied to a server, including:
receiving and analyzing an authentication request sent by a mobile terminal to obtain an identifier of financial equipment, an authentication timestamp, a secret key of the financial equipment, a user identifier and a request timestamp;
judging whether the pre-stored key of the financial equipment associated with the identifier of the financial equipment is consistent with the key of the financial equipment obtained by analysis;
and if so, modifying the login state of the financial equipment into the logged state, and storing the association relationship between the financial equipment and the user identifier.
Optionally, the method further comprises:
receiving a state query request sent by the financial equipment;
returning the query result to the financial device;
the query result comprises that the login state is not logged in, or the login state is logged in, the user identifier and user information associated with the user identifier.
In addition, according to another aspect of the embodiments of the present invention, there is provided an identity authentication apparatus for a financial device, the apparatus being provided in the financial device, including:
the acquisition module is used for responding to identity authentication operation triggered by a user and acquiring a secret key of the financial equipment from a server;
and the generating module is used for generating a two-dimensional code according to the identification of the financial equipment, the authentication timestamp and the secret key of the financial equipment.
Optionally, the system further comprises a login module, configured to:
polling a server to acquire the login state of the financial equipment;
and performing identity authentication according to the login state of the financial equipment.
Optionally, the login module is further configured to:
sending a state query request to a server at intervals of a first preset time period;
and receiving a query result returned by the server.
Optionally, the login module is further configured to:
if the query result includes that the login state of the financial equipment is not logged in all the time within a second preset time period, regenerating the two-dimensional code;
and if the query result comprises the login state of the financial equipment, the user identification and the user information associated with the user identification, modifying the authentication state of the financial equipment into the authentication completion state.
In addition, according to another aspect of the embodiments of the present invention, there is provided an identity authentication apparatus for a financial device, which is provided in a mobile terminal, including:
the analysis module is used for scanning and analyzing the two-dimensional code generated by the financial equipment to obtain the identifier of the financial equipment, the authentication timestamp and the key of the financial equipment;
the request module is used for responding to request operation triggered by a user and sending an authentication request to the server; the authentication request carries the identification of the financial equipment, the authentication timestamp, the secret key of the financial equipment, the user identification and the request timestamp.
In addition, according to another aspect of the embodiments of the present invention, there is provided an identity authentication apparatus for a financial device, which is disposed at a server, and includes:
the receiving module is used for receiving and analyzing the authentication request sent by the mobile terminal to obtain the identification of the financial equipment, the authentication timestamp, the key of the financial equipment, the user identification and the request timestamp;
the authentication module is used for judging whether the prestored key of the financial equipment associated with the identifier of the financial equipment is consistent with the analyzed key of the financial equipment or not; and if so, modifying the login state of the financial equipment into the logged state, and storing the association relationship between the financial equipment and the user identifier.
The authentication module is further to:
receiving a state query request sent by the financial equipment;
returning the query result to the financial device;
the query result comprises that the login state is not logged in, or the login state is logged in, the user identifier and user information associated with the user identifier.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any of the embodiments described above.
According to another aspect of the embodiments of the present invention, there is also provided a computer readable medium, on which a computer program is stored, which when executed by a processor implements the method of any of the above embodiments.
One embodiment of the above invention has the following advantages or benefits: because the financial equipment is adopted to generate the two-dimensional code, the mobile terminal scans the two-dimensional code, and the server side carries out the technical means of identity authentication, the technical problem that an identity card or a bank card needs to be carried in login authentication in the prior art is solved. Almost all people in the information era carry mobile phones, and the mobile phones can log in financial cabin equipment in a two-dimensional code scanning authentication mode as long as the mobile phones are carried. According to the embodiment of the invention, the two-dimensional code is generated according to the identification, the secret key and the authentication timestamp of the financial equipment, so that the user can scan the two-dimensional code to perform identity authentication, and the situation that the user cannot log in the financial equipment because the user does not carry an entity card can be effectively avoided.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
fig. 1 is a schematic diagram of a main flow of an identity authentication method of a financial device according to an embodiment of the present invention;
FIG. 2 is a schematic view showing a main flow of an identity authentication method of a financial device according to a referential embodiment of the present invention
FIG. 3 is a schematic view showing a main flow of an identity authentication method of a financial device according to another referential embodiment of the present invention
Fig. 4 is a schematic diagram of a main flow of an identity authentication method of a financial device according to still another referential embodiment of the present invention;
fig. 5 is a schematic diagram of a main flow of an identity authentication method of a financial device according to still another referential embodiment of the present invention;
fig. 6 is a schematic diagram of main blocks of an identity authentication apparatus of a financial device according to an embodiment of the present invention;
fig. 7 is a schematic diagram of main blocks of an identity authentication apparatus of a financial device according to an embodiment of the present invention;
FIG. 8 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 9 is a schematic structural diagram of a computer system suitable for implementing a terminal device or a server according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Fig. 1 is a schematic diagram of a main flow of an identity authentication method of a financial device according to an embodiment of the present invention. As an embodiment of the present invention, as shown in fig. 1, the method for authenticating an identity of a financial device is applied to the financial device, and may include:
step 101, in response to the identity authentication operation triggered by the user, obtaining the key of the financial device from the server.
In the embodiment of the invention, the financial device may be a financial service cabin, and when a user enters an authentication page and an identity authentication operation is triggered on the financial device, the financial device acquires a secret key of the financial device from a service end in response to the identity authentication operation triggered by the user. It should be noted that the server stores the key corresponding to each financial device, so as to prevent the financial device from being attacked and ensure that the financial device generates a secure and reliable two-dimensional code.
And 102, generating a two-dimensional code according to the identification of the financial equipment, the authentication timestamp and the secret key of the financial equipment.
After the financial equipment acquires the key corresponding to the financial equipment from the server side, the two-dimensional code generator in the financial equipment generates a two-dimensional code according to the identification and the authentication timestamp of the financial equipment and the key of the financial equipment, so that a user can scan the two-dimensional code, and identity authentication is performed.
It should be noted that, in the embodiment of the present invention, the authentication timestamp refers to a timestamp at which the user triggers an identity authentication operation on the financial device.
The existing mode of logging in the financial equipment is completed based on a physical card, and the login authentication of the financial equipment is realized by combining a mode of swiping an identity card or a bank card and a mode of swiping a face matching authentication or verifying the card secret of the bank card. However, the probability that the user carries the mobile phone is much higher than the probability that the user carries the entity card, so that the embodiment of the invention generates the two-dimensional code according to the identifier, the secret key and the authentication timestamp of the financial equipment so as to be scanned by the user for identity authentication, thereby effectively avoiding the situation that the user cannot log in the financial equipment because the user does not carry the entity card.
Fig. 2 is a schematic diagram of a main flow of an identity authentication method of a financial device according to one referential embodiment of the present invention. As an embodiment of the present invention, as shown in fig. 2, the method for authenticating an identity of a financial device is applied to the financial device, and may include:
step 201, in response to the identity authentication operation triggered by the user, obtaining the key of the financial device from the server.
Step 202, generating a two-dimensional code according to the identification of the financial device, the authentication timestamp and the secret key of the financial device.
And step 203, polling the server to acquire the login state of the financial equipment.
And step 204, performing identity authentication according to the login state of the financial equipment.
The financial equipment polls the server side to obtain the login state of the financial equipment, and the authentication of the user is carried out according to the login state of the financial equipment returned by the server side.
Optionally, step 203 may comprise: sending a state query request to a server at intervals of a first preset time period; and receiving a query result returned by the server. The first preset time period can be configured in advance, so that the financial device sends a state inquiry request to the server end every other first preset time period to inquire the login state of the financial device. According to the fact that the login state of the financial equipment is logged in or not logged in, whether the two-dimensional code of the financial equipment is scanned or not can be judged, and the authentication is passed.
Optionally, step 204 may include: if the query result includes that the login state of the financial equipment is not logged in all the time within a second preset time period, regenerating the two-dimensional code; and if the query result comprises the login state of the financial equipment, the user identification and the user information associated with the user identification, modifying the authentication state of the financial equipment into the authentication completion state. And if the login state of the financial equipment is not logged in all the time, generating a two-dimensional code every second preset time period (such as every one minute, every two minutes, every five minutes and the like) for scanning by the user.
In the embodiment of the invention, the financial device obtains the state change of the financial device through polling, and receives the customer information (such as the user identity number, the card number and the like) returned by the database, and the financial device modifies the authentication state to complete the identity authentication.
In addition, in a reference embodiment of the present invention, the detailed implementation of the method for authenticating the identity of the financial device is described in detail above, and therefore, the repeated content will not be described.
Fig. 3 is a schematic diagram of a main flow of an identity authentication method of a financial device according to another referential embodiment of the present invention. As another embodiment of the present invention, as shown in fig. 3, the method for authenticating an identity of a financial device applied to a mobile terminal may include:
step 301, scanning and analyzing a two-dimensional code generated by a financial device to obtain an identifier of the financial device, an authentication timestamp, and a key of the financial device.
After the financial equipment generates the two-dimensional code, a user logs in a mobile phone bank client through the mobile terminal, the two-dimensional code generated by the financial equipment is scanned by the mobile phone bank client, the mobile terminal analyzes the two-dimensional code, so that information such as the identification, the authentication timestamp and the key of the financial equipment is obtained, and then the page of the mobile phone bank client jumps to a confirmation page.
Step 302, responding to the request operation triggered by the user, and sending an authentication request to the server.
And the user performs request operation on a confirmation page, and the mobile terminal sends an authentication request to the server, wherein the authentication request carries the identifier of the financial equipment, the authentication timestamp, the key of the financial equipment, the user identifier and the request timestamp. It should be noted that, in the embodiment of the present invention, the request timestamp refers to a timestamp of the user triggering the request operation at the "confirmation" page. Since the user logs in the mobile banking client before identity authentication, the mobile terminal generally stores a user identifier, which may be an account number, an identification number, or a bank card number of the user.
The embodiment of the invention generates the two-dimensional code based on the financial equipment, scans the two-dimensional code through the mobile terminal, and sends the authentication request to the server side so as to perform identity authentication, thereby effectively avoiding the situation that a user cannot log in the financial equipment because the user does not carry an entity card.
Fig. 4 is a schematic diagram of a main flow of an identity authentication method of a financial device according to still another referential embodiment of the present invention. As another embodiment of the present invention, as shown in fig. 4, the method for authenticating an identity of a financial device is applied to a server, and may include:
step 401, receiving and analyzing an authentication request sent by the mobile terminal to obtain an identifier of the financial device, an authentication timestamp, a key of the financial device, a user identifier, and a request timestamp.
And after receiving the authentication request sent by the mobile terminal, the server analyzes the authentication request to obtain the identifier, the authentication timestamp, the key of the financial equipment, the user identifier and the request timestamp of the financial equipment.
Step 402, judging whether the pre-stored key of the financial device associated with the identifier of the financial device is consistent with the key of the financial device obtained by analysis; and if so, modifying the login state of the financial equipment into the logged state, and storing the association relationship between the financial equipment and the user identifier.
And the server side judges whether the key of the financial equipment, which is associated with the identifier of the financial equipment and is prestored, is consistent with the key of the financial equipment obtained through analysis according to the analysis result. If the user is always logged in, the authentication is passed, the login state of the financial equipment is modified to be logged in, and the association relationship between the financial equipment and the user identifier is stored, so that the user successfully logs in the financial equipment.
Optionally, the server may further determine whether a difference between the request timestamp and the authentication timestamp is greater than a preset difference threshold, and if so, the authentication is not passed. And, as long as the difference between the request timestamp and the authentication timestamp is greater than a preset difference threshold, determining that the authentication is failed regardless of whether the key of the financial device associated with the identifier of the financial device, which is prestored in the key store, is consistent with the key of the financial device obtained through analysis. Therefore, the safety and the reliability of the identity authentication can be further ensured, and the login of others is avoided.
Step 403, receiving a status query request sent by the financial device, and returning a query result to the financial device.
The method comprises the steps that a server side continuously receives a state query request sent by financial equipment, and if the login state of the financial equipment is unregistered, namely the database state of the financial equipment is false and no client information exists, the query result comprises that the login state is unregistered; and if the login state of the financial equipment is logged in, namely the database state of the financial equipment is true, issuing the user identifier associated with the financial equipment and the user information associated with the user identifier to the financial equipment together so that the financial equipment modifies the authentication state to complete identity authentication.
According to the various embodiments, the technical means that the financial equipment generates the two-dimensional code, the mobile terminal scans the two-dimensional code, and the server performs identity authentication are adopted, so that the technical problem that an identity card or a bank card needs to be carried in login authentication in the prior art is solved. Almost all people in the information era carry mobile phones, and the mobile phones can log in financial cabin equipment in a two-dimensional code scanning authentication mode as long as the mobile phones are carried. According to the embodiment of the invention, the two-dimensional code is generated according to the identification, the secret key and the authentication timestamp of the financial equipment, so that the user can scan the two-dimensional code to perform identity authentication, and the situation that the user cannot log in the financial equipment because the user does not carry an entity card can be effectively avoided.
Fig. 5 is a schematic diagram of a main flow of an identity authentication method of a financial device according to still another referential embodiment of the present invention. As still another embodiment of the present invention, the method for authenticating an identity of a financial device may include:
step 501, the financial device responds to the identity authentication operation triggered by the user, and acquires the key of the financial device from the server.
Step 502, the financial device generates a two-dimensional code according to the identifier of the financial device, the authentication timestamp and the key of the financial device.
Step 503, the mobile terminal scans and analyzes the two-dimensional code generated by the financial device to obtain the identifier of the financial device, the authentication timestamp and the key of the financial device; and responding to the request operation triggered by the user, and sending an authentication request to the server.
The authentication request carries the identification of the financial equipment, the authentication timestamp, the secret key of the financial equipment, the user identification and the request timestamp.
Step 504, the server receives and analyzes the authentication request sent by the mobile terminal to obtain the identifier of the financial device, the authentication timestamp, the key of the financial device, the user identifier and the request timestamp; judging whether the pre-stored key of the financial equipment associated with the identifier of the financial equipment is consistent with the key of the financial equipment obtained by analysis; if yes, go to step 505.
And 505, the server side modifies the login state of the financial equipment into the logged state, and stores the association relationship between the financial equipment and the user identifier.
Step 506, the financial device sends a status query request to the server every a first preset time period.
And step 507, the server receives the state query request sent by the financial equipment and returns the query result to the financial equipment.
Step 508, receiving the query result returned by the server. And if the query result comprises the login state of the financial equipment, the user identification and the user information associated with the user identification, modifying the authentication state of the financial equipment into the authentication completion state.
In addition, in another embodiment of the present invention, the detailed implementation of the method for authenticating the identity of the financial device is described in detail in the above-mentioned method for authenticating the identity of the financial device, and therefore, the repeated content will not be described again.
Fig. 6 is a schematic diagram of main blocks of an authentication apparatus of a financial device according to an embodiment of the present invention, and as shown in fig. 6, the authentication apparatus 600 of a financial device is disposed in a financial device and includes an obtaining module 601 and a generating module 602. The obtaining module 601 is configured to obtain a key of the financial device from a server in response to an identity authentication operation triggered by a user; the generating module 602 is configured to generate a two-dimensional code according to the identifier of the financial device, the authentication timestamp, and the key of the financial device.
Optionally, a login module 603 is further included, configured to:
polling a server to acquire the login state of the financial equipment;
and performing identity authentication according to the login state of the financial equipment.
Optionally, the login module is further configured to:
sending a state query request to a server at intervals of a first preset time period;
and receiving a query result returned by the server.
Optionally, the login module 603 is further configured to:
if the query result includes that the login state of the financial equipment is not logged in all the time within a second preset time period, regenerating the two-dimensional code;
and if the query result comprises the login state of the financial equipment, the user identification and the user information associated with the user identification, modifying the authentication state of the financial equipment into the authentication completion state.
It should be noted that, in the embodiment of the identity authentication apparatus of the financial device according to the present invention, the details of the above identity authentication method of the financial device have been described in detail, and therefore, the repeated contents are not described herein.
In addition, according to another aspect of the embodiments of the present invention, an identity authentication apparatus for a financial device is provided, which is disposed on a mobile terminal and includes an analysis module and a request module. The analysis module is used for scanning and analyzing the two-dimensional code generated by the financial equipment to obtain the identifier of the financial equipment, the authentication timestamp and the key of the financial equipment; the request module is used for responding to request operation triggered by a user and sending an authentication request to the server; the authentication request carries the identification of the financial equipment, the authentication timestamp, the secret key of the financial equipment, the user identification and the request timestamp.
Fig. 7 is a schematic diagram of main blocks of an authentication apparatus of a financial device according to an embodiment of the present invention, and as shown in fig. 7, the authentication apparatus 700 of the financial device is disposed at a server and includes a receiving module 701 and an authentication module 702. The receiving module 701 is configured to receive and analyze an authentication request sent by the mobile terminal, so as to obtain an identifier of the financial device, an authentication timestamp, a key of the financial device, a user identifier, and a request timestamp; the authentication module 702 is configured to determine whether a pre-stored key of the financial device associated with the identifier of the financial device is consistent with the analyzed key of the financial device; and if so, modifying the login state of the financial equipment into the logged state, and storing the association relationship between the financial equipment and the user identifier.
The authentication module 702 is further configured to:
receiving a state query request sent by the financial equipment;
returning the query result to the financial device;
the query result comprises that the login state is not logged in, or the login state is logged in, the user identifier and user information associated with the user identifier.
It should be noted that, in the embodiment of the identity authentication apparatus of the financial device according to the present invention, the details of the above identity authentication method of the financial device have been described in detail, and therefore, the repeated contents are not described herein.
Fig. 8 shows an exemplary system architecture 800 of an authentication method of a financial device or an authentication apparatus of a financial device to which an embodiment of the present invention may be applied.
As shown in fig. 8, the system architecture 800 may include terminal devices 801, 802, 803, a network 804, and a server 805. The network 804 serves to provide a medium for communication links between the terminal devices 801, 802, 803 and the server 805. Network 804 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
A user may use the terminal devices 801, 802, 803 to interact with a server 805 over a network 804 to receive or send messages or the like. The terminal devices 801, 802, 803 may have installed thereon various communication client applications, such as shopping-like applications, web browser applications, search-like applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only).
The terminal devices 801, 802, 803 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 805 may be a server that provides various services, such as a back-office management server (for example only) that supports shopping-like websites browsed by users using the terminal devices 801, 802, 803. The background management server may analyze and otherwise process the received data such as the item information query request, and feed back a processing result (for example, target push information, item information — just an example) to the terminal device.
It should be noted that the method for authenticating the identity of the financial device provided by the embodiment of the present invention is generally performed by the server 805, and accordingly, the authentication apparatus of the financial device is generally disposed in the server 805. The method for authenticating the identity of the financial device provided by the embodiment of the present invention may also be executed by the terminal devices 801, 802, and 803, and accordingly, the apparatus for authenticating the identity of the financial device may be disposed in the terminal devices 801, 802, and 803.
It should be understood that the number of terminal devices, networks, and servers in fig. 8 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 9, shown is a block diagram of a computer system 900 suitable for use with a terminal device implementing an embodiment of the present invention. The terminal device shown in fig. 9 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 9, the computer system 900 includes a Central Processing Unit (CPU)901 that can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)902 or a program loaded from a storage section 908 into a Random Access Memory (RAM) 903. In the RAM903, various programs and data necessary for the operation of the system 900 are also stored. The CPU 901, ROM 902, and RAM903 are connected to each other via a bus 904. An input/output (I/O) interface 905 is also connected to bus 904.
The following components are connected to the I/O interface 905: an input portion 906 including a keyboard, a mouse, and the like; an output section 907 including components such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 908 including a hard disk and the like; and a communication section 909 including a network interface card such as a LAN card, a modem, or the like. The communication section 909 performs communication processing via a network such as the internet. The drive 910 is also connected to the I/O interface 905 as necessary. A removable medium 911 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 910 as necessary, so that a computer program read out therefrom is mounted into the storage section 908 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 909, and/or installed from the removable medium 911. The above-described functions defined in the system of the present invention are executed when the computer program is executed by a Central Processing Unit (CPU) 901.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer programs according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor includes an acquisition module, a generation module, and a login module, where the names of the modules do not in some cases constitute a limitation on the module itself.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor includes a parsing module and a requesting module, where the names of the modules do not in some cases constitute a limitation on the modules themselves.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor includes a receiving module and an authentication module, where the names of the modules do not in some cases constitute a limitation on the modules themselves.
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: responding to identity authentication operation triggered by a user, and acquiring a secret key of the financial equipment from a server; and generating a two-dimensional code according to the identification of the financial equipment, the authentication timestamp and the secret key of the financial equipment.
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: scanning and analyzing a two-dimensional code generated by financial equipment to obtain an identifier of the financial equipment, an authentication timestamp and a key of the financial equipment; responding to a request operation triggered by a user, and sending an authentication request to a server; the authentication request carries the identification of the financial equipment, the authentication timestamp, the secret key of the financial equipment, the user identification and the request time.
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: receiving and analyzing an authentication request sent by a mobile terminal to obtain an identifier of financial equipment, an authentication timestamp, a secret key of the financial equipment, a user identifier and a request timestamp; judging whether the pre-stored key of the financial equipment associated with the identifier of the financial equipment is consistent with the key of the financial equipment obtained by analysis; and if so, modifying the login state of the financial equipment into the logged state, and storing the association relationship between the financial equipment and the user identifier.
According to the technical scheme of the embodiment of the invention, as the financial equipment is adopted to generate the two-dimensional code, the mobile terminal scans the two-dimensional code, and the server side carries out the technical means of identity authentication, the technical problem that the identity card or the bank card is required to be carried in login authentication in the prior art is solved. Almost all people in the information era carry mobile phones, and the mobile phones can log in financial cabin equipment in a two-dimensional code scanning authentication mode as long as the mobile phones are carried. According to the embodiment of the invention, the two-dimensional code is generated according to the identification, the secret key and the authentication timestamp of the financial equipment, so that the user can scan the two-dimensional code to perform identity authentication, and the situation that the user cannot log in the financial equipment because the user does not carry an entity card can be effectively avoided.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (12)

1. An identity authentication method of a financial device is applied to the financial device, and comprises the following steps:
responding to identity authentication operation triggered by a user, and acquiring a secret key of the financial equipment from a server;
and generating a two-dimensional code according to the identification of the financial equipment, the authentication timestamp and the secret key of the financial equipment.
2. The method of claim 1, further comprising:
polling a server to acquire the login state of the financial equipment;
and performing identity authentication according to the login state of the financial equipment.
3. The method of claim 2, wherein polling a server for the login status of the financial device comprises:
sending a state query request to a server at intervals of a first preset time period;
and receiving a query result returned by the server.
4. The method of claim 3, wherein authenticating based on the login status of the financial device comprises:
if the query result includes that the login state of the financial equipment is not logged in all the time within a second preset time period, regenerating the two-dimensional code;
and if the query result comprises the login state of the financial equipment, the user identification and the user information associated with the user identification, modifying the authentication state of the financial equipment into the authentication completion state.
5. An identity authentication method of a financial device is applied to a mobile terminal, and comprises the following steps:
scanning and analyzing a two-dimensional code generated by financial equipment to obtain an identifier of the financial equipment, an authentication timestamp and a key of the financial equipment;
responding to a request operation triggered by a user, and sending an authentication request to a server; the authentication request carries the identification of the financial equipment, the authentication timestamp, the secret key of the financial equipment, the user identification and the request timestamp.
6. An identity authentication method of financial equipment is applied to a server side, and comprises the following steps:
receiving and analyzing an authentication request sent by a mobile terminal to obtain an identifier of financial equipment, an authentication timestamp, a secret key of the financial equipment, a user identifier and a request timestamp;
judging whether the pre-stored key of the financial equipment associated with the identifier of the financial equipment is consistent with the key of the financial equipment obtained by analysis;
and if so, modifying the login state of the financial equipment into the logged state, and storing the association relationship between the financial equipment and the user identifier.
7. The method of claim 6, further comprising:
receiving a state query request sent by the financial equipment;
returning the query result to the financial device;
the query result comprises that the login state is not logged in, or the login state is logged in, the user identifier and user information associated with the user identifier.
8. The utility model provides an authentication device of financial equipment which characterized in that sets up in financial equipment, includes:
the acquisition module is used for responding to identity authentication operation triggered by a user and acquiring a secret key of the financial equipment from a server;
and the generating module is used for generating a two-dimensional code according to the identification of the financial equipment, the authentication timestamp and the secret key of the financial equipment.
9. The utility model provides an authentication device of financial equipment which characterized in that sets up in mobile terminal, includes:
the analysis module is used for scanning and analyzing the two-dimensional code generated by the financial equipment to obtain the identifier of the financial equipment, the authentication timestamp and the key of the financial equipment;
the request module is used for responding to request operation triggered by a user and sending an authentication request to the server; the authentication request carries the identification of the financial equipment, the authentication timestamp, the secret key of the financial equipment, the user identification and the request timestamp.
10. The utility model provides an authentication device of financial equipment which characterized in that sets up in the server side, includes:
the receiving module is used for receiving and analyzing the authentication request sent by the mobile terminal to obtain the identification of the financial equipment, the authentication timestamp, the key of the financial equipment, the user identification and the request timestamp;
the authentication module is used for judging whether the prestored key of the financial equipment associated with the identifier of the financial equipment is consistent with the analyzed key of the financial equipment or not; and if so, modifying the login state of the financial equipment into the logged state, and storing the association relationship between the financial equipment and the user identifier.
11. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
12. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-7.
CN201911174303.4A 2019-11-26 2019-11-26 Identity authentication method and device for financial equipment Pending CN111080923A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911174303.4A CN111080923A (en) 2019-11-26 2019-11-26 Identity authentication method and device for financial equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911174303.4A CN111080923A (en) 2019-11-26 2019-11-26 Identity authentication method and device for financial equipment

Publications (1)

Publication Number Publication Date
CN111080923A true CN111080923A (en) 2020-04-28

Family

ID=70311764

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911174303.4A Pending CN111080923A (en) 2019-11-26 2019-11-26 Identity authentication method and device for financial equipment

Country Status (1)

Country Link
CN (1) CN111080923A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103778728A (en) * 2014-02-23 2014-05-07 王恩惠 Method and system for realizing transaction without bank card through automatic teller machine
CN103886460A (en) * 2014-04-22 2014-06-25 徐永君 On-site payment system and method implemented based on identity authentication token
CN104184589A (en) * 2014-08-26 2014-12-03 重庆邮电大学 Identity authentication method, terminal device and system
CN104599408A (en) * 2014-12-29 2015-05-06 通邮信息技术有限公司 Third-party account ATM (automatic teller machine) withdrawing method and system based on dynamic two-dimension codes
CN107277059A (en) * 2017-08-08 2017-10-20 沈阳东青科技有限公司 A kind of one-time password identity identifying method and system based on Quick Response Code
CN107833032A (en) * 2017-10-26 2018-03-23 胡祥义 It is a kind of based on mobile phone without card Bank Account Number implementation method
CN109448271A (en) * 2018-09-03 2019-03-08 深圳壹账通智能科技有限公司 A kind of no card withdrawal method, computer readable storage medium and server

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103778728A (en) * 2014-02-23 2014-05-07 王恩惠 Method and system for realizing transaction without bank card through automatic teller machine
CN103886460A (en) * 2014-04-22 2014-06-25 徐永君 On-site payment system and method implemented based on identity authentication token
CN104184589A (en) * 2014-08-26 2014-12-03 重庆邮电大学 Identity authentication method, terminal device and system
CN104599408A (en) * 2014-12-29 2015-05-06 通邮信息技术有限公司 Third-party account ATM (automatic teller machine) withdrawing method and system based on dynamic two-dimension codes
CN107277059A (en) * 2017-08-08 2017-10-20 沈阳东青科技有限公司 A kind of one-time password identity identifying method and system based on Quick Response Code
CN107833032A (en) * 2017-10-26 2018-03-23 胡祥义 It is a kind of based on mobile phone without card Bank Account Number implementation method
CN109448271A (en) * 2018-09-03 2019-03-08 深圳壹账通智能科技有限公司 A kind of no card withdrawal method, computer readable storage medium and server

Similar Documents

Publication Publication Date Title
CN111160845B (en) Service processing method and device
CN108632253B (en) Client data security access method and device based on mobile terminal
CN109756337B (en) Secure access method and device for service interface
EP2498472A1 (en) Method and system for granting access to a secured website
US20090031405A1 (en) Authentication system and authentication method
CN113271296B (en) Login authority management method and device
CN110895603B (en) Multi-system account information integration method and device
CN113742676B (en) Login management method, login management device, login management server, login management system and storage medium
CN110493239B (en) Authentication method and device
CN111182021B (en) File sharing method and device, electronic equipment and computer readable storage medium
CN112118238A (en) Method, device, system, equipment and storage medium for authentication login
CN112346803A (en) Remote assistance method, device and system and electronic equipment
CN113572763B (en) Data processing method and device, electronic equipment and storage medium
CN107634942B (en) Method and device for identifying malicious request
CN112966286B (en) Method, system, device and computer readable medium for user login
CN113055186B (en) Cross-system service processing method, device and system
CN115695218A (en) Operation and maintenance management method and device based on zero trust mechanism and related equipment
CN111080923A (en) Identity authentication method and device for financial equipment
CN114978749A (en) Login authentication method and system, storage medium and electronic equipment
CN114201740A (en) Login method, login device, electronic equipment and storage medium
CN113946816A (en) Cloud service-based authentication method and device, electronic equipment and storage medium
CN109543398B (en) Application program account migration method and device and electronic equipment
CN113761566A (en) Data processing method and device
CN115664686A (en) Login method, login device, computer equipment and storage medium
CN113676482B (en) Data transmission system and method and data transmission system and method based on double-layer SSL

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200428

RJ01 Rejection of invention patent application after publication