CN112966243B - Privacy-protecting core-body verification processing method and device - Google Patents

Privacy-protecting core-body verification processing method and device Download PDF

Info

Publication number
CN112966243B
CN112966243B CN202110342398.7A CN202110342398A CN112966243B CN 112966243 B CN112966243 B CN 112966243B CN 202110342398 A CN202110342398 A CN 202110342398A CN 112966243 B CN112966243 B CN 112966243B
Authority
CN
China
Prior art keywords
core
target user
verification
historical
score
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110342398.7A
Other languages
Chinese (zh)
Other versions
CN112966243A (en
Inventor
王舒扬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202110342398.7A priority Critical patent/CN112966243B/en
Publication of CN112966243A publication Critical patent/CN112966243A/en
Application granted granted Critical
Publication of CN112966243B publication Critical patent/CN112966243B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS

Abstract

An embodiment of the present specification provides a core verification processing method and apparatus for protecting privacy, and a specific implementation manner of the method includes: acquiring historical core behavior data of a target user to be subjected to core verification in a set time period and current core environment characteristics of the target user; determining the credibility score of the target user by using a credibility score scoring model according to the historical nuclear behavior data and the nuclear environment characteristics; if the credibility score reaches the credibility score threshold, determining to avoid the current verification of the target user; and if the credibility score does not reach the credibility score threshold, performing core verification operation aiming at the target user.

Description

Privacy-protecting core-body verification processing method and device
Technical Field
The embodiment of the specification relates to the technical field of computers, in particular to a core verification processing method and device for protecting privacy.
Background
Currently, in order to ensure the security of private data and property of a user, when the user performs some business operations (for example, account login, payment, etc.), the user may be verified by a core, for example, face verification, password verification, fingerprint verification, etc.
In real life, a user may perform the above business operations for a plurality of times in a short time (e.g., 10 minutes, 30 minutes, 1 hour, half a day, or 1 day), and in such a case, the user is usually checked repeatedly, which increases the redundancy of the user.
Therefore, a reasonable and reliable scheme is urgently needed, which can reduce repeated verification in a short time for the user and further reduce redundant operation of the user under the condition of ensuring the safety.
Disclosure of Invention
The embodiment of the specification provides a core verification processing method and device for protecting privacy.
In a first aspect, an embodiment of the present specification provides a core verification processing method for protecting privacy, including: acquiring historical core behavior data of a target user to be subjected to core verification in a set time period and current core environment characteristics of the target user; determining the credibility score of the target user by using a credibility score scoring model according to the historical nuclear behavior data and the nuclear environment characteristics; if the credibility score reaches a credibility score threshold, determining to avoid the current verification of the target user; and if the credibility score does not reach the credibility score threshold, performing core-body verification operation aiming at the target user.
In some embodiments, before the obtaining of the historical core behavior data of the target user to be subjected to core verification within a set time period, the method further includes: receiving a core body verification request triggered by the target user due to the execution of the target service operation, wherein the core body verification request comprises a user identifier of the target user and the core body environment characteristics; and the acquiring historical core behavior data of the user to be subjected to core verification in a set time period comprises the following steps: and acquiring the historical nuclear behavior data according to the user identification.
In some embodiments, the core-body verification request further includes a service identifier of a service to which the target service operation belongs; and after the receiving of the core-body checking request triggered by the target user due to the execution of the target business operation, the method further comprises the following steps: and acquiring a credible score threshold corresponding to the service identifier.
In some embodiments, after the determining to exempt the target user from the current verification, the method further includes: and outputting prompt information for indicating that the checking of the core is avoided to the target user.
In some embodiments, each piece of core behavior information in the historical core behavior data includes a core mode, a core result, and a core environment characteristic.
In some embodiments, the core-body approach includes any one of: the body is checked by human face, password, fingerprint, palm print, iris, finger vein and vocal print.
In some embodiments, the core body environment characteristics include at least one of the following for a device initiating the core body check: equipment identification, equipment model, IP address and position information.
In some embodiments, after the obtaining of the historical core body behavior data of the target user to be subjected to the core body verification within a set time period and the current core body environment characteristic of the target user, the method further includes: determining whether the first equipment initiating the verification of the core body is a trusted equipment or not according to the current environmental characteristics of the core body; and determining the credibility score of the target user by using a credibility score scoring model according to the historical nuclear behavior data and the nuclear environment characteristics, wherein the method comprises the following steps: and in response to determining that the first device is a trusted device, determining a trusted score of the target user by using a trusted score scoring model according to the historical core behavior data and the core environment characteristics.
In some embodiments, the method further comprises: in response to determining that the first device is not a trusted device, performing a core verification operation for the target user.
In some embodiments, the scoring model includes a width portion and a depth portion; and determining the credibility score of the target user by using a credibility score scoring model according to the historical nuclear behavior data and the nuclear environment characteristics, wherein the step of determining the credibility score of the target user comprises the following steps: calculating a plurality of target accumulated variables according to each piece of first body behavior information in the historical body behavior data, wherein the first body behavior information is body behavior information related to first equipment initiating the body verification; performing embedded vector mapping on a data sequence formed by the historical core body behavior data and the current core body environment characteristics to obtain an embedded vector sequence; inputting the target cumulative variables and the current core-body environment features into the width part, and inputting the embedded vector sequence into the depth part, so that the scoring model outputs the credibility score of the target user.
In some embodiments, each piece of core behavior information in the historical core behavior data includes a core mode, and the first device corresponds to at least one core mode in the historical core behavior data; and the single target cumulative variable comprises any one of: the first core-body success frequency corresponding to any one of the at least one core-body mode, the first core-body failure frequency corresponding to the core-body mode, the second core-body success frequency corresponding to the at least one core-body mode, and the second core-body failure frequency corresponding to the at least one core-body mode.
In some embodiments, the current core body environment characteristic comprises a first device identification of the first device; and determining whether the first device initiating the current core body verification is a trusted device according to the current core body environment characteristics, including: and if the first equipment identifier is contained in a first trusted equipment list, determining that the first equipment is trusted equipment, wherein the first trusted equipment list comprises the equipment identifier of at least one trusted equipment.
In some embodiments, the determining, according to the current core environment characteristic, whether the first device initiating the core verification of this time is a trusted device includes: and if the current core body environment characteristics are contained in a second trusted device list, determining that the first device is a trusted device, wherein the second trusted device list comprises the trusted core body environment characteristics of at least one trusted device.
In a second aspect, an embodiment of the present specification provides a core verification processing apparatus for protecting privacy, including: the acquisition unit is configured to acquire historical core behavior data of a user to be subjected to core verification in a set time period and the current core environment characteristics of the target user; a score determining unit configured to determine a credibility score of the target user by using a credibility score scoring model according to the historical nuclear behavior data and the nuclear environment characteristics; a first processing unit configured to determine to exempt the current core verification of the target user if the credibility score reaches a credibility score threshold; a second processing unit configured to perform a core verification operation for the target user if the trustworthiness score does not meet the trustworthiness score threshold.
In a third aspect, the present specification provides a computer-readable storage medium, on which a computer program is stored, wherein when the computer program is executed in a computer, the computer is caused to execute the method described in any implementation manner of the first aspect.
In a fourth aspect, the present specification provides a computing device, including a memory and a processor, where the memory stores executable code, and the processor executes the executable code to implement the method described in any implementation manner of the first aspect.
In a fifth aspect, the present specification provides a computer program, wherein when the computer program is executed in a computer, the computer is caused to execute the method described in any implementation manner of the first aspect.
According to the privacy-protecting core verification processing method and device provided by the embodiments of the specification, the historical core behavior data of the target user to be subjected to core verification in the set time period and the current core environment characteristics of the target user are obtained, and then the credible score of the target user is determined by using the credible score scoring model according to the historical core behavior data and the current core environment characteristics of the target user, so that when the credible score reaches the credible score threshold, the core verification of the target user at this time is avoided, and when the credible score does not reach the credible score threshold, the core verification operation is executed for the target user. Thus, a core-body exemption (also called core-body immunity) decision can be made according to the credibility score, and core-body exemption is carried out for the target user with high credibility score. Based on the method, while the safety of private data, property and the like of the target user is ensured, repeated verification in a short time is reduced for the target user, redundant operation of the target user is reduced, and the core experience of the target user is optimized.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments disclosed in the present specification, the drawings required to be used in the description of the embodiments will be briefly described below, it is obvious that the drawings in the following description are only the embodiments disclosed in the present specification, and it is also possible for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is an exemplary system architecture diagram to which some embodiments of the present description may be applied;
FIG. 2 is a flow diagram of one embodiment of a privacy preserving core verification processing method in accordance with the present description;
FIG. 3 is a schematic diagram of a structure of a credibility score scoring model;
FIG. 4 is a schematic diagram of a confidence score determination process;
fig. 5 is a schematic structural diagram of a privacy-preserving authentication processing apparatus according to the present specification.
Detailed Description
The present specification will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. The described embodiments are only a subset of the embodiments described herein and not all embodiments described herein. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification without any inventive step are within the scope of the present application.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present description may be combined with each other without conflict.
As described above, in real life, a user may perform a service operation triggering the verification of the core-body for multiple times in a short time, and in such a case, the user is usually verified repeatedly, so that redundant operations of the user are increased.
Based on this, some embodiments of the present specification provide a core verification processing method for protecting privacy, and by this method, while ensuring security of private data, property, and the like of a user, repeated verification in a short time is reduced for the user, thereby reducing redundant operations of the user and optimizing core experience of the user. In particular, FIG. 1 illustrates an exemplary system architecture diagram suitable for use with these embodiments.
As shown in fig. 1, the system architecture includes a first device used by a target user, and a core platform. The core body platform is used for providing core body verification service for users accessing a service system of the core body platform. The business system may be any kind of system, such as a shopping system, a payment system, a financing system, an insurance system, a data management system, or a social system, etc. The service system may include a client and a server, and the client may be installed on the first device.
In practice, the client and the core platform may communicate directly or indirectly via the server, which is not limited herein. When the client and the core platform indirectly communicate via the server, the system architecture may further include a server that supports the client installed in the first device.
The first device may be a personal device for a specific individual, such as a smart phone, a tablet computer, a desktop computer, or a notebook computer, or may be an IOT (Internet of Things) device for an unspecified number of people, and is not limited herein. Additionally, when the first device is a personal device, the target user is the owner of the first device. When the first device is an IOT device, the target user is an arbitrary user of the first device.
In practice, the target user may use the first device to perform a target business operation that can trigger the verification of the core, which may include, for example, a payment operation, an account login operation, or a view operation for private data, among others. The first device may generate a core body verification request for the target user in response to the target business operation, and transmit the request to the core body platform. Then, the core platform can respond to the request, and according to the historical core behavior data and the current core environment characteristics of the target user, the credible score of the target user is determined by using the credible score scoring model. Then, the core platform may determine whether the confidence score reaches a confidence score threshold. If the credibility score reaches the credibility score threshold, the core platform can determine to avoid the core verification of the target user at this time. If the credibility score does not reach the credibility score threshold value, the core body platform can execute core body verification operation aiming at the target user.
The following describes specific implementation steps of the above method with reference to specific examples.
Referring to fig. 2, a flow 200 of one embodiment of a core verification processing method is shown. The execution subject of the method may be the core platform shown in fig. 1. The method comprises the following steps:
step 202, acquiring historical core behavior data of a target user to be subjected to core verification in a set time period and current core environment characteristics of the target user;
step 204, determining the credibility score of the target user by using a credibility score scoring model according to the historical core behavior data and the core environment characteristics;
step 206, if the credibility score reaches the credibility score threshold, determining to avoid the current verification of the target user;
and step 208, if the credibility score does not reach the credibility score threshold, performing core verification operation aiming at the target user.
The above steps are further explained below.
In step 202, the core platform may use various obtaining methods to obtain the historical core behavior data of the target user within a set time period and the current core environment characteristics of the target user.
The set time period may be, for example, approximately 1 day, approximately 2 days, or approximately 3 days. Each piece of core behavior information in the historical core behavior data may include, for example, a core mode, a core result, a core environment characteristic, and the like. The body-checking mode can comprise a human face body-checking mode, a password body-checking mode, a fingerprint body-checking mode, a palm print body-checking mode, an iris body-checking mode, a finger vein body-checking mode, a voice print body-checking mode and the like. The core outcome includes core success or core failure. The core environment characteristics may include, for example, a device identification, a device model, an IP (Internet Protocol) address, and/or location information of a device that initiated the core verification.
It should be understood that the duration of the set time period and the type of the information items in the core body environment feature may be set according to actual requirements, and are not specifically limited herein.
As an example, before step 202, the core platform may receive a core verification request triggered by the target user due to the execution of the target business operation as described above, where the core verification request includes the user identifier of the target user and the current core environment characteristics. Based on this, in step 202, the core platform may obtain historical core behavior data of the target user in a set time period from a specific storage location according to the user identifier in the core verification request. The storage location may be a local database or a remote database of the core platform, and the like, which is not limited in this embodiment. And the core body platform can also acquire the current core body environment characteristics of the target user from the core body verification request.
It should be noted that, when the first device is a personal device, the user identifier in the verification request may be obtained locally by the first device. When the first device is an IOT device, the user identifier in the core verification request may be input by the target user. And is not particularly limited herein.
As another example, when the first device is an IOT device, before step 202, the core-body platform may receive a core-body verification request triggered by the target user due to performing the target business operation as described above, where the core-body verification request includes the first biometric information of the target user and the current core-body environment characteristic. Wherein the first biometric information may be temporarily collected by the first device. The first biometric information may include, for example, a face feature, a fingerprint feature, an iris feature, a palm print feature, a voice print feature, a finger vein feature, or the like. Based on this, in step 202, the core platform may determine the user identifier corresponding to the first biometric information according to the preset target correspondence information. The target corresponding relation information is used for representing the corresponding relation between the biological characteristic information and the user identification. Then, the core platform may obtain, according to the determined user identifier, historical core behavior data of the target user in a set time period from a specific storage location, and obtain a current core environmental characteristic of the target user from the core verification request.
In practice, the core platform may then perform step 204 after performing step 202. Optionally, in order to improve the core verification processing efficiency and the accuracy of the processing result, after the core platform performs step 202, it may further determine whether the first device initiating the core verification is a trusted device according to the current core environment characteristic of the target user. If it is determined that the first device is a trusted device, step 204 may be performed next. If it is determined that the first device is not a trusted device, a core verification operation may be performed for the target user.
Specifically, the core platform may determine whether the first device is a trusted device according to a preset trusted device list and a current core environment characteristic of the target user.
For example, the core platform is pre-provisioned with a first trusted device list, which includes device identifications of at least one trusted device. The current core body environment characteristic of the target user comprises a first device identification of the first device. If the first device identifier is included in the first trusted device list, the kernel platform may determine that the first device is a trusted device.
For another example, the core platform is pre-provisioned with a second trusted device list that includes trusted core environment features of at least one trusted device. If the current core-body environment feature of the target user is included in the second trusted device list, the core-body platform may determine that the first device is a trusted device.
In step 204, the core platform may determine a credible score of the target user by using a credible score scoring model according to the acquired historical core behavior data and the core environment characteristics.
In practice, the credibility score model may score the credibility status of the user, and the score obtained is called the credibility score. When the credibility score of the user reaches a certain threshold, the credibility state of the user can be considered as credible. When the trustworthiness score of the user does not reach the threshold, the trustworthiness state of the user may be deemed to be untrustworthy. In order to reduce repeated verification in a short time while ensuring security of private data, property, and the like of a legitimate user, it is possible to avoid the current verification for a user whose trusted status is trusted and perform verification for a user whose trusted status is untrusted.
Based on this, in step 204, the core platform may score the trustworthy state of the target user using a trustworthy point scoring model.
It should be noted that the credibility score model may be obtained by training any machine learning model suitable for scoring by using a training sample set. Wherein the training sample set may comprise a plurality of training samples. The training samples may include historical core behavior data, core environment characteristics, and trusted status labels of their corresponding users over a period of time. The trusted status label may include a first value (e.g., 1) used to characterize trustworthiness, or a second value (e.g., 0) used to characterize non-trustworthiness.
The Machine learning Model may include, for example, a Gradient Boosting Decision Tree (GBDT), a Support Vector Machine (SVM), or a Naive bayes Model (Naive Bayesian Model, NBM).
In some embodiments, the machine learning model may employ a width and depth integration (Wide and Deep) model architecture. Based on this, as shown in FIG. 3, the credible score model may include a width portion and a depth portion. Fig. 3 is a schematic structural diagram of the credibility score model.
In general, the width portion is implemented by a relatively simple model with a small number of layers and a small number of parameters. For example, in one example, the width portion may be implemented by a multi-layered perceptron with a smaller number of layers, such as a shallow perceptron consisting of 2-layered neurons. In another example, the width portion may be embodied as a tree model, such as a decision tree model, a GBDT model, or the like.
The width part is used for processing interpretable characteristic data, the interpretable characteristic data comprises real-time core body environment characteristics of a user and statistical data obtained by counting certain core body behavior information of the user in a set time period, and the statistical data can comprise a plurality of target accumulated variables. The single target accumulation variable may include, for example, the number of core-body successes or the number of core-body failures.
The depth part is realized by a relatively complex model with more layers, more parameters and more parameters, and is used for processing richer feature data associated with the core-body behavior data, and the part of feature data is generally coded and more abstract data and has no intuitive interpretability. Specifically, the part of feature data may include an embedded vector sequence obtained by performing embedded vector mapping on a data sequence formed by historical core behavior data and real-time core environment features of a user within a set time period. It should be understood that the data sequence and the embedded vector sequence are both time-sequentially formed sequences. Due to the time sequence of the embedded vector sequence, correspondingly, a time-sequence-based Neural Network may be used in the depth portion to process the embedded vector sequence, for example, a Recurrent Neural Network (RNN), a Long Short-Term Memory Network (LSTM), or a GRU (Gate Recurrent Unit) _ RNN Neural Network may be used.
It should be appreciated that the confidence score scoring model may determine and output a confidence score based on the results of the processing of the width portion and the depth portion.
Based on the above description for the width and depth portions of the credibility score scoring model, step 204 may specifically include the credibility score determination process shown in FIG. 4. Fig. 4 is a schematic diagram of the trust score determining process.
As shown in fig. 4, the confidence score determination process may include the following steps:
step 2042, calculating a plurality of target accumulated variables according to each piece of first core behavior information related to the first device in the historical core behavior data of the target user;
step 2044, performing embedded vector mapping on the data sequence formed by the historical core body behavior data and the current core body environment characteristics to obtain an embedded vector sequence;
step 2046, inputting the multiple target accumulated variables and the current characteristics of the core-body environment into the width part, and inputting the embedded vector sequence into the depth part, so that the credibility score scoring model outputs the credibility score of the target user.
Specifically, in step 2042, the core platform may calculate a plurality of target cumulative variables according to each piece of first core behavior information related to the first device in the historical core behavior data of the target user. The single target cumulative variable may include, for example, the number of times of core body success or core body failure.
Further, if each piece of core behavior information in the historical core behavior data includes a core mode, and the first device corresponds to at least one core mode in the historical core behavior data, the single target cumulative variable may include a first core success frequency corresponding to any one of the at least one core mode, a first core failure frequency corresponding to the core mode, a second core success frequency corresponding to the at least one core mode, or a second core failure frequency corresponding to the at least one core mode, and the like.
In step 2044, the core platform may perform embedded vector mapping on a data sequence formed by the historical core behavior data of the target user and the current core environment characteristics to obtain an embedded vector sequence. It should be understood that the data sequence and the embedded vector sequence are both time-sequentially formed sequences. Specifically, the data sequence is a sequence formed by sorting each piece of core behavior information and the core environment feature in the historical core behavior data according to a time sequence, for example, a time sequence.
It should be noted that step 2042 and step 2044 may be executed in parallel or in series, and are not limited herein.
After performing step 2042 and step 2044, the kernel platform may then perform step 2046 to input the calculated multiple target cumulative variables and the current kernel environment feature of the target user into the width component, and embed the computed multiple target cumulative variables and the current kernel environment feature of the target user into the depth component, so that the credible score of the target user is output by the credible score scoring model.
In some embodiments, the credibility score scoring model further comprises a plurality of full connection layers besides the width part and the depth part, and is used for performing fusion processing on processing results of the width part and the depth part, and determining and outputting the credibility score of the target user according to the fusion result. The fusion process may include operations such as splicing, adding, weighted summing, bit-wise multiplying, and combinations thereof.
In the credibility score determining process described in the embodiment corresponding to fig. 4, by using the credibility score scoring model including the width part and the depth part, the calculated multiple target accumulated variables and the current core-body environment characteristics of the target user are used as the input of the depth part, and the embedded vector sequence determined for the target user is used as the input of the depth part, so that the credibility score scoring model outputs a credibility score with higher accuracy, and the credibility score is helpful for improving the accuracy of the processing result of whether the core-body verification of the target user is exempted.
The specific implementation of step 204 is described above with reference to fig. 4. After obtaining the trustworthiness score of the target user by performing step 204, the trustworthiness status of the target user may be evaluated based on the trustworthiness score. In particular, the trustworthiness score of the target user may be compared to a trustworthiness score threshold.
In practice, different traffic may correspond to the same confidence score threshold. Optionally, in order to improve the accuracy of the result of the subsequent verification processing, different services may correspond to different confidence score thresholds. It should be noted that the trust score threshold corresponding to the service may be set by the service party, or may be set by the core platform, which is not specifically limited herein.
When the credibility score threshold corresponds to the service, the core body verification request in the foregoing may further include a service identifier of the service to which the target service operation belongs, and after receiving the core body verification request, the core body platform may obtain the credibility score threshold corresponding to the service identifier. Based on this, the core platform may compare the trustworthiness score of the target user to the trustworthiness score threshold.
If the confidence score of the target user reaches the confidence score threshold, the current confidence state of the target user may be considered as trusted, and step 206 may be performed. If the trust score of the target user does not reach the trust score threshold, the current trust status of the target user may be deemed as untrusted, and step 208 may be performed.
In step 206, if the core platform determines that the credibility score of the target user reaches the credibility score threshold, it may be determined that the core verification of the target user this time is to be avoided.
In practice, the exemption of the verification may be sensible to the target user, for example, after step 206, a prompt message indicating the exemption of the verification may be output to the target user. Optionally, the avoidance of the verification may also be imperceptible to the target user, e.g., the service may be pushed directly, without the user being interactively aware.
In step 208, if the core platform determines that the credibility score of the target user does not reach the credibility score threshold, it may be determined that the core verification of the target user is not to be omitted, and further, the core verification operation may be performed for the target user.
As a core implementation manner, when the core platform determines that the core verification of the target user is not to be removed, the core platform may obtain at least one core manner applicable to the target user, and output the at least one core manner to the target user. And then, the core body platform can respond to the received core body mode selected by the target user and carry out core body verification on the target user according to the core body mode.
As another core implementation manner, when the core platform determines that the core verification of the target user is not to be removed, the core platform may obtain at least one core manner applicable to the target user, sequence the at least one core manner, obtain a core manner sequence, and output the core manner sequence to the target user. And then, the core body platform can respond to the received core body mode selected by the target user and carry out core body verification on the target user according to the core body mode. The body-checking platform can sequence the at least one body-checking mode according to the body-checking mode statistical information of the target user and/or the body-checking mode currently opened by the target user. The core body mode statistical information is obtained by counting the core body modes in the historical core body behavior data of the target user in the first time period. The duration of the first time period is equal to or greater than the duration of the predetermined time period.
It should be noted that the execution process of the core verification operation may be designed according to actual core requirements, and is not specifically limited herein.
According to the privacy-protecting core verification processing method provided by the embodiment corresponding to fig. 2, the historical core behavior data of the target user to be subjected to core verification in the set time period and the current core environment characteristics of the target user are obtained, and then the credible score of the target user is determined by using the credible score scoring model according to the historical core behavior data and the current core environment characteristics of the target user, so that the core verification of the target user at this time is avoided when the credible score reaches the credible score threshold, and the core verification operation is executed for the target user when the credible score does not reach the credible score threshold.
Therefore, a large amount of data generated by the service can be utilized to model all the core body behaviors of the target user in a near period of time, the behavior characteristics of the target user in a wider time window and a more diversified core body mode can be captured, the credible score is comprehensively output by combining the real-time core body environment characteristics of the target user, and a core body exempting decision is made according to the credible score to carry out core body exemption on the target user with a high credible score. Based on the method, while the safety of private data, property and the like of the target user is ensured, repeated verification in a short time is reduced for the target user, redundant operation of the target user is reduced, and the core experience of the target user is optimized.
In addition, the core body verification processing method for protecting privacy provided by the embodiment of the present specification can also improve the core body exemption coverage (the ratio of the number of core body sessions exempted by a hit core body to the total number of core body sessions), and improve the core body success rate. And the method also has certain universality, and can be suitable for various body check scenes, such as an account login scene, a payment scene, a private data viewing scene and the like. For example, for the multiple core body scenes, the characteristics and rules do not need to be designed artificially, only the credibility score threshold value needs to be adjusted, and a more universal core body exemption decision-making mode can be provided.
With further reference to fig. 5, the present specification provides an embodiment of a privacy-preserving core verification processing apparatus, which corresponds to the method embodiment shown in fig. 2 and can be applied to the core platform shown in fig. 1.
As shown in fig. 5, the privacy-preserving nuclear verification processing apparatus 500 of the present embodiment includes: an acquisition unit 501, a score determination unit 502, a first processing unit 503, and a second processing unit 504. The obtaining unit 501 is configured to obtain historical core behavior data of a target user to be subjected to core verification in a set time period, and current core environment characteristics of the target user; the score determining unit 502 is configured to determine a credible score of the target user by using a credible score scoring model according to the historical nuclear behavior data and the nuclear environment characteristics; the first processing unit 503 is configured to determine to exempt the core verification of the target user this time if the credibility score reaches the credibility score threshold; the second processing unit 504 is configured to perform a core verification operation for the target user if the trustworthiness score does not reach the trustworthiness score threshold.
In some embodiments, the apparatus 500 may further include: a receiving unit (not shown in the figure) configured to receive a core verification request triggered by a target user due to execution of a target service operation, where the core verification request includes a user identifier of the target user and a current core environment characteristic; and the obtaining unit 501 is further configured to: and acquiring historical nuclear behavior data according to the user identification of the target user.
In some embodiments, the core-body verification request further includes a service identifier of a service to which the target service operation belongs; and the obtaining unit 501 may be further configured to: and acquiring a credibility score threshold corresponding to the service identifier.
In some embodiments, the first processing unit 503 may be further configured to: and after the target user is determined to be exempted from the current verification, outputting prompt information for indicating that the current verification is exempted to the target user.
In some embodiments, each piece of core behavior information in the historical core behavior data includes a core mode, a core result, a core environment characteristic, and the like.
In some embodiments, the single-core mode includes a face core, a password core, a fingerprint core, a palm print core, an iris core, a finger vein core, or a voice print core.
In some embodiments, the core environment characteristics include device identification, device model, IP address and/or location information of the device initiating the core verification, and the like.
In some embodiments, the score determination unit 502 may include: a first determining subunit (not shown in the figure), configured to determine, according to a current core environment characteristic of the target user, whether a first device initiating the core verification of this time is a trusted device; and a second determining subunit (not shown in the figures) configured to determine the credibility score of the target user by using the credibility score scoring model according to the historical nuclear behavior data and the current nuclear environment characteristics in response to the first determining subunit determining that the first device is the credible device.
In some embodiments, the second processing unit 504 may be further configured to: in response to the first determining subunit determining that the first device is not a trusted device, a core verification operation is performed for the target user.
In some embodiments, the credible score model comprises a width portion and a depth portion; and the second determining subunit may be further configured to: calculating a plurality of target accumulated variables according to each piece of first core behavior information related to first equipment in the historical core behavior data; performing embedded vector mapping on a data sequence formed by historical core behavior data and current core environment characteristics to obtain an embedded vector sequence; inputting the target accumulated variables and the current core-body environment characteristics into a width part, and embedding a vector sequence into a depth part, so that the credibility score scoring model outputs the credibility score of the target user.
In some embodiments, each piece of core behavior information in the historical core behavior data includes a core mode, and the first device corresponds to at least one core mode in the historical core behavior data; and the single target cumulative variable comprises any one of: the first core success frequency corresponding to any one of the at least one core mode, the first core failure frequency corresponding to the core mode, the second core success frequency corresponding to the at least one core mode, and the second core failure frequency corresponding to the at least one core mode.
In some embodiments, the current core body environment characteristic comprises a first device identification of the first device; and the first determining subunit may be further configured to: and if the first device identifier is included in a first trusted device list, determining that the first device is a trusted device, wherein the first trusted device list includes the device identifier of at least one trusted device.
In some embodiments, the first determining subunit may be further configured to: and if the current core-body environment characteristics of the target user are contained in a second trusted device list, determining that the first device is a trusted device, wherein the second trusted device list comprises the trusted core-body environment characteristics of at least one trusted device.
In the above device embodiments, the detailed processing of each unit and the technical effects thereof can refer to the related description in the corresponding embodiment of fig. 2, and are not repeated herein.
Embodiments of the present specification further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed in a computer, causes the computer to execute the core verification processing methods respectively shown in the above method embodiments.
The embodiment of the present specification further provides a computing device, which includes a memory and a processor, where the memory stores an executable code, and when the processor executes the executable code, the core verification processing method respectively shown in the foregoing method embodiments is implemented.
Embodiments of the present specification further provide a computer program, where the computer program causes a computer to execute the core verification processing methods respectively shown in the above method embodiments when the computer program is executed in the computer.
Those skilled in the art will recognize that, in one or more of the examples described above, the functions described in the embodiments disclosed herein may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium.
In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The above-mentioned embodiments, objects, technical solutions and advantages of the embodiments disclosed in the present specification are further described in detail, it should be understood that the above-mentioned embodiments are only specific embodiments of the embodiments disclosed in the present specification, and are not intended to limit the scope of the embodiments disclosed in the present specification, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the embodiments disclosed in the present specification should be included in the scope of the embodiments disclosed in the present specification.

Claims (15)

1. A core-body verification processing method for protecting privacy comprises the following steps:
acquiring historical core behavior data of a target user to be subjected to core verification in a set time period and current core environment characteristics of the target user;
inputting the historical core body behavior data and the core body environment characteristics into a credible score scoring model, and determining the credible score of the target user;
if the credibility score reaches a credibility score threshold, determining to avoid the current verification of the target user;
if the credibility score does not reach the credibility score threshold value, performing core verification operation aiming at the target user;
wherein the scoring model comprises a width portion and a depth portion; and inputting the historical core body behavior data and the core body environment characteristics into a credibility score scoring model to determine the credibility score of the target user, wherein the steps of:
calculating a plurality of target accumulated variables according to each piece of first core behavior information in the historical core behavior data, wherein the first core behavior information is core behavior information related to first equipment initiating the core verification;
performing embedded vector mapping on a data sequence formed by the historical core body behavior data and the current core body environment characteristic to obtain an embedded vector sequence;
inputting the target cumulative variables and the current core-body environment features into the width part, and inputting the embedded vector sequence into the depth part, so that the scoring model outputs the credibility score of the target user.
2. The method of claim 1, wherein before the obtaining historical core behavior data of the target user to be subjected to core verification within a set time period, the method further comprises:
receiving a core body verification request triggered by the target user due to the execution of the target service operation, wherein the core body verification request comprises a user identifier of the target user and the core body environment characteristics; and
the acquiring historical core behavior data of the user to be subjected to core verification in a set time period comprises the following steps:
and acquiring the historical nuclear behavior data according to the user identification.
3. The method of claim 2, wherein the core verification request further comprises a service identifier of a service to which the target service operation belongs; and
after the receiving of the core verification request triggered by the target user due to the execution of the target business operation, the method further includes:
and acquiring a credible score threshold corresponding to the service identifier.
4. The method of claim 1, wherein after the determining to exempt the target user from the current physical verification, the method further comprises:
and outputting prompt information for indicating that the checking of the core is avoided to the target user.
5. The method of claim 1, wherein each piece of core behavior information in the historical core behavior data comprises a core mode, a core result, and a core environment characteristic.
6. The method of claim 5, wherein the core-by-core approach comprises any one of: the body is checked by human face, password, fingerprint, palm print, iris, finger vein and vocal print.
7. The method of claim 1 or 5, wherein the core body environment characteristics include at least one of the following for a device initiating the core body check: equipment identification, equipment model, IP address and position information.
8. The method of claim 7, wherein after the obtaining of the historical core behavior data of the target user to be subjected to the core verification within a set time period and the current core environment characteristics of the target user, the method further comprises:
determining whether the first equipment initiating the nuclear verification is a trusted equipment or not according to the current nuclear environment characteristics; and
inputting the historical core body behavior data and the core body environment characteristics into a credibility score scoring model to determine the credibility score of the target user, wherein the credibility score of the target user comprises the following steps:
in response to determining that the first device is a trusted device, inputting the historical core behavior data and the core environment characteristics into a trusted score scoring model, determining a trusted score for the target user.
9. The method of claim 8, wherein the method further comprises:
in response to determining that the first device is not a trusted device, performing a core verification operation for the target user.
10. The method according to claim 1, wherein each piece of core behavior information in the historical core behavior data includes a core mode, and the first device corresponds to at least one core mode in the historical core behavior data; and
the single target cumulative variable includes any one of: the first core-body success frequency corresponding to any one of the at least one core-body mode, the first core-body failure frequency corresponding to the core-body mode, the second core-body success frequency corresponding to the at least one core-body mode, and the second core-body failure frequency corresponding to the at least one core-body mode.
11. The method of claim 8, wherein the current core body environment characteristic comprises a first device identification of the first device; and
the determining whether the first device initiating the current core body verification is a trusted device according to the current core body environment characteristics includes:
and if the first equipment identifier is contained in a first trusted equipment list, determining that the first equipment is trusted equipment, wherein the first trusted equipment list comprises the equipment identifier of at least one trusted equipment.
12. The method according to claim 8, wherein the determining, according to the current core body environment characteristic, whether the first device initiating the core body verification of this time is a trusted device includes:
and if the current core body environment characteristics are contained in a second trusted device list, determining that the first device is a trusted device, wherein the second trusted device list comprises the trusted core body environment characteristics of at least one trusted device.
13. A privacy-preserving authentication processing apparatus, comprising:
the system comprises an acquisition unit, a verification unit and a verification unit, wherein the acquisition unit is configured to acquire historical core behavior data of a target user to be subjected to core verification in a set time period and current core environment characteristics of the target user;
a score determining unit configured to input the historical core behavior data and the core environment characteristics into a credibility score scoring model and determine a credibility score of the target user;
a first processing unit configured to determine to exempt the current core verification of the target user if the credibility score reaches a credibility score threshold;
a second processing unit configured to perform a core verification operation for the target user if the trustworthiness score does not meet the trustworthiness score threshold;
wherein the scoring model comprises a width portion and a depth portion; and the score determination unit is further configured to:
calculating a plurality of target accumulated variables according to each piece of first core behavior information in the historical core behavior data, wherein the first core behavior information is core behavior information related to first equipment initiating the core verification;
performing embedded vector mapping on a data sequence formed by the historical core body behavior data and the current core body environment characteristics to obtain an embedded vector sequence;
inputting the target cumulative variables and the current core-body environment features into the width part, and inputting the embedded vector sequence into the depth part, so that the scoring model outputs the credibility score of the target user.
14. A computer-readable storage medium, on which a computer program is stored, wherein the computer program causes a computer to carry out the method of any one of claims 1-12 when the computer program is carried out in the computer.
15. A computing device comprising a memory and a processor, wherein the memory has stored therein executable code that when executed by the processor implements the method of any of claims 1-12.
CN202110342398.7A 2021-03-30 2021-03-30 Privacy-protecting core-body verification processing method and device Active CN112966243B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110342398.7A CN112966243B (en) 2021-03-30 2021-03-30 Privacy-protecting core-body verification processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110342398.7A CN112966243B (en) 2021-03-30 2021-03-30 Privacy-protecting core-body verification processing method and device

Publications (2)

Publication Number Publication Date
CN112966243A CN112966243A (en) 2021-06-15
CN112966243B true CN112966243B (en) 2022-09-09

Family

ID=76280284

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110342398.7A Active CN112966243B (en) 2021-03-30 2021-03-30 Privacy-protecting core-body verification processing method and device

Country Status (1)

Country Link
CN (1) CN112966243B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018014789A1 (en) * 2016-07-22 2018-01-25 阿里巴巴集团控股有限公司 Method and device for controlling service operation risk
WO2020125364A1 (en) * 2018-12-17 2020-06-25 深圳壹账通智能科技有限公司 Information verification input method and apparatus, computer device, and storage medium
US10868672B1 (en) * 2015-06-05 2020-12-15 Apple Inc. Establishing and verifying identity using biometrics while protecting user privacy

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104144419B (en) * 2014-01-24 2017-05-24 腾讯科技(深圳)有限公司 Identity authentication method, device and system
CN104301117B (en) * 2014-10-22 2017-11-28 中国联合网络通信集团有限公司 Identity verify method and device
US10135801B2 (en) * 2015-09-09 2018-11-20 Oath Inc. On-line account recovery
CN108076018A (en) * 2016-11-16 2018-05-25 阿里巴巴集团控股有限公司 Identity authorization system, method, apparatus and account authentication method
CN108875327A (en) * 2018-05-28 2018-11-23 阿里巴巴集团控股有限公司 One seed nucleus body method and apparatus
CN112508568A (en) * 2018-08-15 2021-03-16 创新先进技术有限公司 Core product pushing and core method and system
CN110348188B (en) * 2019-05-31 2021-08-27 创新先进技术有限公司 Core body checking method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10868672B1 (en) * 2015-06-05 2020-12-15 Apple Inc. Establishing and verifying identity using biometrics while protecting user privacy
WO2018014789A1 (en) * 2016-07-22 2018-01-25 阿里巴巴集团控股有限公司 Method and device for controlling service operation risk
WO2020125364A1 (en) * 2018-12-17 2020-06-25 深圳壹账通智能科技有限公司 Information verification input method and apparatus, computer device, and storage medium

Also Published As

Publication number Publication date
CN112966243A (en) 2021-06-15

Similar Documents

Publication Publication Date Title
EP3719678B1 (en) Identity verification method and apparatus
US11947651B2 (en) Biometric identification platform
CN107872436B (en) Account identification method, device and system
US20170227995A1 (en) Method and system for implicit authentication
CN108780475A (en) Personalized inference certification for virtually assisting
US9667613B1 (en) Detecting mobile device emulation
US11115406B2 (en) System for security analysis and authentication
US10958673B1 (en) Multi-factor authentication augmented workflow
CN109547426B (en) Service response method and server
CN109871673B (en) Continuous identity authentication method and system based on different context environments
Chen et al. Backdoor attacks and defenses for deep neural networks in outsourced cloud environments
US11785030B2 (en) Identifying data processing timeouts in live risk analysis systems
WO2016045225A1 (en) Password fault tolerance method based on mouse behaviour
Ashibani et al. A multi-feature user authentication model based on mobile app interactions
US11321449B2 (en) System for security analysis and authentication across downstream applications
US11954188B1 (en) Systems and methods for dynamic bio-behavioral authentication
Traore et al. Dynamic sample size detection in learning command line sequence for continuous authentication
CN112966243B (en) Privacy-protecting core-body verification processing method and device
Brown et al. A novel multimodal biometric authentication system using machine learning and blockchain
Garabato et al. AI-based user authentication reinforcement by continuous extraction of behavioral interaction features
CN113794699B (en) Network analysis processing method
LU502287B1 (en) Detection of malicious activity
CN113409051B (en) Risk identification method and device for target service
CN111984840B (en) Online asset security display locking method and device
Lai Intelligent online risk-based authentication using Bayesian network model

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant