CN113196262A - True and false inquiry method and terminal equipment thereof - Google Patents

True and false inquiry method and terminal equipment thereof Download PDF

Info

Publication number
CN113196262A
CN113196262A CN201880100352.0A CN201880100352A CN113196262A CN 113196262 A CN113196262 A CN 113196262A CN 201880100352 A CN201880100352 A CN 201880100352A CN 113196262 A CN113196262 A CN 113196262A
Authority
CN
China
Prior art keywords
terminal device
authenticity
network access
permission information
query
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201880100352.0A
Other languages
Chinese (zh)
Inventor
徐顺海
周涌
段晓冬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN113196262A publication Critical patent/CN113196262A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • G06F16/9538Presentation of query results

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephone Function (AREA)

Abstract

The disclosure relates to a method for inquiring authenticity and a terminal device thereof. Automatically reading the network access permission information of the terminal equipment and displaying a first user interface containing the network access permission information and the authenticity query interactive element; and when receiving an input of a user selecting the authenticity query interactive element, sending an authenticity query request carrying the network access permission information to an authenticity verification server, receiving an authenticity query result corresponding to the network access permission information from the authenticity verification server, and displaying the authenticity query result. Through the scheme provided by the application, the user can visually see the network access permission information of the terminal equipment and conveniently inquire the authenticity of the terminal equipment through the user interface of the terminal equipment, and therefore the convenience of authenticity inquiry of the terminal equipment is obviously improved.

Description

True and false inquiry method and terminal equipment thereof Technical Field
The present disclosure relates to the field of intelligent terminals, and more particularly, to an authenticity query method and a terminal device thereof.
Background
China imposes an admission system on telecommunications terminal equipment, radio communication equipment, and telecommunications equipment related to internetworking between networks, which are used to access public telecommunications networks. The telecommunication equipment for implementing the network access permission system must obtain the network access permission issued by the ministry of industry and informatization of China.
The telecom equipment manufacturer should paste the network admission mark on the telecom equipment which is manufactured by the telecom equipment manufacturer and obtains the network admission. The network access permission mark is uniformly printed and issued by an industrial and informatization department, and belongs to a quality mark. The telecom equipment which does not obtain the network access license and fails the network access license cannot be provided with the network access license mark. The network access permission mark comprises information such as a network access permission number, an equipment model, a scrambling code and the like. The user can inquire and verify the information on the network access permission mark through the webpage so as to verify the authenticity of the equipment.
However, the access permission mark is stuck on the device shell in the form of a paper label, which affects the beauty of the device. And the label transmission, transportation storage, sticking and inspection processes of the paper are high in cost, the paper label is not easy to keep, and if the label information is damaged and lost, the following authenticity verification operation cannot be executed. Moreover, the legality of the equipment requires a user to manually log in a website and input paper-based access permission mark information, and the operation experience is poor.
Disclosure of Invention
The text describes an authenticity query method and a terminal device thereof, which can provide a convenient and fast authenticity query method for the terminal device.
In order to achieve the above purpose, the embodiment of the present application adopts the following technical solutions:
in a first aspect, the present application provides a method for querying authenticity of a terminal device. The authenticity query method comprises the following steps: automatically reading the network access permission information, wherein the network access permission information comprises one or any combination of the following items: the system comprises a network access license number, a terminal equipment model, a scrambling code, an international mobile terminal equipment identification code (IMEI), a mobile terminal equipment identification code (MEID), a network access license application unit, a terminal equipment name, a network access license certificate validity period or a certificate issuing date; displaying a first user interface, wherein the first user interface comprises the network access permission information and the authenticity query interactive element; obtaining a first touch input for selecting the authenticity query interactive element; responding to the first touch input, sending an authenticity query request to an authenticity verification server, wherein the authenticity query request comprises the network access permission information; receiving an authenticity query result corresponding to the network access permission information from the authenticity verification server; and displaying the authenticity inquiry result.
In the method for inquiring the authenticity, the user can visually check the network access permission information through the user interface, and trigger the authenticity inquiry request and display the authenticity inquiry result through the user interface. Compared with the prior paper network access permission mark, the authenticity query rate of the terminal equipment can be improved, and the two reasons are that firstly, a user does not need to manually input the network access permission number; and secondly, the risk of losing the paper network access permission mark is eliminated, and the user can inquire the authenticity of the terminal equipment at any time after purchasing the terminal equipment.
In some possible implementations, the network access permission information is stored in a non-volatile Memory (e.g., a Read Only Memory (ROM) or a Flash Memory) of the terminal device. Therefore, when the terminal equipment is powered off, the stored network access permission information cannot be lost, and a user can start the terminal equipment at any time to check the network access permission information of the terminal equipment.
In some possible implementations, the network entry permission information displayed by the first user interface is recorded in a Quick Response matrix Code (Quick Response Code).
In some possible implementations, the quick response matrix code also records a true and false query web address (e.g., https: \ \ www.tenaa.com.cn). Thus, a user can scan the quick response matrix code displayed in the first user interface through a second terminal device (different from the terminal device displaying the first user interface), obtain the network access permission information and the authenticity query website recorded in the quick response matrix code, and the second terminal device can access the authenticity query website to access the authenticity verification server (that is, the authenticity query website is deployed on the authenticity verification server), and send the network access permission information to the authenticity verification server (for example, send the network access permission information to the authenticity verification server in an HTTP POST manner); the second terminal equipment receives a true and false inquiry result corresponding to the network access permission information from the true and false verification server; and the second terminal equipment displays the authenticity inquiry result.
In the above implementation manner, the user may inquire the authenticity of the terminal device with the aid of the second terminal device. For example, when a terminal device (e.g., a smart watch) newly purchased by a user cannot connect to a network, the terminal device may be queried for authenticity by scanning a quick response matrix code displayed by the terminal device with a second terminal device (e.g., a smart phone).
In some possible implementation manners, the above method for querying authenticity of a terminal device further includes starting an operating system setting wizard, and the first user interface is presented in the process of the operating system setting wizard.
In the implementation manner, after the terminal device is started for the first time, the terminal device starts an operating system setting guide, and displays a first user interface containing the network access permission information in the process of the operating system setting guide. Therefore, the user can verify the authenticity of the terminal equipment when the terminal equipment is started for the first time after purchasing the terminal equipment, and timely acquire the authenticity verification result, so that the risk of being cheated is avoided.
In some possible implementations, the step of sending the authenticity query request to the authenticity verification server includes: generating a Uniform Resource Locator (URL) containing the network access permission information; and accessing the resources identified by the uniform resource locator in the authenticity verification server through a web browser application.
In some possible implementation manners, the authenticity verification server verifies whether the terminal equipment is true by inquiring whether the network access permission information corresponding to the terminal equipment exists in the network access permission information database, and if the network access permission information corresponding to the terminal equipment exists, the terminal equipment is legal; if the corresponding network access permission information does not exist, the terminal equipment is illegal.
In a second aspect, an embodiment of the present application provides a terminal device, including: a processor, a memory, a bus, and a communication interface; the memory is used for storing computer execution instructions, the processor is connected with the memory through the bus, and when the terminal equipment runs, the processor executes the computer execution instructions stored in the memory so as to enable the terminal equipment to execute any one of the above terminal equipment authenticity query methods.
In a third aspect, an embodiment of the present application provides a computer-readable storage medium, where an instruction is stored in the computer-readable storage medium, and when the instruction runs on any one of the above terminal devices, the instruction causes the terminal device to execute the method for querying whether the terminal device is true or false.
In a fourth aspect, an embodiment of the present application provides a computer program product including instructions, which, when run on any one of the above terminal devices, causes the terminal device to execute any one of the above method for inquiring whether the terminal device is true or false.
In addition, the technical effects brought by any one of the design methods in the second aspect to the fourth aspect can be referred to the technical effects brought by the different design methods in the first aspect, and are not described herein again.
In a fifth aspect, an embodiment of the present application provides another method for querying authenticity of a terminal device, where the method includes: the terminal equipment receives an authenticity inquiry instruction sent by the authenticity verification equipment; the terminal equipment responds to the authenticity inquiry instruction to start an authentication process aiming at the terminal equipment; after the terminal equipment passes the authentication, the terminal equipment automatically reads the network access permission information, and the network access permission information comprises one or any combination of the following items: the system comprises a network access license number, a terminal equipment model, a scrambling code, an international mobile terminal equipment identification code (IMEI), a mobile terminal equipment identification code (MEID), a network access license application unit, a terminal equipment name, a network access license certificate validity period or a certificate issuing date; and the terminal equipment sends the network access permission information to a true and false verification equipment so that the true and false verification equipment obtains a true and false query result corresponding to the network access permission information.
The authenticity query method mainly aims at counterfeit terminals produced by some counterfeit terminal manufacturers. For example, the counterfeit terminal may also display a first user interface similar to that in the first aspect described above, and display the forged network entry permission information and the authenticity query interactive element in the user interface. When the user selects the authenticity query interactive element, the fake terminal directly displays a query result such as "the identification information of your query is true and corresponds to the product serial number". In fact, the network access permission information displayed by the fake terminal is false, and only the network access permission information looks similar to the network access permission information displayed by a regular terminal device (for example, the fake terminal also displays information such as a two-dimensional code, a terminal device model, a network access permission number, a scrambling code and the like), when the user selects the authenticity query interactive element, the fake terminal does not send an authenticity query request to the authenticity verification server, but directly displays a query result of 'the mark information of your query is true and corresponds to a product serial number', so that the user mistakenly thinks that the purchased product is genuine. In this case, the counterfeit terminal does not access the authentication server at all, but lets the user misunderstand that the purchase is genuine only through the counterfeit network entry approval information and the counterfeit authentication inquiry result.
In the above-described authenticity query method according to the fifth aspect, the authenticity verification device may be an authenticity detection device provided by the ministry of industry and trust. If the user suspects that the purchased terminal equipment is a fake product, the terminal equipment can be sent to a professional detection mechanism approved by the Ministry of industry and trust to be verified by adopting the authenticity inquiry method. If the authenticity verifying equipment displays that the terminal equipment is a genuine product after the authenticity inquiry, the user is indicated to purchase the genuine product.
In some possible implementation manners, the authentication of the terminal device is performed between the terminal device and the authenticity verification device through an asymmetric key encryption algorithm. For example, the terminal device and the authentication verification device hold asymmetric key pairs (i.e., a public key and a private key), and one of them (e.g., the terminal device) encrypts specific data (e.g., a random number) using the private key, while the other (e.g., the authentication verification device) decrypts the data using the public key, and if the decryption is successful, the authentication of the terminal device is considered to be successful. And after the terminal equipment is successfully authenticated, the terminal equipment reads the network access permission information and transmits the network access permission information to the authenticity verification equipment. The authenticity verification device inquires whether the network access permission information is stored in the network access permission information database, and if the network access permission information exists, the authenticity verification device proves that the terminal device is a genuine product. In one implementation, the authenticity verification device locally stores a network access permission information database. In another implementation, the network access permission information database is stored in the authenticity verification server, and the authenticity verification device accesses the network access permission information database stored in the authenticity verification server to determine authenticity of the terminal device.
In some possible implementation manners, after the authentication of the terminal device is successful, the terminal device sends the network access permission information to the authenticity verification device, and also sends a product serial number (IMEI, MEID, or a unique identifier (e.g., a hardware serial number) of the terminal device to the authenticity verification device, after the authenticity verification device obtains the serial number, the authenticity verification device inquires whether the serial number is matched with a stored serial number transmitted by a terminal device manufacturer, and if the serial number is matched, the terminal device is a genuine product.
Through any design mode in the above-mentioned fifth aspect, the user can utilize the authenticity verification equipment that professional accreditation institution provided to verify the authenticity of terminal equipment, can prevent to a certain extent that counterfeit and shoddy products from entering the market.
Drawings
Fig. 1 is an architecture diagram of an inbound license management system according to an embodiment of the present application;
fig. 2 is a schematic diagram of an incoming license management method according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a terminal device according to an embodiment of the present application;
fig. 4A is a schematic structural diagram of a terminal device authenticity verification system according to an embodiment of the present application;
FIG. 4B is a schematic diagram of various electronic tags for network admission provided by embodiments of the present application;
fig. 5 is a schematic diagram illustrating an operation system setting wizard for querying whether a terminal device is true or false according to an embodiment of the present application;
fig. 6A is an exemplary user interface for querying authenticity of a terminal device according to an embodiment of the present application;
fig. 6B is an exemplary user interface of the result of the authenticity query of the terminal device according to the embodiment of the present application;
fig. 7 is another exemplary user interface for querying the authenticity information of the terminal device according to the embodiment of the present application;
8A, 8B, 8C, and 8D illustrate still another exemplary user interface for the terminal device to perform the authenticity query according to the embodiment of the present application;
fig. 9 is a flowchart of an exemplary method for querying authenticity of a terminal device according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of another terminal device provided in an embodiment of the present application;
fig. 11 is a schematic structural diagram of another terminal device provided in the embodiment of the present application;
fig. 12 is a schematic diagram of a terminal device authenticity query system according to an embodiment of the present application;
fig. 13 is an exemplary process diagram of an alternative terminal device authentication query provided in an embodiment of the present application;
fig. 14 is an exemplary process diagram of an authenticity query of a terminal device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be described below with reference to the drawings in the embodiments of the present disclosure.
Fig. 1 illustrates an architecture diagram of an inbound license management system 100, according to various examples. In some examples, the system 100 may implement functions such as acceptance and issuance of an online license, and usage monitoring of an online license. The term "network access license" refers to a network access license issued by a network access license management organization (e.g., the ministry of industry and communications of China), which is allowed by a communication device obtaining the network access license to access a public communication network for use and sale. The term "electronic sign for admission" refers to a quality sign (which is a name against a paper admission ticket in the prior art) stored in electronic data form on a communication device that has acquired admission, and the electronic sign for admission records the information of admission of the device.
As shown in fig. 1, in some examples, the inbound license management system 100 includes an inbound license management server 102, and an equipment vendor (e.g., a manufacturer of the terminal device) inbound license data management client 104, an inbound license importing device 106, and a terminal device 108 (e.g., a cell phone 108 or a watch 108 in fig. 1). The device vendor inbound license data management client 104 and the inbound license management server 102 may communicate over one or more networks 110 according to a client-server model.
The inbound license management server 102 is provided, managed, and maintained by an inbound license management organization (e.g., an official organization such as the ministry of industry and communications of china or other third party inbound license management organization). The online license data management server 102 may provide server-side functions for the online license data management client 104 of the terminal device manufacturer, such as application, issuance, and usage monitoring of online licenses for various device manufacturers.
The device vendor web license data management client 104 is provided by a device manufacturer (e.g., a cell phone or smart watch manufacturer), and is managed and maintained. The device vendor inbound license data management client 104 may provide client-side functionality such as device vendor-oriented inbound license applications and inbound license usage reporting, as well as communications with an inbound license data management server.
The network access license importing device 106 may be a production device on a production line of a production plant of an equipment manufacturer, and is responsible for acquiring a network access license from the network access license data management client 104 of the equipment manufacturer and importing network access license information to the terminal device 108. In some embodiments, the inbound License importing device 106 obtains three parameters, i.e., an inbound License number, a terminal device model, and a scrambling code, from the inbound License data management client 104, separates the three parameters by commas in sequence, and concatenates the three parameters into a string "NAL" (where the NAL represents (Network Access License), and the string of the comma-concatenated NAL may be "inbound License number, terminal device model, scrambling code"). In one example, the NAL string may be "02-5043-. Next, the character string is written into the terminal device (for example, stored in a nonvolatile memory). In some implementations, a digital signature of the string (for example, a hash value obtained by performing a hash operation on a "NAL" string and then encrypting the hash value with a private key of an asymmetric encryption algorithm as a signature) may be written into the terminal device together. Finally, the network entry license importing device 106 reads the written "NAL" character string from the terminal device 108 to determine whether the character string is correctly written, and if the character string read from the terminal device 108 matches the character string at which writing is started, it proves that the network entry license information is successfully written. In some implementations, if the "NAL" string and the signature information are stored in the terminal device, the in-network license importing device 106 may decrypt the signature with the public key after reading the signature information to obtain the "NAL" string, and then determine whether the string matches the written "NAL" string.
The network entry license importing device 106 also notifies the network entry license data management client 104 of the production line of the network entry license usage condition (e.g., a correspondence table between a terminal device product serial number (such as International Mobile Equipment Identity (IMEI)) or a Mobile terminal device Identity (MEID) or other terminal device unique Identifier (such as hardware serial number)) and network entry license information, wherein the network entry license information corresponds to the terminal device product serial number one by one), and is finally transmitted to the network entry license management server 102 The validity period or the certificate issuing date of the network-entering license certificate. The scrambling code is a unique number owned by each terminal device, and has uniqueness as an International Mobile Equipment Identity (IMEI) or a Mobile terminal device Identity (MEID).
In some examples, the inbound license management server 102 can include a client-facing external I/O interface 112, one or more processing modules 114, and a storage module 116. The client-facing external I/0 interface 112 may communicate with the vendor inbound license data management client 104 over one or more networks 110. The one or more processing modules 114 may handle device vendor inbound license data management client 104's inbound license application, inbound license issuance, and inbound license usage monitoring. In addition, the one or more processing modules 114 generate the network entry license based on the information such as the number of devices and the model number of the devices reported by the device manufacturer. The storage module 116 is used for storing data and instructions. The storage module 116 may store the device merchant network admission license application data (e.g., network admission application form, device merchant enterprise information, device quality inspection report, etc.), or network admission license information usage data. In some embodiments, the network access permission information usage data may be a terminal device product serial number (such as an International Mobile Equipment Identity (IMEI)) reported by the Equipment manufacturer every month, or a correspondence table between a Mobile Equipment Identity (MEID) or other terminal device unique Identifier (e.g., a hardware serial number)) and network access permission information, where the network access permission information corresponds to the terminal device product serial number one to one. In some embodiments, the network access permission information usage data may also be a correspondence table between the product serial number of the terminal device and the serial number of the network access permission information (the serial number of the network access permission information may also be referred to as the serial number of the electronic tag of the network access permission). The network access license management server 102 assigns a corresponding serial number to each piece of network access license information.
In some examples, the device merchant network entry license data management client 104 may include a server-facing external I/O interface 118, one or more processing modules 120, and a storage module 122. The server-facing external I/O interface 118 may communicate with the inbound license management server 102 over one or more networks 110. The one or more processing modules 120 may apply for and communicate the use of an inbound license from the inbound license management server 102 via the external I/O interface 118. In addition, the one or more processing modules 120 transfer the device number, model number to the inbound license management server 102 via the external I/O interface 118 to apply for an inbound license. The storage module 122 is used for storing data and instructions. The storage module 122 may store the application data of the network access license of the equipment manufacturer (for example, the equipment model, the equipment name, the equipment quantity, the equipment quality authentication information, and the like), and the usage data of the network access license information (for example, a correspondence table between the product serial number (IMEI or MEID) of the terminal equipment and the network access license information is recorded, where the network access license information corresponds to the product serial number of the terminal equipment one to one). Of course, the network access permission information usage data may be a correspondence table between the terminal device product number and the network access permission information number. The network access license management server 102 assigns a corresponding serial number to each piece of network access license information.
The terminal device 108 may be any suitable electronic device (the structure of which may be referred to as electronic device 300 described below with reference to fig. 3), such as a cell phone or other portable multi-function device (e.g., a laptop or tablet computer). Further, in some examples, terminal device 108 may be a non-portable multifunction device. In particular, the terminal device 108 may be a desktop computer, a game console, a television, or a television set-top box. In some examples, terminal device 108 may include a touch-sensitive surface (e.g., a touch screen display and/or a touch pad). Further, the terminal device 108 may optionally include one or more other physical user interface devices, such as a physical keyboard, mouse, and/or joystick. In some examples, the end device 108 may be a wearable electronic device, such as a smart watch, smart bracelet, and the like.
Examples of communication network 110 may include a Local Area Network (LAN) and a Wide Area Network (WAN), such as the Internet. The communication network 110 may be implemented using any known network protocol, including various wired or wireless protocols, such as, for example, ethernet, Universal Serial Bus (USB), global system for mobile communications (GSM), Enhanced Data GSM Environment (EDGE), Code Division Multiple Access (CDMA), Time Division Multiple Access (TDMA), Long Term Evolution (LTE), bluetooth, wireless fidelity (Wi-Fi), or any other suitable communication protocol.
The networked license management server system 100 may be implemented on one or more standalone data processing devices or a distributed network. In some examples, the server system 100 may also employ various virtual devices and/or services of a third party service provider (e.g., a third party cloud service provider) to provide potential computing resources and/or infrastructure resources of the server system 100.
Fig. 2 illustrates a schematic diagram of an inbound license management method, according to various examples.
In step 202, before the terminal device is produced, the device manufacturer sends an access license acquisition request to the access license management server 102 through the device manufacturer access license data management client 104. The network access license acquisition request carries one or any combination of the following parameters: equipment manufacturer, equipment name, equipment model, equipment quantity or equipment quality detection report.
In step 204, the online license management server 102 validates the request submitted by the device vendor online license data management client 104 for obtaining the online license. If the condition is verified by the network access license management server 102, the network access license management server 102 generates a network access license and sends network access license information to the device manufacturer network access license data management client 104. The network access permission information comprises one or any combination of the following items: the system comprises a network access license number, a terminal equipment model, a scrambling code, an international mobile terminal equipment identification code (IMEI), a mobile terminal equipment identification code (MEID), a network access license application unit, a terminal equipment name, a network access license certificate validity period or a certificate issuing date.
In some implementations, in order to record the amount of the network access permission information sent, the network access permission management server 102 may also send a serial number (which may also be referred to as a network access permission electronic tag serial number) corresponding to the network access permission information to the network access device license data management client 104 in step 204. Thus, the network-entry license management server 102 can easily count the number of issued network-entry license electronic tags based on the serial number.
In step 206, the inbound license management server 102 communicates the inbound license information to the device merchant inbound license data management client 104. Thereafter, the device-merchant network entry license data management client 104 stores the network entry license information in the storage module 122 and transmits the network entry license information to the network entry license importing device 106 in step 208.
In step 208, the inbound license importing apparatus 106 transmits the inbound license information to the terminal apparatus 108. For example, the license import device 106 of the Manufacturer production line sends the network access license Information to the terminal device 108 through an AT command or a Diag command, and the network access license Information is saved by the terminal device 108, for example, in Manufacturer Information (e.g., Original Equipment Manufacturer Information) stored in a nonvolatile memory of the terminal device 108. And corresponding signature is also stored together with the network access permission information and is used for verifying the identity of a requester requesting to access the network access permission information. The terminal device 108 may then call a series of interfaces to access the inbound permission information. Taking the example that the terminal device 108 carries the Android operating system, an application (for example, a setting application or an operating system setting wizard application) of an application layer of the terminal device 108 obtains the network access permission information stored by the terminal device 108 through an interface corresponding to a Framework layer (Framework layer) for obtaining the network access permission information. The framework layer can verify the authority of the application requesting to access the network access permission information, and if malicious access of illegal application is detected, the framework layer refuses the access request; if the application requesting access to the network entry permission information has the access right, the application is allowed to access the network entry permission information.
In step 210, the license import device 106 feeds back the usage of the online license information to the device merchant online license data management client 104. That is, the license importing device 106 feeds back the mobile terminal device identification code terminal device product number (IMEI number or MEID number) and the corresponding network access license information correspondence table according to the number of actual production and use. Wherein, there is a one-to-one correspondence between the network access permission information and the terminal device product serial number of the terminal device 108.
In some embodiments, in step 210, the format of the correspondence table fed back to the network entry license management server 102 by the device manufacturer is "product serial number, network entry license information serial number". If the terminal device has multiple product serial numbers (for example, if the terminal device supports multiple SIM cards, there are multiple IMEI numbers), the number of the correspondence table fed back to the network entry license management server 102 by the device manufacturer is "product serial number 1, product serial number 2, network entry license information serial number". For example, taking a terminal device having two IMEIs and two MEIDs as an example, the correspondence relationship of the feedback is "IMEI 1, IMEI2, MEID1, MEID2, network access permission information sequence number".
In step 212, the device-merchant network entry license data management client 104 feeds back the usage of the network entry license information to the network entry license management server 102. For example, the device manufacturer network entry license data management client 104 feeds back a correspondence table between the terminal device product serial number (IMEI number and/or MEID number) and the corresponding network entry license information to the network entry license management server 102.
An embodiment of a terminal device having network entry permission information or an electronic tag for network entry permission will now be described. Fig. 3 shows a schematic structural diagram of the terminal device 108 in fig. 1 according to an embodiment of the present disclosure. The terminal device 108 will be described by taking the electronic device 300 shown in fig. 3 as an example.
The electronic device 300 may include a processor 310, an external memory interface 320, an internal memory 321, a Universal Serial Bus (USB) interface 330, a charging management module 340, a power management module 341, a battery 342, an antenna 1, an antenna 2, a mobile communication module 350, a wireless communication module 360, an audio module 370, a speaker 370A, a receiver 370B, a microphone 370C, an earphone interface 370D, a sensor module 380, keys 390, a motor 391, an indicator 392, a camera 393, a display 394, and a Subscriber Identification Module (SIM) card interface 395, and the like. The sensor module 380 may include a pressure sensor 380A, a gyroscope sensor 380B, an air pressure sensor 380C, a magnetic sensor 380D, an acceleration sensor 380E, a distance sensor 380F, a proximity light sensor 380G, a fingerprint sensor 380H, a temperature sensor 380J, a touch sensor 380K, an ambient light sensor 380L, a bone conduction sensor 380M, and the like.
It is to be understood that the illustrated structure of the embodiment of the present application does not specifically limit the electronic device 300. In other embodiments of the present application, electronic device 300 may include more or fewer components than shown, or some components may be combined, some components may be split, or a different arrangement of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
Processor 310 may include one or more processing units, such as: the processor 310 may include an Application Processor (AP), a modem processor, a Graphics Processing Unit (GPU), an Image Signal Processor (ISP), a controller, a video codec, a Digital Signal Processor (DSP), a baseband processor, and/or a neural-Network Processing Unit (NPU), etc. The different processing units may be separate devices or may be integrated into one or more processors.
The controller can generate an operation control signal according to the instruction operation code and the timing signal to complete the control of instruction fetching and instruction execution.
A memory may also be provided in the processor 310 for storing instructions and data. In some embodiments, the memory in the processor 310 is a cache memory. The memory may hold instructions or data that have just been used or recycled by the processor 310. If the processor 310 needs to reuse the instruction or data, it can be called directly from the memory. Avoiding repeated accesses reduces the latency of the processor 310, thereby increasing the efficiency of the system.
In some embodiments, processor 310 may include one or more interfaces. The interface may include an integrated circuit (I2C) interface, an integrated circuit built-in audio (I2S) interface, a Pulse Code Modulation (PCM) interface, a universal asynchronous receiver/transmitter (UART) interface, a Mobile Industry Processor Interface (MIPI), a general-purpose input/output (GPIO) interface, a Subscriber Identity Module (SIM) interface, and/or a Universal Serial Bus (USB) interface, etc.
The I2C interface is a bi-directional synchronous serial bus that includes a serial data line (SDA) and a Serial Clock Line (SCL). In some embodiments, the processor 310 may include multiple sets of I2C buses. The processor 310 may be coupled to the touch sensor 380K, the charger, the flash, the camera 393, etc., via different I2C bus interfaces. For example: the processor 310 may be coupled to the touch sensor 380K via an I2C interface, such that the processor 310 and the touch sensor 380K communicate via an I2C bus interface to implement the touch functionality of the electronic device 300.
The I2S interface may be used for audio communication. In some embodiments, the processor 310 may include multiple sets of I2S buses. The processor 310 may be coupled to the audio module 370 via an I2S bus to enable communication between the processor 310 and the audio module 370. In some embodiments, the audio module 370 may communicate audio signals to the wireless communication module 360 via an I2S interface, enabling answering of calls via a bluetooth headset.
The PCM interface may also be used for audio communication, sampling, quantizing and encoding analog signals. In some embodiments, the audio module 370 and the wireless communication module 360 may be coupled by a PCM bus interface. In some embodiments, the audio module 370 may also transmit audio signals to the wireless communication module 360 through the PCM interface, so as to implement a function of answering a call through a bluetooth headset. Both the I2S interface and the PCM interface may be used for audio communication.
The UART interface is a universal serial data bus used for asynchronous communications. The bus may be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, a UART interface is generally used to connect the processor 310 with the wireless communication module 360. For example: the processor 310 communicates with the bluetooth module in the wireless communication module 360 through the UART interface to implement the bluetooth function. In some embodiments, the audio module 370 may transmit the audio signal to the wireless communication module 360 through a UART interface, so as to realize the function of playing music through a bluetooth headset.
The MIPI interface may be used to connect processor 310 with peripheral devices such as display 394, camera 393, and the like. The MIPI interface includes a Camera Serial Interface (CSI), a Display Serial Interface (DSI), and the like. In some embodiments, processor 310 and camera 393 communicate over a CSI interface to implement the capture functionality of electronic device 300. The processor 310 and the display screen 394 communicate via the DSI interface to implement the display functions of the electronic device 300.
The GPIO interface may be configured by software. The GPIO interface may be configured as a control signal and may also be configured as a data signal. In some embodiments, a GPIO interface may be used to connect the processor 310 with the camera 393, the display 394, the wireless communication module 360, the audio module 370, the sensor module 380, and the like. The GPIO interface may also be configured as an I2C interface, an I2S interface, a UART interface, a MIPI interface, and the like.
The USB interface 330 is an interface conforming to the USB standard specification, and may specifically be a Mini USB interface, a Micro USB interface, a USB Type C interface, or the like. The USB interface 330 may be used to connect a charger to charge the electronic device 300, and may also be used to transmit data between the electronic device 300 and peripheral devices. And the earphone can also be used for connecting an earphone and playing audio through the earphone. The interface may also be used to connect other electronic devices, such as AR devices and the like.
It should be understood that the interfacing relationship between the modules illustrated in the embodiments of the present application is only an illustration, and does not limit the structure of the electronic device 300. In other embodiments of the present application, the electronic device 300 may also adopt different interface connection manners or a combination of multiple interface connection manners in the above embodiments.
The charging management module 340 is configured to receive charging input from a charger. The charger may be a wireless charger or a wired charger. In some wired charging embodiments, the charging management module 340 may receive charging input from a wired charger via the USB interface 330. In some wireless charging embodiments, the charging management module 340 may receive a wireless charging input through a wireless charging coil of the electronic device 300. The charging management module 340 may also supply power to the electronic device through the power management module 341 while charging the battery 342.
The power management module 341 is configured to connect the battery 342, the charging management module 340 and the processor 310. The power management module 341 receives input from the battery 342 and/or the charge management module 340 and provides power to the processor 310, the internal memory 321, the display 394, the camera 393, and the wireless communication module 360. The power management module 341 may also be configured to monitor parameters such as battery capacity, battery cycle count, and battery state of health (leakage, impedance). In other embodiments, the power management module 341 may also be disposed in the processor 310. In other embodiments, the power management module 341 and the charging management module 340 may be disposed in the same device.
The wireless communication function of the electronic device 300 may be implemented by the antenna 1, the antenna 2, the mobile communication module 350, the wireless communication module 360, a modem processor, a baseband processor, and the like.
The antennas 1 and 2 are used for transmitting and receiving electromagnetic wave signals. Each antenna in the electronic device 300 may be used to cover a single or multiple communication bands. Different antennas can also be multiplexed to improve the utilization of the antennas. For example: the antenna 1 may be multiplexed as a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.
The mobile communication module 350 may provide a solution including 2G/3G/4G/5G wireless communication applied to the electronic device 300. The mobile communication module 350 may include at least one filter, a switch, a power amplifier, a Low Noise Amplifier (LNA), and the like. The mobile communication module 350 may receive the electromagnetic wave from the antenna 1, filter, amplify, etc. the received electromagnetic wave, and transmit the filtered electromagnetic wave to the modem processor for demodulation. The mobile communication module 350 may also amplify the signal modulated by the modem processor, and convert the signal into electromagnetic wave through the antenna 1 to radiate the electromagnetic wave. In some embodiments, at least some of the functional modules of the mobile communication module 350 may be disposed in the processor 310. In some embodiments, at least some of the functional modules of the mobile communication module 350 may be disposed in the same device as at least some of the modules of the processor 310.
The modem processor may include a modulator and a demodulator. The modulator is used for modulating a low-frequency baseband signal to be transmitted into a medium-high frequency signal. The demodulator is used for demodulating the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then passes the demodulated low frequency baseband signal to a baseband processor for processing. The low frequency baseband signal is processed by the baseband processor and then transferred to the application processor. The application processor outputs sound signals through an audio device (not limited to the speaker 370A, the receiver 370B, etc.) or displays images or video through the display 394. In some embodiments, the modem processor may be a stand-alone device. In other embodiments, the modem processor may be separate from the processor 310, and may be disposed in the same device as the mobile communication module 350 or other functional modules.
The wireless communication module 360 may provide solutions for wireless communication applied to the electronic device 300, including Wireless Local Area Networks (WLANs) (e.g., wireless fidelity (Wi-Fi) networks), bluetooth (bluetooth, BT), Global Navigation Satellite System (GNSS), Frequency Modulation (FM), Near Field Communication (NFC), Infrared (IR), and the like. The wireless communication module 360 may be one or more devices integrating at least one communication processing module. The wireless communication module 360 receives electromagnetic waves via the antenna 2, performs frequency modulation and filtering processing on electromagnetic wave signals, and transmits the processed signals to the processor 310. The wireless communication module 360 may also receive a signal to be transmitted from the processor 310, frequency-modulate and amplify the signal, and convert the signal into electromagnetic waves via the antenna 2 to radiate the electromagnetic waves.
In some embodiments, antenna 1 of electronic device 300 is coupled to mobile communication module 350 and antenna 2 is coupled to wireless communication module 360 such that electronic device 300 may communicate with networks and other devices via wireless communication techniques. The wireless communication technology may include global system for mobile communications (GSM), General Packet Radio Service (GPRS), code division multiple access (code division multiple access, CDMA), Wideband Code Division Multiple Access (WCDMA), time-division code division multiple access (time-division code division multiple access, TD-SCDMA), Long Term Evolution (LTE), LTE, BT, GNSS, WLAN, NFC, FM, and/or IR technologies, etc. The GNSS may include a Global Positioning System (GPS), a global navigation satellite system (GLONASS), a beidou navigation satellite system (BDS), a quasi-zenith satellite system (QZSS), and/or a Satellite Based Augmentation System (SBAS).
The electronic device 300 implements display functions via the GPU, the display 394, and the application processor, among other things. The GPU is an image processing microprocessor coupled to a display 394 and an application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 310 may include one or more GPUs that execute program instructions to generate or alter display information.
The display screen 394 is used to display images, video, and the like. The display screen 394 includes a display panel. The display panel may adopt a Liquid Crystal Display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode (active-matrix organic light-emitting diode, AMOLED), a flexible light-emitting diode (FLED), a miniature, a Micro-oeld, a quantum dot light-emitting diode (QLED), and the like. In some embodiments, the electronic device 300 may include 1 or N display screens 394, N being a positive integer greater than 1.
The electronic device 300 may implement a shooting function through the ISP, the camera 393, the video codec, the GPU, the display 394, the application processor, and the like.
The ISP is used to process the data fed back by the camera 393. For example, when a photo is taken, the shutter is opened, light is transmitted to the camera photosensitive element through the lens, the optical signal is converted into an electrical signal, and the camera photosensitive element transmits the electrical signal to the ISP for processing and converting into an image visible to naked eyes. The ISP can also carry out algorithm optimization on the noise, brightness and skin color of the image. The ISP can also optimize parameters such as exposure, color temperature and the like of a shooting scene. In some embodiments, the ISP may be located in camera 393.
Camera 393 is used to capture still images or video. The object generates an optical image through the lens and projects the optical image to the photosensitive element. The photosensitive element may be a Charge Coupled Device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The light sensing element converts the optical signal into an electrical signal, which is then passed to the ISP where it is converted into a digital image signal. And the ISP outputs the digital image signal to the DSP for processing. The DSP converts the digital image signal into image signal in standard RGB, YUV and other formats. In some embodiments, electronic device 300 may include 1 or N cameras 393, N being a positive integer greater than 1.
The digital signal processor is used for processing digital signals, and can process digital image signals and other digital signals. For example, when the electronic device 300 selects a frequency bin, the digital signal processor is used to perform fourier transform or the like on the frequency bin energy.
Video codecs are used to compress or decompress digital video. The electronic device 300 may support one or more video codecs. In this way, the electronic device 300 may play or record video in a variety of encoding formats, such as: moving Picture Experts Group (MPEG) 1, MPEG2, MPEG3, MPEG4, and the like.
The NPU is a neural-network (NN) computing processor that processes input information quickly by using a biological neural network structure, for example, by using a transfer mode between neurons of a human brain, and can also learn by itself continuously. The NPU can realize applications such as intelligent recognition of the electronic device 300, for example: image recognition, face recognition, speech recognition, text understanding, and the like.
The external memory interface 320 may be used to connect an external memory card, such as a Micro SD card, to extend the memory capability of the electronic device 300. The external memory card communicates with the processor 310 through the external memory interface 320 to implement a data storage function. For example, files such as music, video, etc. are saved in an external memory card.
The internal memory 321 may be used to store computer-executable program code, which includes instructions. The internal memory 321 may include a program storage area and a data storage area. The storage program area may store an operating system, an application program (such as a sound playing function, an image playing function, etc.) required by at least one function, and the like. The data storage area may store data (e.g., audio data, phone book, etc.) created during use of the electronic device 300, and the like. In addition, the internal memory 321 may include a high-speed random access memory, and may further include a nonvolatile memory, such as at least one magnetic disk storage device, a flash memory device, a universal flash memory (UFS), and the like. The processor 310 executes various functional applications of the electronic device 300 and data processing by executing instructions stored in the internal memory 321 and/or instructions stored in a memory provided in the processor.
The electronic device 300 may implement audio functions through the audio module 370, the speaker 370A, the receiver 370B, the microphone 370C, the earphone interface 370D, and the application processor. Such as music playing, recording, etc.
The audio module 370 is used to convert digital audio information into an analog audio signal output and also to convert an analog audio input into a digital audio signal. The audio module 370 may also be used to encode and decode audio signals. In some embodiments, the audio module 370 may be disposed in the processor 310, or some functional modules of the audio module 370 may be disposed in the processor 310.
The speaker 370A, also called a "horn", is used to convert the audio electrical signal into an acoustic signal. The electronic device 300 can listen to music through the speaker 370A or listen to a hands-free conversation.
The receiver 370B, also called "earpiece", is used to convert the electrical audio signal into an acoustic signal. When the electronic device 300 receives a call or voice information, it can receive voice by placing the receiver 370B close to the ear of the person.
Microphone 370C, also known as a "microphone," is used to convert sound signals into electrical signals. When making a call or transmitting voice information, the user can input a voice signal into the microphone 370C by speaking the user's mouth near the microphone 370C. The electronic device 300 may be provided with at least one microphone 370C. In other embodiments, the electronic device 300 may be provided with two microphones 370C to achieve a noise reduction function in addition to collecting sound signals. In other embodiments, the electronic device 300 may further include three, four or more microphones 370C to collect sound signals, reduce noise, identify sound sources, perform directional recording, and so on.
The headphone interface 370D is used to connect wired headphones. The headset interface 370D may be the USB interface 330, or may be a 3.5mm open mobile electronic device platform (OMTP) standard interface, a cellular telecommunications industry association (cellular telecommunications industry association of the USA, CTIA) standard interface.
The pressure sensor 380A is used for sensing a pressure signal, and converting the pressure signal into an electrical signal. In some embodiments, the pressure sensor 380A may be disposed on the display screen 394. The pressure sensor 380A can be of a wide variety, such as a resistive pressure sensor, an inductive pressure sensor, a capacitive pressure sensor, or the like. The capacitive pressure sensor may be a sensor comprising at least two parallel plates having an electrically conductive material. When a force acts on the pressure sensor 380A, the capacitance between the electrodes changes. The electronic device 300 determines the intensity of the pressure from the change in capacitance. When a touch operation is applied to the display screen 394, the electronic apparatus 300 detects the intensity of the touch operation according to the pressure sensor 380A. The electronic apparatus 300 may also calculate the touched position from the detection signal of the pressure sensor 380A. In some embodiments, the touch operations that are applied to the same touch position but different touch operation intensities may correspond to different operation instructions. For example: and when the touch operation with the touch operation intensity smaller than the first pressure threshold value acts on the short message application icon, executing an instruction for viewing the short message. And when the touch operation with the touch operation intensity larger than or equal to the first pressure threshold value acts on the short message application icon, executing an instruction of newly building the short message.
The gyro sensor 380B may be used to determine the motion pose of the electronic device 300. In some embodiments, the angular velocity of electronic device 300 about three axes (i.e., the x, y, and z axes) may be determined by gyroscope sensor 380B. The gyro sensor 380B may be used for photographing anti-shake. For example, when the shutter is pressed, the gyro sensor 380B detects the shake angle of the electronic device 300, calculates the distance to be compensated for by the lens module according to the shake angle, and allows the lens to counteract the shake of the electronic device 300 through a reverse movement, thereby achieving anti-shake. The gyro sensor 380B may also be used for navigation, somatosensory gaming scenes.
The air pressure sensor 380C is used to measure air pressure. In some embodiments, electronic device 300 calculates altitude, aiding in positioning and navigation, from barometric pressure values measured by barometric pressure sensor 380C.
The magnetic sensor 380D includes a hall sensor. The electronic device 300 may detect the opening and closing of the flip holster using the magnetic sensor 380D. In some embodiments, when the electronic device 300 is a flip phone, the electronic device 300 may detect the opening and closing of the flip according to the magnetic sensor 380D. And then according to the opening and closing state of the leather sheath or the opening and closing state of the flip cover, the automatic unlocking of the flip cover is set.
The acceleration sensor 380E may detect the magnitude of acceleration of the electronic device 300 in various directions (typically three axes). The magnitude and direction of gravity can be detected when the electronic device 300 is stationary. The method can also be used for recognizing the posture of the electronic equipment, and is applied to horizontal and vertical screen switching, pedometers and other applications.
A distance sensor 380F for measuring distance. The electronic device 300 may measure the distance by infrared or laser. In some embodiments, taking a picture of a scene, the electronic device 300 may utilize the distance sensor 380F to range for fast focus.
The proximity light sensor 380G may include, for example, a Light Emitting Diode (LED) and a light detector, such as a photodiode. The light emitting diode may be an infrared light emitting diode. The electronic device 300 emits infrared light to the outside through the light emitting diode. The electronic device 300 detects infrared reflected light from nearby objects using a photodiode. When sufficient reflected light is detected, it can be determined that there is an object near the electronic device 300. When insufficient reflected light is detected, the electronic device 300 may determine that there are no objects near the electronic device 300. The electronic device 300 can utilize the proximity light sensor 380G to detect that the user holds the electronic device 300 close to the ear for talking, so as to automatically turn off the screen to achieve the purpose of saving power. The proximity light sensor 380G may also be used in a holster mode, a pocket mode automatically unlocks and locks the screen.
The ambient light sensor 380L is used to sense the ambient light level. The electronic device 300 may adaptively adjust the brightness of the display 394 based on the perceived ambient light level. The ambient light sensor 380L may also be used to automatically adjust the white balance when taking a picture. The ambient light sensor 380L may also cooperate with the proximity light sensor 380G to detect whether the electronic device 300 is in a pocket to prevent inadvertent contact.
The fingerprint sensor 380H is used to capture a fingerprint. The electronic device 300 may utilize the collected fingerprint characteristics to implement fingerprint unlocking, access an application lock, fingerprint photographing, fingerprint incoming call answering, and the like.
The temperature sensor 380J is used to detect temperature. In some embodiments, the electronic device 300 implements a temperature processing strategy using the temperature detected by the temperature sensor 380J. For example, when the temperature reported by the temperature sensor 380J exceeds a threshold, the electronic device 300 performs a reduction in performance of a processor located near the temperature sensor 380J, so as to reduce power consumption and implement thermal protection. In other embodiments, the electronic device 300 heats the battery 342 when the temperature is below another threshold to avoid the low temperature causing the electronic device 300 to shut down abnormally. In other embodiments, when the temperature is below a further threshold, the electronic device 300 performs a boost on the output voltage of the battery 342 to avoid an abnormal shutdown due to low temperature.
The touch sensor 380K is also referred to as a "touch panel". The touch sensor 380K may be disposed on the display screen 394, and the touch sensor 380K and the display screen 394 form a touch screen, which is also referred to as a "touch screen". The touch sensor 380K is used to detect a touch operation applied thereto or thereabout. The touch sensor can communicate the detected touch operation to the application processor to determine the touch event type. Visual output associated with the touch operation may be provided via the display 394. In other embodiments, the touch sensor 380K can be disposed on a surface of the electronic device 300 at a different location than the display 394.
The bone conduction sensor 380M can acquire a vibration signal. In some embodiments, the bone conduction transducer 380M can acquire a vibration signal of the vibrating bone mass of the human voice. The bone conduction sensor 380M may also contact the human body pulse to receive the blood pressure pulsation signal. In some embodiments, the bone conduction sensor 380M may also be disposed in a headset, integrated into a bone conduction headset. The audio module 370 may analyze a voice signal based on the vibration signal of the bone mass vibrated by the sound part acquired by the bone conduction sensor 380M, so as to implement a voice function. The application processor can analyze heart rate information based on the blood pressure beating signal acquired by the bone conduction sensor 380M, so as to realize the heart rate detection function.
Keys 390 include a power-on key, a volume key, etc. The keys 390 may be mechanical keys. Or may be touch keys. The electronic device 300 may receive a key input, and generate a key signal input related to user setting and function control of the electronic device 300.
The motor 391 may generate a vibration cue. The motor 391 may be used for both incoming call vibration prompting and touch vibration feedback. For example, touch operations applied to different applications (e.g., photographing, audio playing, etc.) may correspond to different vibration feedback effects. The motor 391 may also respond to different vibration feedback effects by performing touch operations on different areas of the display 394. Different application scenes (such as time reminding, receiving information, alarm clock, game and the like) can also correspond to different vibration feedback effects. The touch vibration feedback effect may also support customization.
Indicator 392 may be an indicator light that may be used to indicate a state of charge, a change in charge, or a message, missed call, notification, etc.
The SIM card interface 395 is for connecting a SIM card. The SIM card can be brought into and out of contact with the electronic apparatus 300 by being inserted into and pulled out of the SIM card interface 395. The electronic device 300 may support 1 or N SIM card interfaces, N being a positive integer greater than 1. The SIM card interface 395 may support a Nano SIM card, a Micro SIM card, a SIM card, etc. Multiple cards can be inserted into the same SIM card interface 395 at the same time. The types of the plurality of cards may be the same or different. The SIM card interface 395 may also be compatible with different types of SIM cards. The SIM card interface 395 may also be compatible with an external memory card. The electronic device 300 interacts with the network through the SIM card to implement functions such as communication and data communication. In some embodiments, the electronic device 300 employs esims, namely: an embedded SIM card. The eSIM card can be embedded in the electronic device 300 and cannot be separated from the electronic device 300.
In the embodiment of the present application, the processor 310 may execute the program instructions stored in the memory 340 to implement the method executed by the terminal device in the following embodiments.
The network entry permission electronic tag or the network entry permission information is a quality tag set on the terminal device which has obtained the network entry permission. The terminal equipment can utilize the true and false inquiry function of the true and false authentication system provided by the network access license management organization to inquire and authenticate all network access license information. Fig. 4A shows an architectural diagram of a terminal device authenticity verification system 400 according to various examples.
Referring to fig. 4A, the terminal device authentication system 400 may include an authentication query client 408 executed on the terminal device 402, and an authentication server 404. The authenticity query client-side portion 408 may communicate with the authenticity verification server 404 via one or more networks 406. The authenticity query client 402 may provide client-side functionality such as providing an authenticity query interface, receiving a query input from a user, sending an authenticity query request, displaying an authenticity query result, and the like. The authenticity query client 402 may maintain an IP address of the authenticity verification server 404 to establish a communication connection with the authenticity verification server 404. In some embodiments, the true/false query client 402 may also store the website of the true/false query server 404, access the website of the true/false verification server 404 through a browser, and query the IP address corresponding to the website of the true/false verification server 404 through a domain Name system (dns) to establish a communication connection with the true/false verification server 404. The authenticity verification server 404 may provide server-side functionality for the authenticity query client 408 from a plurality of terminal devices.
In some examples, the terminal device 402 may also communicate with the authenticity verification server 404 via a second terminal device 410. The second terminal device 410 may be similar or identical to the terminal device 402, for example, the second terminal device 410 may be an electronic device 300 similar to that described above in fig. 3. The second terminal device 410 may store the address of the authentication server 404 and the second terminal device 410 may acquire the IP address of the authentication server 404 from the terminal device 402 to establish a communication connection with the authentication server 404. In some embodiments, the second terminal device 410 may store the authenticity query address corresponding to the authenticity verification server 404. Of course, the second terminal device 410 may also obtain the authenticity query website corresponding to the authenticity verification server 404 from the terminal device 402, and query the IP address corresponding to the authenticity query website corresponding to the authenticity verification server 404 through a domain Name system (dns) to establish a communication connection with the authenticity verification server 404. The second terminal device 410 inquires of the terminal device 402 of the authenticity by accessing the authenticity verification server 404. The terminal device 402 may be configured to communicate with the second terminal device 410 via a direct communication connection, such as bluetooth, Near Field Communication (NFC), etc., or via a wired or wireless network, such as a wireless fidelity (Wi-Fi) network. In some examples, the second terminal device 410 may be configured to act as a proxy between the terminal device 402 and the authenticity verification server 404. For example, the authenticity query client 408 of the terminal device 108 may be configured to transmit information (e.g. the authenticity query request received at the terminal device 402) to the authenticity verification server 404 via the second terminal device 408. The authenticity verification server 404 may process the information and return relevant data (e.g. query results in response to the user authenticity query request) to the terminal device 402 via the second terminal device 410.
In some examples, terminal device 402 may display the network entry permission information (or network entry permission electronic indicia), which may be presented by any of: a Quick Response matrix Code (QR Code), a two-dimensional barcode, a one-dimensional barcode, or a serial number. The second terminal device 410 scans the QR code, the two-dimensional barcode, or the one-dimensional barcode provided by the terminal device 402 through the camera to obtain the network access permission information, generates a complete authentication query request using the network access permission information, and transmits the request to the authentication server 404. The system architecture shown in fig. 4A may advantageously query the terminal device 402 for authenticity by using a second terminal device 410 (e.g., a mobile phone, laptop, tablet, etc.). If the terminal device 402 is a device newly purchased by the user and cannot access the network for a while, the second terminal device 410 stores the IP address of the authentication server 404, a communication connection with the authentication server 404 can be established. The user can send the network entry permission information of the terminal device 402 to the authentication server 404 through the second terminal device 410 and inquire the authenticity of the terminal device 402.
In some implementations, the presentation of the network entry permission information may refer to fig. 4B. Three forms of presentation of the inbound licensing information are shown in fig. 4B. The terminal device 402 may display the network entry permission information in any presentation form. Where 420 represents the network access permission information only presented by the quick response matrix code, the quick response matrix code 420 may record the network access permission information, and of course, may record the website address of the authentication query website (e.g., https:// www.tenaa.com.cn). In some embodiments, when the user uses the second terminal device to scan the authenticity query two-dimensional code displayed on the screen of the terminal device, the authenticity query website may be automatically accessed to query the authenticity of the terminal device, and the authenticity query result may be received. In 422, in addition to the networking approval information described in the quick response matrix code, corresponding characters for recording the networking approval information are displayed (for example, the characters shown in 422 include the networking approval serial number "02-5043-" 163526 ", the device model number" MHA-AL00 ", the device product serial number SN" a123456789012345 ", the scrambling code" 9YP24 2C152TA "and the authentication query website" https: \ www.tenaa.com.cn "). At 424, in addition to the networking license information described in the quick response matrix code, corresponding text is displayed that records the networking license information (e.g., the text shown at 426 includes the networking license number "02-5043-" 163526 ", the device model number" MHA-AL00 ", the scrambling code" 9YP24PAA2C152TA "and the authentication query site" https: \ \ www.tenaa.com.cn "), and the end device product serial number (" a123456789012345 ") shown as the barcode 428. The product serial number of the terminal device may be IMEI or MEID.
In some embodiments, the Level of Error Correction (Error Correction Code Level) of the two-dimensional Code of the network entry permission information is at least L Level, and the size of the two-dimensional Code is more than 80 pixels × 80 pixels. If the two-dimensional Code is printed, the Error Correction Level (Error Correction Code Level) of the two-dimensional Code of the network access permission information is at least Q Level. Therefore, the accuracy rate of the two-dimensional code during scanning can be ensured.
The authenticity verification server 404 may query the license information database to verify whether the terminal device is genuine. In some implementations, the authentication server 404 may be the network access license management server 102 in fig. 1, and stores network access license information corresponding to each terminal device (e.g., stores a one-to-one correspondence table between network access license information and terminal device product serial numbers). In other implementations, the authentication server 404 may establish a communication connection with the network entry license management server 102 of fig. 1 to access the network entry license information database of the network entry license management server. Thus, the authenticity verification server 404 verifies whether the terminal device is genuine by inquiring whether the network access permission information corresponding to the terminal device exists in the network access permission information database, and if the network access permission information corresponding to the terminal device exists, the terminal device is legal; if the corresponding network access permission information does not exist, the terminal equipment is illegal (or forged).
Although only two terminal devices 402 and 410 are shown in fig. 4A, it should be understood that the system 400 may include any number and type of terminal devices configured to communicate with the authenticity verification server 404.
The user generally inquires whether the product is true or false when newly purchasing the terminal equipment, and the inquiry rate of the paper network access permission mark is lower. The second reason is that firstly, the user needs to manually input the number of the network access license, namely, the inquiry is inconvenient; the network access permission mark attached to the telecommunication equipment which has obtained the network access permission is easy to be lost by the user, and the user finds that the network access permission mark is abandoned when the user wants to inquire the authenticity. Therefore, a new method for inquiring the authenticity of the terminal device in an Out-of-box experience (OOBE) is required. According to some embodiments of the present application, when the terminal device is powered on after being taken out of the box for the first time or after the system of the terminal device is reset, an operating system setting wizard (e.g., Android/iOS setup wizard) of the computing device is started, and the authenticity of the terminal device is queried in the process of the operating system setting wizard. The operating system setup wizard will go through a standard operating system setup process, which may include the steps of setting up the language of the operating system, downloading updates and error fixes for the operating system, and requesting the user to enter a WiFi password to set up the network. The operating system setting guide provides a true and false query interface, and a user can query the true and false of the terminal equipment through the true and false query interface.
Fig. 5 shows an exemplary process diagram 500 for using an operating system setup wizard at a terminal device to query the terminal device for authenticity. The process diagram 500 begins when the operating system setup wizard 502 is launched, for example, when the terminal device is first unpacked to remove the terminal device for power up or after a system reset, the operating system setup wizard (power on wizard) 502 begins to set up the operating system. The operating system settings wizard 502 will display a language selection, WLAN settings, password/fingerprint settings, or other customized interface. In FIG. 5, the operating system setup wizard 502 first presents a vendor specific welcome interface in step 504. For example, the vendor specific welcome interface may include a logo and the word "welcome" that presents the vendor on the screen. The vendor-specific welcome interface may also include a prompt for any information of the user by the vendor, such as a confirmation of the user's service plan.
The operating system settings wizard 502 next presents a WLAN settings interface at step 506 asking the user device to connect to Wi-Fi. If the user sees the name of the router, the user can click the name of the router on a Wi-Fi connection interface of the terminal equipment, input a Wi-Fi password of the router, and then click connection to connect to the Wi-Fi network, so that the user can inquire the authenticity of the equipment or execute downloading operation after connecting to the Wi-Fi network. If the user chooses to skip the Wi-Fi connection step 506, the user device needs to connect to the mobile network before being able to query the device for authenticity or download software updates, which may consume large amounts of mobile data.
The operating system settings wizard 502 next presents an authenticity query interface at step 508. The authenticity query interface can display the network access permission information and provide authenticity query interactive elements (such as an authenticity query button and the like) for a user to query the authenticity of the equipment.
Next, the operating system setup wizard 502 may provide a user account addition interface in step 510, asking for the addition of a user account number, e.g., a username and password for cloud storage. If the user has an account, the account name and password may be entered and then the next step may be clicked. If the user does not have an account, the user can click to create a new account and fill in the related account information.
The operating system setup wizard 502 then provides a fingerprint scan entry interface in step 512, which may provide a high degree of security for the terminal device. If the user wants to use it, clicking on the set fingerprint starts the fingerprint entry process, and the user can also add multiple fingerprints.
It will be appreciated by those skilled in the art that the operating system settings wizard 502 may present more or fewer interfaces or processes than those shown, in addition to the vendor welcome interface, the WLAN settings interface, the authentication query interface, the user account add interface, and the fingerprint scan entry interface mentioned above, and embodiments of the present application are not limited in this respect. Moreover, the vendor welcome interface, the WLAN setting interface, the authenticity query interface, the user account addition interface, the fingerprint scan entry interface may be presented according to any predetermined order, only one of which is shown in fig. 5. In some cases, the authenticity query interface may be displayed after the vendor welcome interface. Moreover, the user may select a return button to return to the previous interface for operation, e.g., the user may return to the WLAN setting interface from the authentication query interface.
Figure 6A shows an authenticity query user interface 600 described with respect to figure 5. A similar user interface may be implemented on electronic device 300 in fig. 3. As shown in fig. 6A, in some embodiments, the user interface 600 includes the following elements, or a subset thereof: a two-dimensional code 602 of Network Access permission information (the two-dimensional code in the figure contains a letter "NAL" representing an abbreviation of Network Access License); an access license number 604; an application unit 606(a terminal equipment manufacturer); a device name 608; a device model 610; an authenticity query button 612.
It should be noted that the information of the authenticity query interface shown in fig. 6A is merely exemplary. For example, in some embodiments, the user interface 600 may also include other elements, such as scrambling codes or terminal equipment serial numbers (terminal equipment serial numbers include IMEI, MEID, or product serial numbers sn (serial numbers)).
In some embodiments, the user interface 600 may only display the web admission information two-dimensional code 602, and the two-dimensional code 602 may be encoded by one or any combination of the following items: the system comprises a network access license number, a terminal equipment model, a scrambling code, an IMEI, an MEID, a product serial number, a true and false inquiry website, an international mobile terminal equipment identification code (IMEI), a mobile terminal equipment identification code (MEID), a network access license application unit, a terminal equipment name, a network access license certificate validity period or a certificate issuing date. The user scans the two-dimensional code 602 using a second terminal device (e.g., the second terminal device 410 in fig. 4A). The second terminal equipment decodes the two-dimensional code to obtain the network access permission information coded in the two-dimensional code, such as at least one of network access license number, terminal equipment model, scrambling code, IMEI, MEID, international mobile terminal equipment identity (IMEI), mobile terminal equipment identity (MEID), network access license application unit, terminal equipment name, network access license certificate validity period or certificate issuing date. The second terminal device may establish a communication connection with the authenticity verification server 404 using its stored IP address of the authenticity verification server and transmit the analyzed incoming license information (e.g., incoming license number, device model, and information such as scrambling code) to the authenticity verification server (e.g., the authenticity verification server 404 in fig. 4). The user may use the camera on the second terminal device to scan the QR code of the authenticity query displayed on the screen of the terminal device, e.g., the user may activate the camera to scan the QR code by opening a website or a mobile application of the authenticity query (e.g., the authenticity query client 408 in fig. 4A). The second terminal device may install QR code reading software to capture and decode the captured QR code, for example, the second terminal device displays a two-dimensional code scanning interface and prompts the user to aim the second terminal device at the QR code displayed on the screen of the terminal device. The decoded network access permission information can be sent to the authenticity verification server to obtain the authenticity of the terminal device. The second terminal device may further encrypt the network access permission information and send the encrypted network access permission information to the authentication server through the network 406 in fig. 4A, so as to improve the security of communication transmission. The authenticity verification server may call a license information database to verify that the device is authentic.
In some embodiments, the two-dimensional code 602 has recorded therein the website address of the authentication query website (e.g., https:// www.tenaa.com.cn). In some embodiments, when the user uses the second terminal device to scan the authenticity query two-dimensional code displayed on the screen of the terminal device, the authenticity query website may be automatically accessed to query the authenticity of the terminal device, and the authenticity query result may be received. In other embodiments, when the user uses the second terminal device to scan the authenticity query two-dimensional code displayed on the screen of the terminal device, the authenticity query website may be automatically opened, and the user may input network entry permission information (e.g., license number, device model, scrambling code, etc.) on the website to query the authenticity of the terminal device.
In some embodiments, the user interface 600 may not include the network entry permission information two-dimensional code 602 (e.g., the screen resolution of the terminal device may not support displaying the complete network entry permission information two-dimensional code). In this case, one or any combination of the following items may be displayed in text: the system comprises a network access license number, a terminal equipment model, a scrambling code, an IMEI, an MEID, an international mobile terminal equipment identification code (IMEI), a mobile terminal equipment identification code (MEID), a network access license application unit, a terminal equipment name, a network access license certificate validity period or a certificate issuing date. In some embodiments, after the user clicks the authenticity query button 612, the terminal device establishes a connection with the authenticity verification server using the stored address of the authenticity verification server (or accesses the authenticity verification server through the website address of the stored authenticity verification website), and then sends an authenticity query request (the authenticity query request may include any one or any combination of the following parameters, i.e., an access license number, a terminal device model, a scrambling code, an international mobile terminal device identification number (IMEI), a mobile terminal device identification number (MEID), an access license application unit, a terminal device name, an access license certificate validity period or a certificate issue date) to the authenticity verification server, thereby obtaining authenticity of the terminal device, and presenting an authenticity query result on a user interface of the terminal device. In some embodiments, the terminal device may submit the network entry permission information to the authenticity query server using a POST request method of the HTTP protocol. The terminal device may use a "JSON" structure to transmit the incoming license information, for example, the authentication query request represented by the "JSON" structure is as follows:
{"BizCode":"VLD",
"L":"02-5043-163526",
"M":"MHA-AL00",
"R":"9YP24PAA2C152TA",
"C":"861234567890123,A0FFFFFF000000F"}
where "BizCode" represents a service identifier, the default value is "VLD", "L" represents an access license number, "M" represents a device model number, "R" represents a scrambling code of the terminal device, and "C" represents a serial number of the terminal device, and if there are a plurality of serial numbers (for example, the serial numbers "861234567890123" and "A0 FFFFFF 000000F" shown above), the serial numbers are separated by commas.
The query result returned by the authentication server may also be transmitted using a "JSON" structure. For example, the result of the authenticity query represented by the "JSON" structure is as follows:
{"RspCode":"0000",
"Result" the flag information of your query is true and corresponds to the product serial number. The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA/CDMA2000/CDMA 1X/GSM modes. "}
Wherein, RspCode represents the processing result identifier returned by the authenticity verification server, 0000 represents success, and 0001 represents failure. "Result" represents query Result information (e.g., "your queried flag information shown above is true and corresponds to product serial number". The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA/CDMA2000/CDMA 1X/GSM system. "). The query result information contains the authenticity information of the network access permission electronic mark of the equipment and the network system supported by the equipment. Fig. 6B shows an exemplary page of the authenticity query result, where the page contains the query result "the flag information of your query is true and corresponds to the product serial number. The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA/CDMA2000/CDMA 1X/GSM system ".
In some embodiments, the user may also click on the authenticity query button 612. The terminal equipment splices a true and false inquiry link by using the network access permission information (for example, at least one item of information of a network access license number, a terminal equipment model, a scrambling code, an international mobile terminal equipment identification code (IMEI), a mobile terminal equipment identification code (MEID), a network access license application unit, a terminal equipment name, a network access license certificate validity period or a certificate issuing date), and the true and false inquiry page corresponding to the true and false inquiry link can be displayed by accessing the true and false inquiry link so as to acquire the true and false of the terminal equipment.
In an exemplary embodiment, after the user clicks the authenticity query button 612, the terminal device automatically obtains one or any combination of the number of the access license (SN), the MODEL number (mode), the Scrambling Code (SCRAMBLE), and the serial number of the terminal device (e.g., international mobile terminal equipment identity (IMEI)), and concatenates the above information into a Uniform Resource Locator (URL) for authenticity query. For example, the number of the terminal device's access license is 02-5043-:
http://www.tenaa.com.cn/WSFW/FlagValidate_test.aspxSN=02-5043-163526&MODEL=MHA-AL00&SCRAMBLE=9YP24PAA2C152TA&IMEI=A123456789012345
it can be seen that the number of the incoming license (SN), the MODEL of the device (mode), the scrambling code (scrambl), and the IMEI are concatenated to form a Uniform Resource Locator (URL) for the authenticity query. In response to the touch event of the authentication query request button 612, the terminal device automatically opens a browser application and accesses the URL, examples of which include Internet Explorer, Mozilla, FireFox, Netscape, Chrome, and the like. And when receiving the access of the user browser by using the link, the trueness checking server of the Ministry of industry and trust automatically analyzes the four parameters (SN, MODEL, SCRAMBLE and IMEI) and returns a trueness checking page. As shown in fig. 7, after the terminal device opens the browser to access the URL, the terminal device displays a query page 700 for managing the authenticity information when the telecommunication device accesses the network. The four parameters (SN, mode, SCRAMBLE, IMEI) appear in the corresponding query boxes (702, 704, 706, 708), and the user clicks the verification button 710 to perform a verification. The display interface of the ping result is similar to that of fig. 6B, for example, the page includes the query result "your query flag information is true and corresponds to the product serial number. The device supports TD-LTE/LTE FDD/TD-SCDMA/WCDMA/CDMA2000/CDMA 1X/GSM system ". .
The above mainly describes a method for inquiring about authenticity of a terminal device in an Out-of-box experience (OOBE). Besides the requirement of authenticity checking when the user starts the computer for the first time, the user also has the requirement of authenticity checking in the daily use process. Figures 8A-8D illustrate exemplary user interfaces for an authenticity query on a terminal device according to further embodiments. The user interfaces shown in fig. 8A-8D may be implemented on the electronic device 300 in fig. 3.
Referring to fig. 8A, a user clicks a setting icon 802 in fig. 8A to enter a setting interface including switches including basic adjustment and functions of various attributes of the terminal device. The setting is the most convenient entrance for customizing the electronic equipment (such as a mobile phone) according to personal preference of a user, and is also one of the modules which are used most frequently in daily life by the user.
The setting interface comprises modules of a wireless and network (mainly responsible for WLAN management, mobile network management, SIM card management and the like), a user and an account (responsible for managing the account, synchronizing, cloud service and the like), display, storage, a battery, a system (including system updating, mobile phone related to language, input methods and the like), and the like, wherein the user clicks the system to enter a system information interface shown in figure 8B, then clicks a button related to a mobile phone 804 in figure 8B to enter a mobile phone interface shown in figure 8C, a network access permission option 806 is displayed on the mobile phone interface, and the user clicks the network access permission option 806 to enter a authenticity query page shown in figure 8D. Similar to fig. 6A, fig. 8D shows a user interface that includes the following elements, or a subset thereof: the network access permission information comprises a two-dimensional code 808 of network access permission information, a network access permission number 810, an application unit 812, a device name 814, a device model 816 and a truth inquiry button 818. The user may also click the query authenticity button 818 on the page shown in fig. 8D to query the authenticity of the terminal device, which is similar to the method shown in fig. 6A, 6B and fig. 7, and refer to fig. 6A, 6B and fig. 7 and the corresponding method. For example, the user scans the two-dimensional code 808 using a second terminal device (e.g., the second terminal device 410 in fig. 4A). The second terminal device decodes the two-dimensional code to obtain the network access license number encoded in the two-dimensional code, the device model number, and at least one of information such as a scrambling code, an application unit, or a device name. The second terminal device may transmit the analyzed incoming license information (e.g., an incoming license number, a device model number, and information such as a scrambling code) to the authenticity verification server (e.g., the server 404 in fig. 4A) to obtain an authenticity verification result. For another example, the user clicks the authenticity query button 818 and enters an authenticity query webpage similar to that shown in fig. 7, thereby querying the terminal device for authenticity.
Of course, in some embodiments, the access permission information may be checked by a special program installed in the terminal device (for example, a program provided by the ministry of industry and communications), so as to verify the authenticity of the terminal device.
Fig. 9 shows an exemplary method flowchart 900 for querying a terminal device for authenticity. The process 900 may be initiated, for example, when the user first starts the terminal device, resets the terminal device system, or the user enters the entry to the authentication query function by setting an icon.
As shown in fig. 9, the process 900 begins at step 910 by automatically reading the network entry permission information. The network access permission information comprises one or any combination of the following items: the system comprises a network access license number, a terminal equipment model, a scrambling code, an international mobile terminal equipment identification code (IMEI), a mobile terminal equipment identification code (MEID), a network access license application unit, a terminal equipment name, a network access license certificate validity period or a certificate issuing date.
In some embodiments, the network entry permission information is stored in a non-volatile memory of the terminal device. In this way, when the terminal device is first powered on, the stored network access permission information can be automatically read and presented through the interface shown in fig. 6A.
In some embodiments, a terminal device receives a first touch input by a user. And automatically reading the network access permission information in response to the first touch input. For example, after receiving a first touch input of the user selecting the network entry permission option 806 of the user interface shown in fig. 8C, the network entry permission information is acquired and the corresponding network entry permission information as shown in fig. 8D is displayed. Of course, input means other than touch input may be used, and may for example include other types of gesture input, such as 3D gestures or gesture input involving movement of the terminal device.
At step 920, a first user interface is displayed, the first interface including the network access permission information (or network access permission electronic tag).
Specifically, in some embodiments, the terminal device executes the operating system setup wizard after the terminal device is booted for the first time, the terminal device system is reset, and so on. For example, the operating system settings wizard 502 shown in fig. 5 displays a WLAN settings interface at step 506, and displays a first user interface (e.g., an authenticity query interface) after obtaining a first touch input by the user at the WLAN settings interface (e.g., clicking a button such as "next" or "skip" in the WLAN settings interface). In other embodiments, the user enters a setting interface similar to that shown in fig. 8 by setting an icon, and then step by step enters the interface shown in fig. 8C with respect to the mobile phone, and obtains that the user displays a first user interface (e.g., the authenticity query interface shown in fig. 8D) after a first touch input with respect to the mobile phone interface (e.g., the user clicks the network entry permission option 806 shown in fig. 8C) is received.
In some embodiments, the first user interface further comprises an authenticity query interaction element. The first interface can also display information such as International Mobile Equipment Identity (IMEI) of the terminal equipment, an identification code (MEID) of the mobile terminal equipment, an application unit of the network access license, a name of the terminal equipment, a validity period or a certificate issuing date of the network access license certificate and the like by characters. The authenticity query interaction element may be the authenticity query button 612 in fig. 6A or the authenticity query button 818 in fig. 8D.
In some embodiments, the network access permission information may be recorded in a quick response matrix code, or recorded in text or picture form.
At step 930, a first touch input is received that selects an authenticity query interaction element. In some embodiments, a first touch input is obtained (e.g., clicking on the authenticity query button 612 in fig. 6A or the authenticity query button 818 in fig. 8D) by the user selecting the authenticity query button 612 in fig. 6A or the authenticity query button 818 in fig. 8D.
In step 940, in response to the first touch input, a true/false query request is sent to the true/false query request server, where the true/false query request includes the network access permission information. In some embodiments, an authenticity query request (e.g., an HTTP GET request) may be sent through the browser to the genuine query request server. For example, upon a first touch input by the user selecting the authenticity query button 612 in fig. 6A or the authenticity query button 818 in fig. 8D (e.g., clicking the authenticity query button 612 in fig. 6A or the authenticity query button 818 in fig. 8D), the terminal device splices the authenticity inquiry link (e.g., Uniform Resource Locator (URL)) by using the network access permission information (e.g., at least one of network access license number, device model number, scrambling code or terminal device serial number), accessing the authenticity query link through the web browser may present an authenticity query page (e.g., the authenticity query page shown in fig. 7) corresponding to the authenticity query link, obtain an input that the user clicks an authenticity query button on the authenticity query page (e.g., the user clicks the verification button 710 in fig. 7), and send an authenticity query request to the authenticity verification server.
In other embodiments, in response to a first touch input by the user selecting the authenticity query button 612 in fig. 6A or the authenticity query button 818 in fig. 8D (e.g., clicking the authenticity query button 612 in fig. 6A or the authenticity query button 818 in fig. 8D), the authenticity query request may be sent to the authenticity verification server without invoking a browser (e.g., the terminal device holds the network address of the authenticity verification server, sends the authenticity query request to the authenticity verification server 404 through one or more networks 406 in fig. 4A), and receives the query result from the authenticity verification server.
In step 950, an authenticity query result corresponding to the network entry permission information is received from the authenticity query request server. The authenticity verification server processes the authenticity query request, acquires the network access permission information from the authenticity query request, and verifies the authenticity of the terminal equipment by querying the license information database.
At step 960, the authenticity query result is displayed.
By the method, the user can visually see the network access permission information of the equipment through the user interface of the terminal equipment, and can conveniently inquire the authenticity of the terminal equipment through the authenticity inquiry interface. Compared with the prior paper network access permission mark, the method can improve the authenticity inquiry rate of the terminal equipment, and a user can inquire the authenticity of the terminal equipment at any time after purchasing the terminal equipment.
In the embodiment of the present application, the terminal device may be divided into the functional modules according to the method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, in the embodiment of the present application, the division of the module is schematic, and is only one logic function division, and there may be another division manner in actual implementation.
In the case of dividing each functional module by corresponding functions, as shown in fig. 10, the present embodiment provides a terminal apparatus 1000, and the apparatus 1000 includes a first reading unit 1001, a first display unit 1002, a first receiving unit 1003, a transmitting unit 1004, a second receiving unit 1005, and a second display unit 1006. The relevant actions of these functional modules may be referred to in the description of fig. 9. For example, the first reading unit 1001 is configured to perform step 910, the first display unit 1002 is configured to perform step 920, the first receiving unit 1003 is configured to perform step 930, the transmitting unit is configured to perform step 940, the second receiving unit 1005 is configured to perform step 950, and the second display unit 1006 is configured to perform step 960.
In the case of an integrated unit, as shown in fig. 11, another possible structural diagram of the terminal device involved in the above embodiments is shown, and includes a processing module 1101, a communication module 1102, an input/output module 1103, and a storage module 1104. Fig. 11 shows a terminal device for executing the method for verifying authenticity of a terminal device according to the embodiment of the method (e.g., fig. 9).
The processing module 1101 is configured to control and manage an operation of the terminal device. The communication module 1102 is configured to support communication between the terminal device and other network entities. The input/output module 1103 serves to receive information input by a user or output information provided to the user and various menus of the terminal. The memory module 904 is used to store program codes and data of the terminal device.
When the processing module 1101 is a processor (such as the processor 310 shown in fig. 3), the communication module 1102 is the mobile communication module 350 or the wireless communication module 360 shown in fig. 3, the storage module 1104 is a memory (such as the memory 321 shown in fig. 3), and the input/output module 1103 is a display screen (such as the display screen 394 shown in fig. 3), the terminal device provided in the present application may be the electronic device 300 shown in fig. 3. Wherein the processor, the communication module, the display screen and the memory may be coupled together by a bus.
An embodiment of the present application further provides a terminal device, which includes a processor and a memory, where the memory is used to store a computer program code, and the computer program code includes computer instructions, and when the processor executes the computer instructions, the method for verifying authenticity of a terminal device as described in the above method embodiment (for example, fig. 9) is performed.
An embodiment of the present application further provides a computer storage medium, where a computer program code is stored in the computer storage medium, and when the processor executes the computer program code, the device executes the relevant method steps in fig. 9 to implement the method in the foregoing embodiment.
Embodiments of the present application also provide a computer program product, which when run on a computer causes the computer to execute the relevant method steps in fig. 9 to implement the method in the above embodiments.
In some cases, the counterfeit terminal manufactured by the counterfeit terminal manufacturer may also display a user interface similar to that shown in fig. 6A or 8D, display counterfeit web entry permission information in the user interface, and provide a similar authenticity query interactive element. When the user selects the authenticity inquiry interactive element displayed by the fake terminal, the fake terminal directly displays an inquiry result such as 'the mark information of your inquiry is genuine and corresponds to the product serial number'. In fact, when the user selects the authenticity query interactive element, the counterfeit terminal does not send an authenticity query request to the authenticity verification server, but directly displays a query result that 'the mark information queried by the user is genuine and corresponds to the product serial number', so that the user can mistakenly think that the purchased product is genuine. In this case, the counterfeit terminal does not access the authentication server at all, but lets the user misunderstand that the purchase is genuine only through the counterfeit network entry approval information and the counterfeit authentication inquiry result.
Aiming at the situation that the fake terminal misleads the consumer, the embodiment of the application also provides another terminal device authenticity query system.
Referring to fig. 12, fig. 12 includes a authenticity verification apparatus 1202 and a terminal apparatus 1204, and the authenticity verification apparatus 1202 can detect the authenticity of the terminal apparatus 1204. The authenticity verification apparatus 1202 may be a trust authority or an authenticity detection apparatus provided by a third party authentication authority, and may detect the authenticity of the terminal apparatus 1204. If the user suspects that the purchased terminal device is a counterfeit product, the terminal device may be handed to a professional detection agency approved by the Ministry of industry and authenticated using the authenticity verification device 1202. If the terminal device passes the authenticity verification detection, the user is indicated to purchase the genuine product.
The connection 1212 may be established by wired means between the authentication device 1202 and the terminal device 1204, for example, by a USB Type C or micro USB connection. Of course, the authentication apparatus 1202 and the terminal 1204 may be connected in other manners (for example, wirelessly connected or connected in other wired manners), and this embodiment of the present application is not limited thereto.
The authentication device 1202 is shown with a device vendor configuration interface element 1204 and a device model configuration interface element 1208. The device vendor configuration interface element 1204 is used to configure the manufacturer of the terminal device to be verified, and the user can select the manufacturer of the terminal device (e.g., vendor H shown in the figure) via the pull-down button shown at 1210. The device model configuration interface element 1208 is used to configure the model of the terminal device to be authenticated, which the user can select via the pull down button 1214 (e.g., "MHA-AL 00" as shown in the figure). Of course, the authenticity verification apparatus 1202 may also display other detection parameter configuration interface elements, which is not limited in this embodiment of the application. After the configuration of the detection parameters such as the equipment manufacturer and the equipment model is completed, the "start verification" button 1216 may receive the selection input of the inspector and start the authenticity verification process. If the terminal device 1204 passes the authenticity verification detection, the authenticity verification device 1202 may display flag information such as "you inquire" as genuine and corresponding to the product serial number. The device supports the verification result of TD-LTE/LTE FDD/TD-SCDMA/WCDMA/CDMA2000/CDMA 1X/GSM mode.
Fig. 13 illustrates an exemplary authenticity query process diagram for the terminal device authenticity system illustrated in fig. 12.
In step 1302, the terminal device receives an authenticity query instruction sent by the authenticity verification device; for example, the inspector selects the "start authentication" button 1216 shown in fig. 12, and the authentication apparatus transmits an authentication inquiry instruction to the terminal apparatus to start the authentication process.
In step 1304, the terminal device starts an authentication process for the terminal device in response to the authenticity query instruction;
in some embodiments, authentication of the terminal device is performed between the terminal device and the authentication verification device by an asymmetric key-based encryption algorithm. The terminal device and the authenticity verification device store at least one key pair (the key pair comprises a private key and a public key) for authentication, for example, the terminal device stores the public key, and the authenticity verification device stores the private key; or the terminal device stores the private key, and the authenticity verification device stores the public key. If one party encrypts data with the public key, the other party can only decrypt with the corresponding private key; if one party encrypts data with a private key, the other party can only decrypt with the corresponding public key.
For example, the terminal device encrypts specific data (e.g., a random number or a unique identifier of the terminal device) using a private key, and the authentication verification device decrypts the data using a public key, and if decryption is successful, the authentication of the terminal device is considered to be successful. And after the authentication of the terminal equipment is successful, the terminal equipment reads the network access permission information and transmits the network access permission information to the authenticity verification equipment. The authenticity verifying equipment inquires whether the network access permission information is stored in the network access permission information database or not, and if the network access permission information exists, the terminal equipment is proved to be genuine.
In some embodiments, the authenticity verification device may further obtain a certificate of the terminal device and send the certificate to a ca (certificate authority) management server of a terminal device manufacturer, verify the certificate, and if the verification passes, verify that the authentication of the terminal device is successful.
In step 1306, after the terminal device is authenticated, the terminal device automatically reads the network access permission information, where the network access permission information includes one or any combination of the following items: the system comprises a network access license number, a terminal equipment model, a scrambling code, an international mobile terminal equipment identification code (IMEI), a mobile terminal equipment identification code (MEID), a network access license application unit, a terminal equipment name, a network access license certificate validity period or a certificate issuing date; and the terminal equipment sends the network access permission information to a true and false verification equipment so that the true and false verification equipment obtains a true and false query result corresponding to the network access permission information.
In some embodiments, in step 1306, after the authentication of the terminal device is passed, the terminal device sends, in addition to the network access permission information, a product serial number (a unique identifier of the terminal device, for example, IMEI, MEID, or a hardware serial number) of the terminal device to the authenticity verification device, and after obtaining the product serial number, the authenticity verification device queries whether the serial number matches a stored serial number transmitted by a terminal device manufacturer, and if the serial number matches the stored serial number, the terminal device is a genuine product.
Fig. 14 shows another exemplary process diagram 1400 for terminal device authentication.
As shown in fig. 14, the process 1400 begins at step 1402 where the authentication verification device 1202 sends an authentication query to the terminal device 1204. For example, an operator of the third party certification authority or the industry department may initiate the authenticity verification process via a "start verification" button 1216 on an operation interface presented by the authenticity verification apparatus 1202 (e.g., an operation interface presented by the authenticity verification apparatus 1202 shown in fig. 12). The operation interface presented by the authentication apparatus 1202 may configure terminal apparatus manufacturer information (e.g., manufacturer name) or terminal apparatus model information. The authentication device sends an authentication inquiry command to the terminal device 1204 in response to receiving an input from the operator selecting the "start authentication" button.
In step 1404, the terminal device 1204 generates a random number in response to the authenticity query instruction; for example, the terminal device 1204 generates a Random number by some Random number generation algorithm using a Random number generator (Random number generator).
In step 1406, the terminal device 1204 encrypts the random number; the encryption Algorithm may be an asymmetric encryption Algorithm, such as RSA, ECC (Elliptic curve Cryptography), DSA (Digital Signature Algorithm), and the like. The terminal device 1204 and the authentication verification device 1202 store at least one key pair (the key pair includes a private key and a public key) for authentication, for example, the terminal device 1204 stores the public key, and the authentication verification device 1202 stores the private key; or the terminal device 1204 stores a private key and the authentication apparatus 1202 stores a public key. If one party encrypts data with the public key, the other party can only decrypt with the corresponding private key; if one party encrypts data with a private key, the other party can only decrypt with the corresponding public key. In step 1406, terminal device 1204 may perform encryption of the random number using the public key (or private key) of the first key pair. .
At step 1408, the encrypted random number is passed to the authenticity verification device 1202;
in step 1410, the authentication apparatus 1202 decrypts the encrypted random number; in step 1406, if the terminal device 1204 performs encryption of the random number using the public key in the first key pair, the authentication verification device 1202 may decrypt the encrypted random number using the stored private key in the first key pair.
In step 1412, the authentication apparatus 1202 re-encrypts the decrypted random number; in step 1412, the authentication verification device 1202 may perform encryption of the random number using the public key (or private key) of the second key pair. In some embodiments, the second key pair may be different from the first key pair.
In step 1414, the authentication apparatus 1202 transfers the re-encrypted random number to the terminal apparatus 1202.
In step 1416, the terminal device 1204 decrypts the re-encrypted random number; in step 1412, if the authentication apparatus 1202 performs encryption of the random number using the public key of the second key pair, the terminal apparatus 1204 may decrypt the encrypted random number using the stored private key of the second key pair. .
In step 1418, the terminal device compares whether the random number decrypted in step 1416 is the same as the random number generated in step 1404, and if so, performs step 1420; if the verification fails in the step 1418, the terminal device is proved to be an illegal device, and the authenticity verification process is finished;
in step 1420, the terminal device returns the successful authentication result to the authenticity verification device; steps 1402 to 1420 only show one authentication procedure of the terminal device 1204, and the authenticity verification device 1202 may perform a variety of authentication operations on the terminal device 1204 to ensure that the identity of the terminal device 1204 is legitimate. For example, in some embodiments, the authenticity verification apparatus 1202 may further obtain the certificate of the terminal apparatus after step 1420 and send the certificate to the ca (certificate authority) management server of the terminal apparatus manufacturer, verify the certificate, and if the verification is successful, authenticate the terminal apparatus 1204. For example, in step 1422, the authentication apparatus 1202 acquires the apparatus certificate from the terminal apparatus 1204;
in step 1424, the authenticity verification apparatus 1202 verifies whether the apparatus certificate is legal, where the apparatus certificate is used to prove the identity of the terminal apparatus. The authenticity verification apparatus 1202 may send the certificate to a ca (certificate authority) management server of the terminal apparatus manufacturer, and verify the certificate; if the device credential qualifies for execution step 1426; if the equipment certificate is illegal, the terminal equipment is proved to be illegal equipment, and the authenticity verification process is finished.
In step 1426, the authentication apparatus 1202 acquires the incoming network license information from the terminal apparatus 1204, and in step 1428, the authentication apparatus 1202 verifies whether the incoming network license information is legitimate.
If the network entry permission information is legal, then step 1430 is executed; if the network access permission information is illegal, the authenticity verification process is finished. The authenticity verification device stores network access permission information of the terminal device, and compares the acquired network access permission information with the stored device network access permission information to judge whether the terminal device is legal or not.
The terminal device may send the product serial number (unique identifier of the terminal device, for example, IMEI, MEID, or hardware serial number) of the terminal device to the authenticity verification device in step 1430, and after obtaining the product serial number, the authenticity verification device queries whether the serial number matches with a stored serial number transmitted by a terminal device manufacturer, and if so, the terminal device is a genuine product.
In step 1230, the authenticity verification device obtains the device serial number from the terminal device, and in step 1232, the authenticity verification device verifies whether the device serial number (the device serial number may be a terminal device product serial number (such as an International Mobile Equipment Identity (IMEI)) or a Mobile terminal device Identity (MEID)) is legal or not.
The authenticity verification method shown in fig. 14 verifies the legitimacy of the terminal device through four authentication methods, namely random number authentication, device certificate authentication, network access permission information authentication and device serial number authentication, and if any authentication link fails, the terminal device is illegal, so that the difficulty of counterfeiting the terminal device is greatly improved, and the legitimate rights and interests of a terminal device manufacturer and a consumer are protected. Of course, in some embodiments, any one or a combination of the four authentication methods may be selected to verify the validity of the terminal device.
In the above embodiments, all or part of the implementation may be realized by software, hardware, firmware or any combination thereof. When implemented using a software program, may take the form of a computer program product, either entirely or partially. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the application to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The above description is only an embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered by the scope of the present application.

Claims (12)

  1. A method for inquiring authenticity of a terminal device is characterized by comprising the following steps:
    automatically reading network access permission information, wherein the network access permission information comprises one or any combination of the following items: the number of the network access license, the model of the terminal equipment, a scrambling code, an international mobile terminal equipment identification code, a network access license application unit, the name of the terminal equipment, and the validity period or the certificate issuing date of the network access license certificate;
    displaying a first user interface, wherein the first user interface comprises the network access permission information and the authenticity query interactive element;
    receiving a first touch input selecting the authenticity query interaction element;
    responding to the first touch input, and sending a true and false query request to a true and false verification server, wherein the true and false query request comprises the network access permission information;
    receiving an authentication query result corresponding to the network access permission information from the authentication server;
    and displaying the authenticity query result.
  2. The method of claim 1, wherein the network entry permission information is stored in a non-volatile memory of the terminal device.
  3. The method of claim 1 or 2, wherein the network entry permission information displayed by the first user interface is recorded in a fast response matrix code.
  4. A method according to any one of claims 1 to 3, wherein the method further comprises:
    starting an operating system setup wizard, wherein the first user interface is presented during the operating system setup wizard.
  5. The method of any one of claims 1 to 4, wherein the sending the authenticity query request to the authenticity verification server comprises:
    generating a uniform resource locator containing the network access permission information;
    and accessing the resources identified by the uniform resource locator in the authenticity verification server through a web browser.
  6. A terminal device comprising a memory, one or more processors, a plurality of applications, and one or more programs; wherein the one or more programs are stored in the memory; wherein the one or more processors, when executing the one or more programs, cause the terminal device to perform the steps of:
    automatically reading network access permission information, wherein the network access permission information comprises one or any combination of the following items: the number of the network access license, the model of the terminal equipment, a scrambling code, an international mobile terminal equipment identification code, a network access license application unit, the name of the terminal equipment, and the validity period or the certificate issuing date of the network access license certificate;
    displaying a first user interface, wherein the first user interface comprises the network access permission information and the authenticity query interactive element;
    receiving a first touch input selecting the authenticity query interaction element;
    responding to the first touch input, and sending a true and false query request to a true and false verification server, wherein the true and false query request comprises the network access permission information;
    receiving an authentication query result corresponding to the network access permission information from the authentication server;
    and displaying the authenticity query result.
  7. The terminal device of claim 6, wherein the network entry permission information is stored in a non-volatile memory of the terminal device.
  8. The terminal device according to claim 6 or 7, wherein the network entry permission information displayed by the first user interface is recorded in a quick response matrix code.
  9. The terminal device of any of claims 6 to 8, wherein the one or more processors, when executing the one or more programs, further cause the terminal device to perform the steps of:
    starting an operating system setup wizard, wherein the first user interface is presented during the operating system setup wizard.
  10. The terminal device according to any one of claims 6 to 9, wherein said sending the authenticity query request to the authenticity verification server comprises:
    generating a uniform resource locator containing the network access permission information;
    and accessing the resources identified by the uniform resource locator in the authenticity verification server through a web browser.
  11. A computer program product comprising instructions for causing a terminal device to perform the method according to any one of claims 1-5 when the computer program product is run on the terminal device.
  12. A computer-readable storage medium comprising instructions that, when executed on a terminal device, cause the terminal device to perform the method of any one of claims 1-5.
CN201880100352.0A 2018-12-22 2018-12-22 True and false inquiry method and terminal equipment thereof Pending CN113196262A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/122917 WO2020124607A1 (en) 2018-12-22 2018-12-22 Authenticity querying method and terminal device using same

Publications (1)

Publication Number Publication Date
CN113196262A true CN113196262A (en) 2021-07-30

Family

ID=71100065

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201880100352.0A Pending CN113196262A (en) 2018-12-22 2018-12-22 True and false inquiry method and terminal equipment thereof

Country Status (2)

Country Link
CN (1) CN113196262A (en)
WO (1) WO2020124607A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114363897A (en) * 2021-11-02 2022-04-15 四川天邑康和通信股份有限公司 Method and system for identifying and inquiring authenticity of two-dimensional code of pon terminal device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1581189A (en) * 2004-05-18 2005-02-16 北京首信股份有限公司 System and method for antifake and counting marketing-information of hand-set based on short message
CN103226773A (en) * 2013-03-21 2013-07-31 李峰 Anti-fake method for querying by using Wechat
CN105631690A (en) * 2015-06-05 2016-06-01 南京普尚信息科技有限公司 Product forgery prevention and management system based on radio frequency identification (RFID) chip and method thereof
CN106570711B (en) * 2016-11-07 2021-01-12 广州中国科学院计算机网络信息中心 Method and system for authenticity analysis

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114363897A (en) * 2021-11-02 2022-04-15 四川天邑康和通信股份有限公司 Method and system for identifying and inquiring authenticity of two-dimensional code of pon terminal device

Also Published As

Publication number Publication date
WO2020124607A1 (en) 2020-06-25

Similar Documents

Publication Publication Date Title
CN111466099B (en) Login method, token sending method, device and storage medium
JP2016541218A (en) Operation authorization method, operation authorization apparatus, program, and recording medium
CN113207122B (en) Message transmission method and device
WO2020047868A1 (en) Business processing method and device
CN111093183B (en) Mobile equipment management method and equipment
WO2020253800A1 (en) Simulation object identity recognition method, and related apparatus and system
WO2022089121A1 (en) Method and apparatus for processing push message
WO2021057982A1 (en) Application processing method and related product
CN116155586A (en) Account data sharing method and electronic equipment
US20130159179A1 (en) Mobile device for processing application of client device and method for processing application of client device using the same
CN114595437A (en) Access control method, electronic device, and computer-readable storage medium
CN112654989B (en) Data storage method, data access method, related device and equipment
CN113196262A (en) True and false inquiry method and terminal equipment thereof
US20220166769A1 (en) Electronic device for verifying a user's identity
CN112966297B (en) Data protection method, system, medium and electronic device
CN114117461A (en) Data protection method, electronic equipment and storage medium
WO2016141561A1 (en) Iris identity authentication accessory and system
CN113556734A (en) Authentication method and device
WO2020133477A1 (en) Data display method
CN114692119A (en) Method for verifying application and electronic equipment
CN116669020B (en) Password management method, password management system and electronic equipment
WO2023071985A1 (en) Remote payment method, electronic device, and system
CN114157412B (en) Information verification method, electronic device and computer readable storage medium
CN113132189B (en) Network distribution method of terminal, terminal and system
CN115550919A (en) Equipment pairing authentication method and device, sender equipment and receiver equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination