CN114238906A - Living body authentication method, living body authentication system and computer equipment - Google Patents
Living body authentication method, living body authentication system and computer equipment Download PDFInfo
- Publication number
- CN114238906A CN114238906A CN202111530144.4A CN202111530144A CN114238906A CN 114238906 A CN114238906 A CN 114238906A CN 202111530144 A CN202111530144 A CN 202111530144A CN 114238906 A CN114238906 A CN 114238906A
- Authority
- CN
- China
- Prior art keywords
- sound wave
- living body
- data
- body authentication
- wave data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
Abstract
The embodiment of the specification provides a living body authentication method, a living body authentication system and computer equipment, wherein the embodiment of the specification adds sound wave authentication in the living body authentication process, and a client receives an encrypted identifier sent by a server before acquiring living body authentication data, decrypts the encrypted identifier to obtain the identifier, and obtains target sound wave data corresponding to the identifier; when the client side collects living body authentication data of a user, the collected sound wave data is enabled to carry the target sound wave data by playing the target sound wave data, and the living body authentication data carries the sound wave data. In the process of living body authentication, the server can identify whether the living body authentication data carries the target sound wave data, so that the living body authentication can be combined with the sound wave authentication to obtain a safer and more reliable effect. The risk of forgery by hacker attack is lower, and the authentication result is safer and more reliable.
Description
This application is a divisional application filed on even 6/19/2020, application No. 2020105651199.
Technical Field
The present disclosure relates to the field of identity authentication technologies, and in particular, to a method, a system, and a computer device for living body authentication.
Background
With the continuous popularization and increasingly powerful functions of intelligent terminals, the application of the mobile internet is fully integrated and affects the life of people. In particular, in the context of mobile payment and the rapid development of internet finance, authentication of users is increasingly important. The traditional identity authentication mode based on the user name and the password can not meet the safety requirements of user experience and application gradually due to the problems of easy embezzlement, difficult memory and the like. With the improvement of the biometric identification technology, the current identity authentication technology based on biometric identification becomes one of the mainstream schemes, and the convenience and the safety of the identity authentication technology are approved by users.
However, the biometric solution is subject to attack, and particularly important is non-live attack, i.e. simulating the generation of biometric features by artificial props, etc. to steal the authority of normal users. In order to solve the problem, a living body detection technology is generated, and how to provide a more safe and reliable living body detection scheme becomes a technical problem to be solved urgently.
Disclosure of Invention
To overcome the problems in the related art, embodiments of the present specification provide a living body authentication method, a living body authentication system, and a computer device.
According to a first aspect of embodiments herein, there is provided a method of authentication of an organism, comprising:
the client sends a living body authentication request to the server;
after receiving the living body authentication request, the server sends an encrypted identifier to the client;
the client decrypts the encrypted identification to obtain the identification, and obtains target sound wave data corresponding to the identification; playing the target sound wave data in the process of acquiring living body authentication data of a user and then acquiring sound wave data; carrying the acquired acoustic wave data in the living body authentication data and sending the living body authentication data to the server;
and the server identifies whether the sound wave data in the received living body authentication data carries the target sound wave data or not, and performs living body authentication according to an identification result.
According to a second aspect of the embodiments of the present specification, there is provided an activity authentication method, applied to a server, including:
after a living body authentication request sent by a client is received, sending an encrypted identifier to the client, so that the client receives the encrypted identifier and decrypts the encrypted identifier to obtain the identifier, and target sound wave data corresponding to the identifier is obtained;
receiving living body authentication data sent by the client, wherein the living body authentication data carries sound wave data acquired by the client, and the sound wave data is acquired after the target sound wave data is played in the process of acquiring the living body authentication data of a user;
and identifying whether the sound wave data in the received living body authentication data carries the target sound wave data or not, and performing living body authentication according to an identification result.
According to a third aspect of embodiments of the present specification, there is provided an activity authentication method, applied to a client, including:
sending a living body authentication request to a server, receiving an encrypted identifier, decrypting to obtain the identifier, and obtaining target sound wave data corresponding to the identifier as target sound wave data required by the living body authentication;
playing the target sound wave data and collecting sound wave data in the process of collecting living body authentication data of a user;
and sending the living body authentication data carrying the acquired sound wave data to the server side so that the server side can identify whether the sound wave data in the living body authentication data carries the target sound wave data or not, and carrying out living body authentication according to an identification result.
According to a fourth aspect of embodiments herein, there is provided an activity authentication system, including a server and a client:
the client is used for sending a living body authentication request to the server; after receiving the encrypted identification sent by the server, decrypting the encrypted identification to obtain the identification, and obtaining target sound wave data corresponding to the identification; playing the target sound wave data in the process of acquiring living body authentication data of a user and then acquiring sound wave data; carrying the acquired acoustic wave data in the living body authentication data and sending the living body authentication data to the server;
the server is used for sending the encrypted identifier to the client after receiving the living body authentication request; and identifying whether the sound wave data in the received living body authentication data carries the target sound wave data, and performing living body authentication according to an identification result.
According to a fifth aspect of embodiments herein, there is provided a computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the living body authentication method as described above when executing the program.
The technical scheme provided by the embodiment of the specification can have the following beneficial effects:
in the living body authentication scheme in the embodiment of the specification, sound wave authentication is added in the living body authentication process, and before the living body authentication data is collected, the client receives the encrypted identifier sent by the server, decrypts to obtain the identifier, and obtains target sound wave data corresponding to the identifier; when the client side collects living body authentication data of a user, the collected sound wave data is enabled to carry the target sound wave data by playing the target sound wave data, and the living body authentication data carries the sound wave data. In the process of living body authentication, the server can identify whether the living body authentication data carries the target sound wave data, so that the living body authentication can be combined with the sound wave authentication to obtain a safer and more reliable effect. The risk of forgery by hacker attack is lower, and the authentication result is safer and more reliable.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the specification.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present specification and together with the description, serve to explain the principles of the specification.
Fig. 1A is a schematic view of an application scenario of a method for authenticating a living body according to an exemplary embodiment.
Fig. 1B is a flow chart illustrating a method of active authentication according to an exemplary embodiment of the present description.
Fig. 2A is a flow chart illustrating a method of active authentication according to an exemplary embodiment of the present description.
Fig. 2B is a flow chart illustrating a method of active authentication according to an exemplary embodiment of the present description.
Fig. 3 is a schematic view of an application scenario of another living body authentication method according to an exemplary embodiment shown in the present specification.
Fig. 4 is a flowchart illustrating another living body authentication method according to an example embodiment of the present specification.
Fig. 5 is a flowchart illustrating another living body authentication method according to an exemplary embodiment of the present specification.
Fig. 6 is a hardware configuration diagram of a computer device in which the living body authentication device according to the embodiment of the present disclosure is located.
Fig. 7 to 10 are block diagrams of an active authentication apparatus shown in the present specification according to an exemplary embodiment, respectively.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present specification. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the specification, as detailed in the appended claims.
The terminology used in the description herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the description. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information, without departing from the scope of the present specification. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
At present, biometric solutions face attack problems, and particularly important is non-live attack, which refers to a biometric data acquisition process for a biometric system, and presents the biometric data of a non-human and/or non-vital sign human to a data acquisition device for pseudo-fitting a human body with life so as to interfere with the attack behavior of the normal operation of the biometric system. To solve this problem, a living body detection technology has been developed, such as face recognition for video or photos, which can perform living body detection by means of light reflection or the like.
Based on this, the embodiment of the present specification provides a living body detection scheme, the living body authentication scheme of the embodiment of the present specification relates to a client and a server, all verification processes between the client and the server can be completed based on the internet, in the embodiment, acoustic wave authentication is added in the living body authentication process, and when the client acquires living body authentication data of a user, the client plays a target acoustic wave agreed with the server, so that the acquired living body authentication data carries target acoustic wave data. The server side can identify whether the living body authentication data carries the sound wave or not in the living body authentication process, and can compare the identified sound wave with the appointed target sound wave after identifying the sound wave, so that the living body authentication can obtain a safer and more reliable effect by combining with the sound wave authentication. The following provides a detailed description of examples of the present application.
Referring to fig. 1A, which is a schematic view of an application scenario of a living body authentication method according to an exemplary embodiment shown in this specification, where the embodiment relates to a client-side device and a server-side device, and an interaction between a client and the server may be implemented based on the internet, and in conjunction with fig. 1B, fig. 1B is a flowchart of an embodiment of the living body authentication method according to this specification, where a process of living body authentication for a user is described through an interaction between the client-side device and the server:
in step 102, the client sends a live body authentication request to the server. In this embodiment, the client and the server need to determine target sound wave data required by the living body authentication, and a frequency band of the target sound wave in this embodiment is a non-audible frequency band.
In step 104, after receiving the living body authentication request sent by the client, the server and the client determine target sound wave data required by the living body authentication.
In step 106, in the process of acquiring the living body authentication data of the user, the client plays the sound wave by using the target sound wave data to acquire the living body authentication data carrying the sound wave.
In step 108, the client sends the living body authentication data to the server.
At step 110, the server receives the live authentication data sent by the client.
In step 112, the service end identifies whether the living body authentication data carries the target sound wave data, and performs living body authentication according to an identification result.
The living body authentication method in the embodiment of the present specification can be applied to various scenarios requiring user identity authentication, for example, living body authentication is performed on a registered user by an application on a smart phone, living body authentication is performed on sensitive operations of a user by a payment service application, identity authentication is performed on a user by an intelligent device in a service hall such as a bank, and the like. As an example, if an application installed on a client device authenticates the identity of a user by using a living body authentication method, the application may send a living body authentication request of the user to a server when identity authentication is required.
After receiving the living body authentication request, the server and the client can determine the target sound wave required by the living body authentication.
In the living body authentication process, the client generally needs to acquire living body authentication data including a biological recognition feature of a user, for example, face video data obtained by shooting a face of the user, behavior gesture video data obtained by shooting a behavior gesture of the user, voice data obtained by acquiring voice of the user, and the like. In the embodiment, it is desirable to add the acoustic wave in the living body authentication process, so that the server can authenticate the living body authentication data carrying the acoustic wave sent by the client in the living body authentication process, and the living body authentication process is safer and more reliable through the newly added acoustic wave authentication. Since the acoustic wave of the client needs to be authenticated, in this embodiment, the server and the client may determine target acoustic wave data required by the living body authentication, as an example, the server may prepare related data of the acoustic wave, and the client acquires the living body authentication data carrying the acoustic wave under the instruction of the server, and specific implementation manners may be various, as an example, the server and the client may both pre-store a plurality of acoustic wave data and corresponding identifiers, and the server may select one or more acoustic waves for the living body authentication as needed, and then send the corresponding identifiers to the client; after receiving the identification, the client acquires sound wave data corresponding to the identification from pre-stored data; optionally, the acoustic wave identifier may be encrypted when the acoustic wave identifier is transmitted.
In some examples, the server and the client may also generate the sound wave identifier according to a pre-agreed generation manner, for example, the server and the client agree to generate the sound wave identifier according to parameters of the current living body authentication, and a string code may be generated according to a set manner by using a combination of one or more parameters including a user identifier, an IP address, time, a number of the current authentication, and the like, where the set manner may be configured as needed, or may be a hash algorithm, and the present embodiment is not limited thereto. Therefore, after the client detects that the user triggers the living body authentication, the sound wave identification is generated according to the parameters; the living body authentication request sent to the server by the client carries the parameters, and the server reads the parameters after receiving the living body authentication request and generates the sound wave identification according to the parameters.
In other examples, in order to increase the processing speed and improve the security of living body authentication, the server may generate an identifier of the target sound wave and transmit the identifier to the client on the server side, and the client may generate sound wave data carrying the identifier on the client side after receiving the identifier. In the embodiment of the specification, the client and the server do not need to pre-store the acoustic data, so that the storage space of the data can be reduced, and the risk of data leakage and attack caused by storing the acoustic data on the client side can also be reduced. The generation method of the acoustic mark is not limited in this specification, and as an example, the length of the mark (for example, the length is at least 20 bits or more) and the adopted mark composition method (for example, including letters, numbers, punctuation marks, and the like) may be set as required in practical application.
Optionally, in order to prevent a hacker from hacking and submitting counterfeit data in the living body authentication process, the target sound wave in this embodiment has uniqueness, that is, the target sound wave data required by the living body authentication at this time is different from the target sound wave data of other living body authentications at other times. Alternatively, the server may generate different acoustic wave data for each living body authentication. Alternatively, the unique identifier may be generated, so that different sub-living body authentications of different users may correspond to respective sound waves. Based on the above, even if a hacker collects data of the occurred living body authentication and recognizes the sound wave from the data, and then forges the living body authentication data, the server can recognize the hacking attack according to the sound wave identification because the sound wave adopted by each living body authentication is different. Optionally, the process of generating the unique identifier may use a random algorithm, a hash algorithm, or a GUID (global uniform identifier) function, which is not limited in this embodiment. Taking a random algorithm as an example, by configuring attributes such as the length of an output value, a random number output by the random algorithm is used as the identifier. Taking a hash algorithm as an example, the information related to the current living body authentication may be used as an algorithm input, so that the algorithm outputs a unique hash value as the acoustic wave identifier of the current living body authentication, and the information related to the current living body authentication may be information that can be distinguished from other living body authentications, such as time of a living body authentication request, a client device identifier, a user identifier, and the like. Optionally, the server may further record the sound wave identifier generated each time, compare the sound wave identifiers generated subsequently, or configure an algorithm, configure the generated sound wave identifier as an invalid identifier, and enable the algorithm to generate a valid identifier, thereby further preventing generation of a repeated identifier. In this embodiment, generating the unique identifier can make the acoustic waves used for each authentication of the living body different, thereby preventing the hacking attack.
In the related art, a video is recorded by changing the color of a screen, and whether the living body exists is judged by detecting the video effect of the light influence generated by the screen change. Since the colors have only 256 differences. If a plurality of colors with relatively close differences are adopted in the living body authentication process, the server side is likely not to recognize the colors, so that only a plurality of colors with relatively large differences can be selected, the preferable color combination is very few, and the attack probability is obviously improved. Even if all three colors are combined, at most, the combinations are only 256 powers of three, namely 16777216, and in billions of user scenes, only various combinations can be multiplexed, and the uniqueness obviously cannot be guaranteed. Since the uniqueness cannot be guaranteed by changing the color of the screen, a hacker can record the color in the changing process, then simulate similar light and insert the similar light into the recorded video, thereby forging the living body authentication data. In the embodiment, the uniqueness of the sound wave of the living body authentication at each time is ensured through the unique sound wave identification, so that a hacker cannot forge the sound wave, and the safety of the living body authentication is obviously improved.
Optionally, for one living body authentication, the target sound wave agreed between the server and the client may be one or two or more, which is not limited in this embodiment, and may be flexibly configured according to needs in practical application. Other properties of the target sound wave, such as the duration or frequency of the sound wave, etc., may also need to be flexibly configured for practical applications.
Optionally, the identifier of the sound wave in this embodiment may refer to an identifier subjected to encryption processing, and the client and the server may agree an encryption/decryption manner of the identifier according to actual needs, which is not limited in this embodiment.
In this embodiment, after receiving the identifier, the client may generate sound wave data carrying the identifier according to an audio processing technique, and then play the sound wave by using the generated sound wave data in the process of acquiring the living body authentication data of the user, thereby acquiring the living body authentication data carrying the sound wave. The frequency band of the sound wave of the embodiment is a non-audible frequency band, so that a user of the sound wave played by the client cannot hear the sound wave and cannot interfere with the user; optionally, the sound wave of this embodiment may be an ultrasonic wave, and a frequency band of the sound wave may also be set according to the hardware capability of the client device, as long as the sound wave is in a frequency band that is inaudible to human ears. And the mode of adopting the non-audible wave frequency band also enables the living body authentication to have the concealment, and a hacker can not easily find that the living body authentication data carries the sound wave.
In practical application, the duration of the sound wave, the duration of the living body authentication performed by the client, the playing mode of the sound wave and the like can be flexibly configured according to needs. Optionally, the server and the client may determine a sound wave playing mode of the living body authentication, where the determination mode may be determined for each living body authentication, and may be a fixed configuration mode, and the client is configured with the sound wave playing mode in advance. Based on this, in the living body authentication process, the service end may further identify, according to the sound wave playing mode, whether the target sound wave data is carried in the living body authentication data, may also identify whether the playing mode of the sound wave carried in the living body authentication data is the same as the determined sound wave playing mode, and if different, may determine that the living body authentication does not pass this time, so that the security of the living body authentication may be further improved.
For example, since the living body authentication data carries the acoustic wave, the duration of the acoustic wave may not be longer than the acquisition duration of the living body authentication data, and the living body authentication process may be different for each user, and the duration of the living body authentication may be determined from the historical living body authentication data, and thus the length of the acoustic wave may be determined. Further, in the embodiments of the present specification, a sound wave playing mode may also be set as needed, for example, the number of times of playing may be played circularly, played once, played multiple times, and the like, and the playing time may also be included, for example, playing at a specific time after acquisition, playing within a specific time range during acquisition, and the like. For example, if the duration of the acoustic wave is shorter than the duration of the living body authentication data, the acoustic wave may be played when the living body authentication data is collected, and after one-time acoustic wave playing is finished, the acoustic wave may be played cyclically until the collection of the living body authentication data is finished, so that the acoustic wave data can be conveniently identified from the living body authentication data by the server due to the fact that the whole section of the living body authentication data carries the acoustic wave, and the collected living body authentication data is more reliable. In other examples, the sound wave may be played only once, may be played twice or more, or the timing at which the sound wave is played in the biometric authentication data may be set as necessary, for example, the sound wave may be played 5 seconds after the biometric authentication data is acquired, or the sound wave may be played in a loop of 15 seconds after 2 seconds after the biometric authentication data is acquired. In other examples, in the living body authentication data acquisition, a specific sound wave is played before the sound wave is played, a target sound wave is played later, and the specific sound wave is played again after the sound wave is played.
After receiving the living body authentication data sent by the client, the server can firstly identify whether the living body authentication data carries the sound wave data, and if not, the server can determine that the living body authentication does not pass, because the hacker who attacks the living body authentication data provides forged living body authentication data. Further, if the acoustic data can be identified, the identified acoustic data can be compared with the target acoustic wave agreed in advance by the client and the server to perform the living body authentication. As an example, the audio content of the living body authentication data may be analyzed, the sound wave data may be extracted therefrom, the identifier carried in the sound wave data may be further analyzed, and the identifier carried in the sound wave data may be compared with the identifier of the sound wave agreed in advance.
In practical applications, the safety of living body authentication may be further improved by using the aging of the acoustic wave, for example, the target acoustic wave data corresponds to an effective time, and the method of this embodiment may further include: identifying whether a time of the acoustic wave data carried in the living body authentication data satisfies the valid time. As an example, the server may record the valid time of the target sound wave after the target sound wave is agreed with the client, may check the time of the sound wave in the living body authentication data during the living body authentication, and determine whether the living body authentication passes through the comparison result between the recorded valid time and the detected time. By the method, the hacker cannot forge the living body authentication data in advance, so that the attack difficulty is greatly improved.
It can be understood that the living body authentication process of the server in this embodiment may further include living body authentication of other objects, for example, according to the fact that the living body authentication data includes the biometric feature of the user, face recognition, iris recognition, voiceprint recognition, and the like, and the server may perform final living body authentication determination according to the result of each living body authentication, and the specific manner may be flexibly configured as required, which is not limited in this embodiment.
It can be seen from the above embodiments that, in the present embodiment, authentication for sound waves is creatively added in the living body authentication process by using the characteristic that sound waves can carry information for transmission, and the traditional technical idea is to perform living body authentication by using the biometric feature of the user, but in the present application, sound waves played by the client are additionally added in the living body authentication data, and sound wave authentication is added on the basis of existing living body authentication, so that the living body authentication is safer and more reliable. On the other hand, the sound wave can not be heard by the user and can not cause interference to the user, the sound wave playing of the embodiment has concealment, so that a hacker can not know that sound wave data is added in the living body authentication process, the attack risk can be reduced, and the hacker attack can be more reliably identified by the service end through the added sound wave authentication.
Next, a living body authentication method according to an embodiment of the present specification is described with an embodiment, which describes a process of living body authentication for a user through interaction between a client device and a server. The client-side device in the embodiments of the present specification is configured with an audio module and has an audio processing function. As an example, an embodiment of a living body authentication method may include:
the client sends a living body authentication request to the server;
after receiving the living body authentication request, the server generates a sound wave identifier required by the living body authentication; the identifier has uniqueness, the server can generate a non-repetitive identifier as required, for example, various information such as the current time and the client identifier can be used as the input of a hash algorithm, and the unique identifier is generated by the algorithm. Optionally, the time of the current identifier may also be recorded.
And the server side encrypts the identifier according to an encryption scheme appointed with the client side.
The server generates other contents required by the living body authentication; for example, generating text, numbers, questions, and the like, which require the user to authenticate with language, behavior posture, and the like.
The server sends data to the client, wherein the data comprises the data required by living body authentication such as the encrypted identifier.
The client receives data required by living body authentication sent by the server. The client side decrypts the encrypted identifier according to an agreed encryption and decryption scheme to obtain the identifier.
The client starts the camera module and the audio module to start the acquisition of the living body authentication data. Optionally, the client prompts the user to speak the content such as the characters, the numbers or the letters according to the data sent by the server.
And the client side collects the living body authentication data and plays sound waves according to the sound wave data generated by the identification.
And the client acquires the living body authentication data and then sends the living body authentication data to the server.
The server performs the living body authentication after receiving the living body authentication data, and optionally, the living body authentication may include the following items:
identifying sound wave data from the audio data in the living body authentication data, further identifying an identifier carried in the sound wave data, and judging whether the identifier is the same as a previously generated identifier;
recognizing the speaking content of the user from the audio data in the living body authentication data, and judging whether the speaking content is consistent with the previous language authentication content;
and recognizing the face data of the user from the video data in the living body authentication data, and authenticating the face data.
If all of the above three items pass, it can be determined that the living body authentication passes.
As can be seen from the above embodiments, the present embodiment determines that the current living body authentication data is currently recorded, not previously recorded, by the ultrasound identification with time-lapse each time. Because the acoustic wave identification adopted by each living body authentication is different, and in the collected living body authentication data, the user can not hear the data, but the server side can carry out identification, the method has better concealment and safety.
The user can not hear the sound wave, so that the user can not be interfered and the side effect on the user can not be generated; because the sound wave identifications generated each time are different and have timeliness, the living body authentication data must be collected in real time each time, the living body authentication data is shot in real time each time, the counterfeiting difficulty is obviously improved, a hacker cannot attack the camera module by attacking, the recorded video data is adopted for attacking, and even if the hacker verifies by adopting the previously recorded living body authentication data, the service end can also verify by the sound wave identifications, so that the hacker attack is identified.
As shown in fig. 2A, a flowchart of another embodiment of the living body authentication method of the present specification, which describes a process of living body authentication by a server side:
in step 202, after receiving a living body authentication request sent by a client, determining target sound wave data required by the living body authentication with the client, wherein the frequency band of the target sound wave is a non-audible frequency band;
in step 204, receiving living body authentication data sent by the client;
in step 206, it is identified whether the living body authentication data carries the target acoustic wave data, and living body authentication is performed according to the identification result.
Optionally, the target acoustic wave data required by the living body authentication at this time is different from the target acoustic wave data of other living body authentications at other times.
Optionally, the determining, with the client, target acoustic wave data required by the living body authentication at this time includes:
and generating an identifier of the target sound wave corresponding to the living body authentication, and sending the identifier to a client so that the client can generate sound wave data carrying the received identifier after receiving the identifier.
Optionally, the target sound wave data corresponds to an effective time; the method further comprises the following steps: and identifying whether the time of the target sound wave data carried in the living body authentication data satisfies the valid time.
Optionally, the method further includes: determining a sound wave playing mode of the living body authentication with the client;
the identifying whether the living body authentication data carries the target sound wave data includes:
and identifying whether the living body authentication data carries the target sound wave data or not according to the sound wave playing mode.
The detailed implementation of this embodiment can refer to the embodiment of fig. 1A and fig. 1B, which is not described herein again.
As shown in fig. 2B, which is a flowchart of another embodiment of the living body authentication method of the present specification, the embodiment describes a process of living body authentication by a client side:
in step 212, a living body authentication request is sent to the server to determine target sound wave data required by the living body authentication with the server, wherein the frequency band of the target sound wave is a non-audible frequency band;
in step 214, in the process of acquiring living body authentication data of a user, playing sound waves by using the target sound wave data to acquire living body authentication data carrying sound waves;
in step 216, the living body authentication data is sent to the server, so that the server can identify whether the living body authentication data carries the target sound wave data, and perform living body authentication according to an identification result.
Optionally, the determining, by the server, target acoustic wave data required by the living body authentication at this time includes: and receiving an identifier of the target sound wave sent by the server, and generating target sound wave data carrying the identifier, wherein the identifier is generated by the server for the living body authentication at this time after receiving the living body authentication request.
Optionally, the method further includes: determining a sound wave playing mode of the living body authentication; and when the target sound wave data is utilized to play sound waves, playing the sound waves according to the sound wave playing mode.
Optionally, the sound wave playing mode includes: a mode of circularly playing the target sound wave during the period from the beginning to the end of the living body authentication data acquisition; or, playing the specific sound wave before and/or after the target sound wave is played.
The detailed implementation of this embodiment can refer to the embodiment of fig. 1A and fig. 1B, which is not described herein again.
The present specification further provides another living body authentication method, which is implemented based on a blockchain in this embodiment, for example, fig. 3 is an application scenario diagram of a living body authentication scheme based on a blockchain provided in an exemplary embodiment, and includes a client and a blockchain system, where the blockchain system may include a plurality of node devices, and fig. 3 illustrates 4 devices as an example. A user can submit a living body authentication transaction containing living body authentication data to a blockchain system through a client, and any node device in the blockchain system calls a living body authentication logic in an intelligent contract after receiving the living body authentication transaction so as to verify whether the living body authentication data carries target sound wave data.
Because the living body authentication data related to the user is submitted to the block chain system and verified by the intelligent contract, the verification logic aiming at the living body authentication data can be ensured to be real and effective, and the safety and the reliability of the living body authentication can be ensured.
The block chain based living body authentication method of the present specification is introduced from the side of the block chain system, as shown in fig. 4, and the present specification shows a block chain based living body authentication method flowchart according to an exemplary embodiment, where the method is applicable to any node device in the block chain, and the method may include the following steps:
in step 402, receiving a living body authentication transaction sent by a client; wherein the liveness authentication transaction comprises liveness authentication data;
in step 404, in response to the living body authentication transaction, invoking a living body authentication logic issued to an intelligent contract on a block chain, and verifying whether the living body authentication data carries target sound wave data; the frequency band of the target sound wave is a non-audible frequency band;
in step 406, a verification result of the smart contract on the living body authentication data is obtained, and whether the living body authentication passes or not is determined according to the verification result.
The blockchain described in this specification may specifically include a private chain, a common chain, a federation chain, and the like, and is not particularly limited in this specification.
For example, in one scenario, the block chain may specifically be a federation chain formed by each service node as a federation member; the operator of the alliance chain can deploy corresponding services by relying on the alliance chain. Each service node can distribute the service data generated or received by itself in a form of transaction in the alliance chain, and store the transaction in a distributed database in the alliance chain after the transaction is processed by the consensus node in the alliance chain.
It should be noted that the Transaction (Transaction) described in this specification refers to a piece of data created by a client of a blockchain and needs to be finally issued to a distributed database of the blockchain.
Transactions in a blockchain, generally have a narrow sense of transaction and a broad sense of transaction score. A narrowly defined transaction refers to a transfer of value issued by a user to a blockchain; for example, in a conventional bitcoin blockchain network, the transaction may be a transfer initiated by the user in the blockchain. The broad transaction refers to a piece of business data with business intention, which is issued to the blockchain by a user; for example, an operator may build a federation chain based on actual business needs, relying on the federation chain to deploy some other types of online business unrelated to value transfer, where a transaction may be a business request with a business intent issued by a user in the federation chain via a business system.
In block chain techniques, nodes in a block chain typically need to rely on a corresponding Smart contract (Smart contract) to operate on the block. Operations such as storing, modifying, deleting, etc. in a blockchain all need to rely on smart contracts. The intelligent contract may be a computer protocol intended for application to propagate, verify, or execute contracts in an informational manner that may be deployed on a blockchain. Performing the corresponding operation can be realized by declaring the business logic in the smart contract. Smart contracts allow trusted transactions to be conducted without third parties. These transactions are traceable and irreversible. Smart contracts can provide security over traditional contract methodologies and reduce other transaction costs associated with contracts. In general, the intelligent contracts can be deployed locally at block link points, and when a node needs to execute a certain action, the corresponding intelligent contract can be called, and the intelligent contract is executed to execute the business logic stated in the intelligent contract, so as to obtain an execution result.
In this embodiment, the node device of the blockchain receives a living body authentication transaction sent by the client, and invokes a living body authentication logic declared in an intelligent contract issued on the blockchain in response to the living body authentication transaction, thereby verifying whether the living body authentication data carries target sound wave data.
The living body authentication logic may be program code (for example, some program methods or functions available for calling) declared in the intelligent contract and related to execution logic for verifying whether the living body authentication data carries the target sound wave data.
In this embodiment, the intelligent contract on the blockchain needs to verify whether the living body authentication data carries the specified target sound wave data, and similar to the foregoing embodiments, there may be a variety of implementation manners how the intelligent contract on the blockchain acquires the specified target sound wave data.
In some examples, the target sound wave may carry a sound wave identification, and the living body authentication data is verified by the sound wave identification recognized from the target sound wave. Based on this, the living body authentication transaction in this embodiment includes an acoustic wave identifier, and the verifying whether the living body authentication data carries the target acoustic wave data may include: and verifying whether the living body authentication data carries target sound wave data bearing the sound wave identification.
The acoustic wave identification can be generated under the chain by the node device or on the chain.
As an example, the smart contract on the blockchain also declares sound wave identifier generation logic, the client can construct a sound wave identifier generation transaction to be sent to the node device on the blockchain before receiving the living body authentication transaction, the node device on the blockchain receives the sound wave identifier generation transaction sent by the client, and the sound wave identifier generation logic issued to the smart contract on the blockchain is invoked to generate the sound wave identifier in response to the sound wave identifier generation transaction. Based on the method, after the client acquires the generated sound wave identification, the living body authentication transaction is constructed by combining the living body authentication data.
In other examples, node devices on the blockchain may receive the acoustic identification generation transaction sent by the client, generate an acoustic identification in response to the acoustic identification generation transaction, and return the acoustic identification to the client.
In other examples, the acoustic wave identifier may be generated by living body authentication logic declared in the intelligent contract, the client may construct a living body authentication transaction including transaction parameters, and the living body authentication logic may generate the acoustic wave identifier according to the transaction parameters to verify whether the living body authentication data carries target acoustic wave data bearing the acoustic wave identifier. As an example, the client may use the user identifier, the number and/or time of the live body authentication request of this time, and the like as the transaction parameter, and the live body authentication logic declared in the smart contract performs hash operation on the transaction parameter, and uses the generated hash value as the sound wave identifier; in practical application, other generation manners of the acoustic wave markers may also be set, which is not limited in this embodiment. On the client side, when the client side collects living body authentication data of a user, a sound wave identifier is generated by using transaction parameters in the same mode, target sound wave data bearing the sound wave identifier is generated and played, the collected living body authentication data carries the target sound wave data, and then verification is carried out by using an intelligent contract.
The above embodiments show the process of verifying the sound wave in the living body authentication data, and in practical services, the living body authentication process generally also relates to other processes for verifying the user biological feature data, such as verifying the user face data, voiceprint data, fingerprint data, etc. in the living body authentication data, so that the biological feature data in the living body authentication data needs to be matched with the real biological feature data of the user.
In some examples, it may be that the entire live authentication procedure is verified by a smart contract. The real biological characteristic data of the user can be stored on the block chain, and the living body authentication logic of the intelligent contract can call the real biological characteristic data of the user to verify the biological characteristic data in the living body authentication data; for example, a user identification may be included in the live authentication transaction, and the live authentication logic of the smart contract may invoke real biometric data of the user to verify through the user identification.
In other examples, it may also be that the smart contract performs part of the validation. For example, in the application scenario of the present embodiment, in addition to the client and the blockchain system shown in fig. 3, a service system may be included. The service system may be a software system installed on a node device in the blockchain, or may be a software system installed on a server that establishes a connection with a node device in the blockchain. The real biometric data of the user is stored at the service system side, which may be that the service system performs verification on the biometric data in the living body authentication data, for example, the service system may receive a living body authentication request carrying a user identifier sent by a client, and verify the biometric data in the living body authentication data after finding the real biometric data of the user through the user identifier.
In other examples, the process of verifying the biometric data in the live authentication data after using the real biometric data of the user may also be performed by invoking the biometric verification logic of the smart contract. For example, the business system may construct and send a biometric verification transaction including real biometric data and live authentication data to a node device on the blockchain, the node device invoking biometric verification logic issued into the smart contract on the blockchain in response to the biometric verification transaction to verify whether the biometric data in the live authentication data matches the real biometric data. And the service system determines whether the living body authentication passes or not according to the verification result by acquiring the biological characteristic verification result of the intelligent contract.
As shown in fig. 5, it is a flowchart of another living body authentication method shown in this specification according to an exemplary embodiment, where this embodiment is implemented based on a blockchain, and this embodiment describes a living body authentication process from the perspective of a client, including the following steps:
in step 502, in the process of acquiring living body authentication data of a user, playing target sound wave data and acquiring living body authentication data carrying the target sound wave data, wherein the frequency band of the target sound wave is an inaudible frequency band.
In step 504, a biometric authentication transaction is constructed that contains the biometric authentication data.
In step 506, the living body authentication transaction is sent to a node device in a blockchain, so that the node device can respond to the living body authentication transaction, invoke a living body authentication logic issued to an intelligent contract on the blockchain, and verify whether the living body authentication data carries target sound wave data.
In step 508, a verification result of the intelligent contract is obtained, and whether the living body authentication passes or not is determined according to the verification result.
Optionally, the living body authentication transaction includes an acoustic wave identifier, and verifying whether the living body authentication data carries target acoustic wave data includes:
and verifying whether the living body authentication data carries target sound wave data bearing the sound wave identification.
Optionally, the sound wave identifier is acquired by:
and after the living body authentication process is triggered, constructing a sound wave identification generation transaction and sending the sound wave identification generation transaction to the node equipment so that the node equipment responds to the sound wave identification generation transaction, and calling sound wave identification generation logic issued to an intelligent contract on a block chain to generate a sound wave identification to obtain the sound wave identification generated by the intelligent contract.
Optionally, the method further includes:
after the living body authentication process is triggered, sending a sound wave identifier generation request to the node equipment, and acquiring the sound wave identifier generated by the node equipment according to the sound wave generation request.
Optionally, the playing the target sound wave data includes:
generating sound wave identification according to the request parameters of the living body authentication request, and then generating and playing target sound wave data carrying the sound wave identification;
the liveliness authentication transaction further comprises the request parameters:
optionally, the playing the target sound wave carrying the sound wave identifier includes:
playing the target sound wave carrying the sound wave identification according to a target playing mode; and extracting sound wave data from the living body authentication data according to the target playing mode by the intelligent contract.
In correspondence with the embodiments of the living body authentication method described above, the present specification also provides embodiments of a living body authentication device and an apparatus to which the same is applied.
The embodiments of the living body authentication apparatus of the present specification may be applied to a computer device, such as a server or a terminal device. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. The software implementation is taken as an example, and is formed by reading corresponding computer program instructions in the nonvolatile memory into the memory for operation through the processor in which the software implementation is located. From a hardware aspect, as shown in fig. 6, which is a hardware structure diagram of a computer device where a living body authentication apparatus is located in an embodiment of this specification, except for the processor 610, the memory 630, the network interface 620, and the nonvolatile memory 640 shown in fig. 6, a server or an electronic device where an apparatus 631 is located in an embodiment may also include other hardware according to an actual function of the computer device, and details of this are not described again.
As shown in fig. 7, fig. 7 is a block diagram of an active authentication apparatus shown in the present specification according to an exemplary embodiment, the apparatus including:
a determining module 71 configured to: after a living body authentication request sent by a client is received, determining target sound wave data required by the living body authentication with the client, wherein the frequency band of the target sound wave is a non-audible frequency band;
a receiving module 72 configured to: receiving living body authentication data sent by the client;
an authentication module 73 for: and identifying whether the living body authentication data carries the target sound wave data or not, and performing living body authentication according to an identification result.
Optionally, the target acoustic wave data required by the living body authentication at this time is different from the target acoustic wave data of other living body authentications at other times.
Optionally, the determining module 71 is further configured to:
and generating an identifier of the target sound wave corresponding to the living body authentication, and sending the identifier to a client so that the client can generate sound wave data carrying the received identifier after receiving the identifier.
Optionally, the target sound wave data corresponds to an effective time; the authentication module 73 is further configured to: and identifying whether the time of the target sound wave data carried in the living body authentication data satisfies the valid time.
Optionally, the generated identifier of the target sound wave for the current living body authentication is different from identifiers of target sound waves corresponding to other living body authentications.
Optionally, the determining module 71 is further configured to: determining a sound wave playing mode corresponding to the living body authentication with the client;
the authentication module 73 is further configured to:
and identifying whether the living body authentication data carries the target sound wave data or not according to the sound wave playing mode.
Optionally, the sound wave playing mode includes: a mode of circularly playing the target sound wave during the period from the beginning to the end of the living body authentication data acquisition; or, playing the specific sound wave before and/or after the target sound wave is played.
As shown in fig. 8, fig. 8 is a block diagram of an active authentication apparatus shown in the present specification according to an exemplary embodiment, the apparatus including:
a determining module 81 configured to: sending a living body authentication request to a server to determine target sound wave data required by the living body authentication with the server, wherein the frequency band of the target sound wave is a non-audible frequency band;
a play module 82 configured to: in the process of acquiring living body authentication data of a user, playing sound waves by using the target sound wave data to acquire living body authentication data carrying the sound waves;
a sending module 83, configured to: and sending the living body authentication data to the server side so that the server side can acquire sound wave data from the living body authentication data, and performing living body authentication by combining a comparison result of the acquired sound wave data and the target sound wave data.
Optionally, the determining module 81 is further configured to: and receiving an identifier of the target sound wave sent by the server, and generating target sound wave data carrying the identifier, wherein the identifier is generated by the server for the living body authentication at this time after receiving the living body authentication request.
Optionally, the determining module 81 is further configured to: determining a sound wave playing mode of the living body authentication; the play module 82 is further configured to: and when the target sound wave data is utilized to play sound waves, playing the sound waves according to the sound wave playing mode.
Optionally, the sound wave playing mode includes: a mode of circularly playing the target sound wave during the period from the beginning to the end of the living body authentication data acquisition; or, playing the specific sound wave before and/or after the target sound wave is played.
As shown in fig. 9, fig. 9 is a block diagram of an active authentication apparatus shown in the present specification according to an exemplary embodiment, the apparatus including:
a receiving module 91, configured to: receiving a living body authentication transaction sent by a client; wherein the liveness authentication transaction comprises liveness authentication data;
a response module 92 for: responding to the living body authentication transaction, calling living body authentication logic issued to an intelligent contract on a block chain, and verifying whether the living body authentication data carries target sound wave data or not; the frequency band of the target sound wave is a non-audible frequency band;
a verification module 93 for: and acquiring the verification result of the intelligent contract on the living body authentication data, and determining whether the living body authentication passes or not according to the verification result.
Optionally, the living body authentication transaction includes an acoustic wave identifier, and the verification module 83 is further configured to:
and verifying whether the living body authentication data carries target sound wave data bearing the sound wave identification.
Optionally, the apparatus further includes a generating module, configured to:
and before receiving the living body authentication transaction, receiving a sound wave identification generation transaction sent by a client, responding to the sound wave identification generation transaction, and calling sound wave identification generation logic issued to an intelligent contract on a block chain to generate sound wave identification.
Optionally, the apparatus further comprises a return module (not shown in fig. 9) configured to:
and before receiving the living body authentication transaction, receiving the sound wave identification generated transaction sent by the client, generating the sound wave identification and returning the sound wave identification to the client.
Optionally, the live authentication transaction includes transaction parameters; the verification module is further to:
and generating an acoustic wave identifier according to the transaction parameters, and verifying whether the living body authentication data carries target acoustic wave data bearing the acoustic wave identifier.
As shown in fig. 10, fig. 10 is a block diagram of an active authentication apparatus shown in the present specification according to an exemplary embodiment, the apparatus including:
an obtaining module 1001 configured to: in the process of acquiring living body authentication data of a user, playing target sound wave data and acquiring living body authentication data carrying the target sound wave data, wherein the frequency band of the target sound wave is a non-audible frequency band;
a constructing module 1002 for: constructing a live authentication transaction containing the live authentication data;
a sending module 1003, configured to: sending the living body authentication transaction to node equipment in a block chain, so that the node equipment responds to the living body authentication transaction, calls living body authentication logic issued to an intelligent contract on the block chain, and verifies whether target sound wave data are carried in the living body authentication data;
a verification module 1004 to: and acquiring a verification result of the intelligent contract, and determining whether the living body authentication passes or not according to the verification result.
Optionally, the living body authentication transaction includes an acoustic wave identifier, and the verification module 94 is further configured to:
and verifying whether the living body authentication data carries target sound wave data bearing the sound wave identification.
Optionally, the verification module 1004 is further configured to:
and after the living body authentication process is triggered, constructing a sound wave identification generation transaction and sending the sound wave identification generation transaction to the node equipment so that the node equipment responds to the sound wave identification generation transaction, and calling sound wave identification generation logic issued to an intelligent contract on a block chain to generate a sound wave identification to obtain the sound wave identification generated by the intelligent contract.
Optionally, the apparatus further includes an identification request module (not shown in fig. 10) configured to:
after the living body authentication process is triggered, sending a sound wave identifier generation request to the node equipment, and acquiring the sound wave identifier generated by the node equipment according to the sound wave generation request.
Optionally, the playing the target sound wave data includes:
receiving a living body authentication request, generating sound wave identification according to request parameters of the living body authentication request, and then generating and playing target sound wave data carrying the sound wave identification;
the liveness authentication transaction further includes the request parameter.
Optionally, the obtaining module 1001 is further configured to:
playing the target sound wave data carrying the sound wave identification according to a target playing mode; and the intelligent contract extracts the target sound wave data from the living body authentication data according to the target playing mode.
Accordingly, the present specification also provides a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements an embodiment of the aforementioned living body authentication method when executing the program.
The implementation process of the functions and actions of each module in the living body authentication device is specifically described in the implementation process of the corresponding step in the living body authentication method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, wherein the modules described as separate parts may or may not be physically separate, and the parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules can be selected according to actual needs to achieve the purpose of the solution in the specification. One of ordinary skill in the art can understand and implement it without inventive effort.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
Other embodiments of the present description will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This specification is intended to cover any variations, uses, or adaptations of the specification following, in general, the principles of the specification and including such departures from the present disclosure as come within known or customary practice within the art to which the specification pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the specification being indicated by the following claims.
It will be understood that the present description is not limited to the precise arrangements described above and shown in the drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the present description is limited only by the appended claims.
The above description is only a preferred embodiment of the present disclosure, and should not be taken as limiting the present disclosure, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.
Claims (22)
1. A method of in vivo authentication, comprising:
the client sends a living body authentication request to the server;
after receiving the living body authentication request, the server sends an encrypted identifier to the client;
the client decrypts the encrypted identification to obtain the identification, and obtains target sound wave data corresponding to the identification; playing the target sound wave data in the process of acquiring living body authentication data of a user and then acquiring sound wave data; carrying the acquired acoustic wave data in the living body authentication data and sending the living body authentication data to the server;
and the server identifies whether the sound wave data in the received living body authentication data carries the target sound wave data or not, and performs living body authentication according to an identification result.
2. A method for authenticating a living body is applied to a server and comprises the following steps:
after a living body authentication request sent by a client is received, sending an encrypted identifier to the client, so that the client receives the encrypted identifier and decrypts the encrypted identifier to obtain the identifier, and target sound wave data corresponding to the identifier is obtained;
receiving living body authentication data sent by the client, wherein the living body authentication data carries sound wave data acquired by the client, and the sound wave data is acquired after the target sound wave data is played in the process of acquiring the living body authentication data of a user;
and identifying whether the sound wave data in the received living body authentication data carries the target sound wave data or not, and performing living body authentication according to an identification result.
3. The method of claim 2, wherein the frequency band of the target sound wave data is a non-audible frequency band.
4. The method of claim 2, wherein the target acoustic data is target acoustic data generated by the client and carrying the identifier.
5. The method according to claim 2, wherein the target acoustic data is obtained by the client from a plurality of pre-stored acoustic data, and the target acoustic data matches the identifier.
6. The method of claim 4, further comprising: the server does not store the target sound wave data; the client does not store the target acoustic data.
7. The method according to claim 2, further comprising, after the living body authentication according to the identification result:
and determining whether to execute a payment process according to the authentication result.
8. The method of claim 2, the target acoustic data corresponding to an effective time; the method further comprises the following steps: and identifying whether the time of the target sound wave data carried in the living body authentication data satisfies the valid time.
9. The method according to claim 2, wherein the step of the server identifying whether the acoustic wave data in the received living body authentication data carries the target acoustic wave data comprises:
and determining whether the sound wave data carries the target sound wave data or not based on whether the identification is carried in the sound wave data or not.
10. The method according to claim 2, wherein the step of the server identifying whether the acoustic wave data in the received living body authentication data carries the target acoustic wave data comprises:
firstly, determining whether sound wave data are acquired when the target sound wave data are played according to a preset playing mode; if yes, whether the sound wave data carries the target sound wave data is further determined based on whether the identification is carried in the sound wave data.
11. The method of claim 10, wherein the preset playback mode comprises: a mode of circularly playing the target sound wave during the period from the beginning to the end of the living body authentication data acquisition; or other specific sound wave playing modes before and/or after the target sound wave is played.
12. A method for authenticating a living body, which is applied to a client side, comprises the following steps:
sending a living body authentication request to a server, receiving an encrypted identifier, decrypting to obtain the identifier, and obtaining target sound wave data corresponding to the identifier as target sound wave data required by the living body authentication;
playing the target sound wave data and collecting sound wave data in the process of collecting living body authentication data of a user;
and sending the living body authentication data carrying the acquired sound wave data to the server side so that the server side can identify whether the sound wave data in the living body authentication data carries the target sound wave data or not, and carrying out living body authentication according to an identification result.
13. The method of claim 12, wherein the frequency band of the target sound wave data is a non-audible frequency band.
14. The method of claim 12, further comprising, before the client obtains the target acoustic data corresponding to the identification:
and the client generates target sound wave data carrying the identification.
15. The method of claim 12, wherein the specific step of the client obtaining the target sound wave data corresponding to the identifier comprises:
and the client acquires target sound wave data matched with the identifier from a plurality of pre-stored sound wave data.
16. The method of claim 14, further comprising: the server does not store the target sound wave data; the client does not store the target acoustic data.
17. The method according to claim 12, further comprising, after the living body authentication according to the recognition result:
and determining whether to execute a payment process according to the authentication result.
18. The method according to claim 12, wherein the step of the server identifying whether the acoustic wave data in the received living body authentication data carries the target acoustic wave data comprises:
and determining whether the sound wave data carries the target sound wave data or not based on whether the identification is carried in the sound wave data or not.
19. The method according to claim 12, wherein the step of the server identifying whether the acoustic wave data in the received living body authentication data carries the target acoustic wave data comprises:
firstly, determining whether sound wave data are acquired when the target sound wave data are played according to a preset playing mode; if yes, whether the sound wave data carries the target sound wave data is further determined based on whether the identification is carried in the sound wave data.
20. The method of claim 19, wherein the preset playback mode comprises: a mode of circularly playing target sound wave data during the period from the beginning to the end of the living body authentication data acquisition; or other specific sound wave playing modes before and/or after the target sound wave is played.
21. A system for in vivo authentication, the system comprising a server and a client:
the client is used for sending a living body authentication request to the server; after receiving the encrypted identification sent by the server, decrypting the encrypted identification to obtain the identification, and obtaining target sound wave data corresponding to the identification; playing the target sound wave data in the process of acquiring living body authentication data of a user and then acquiring sound wave data; carrying the acquired acoustic wave data in the living body authentication data and sending the living body authentication data to the server;
the server is used for sending the encrypted identifier to the client after receiving the living body authentication request; and identifying whether the sound wave data in the received living body authentication data carries the target sound wave data, and performing living body authentication according to an identification result.
22. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of claims 1 to 20 when executing the program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111530144.4A CN114238906A (en) | 2020-06-19 | 2020-06-19 | Living body authentication method, living body authentication system and computer equipment |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111530144.4A CN114238906A (en) | 2020-06-19 | 2020-06-19 | Living body authentication method, living body authentication system and computer equipment |
| CN202010565119.9A CN111475794B (en) | 2020-06-19 | 2020-06-19 | Living body authentication method and device and computer equipment |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010565119.9A Division CN111475794B (en) | 2020-06-19 | 2020-06-19 | Living body authentication method and device and computer equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114238906A true CN114238906A (en) | 2022-03-25 |
Family
ID=71764136
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111530144.4A Pending CN114238906A (en) | 2020-06-19 | 2020-06-19 | Living body authentication method, living body authentication system and computer equipment |
| CN202010565119.9A Active CN111475794B (en) | 2020-06-19 | 2020-06-19 | Living body authentication method and device and computer equipment |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010565119.9A Active CN111475794B (en) | 2020-06-19 | 2020-06-19 | Living body authentication method and device and computer equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN114238906A (en) |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102360479A (en) * | 2011-10-17 | 2012-02-22 | 深圳市融创天下科技股份有限公司 | Method, system and terminal equipment for mobile payment |
| SG11201504186UA (en) * | 2012-12-19 | 2015-07-30 | Visa Int Service Ass | System and method for voice authentication |
| CN105407069B (en) * | 2014-06-30 | 2019-02-15 | 阿里巴巴集团控股有限公司 | Living body authentication method, apparatus, client device and server |
| CN106529251A (en) * | 2016-10-25 | 2017-03-22 | 北京光年无限科技有限公司 | Intelligent robot oriented authentication method and system |
| CN106972919B (en) * | 2017-03-29 | 2020-04-24 | 北京奇虎科技有限公司 | Key negotiation method and device |
| CN109347835B (en) * | 2018-10-24 | 2021-09-07 | 苏州科达科技股份有限公司 | Information transmission method, client, server, and computer-readable storage medium |
| CN110555296B (en) * | 2019-08-01 | 2020-08-18 | 阿里巴巴集团控股有限公司 | Identity verification method, device and equipment based on block chain |
-
2020
- 2020-06-19 CN CN202111530144.4A patent/CN114238906A/en active Pending
- 2020-06-19 CN CN202010565119.9A patent/CN111475794B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN111475794A (en) | 2020-07-31 |
| CN111475794B (en) | 2021-10-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10135818B2 (en) | User biological feature authentication method and system | |
| CN106487511B (en) | Identity authentication method and device | |
| JP6882254B2 (en) | Safety verification methods based on biological characteristics, client terminals, and servers | |
| CN105468950B (en) | Identity authentication method and device, terminal and server | |
| JP6855381B2 (en) | Personal authentication device, personal authentication method and personal authentication program | |
| US8862888B2 (en) | Systems and methods for three-factor authentication | |
| CN110086608A (en) | User authen method, device, computer equipment and computer readable storage medium | |
| US11188628B2 (en) | Biometric challenge-response authentication | |
| CN110557376A (en) | Electronic contract signing method, electronic contract signing device, computer equipment and storage medium | |
| CN109359601A (en) | Authentication recognition methods, electronic device and computer readable storage medium | |
| US9882719B2 (en) | Methods and systems for multi-factor authentication | |
| WO2019113776A1 (en) | Face and voiceprint-based payment authentication method, and terminal | |
| US20220092161A1 (en) | Document signing and digital signatures with human as the password | |
| KR102124445B1 (en) | Method, device and terminal for entering the login password of the application | |
| KR20120122181A (en) | User authentication method and system using biometric one-time password | |
| Johnson et al. | Voice authentication using short phrases: Examining accuracy, security and privacy issues | |
| US11934508B2 (en) | Systems and methods including user authentication | |
| WO2021244471A1 (en) | Real-name authentication method and device | |
| CN113205342A (en) | User identity authentication method and device based on multi-terminal payment | |
| CN111475794B (en) | Living body authentication method and device and computer equipment | |
| US20220078020A1 (en) | Biometric acquisition system and method | |
| CN111475793A (en) | Access control method, user registration method, user login method, device and equipment | |
| Ramya et al. | Personalized authentication procedure for restricted web service access in mobile phones | |
| WO2016112792A1 (en) | Identity authentication method and device | |
| CN110708271A (en) | Method for accessing third-party application, aggregation management system and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |