CN117290827A - Security verification method, security verification device, computer equipment and storage medium - Google Patents

Security verification method, security verification device, computer equipment and storage medium Download PDF

Info

Publication number
CN117290827A
CN117290827A CN202311049317.XA CN202311049317A CN117290827A CN 117290827 A CN117290827 A CN 117290827A CN 202311049317 A CN202311049317 A CN 202311049317A CN 117290827 A CN117290827 A CN 117290827A
Authority
CN
China
Prior art keywords
security verification
information
verification information
current user
current
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311049317.XA
Other languages
Chinese (zh)
Inventor
张家登
刘娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN202311049317.XA priority Critical patent/CN117290827A/en
Publication of CN117290827A publication Critical patent/CN117290827A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/12Fingerprints or palmprints
    • G06V40/13Sensors therefor

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Human Computer Interaction (AREA)
  • Multimedia (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The application relates to a security verification method, a security verification device, computer equipment and a storage medium, relates to the technical field of blockchain, and can be applied to the financial field or other fields. The method comprises the following steps: and under the condition that the time interval between the current operation behavior and the last operation behavior of the service page is longer than the set time length, acquiring the identity identifier of the target user corresponding to the last operation behavior, acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user, acquiring the security verification information of the current user corresponding to the current operation behavior through the information acquisition equipment, acquiring security verification information to be verified, and carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified. By adopting the method, the safety of the user information can be improved.

Description

Security verification method, security verification device, computer equipment and storage medium
Technical Field
The present disclosure relates to the field of blockchain technologies, and in particular, to a security verification method, apparatus, computer device, and storage medium, which may be applied to the financial field or other fields.
Background
With the development of the financial field, each financial institution has introduced a business page for financial operations, and in order to ensure the security of users operating on the business page, a security verification method for users has emerged. In the current security verification method, when a user logs in, verification information can be sent to the user through a communication identifier of the user so as to realize security verification.
However, with the current security verification method, security verification is performed on the user only when the user logs in, so that the security of the user information is reduced.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a security verification method, apparatus, computer device, and storage medium capable of improving the security of user information.
In a first aspect, the present application provides a security verification method. The method comprises the following steps:
acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration;
acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
The method comprises the steps that safety verification information acquisition is carried out on a current user corresponding to current operation behaviors through information acquisition equipment, and safety verification information to be verified is obtained;
and carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
In one embodiment, the information collecting device collects security verification information of a current user corresponding to a current operation behavior to obtain security verification information to be verified, including:
acquiring initial security verification information of a current user corresponding to a current operation behavior through information acquisition equipment; and extracting features of the initial security verification information to obtain the security verification information to be verified.
In one embodiment, the acquiring, by the information acquisition device, initial security verification information of the current user corresponding to the current operation behavior includes:
acquiring facial information of a current user corresponding to the current operation behavior through image acquisition equipment to obtain first security verification information; collecting fingerprint information of a current user through fingerprint collecting equipment to obtain second security verification information; and obtaining initial security verification information of the current user according to the first security verification information and the second security verification information.
In one embodiment, performing security verification on a current user according to standard security verification information and security verification information to be verified, includes:
determining a similarity value between standard security verification information and security verification information to be verified; and carrying out security verification on the current user according to the similar value.
In one embodiment, the security verification for the current user according to the similarity value includes:
if the similarity value is larger than the similarity threshold value, determining that the security verification of the current user is passed; and if the similarity value is smaller than or equal to the similarity threshold value, determining that the security verification of the current user is not passed.
In one embodiment, the method further comprises:
under the condition that the security verification of the current user is passed, responding to a service handling request of the current user, and sending an information authorization notification to the current user; if the authorization confirmation of the current user for the information authorization notification is received, acquiring the basic information of the current user from the blockchain according to the identity identifier of the current user; and carrying out business handling on the current user according to the basic information of the current user.
In a second aspect, the present application also provides a security verification apparatus. The device comprises:
The first acquisition module is used for acquiring the identity identifier of the target user corresponding to the last operation behavior under the condition that the time interval between the current operation behavior and the last operation behavior of the service page is longer than the set duration;
the second acquisition module is used for acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
the third acquisition module is used for acquiring the security verification information of the current user corresponding to the current operation behavior through the information acquisition equipment to obtain the security verification information to be verified;
and the verification module is used for carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor which when executing the computer program performs the steps of:
acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration;
Acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
the method comprises the steps that safety verification information acquisition is carried out on a current user corresponding to current operation behaviors through information acquisition equipment, and safety verification information to be verified is obtained;
and carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:
acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration;
acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
the method comprises the steps that safety verification information acquisition is carried out on a current user corresponding to current operation behaviors through information acquisition equipment, and safety verification information to be verified is obtained;
and carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
In a fifth aspect, the present application also provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of:
acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration;
acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
the method comprises the steps that safety verification information acquisition is carried out on a current user corresponding to current operation behaviors through information acquisition equipment, and safety verification information to be verified is obtained;
and carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
According to the security verification method, the security verification device, the computer equipment and the storage medium, under the condition that the service page is not operated for a long time, when the current operation of the service page occurs, the standard security verification information of the target user corresponding to the previous operation behavior and the security verification information to be verified of the current user are obtained; and then, carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified. Compared with the prior art, the method has the advantages that the safety verification is carried out on the user only when the user logs in, and the safety verification can be dynamically carried out on the user in the process of operating the service page by the user, so that the safety of user information is ensured.
Drawings
FIG. 1 is a flow diagram of a security verification method in one embodiment;
FIG. 2 is a flow chart of a method for obtaining security verification information in one embodiment;
FIG. 3 is a flow diagram of security verification in one embodiment;
FIG. 4 is a flow diagram of business transaction in one embodiment;
FIG. 5 is a flow chart of a security verification method according to another embodiment;
FIG. 6 is a block diagram of a security authentication device in one embodiment;
FIG. 7 is a block diagram of a security authentication device according to another embodiment;
FIG. 8 is a block diagram of a security authentication device according to yet another embodiment;
fig. 9 is an internal structural diagram of a computer device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
With the development of the financial field, each financial institution has introduced a business page for financial operations, and in order to ensure the security of users operating on the business page, a security verification method for users has emerged. In the current security verification method, when a user logs in, verification information can be sent to the user through a communication identifier of the user so as to realize security verification.
However, with the current security verification method, security verification is performed on the user only when the user logs in, so that the security of the user information is reduced.
The block chain technology is applied to the scene of security verification, and the method can be used for solving the problem that the security verification efficiency is low because independent identity information acquisition is required for each page before the user is authenticated at present. Optionally, before performing security verification, a unique identifier may be configured in advance for each user, for example, a Non-homogeneous Token technology (NFT technology) may be used to configure a unique identifier for each user; and then, collecting standard security verification information of the user, and storing the standard security verification information and the identity identifier corresponding to the user on the blockchain in an associated mode.
The blockchain is a distributed account book technology and has the characteristics of decentralization, difficulty in tampering, disclosure transparency and the like. Blockchains can be simply distinguished into public chains, alliance chains, and private chains in terms of network architecture size and manner. The blockchain used in embodiments of the present application may be a coalition chain; alternatively, the blockchain of the present embodiment may be commonly maintained by multiple financial institutions, trusted authorities, and the like.
Alternatively, the security verification method provided by the embodiment of the application may be performed by a computer device, where the computer device may be a server, or may also be a terminal device with relatively powerful computing functions. In the present embodiment, a computer device is exemplified as a server. The server may or may not be a node in the blockchain network, but may interact with the blockchain node through an interface provided by the node in the blockchain network, thereby participating in the blockchain network.
Based on this, in one embodiment, a security verification method is provided, which is described as being applied to a server of a financial institution as an example. As shown in fig. 1, the method specifically comprises the following steps:
s101, acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration.
The server of the financial institution can display a page for operation of the financial related business, namely a business page, to a user through a tool configured in the terminal in advance, wherein the tool can be an applet or an APP; further, the user can perform operation of the financial related business on the business page.
The set duration can be a numerical value set according to the time interval between operation behaviors on the service page and used for judging whether the user continues to operate or not; the identity identifier refers to an identifier of an account held by a user, and further, in order to facilitate the security verification of the user, a uniform identity identifier can be set for the user on each service page.
It can be understood that, in the case that the service page is not operated for a long time, the service page may be operated by other personnel, so, in order to ensure the security of the user information, if the service page is not operated within a set time, the locking operation is performed on the service page.
Further, when the time interval between the current operation behavior and the last operation behavior of the service page is longer than the set time length, that is, when the service page is locked, the identity identifier of the target user corresponding to the last operation behavior can be obtained according to the operation record of the service page.
S102, standard security verification information of the target user is obtained from the blockchain according to the identity identifier of the target user.
The standard security information refers to that accurate security information is collected when a user registers an account, and may include but not limited to facial information, fingerprint information and other biological characteristics of the user.
It can be appreciated that in order to facilitate extraction of standard security verification information, for any user, after the standard security verification information of the user is collected, the standard security verification information of the user and an identifier corresponding to the user need to be associated and stored on a blockchain.
Optionally, after determining the identifier of the target user, standard security verification information of the target user may be directly obtained from the blockchain according to the identifier of the target user.
S103, carrying out security verification information acquisition on the current user corresponding to the current operation behavior through the information acquisition equipment to obtain security verification information to be verified.
Wherein, the information acquisition device refers to devices capable of acquiring biological characteristics of a user, such as a camera and a fingerprint acquisition device; the security verification information refers to the biological characteristics of the current user collected by the information collection device, and can be used for security verification of the current user.
Optionally, the biological characteristics of the current user can be collected as security verification information to be verified through information collection equipment deployed on the terminal where the service page is located.
S104, carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
It can be understood that after the standard security verification information and the security verification information to be verified are obtained, whether the target user and the current user are the same user or not can be judged according to the similarity degree between the standard security verification information and the security verification information to be verified, if yes, the security verification of the current user is passed, namely the operation of the current user is free of risks; if not, the security verification of the current user is not passed, and the current user cannot operate the service page.
For example, the user a performs service processing on a service page T corresponding to a certain financial institution through its own account, and if the service page T is not operated within a preset period, the service page T is automatically locked; further, under the condition that the service page T is locked, if a certain user B wants to operate the service page T, the security verification information to be verified of the user B needs to be acquired, and whether the user B currently operating the service page T is the user a is judged according to the security verification information to be verified of the user B and standard security verification information stored in advance by the user a, if so, the user B can normally use the service page T; if not, user B cannot use service page T.
In the security verification method, under the condition that the service page is not operated for a long time, the standard security verification information of the target user corresponding to the previous operation behavior and the security verification information to be verified of the current user are obtained when the current operation of the service page occurs; and then, carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified. Compared with the prior art, the method has the advantages that the safety verification is carried out on the user only when the user logs in, and the safety verification can be dynamically carried out on the user in the process of operating the service page by the user, so that the safety of user information is ensured.
In order to ensure accuracy of the acquired security verification information, in this embodiment, an alternative way of acquiring the security verification information is provided, as shown in fig. 2, which specifically includes the following steps:
s201, acquiring initial security verification information of a current user corresponding to the current operation behavior through information acquisition equipment.
The initial security verification information refers to data which is directly collected by the information collecting equipment and is not processed.
Optionally, the initial security verification information of the current user can be collected by the collection device deployed at the terminal where the service page is located according to a preset information collection mode.
For example, in order to ensure the comprehensiveness of information acquisition, the face information of the current user corresponding to the current operation behavior can be acquired through the image acquisition equipment to obtain first security verification information; collecting fingerprint information of a current user through fingerprint collecting equipment to obtain second security verification information; and obtaining initial security verification information of the current user according to the first security verification information and the second security verification information. The face information may include face information and iris information, among others.
Wherein the first security verification information refers to information for characterizing the face information of the current user; the second security authentication information refers to information for characterizing the current user fingerprint information.
Optionally, the camera device may be used to collect face information and iris information of the current user to obtain first security verification information, and the fingerprint collecting device is used to collect fingerprint information of the current user to obtain second security verification information; and then, splicing the first security verification information and the second security verification information to obtain the initial security verification information of the current user.
S202, extracting features of the initial security verification information to obtain security verification information to be verified.
Optionally, in order to remove noise data in the initial security verification information, the initial security information may be directly input into a trained feature extraction model, and the feature extraction model outputs the security verification information to be verified according to the initial security information and the model parameters.
In this embodiment, the feature extraction is performed on the initial security verification information, so that the obtained security verification data is more accurate, and the accuracy of user security verification is further improved.
In order to improve accuracy of security verification, in this embodiment, an alternative manner of security verification is provided, as shown in fig. 3, based on the implementation described above, and specifically includes the following steps:
s301, determining a similarity value between standard security verification information and security verification information to be verified.
The similarity value refers to a numerical value used for indicating the similarity degree between the standard security verification information and the security verification information to be verified, and further, the larger the similarity value is, the more similar the standard security verification information and the security verification information to be verified are.
Alternatively, the standard security verification information and the security verification information to be verified can be input into a trained similarity value model, and the similarity value model determines the similarity value according to the standard security verification information, the security verification information to be verified and the model parameters.
S302, carrying out security verification on the current user according to the similarity value.
Optionally, after the similarity value is determined, whether the security verification of the current user passes or not may be determined according to the magnitude of the similarity value. For example, a similarity threshold value for judging the magnitude of the similarity value may be determined in advance, and if the similarity value is greater than the similarity threshold value, it is determined that the security verification of the current user is passed; and if the similarity value is smaller than or equal to the similarity threshold value, determining that the security verification of the current user is not passed.
Optionally, if the similarity value is greater than the similarity threshold, the similarity between the standard security verification information and the security verification information to be verified is higher, so that the security verification of the current user is determined to pass; if the similarity value is smaller than or equal to the similarity threshold value, the similarity of the standard security verification information and the security verification information to be verified is lower, and therefore the fact that the security verification of the current user fails is determined.
In this embodiment, a similarity value is introduced, and the similarity degree between the standard security verification information and the security verification information to be verified is determined according to the comparison result of the similarity value and the similarity threshold value, so that whether the current user is the target user can be accurately determined, and the accuracy of security verification is improved.
It can be appreciated that, in order to facilitate the business transaction of the current user, when the user registers for the first time, the basic information of the user may be obtained in advance, and stored in association with the identifier onto the blockchain. The basic information may include, but is not limited to, information of the user's real name, identification number, age, address, certificate expiration date, etc. Further, based on the above embodiment, in this embodiment, an optional manner of business transaction is provided, as shown in fig. 4, which specifically includes the following steps:
s401, in the case that the security verification of the current user is passed, an information authorization notification is sent to the current user in response to a service handling request of the current user.
The information authorization notification refers to an authorization notification generated according to basic information required by a current user to transact business.
Optionally, if the service needs to acquire the basic information of the current user under the condition that the current user needs to transact the service, an information authorization notification can be sent to the current user according to the type of the required basic information.
For example, if the service transacted by the current user C needs to acquire the real name, the identification card number and the address of the current user C, the "the service needs to authorize the real name, the identification card number and the address of you for the service to process, ask you to confirm whether to authorize or not" the service needs to authorize the real name, the identification card number and the address of you "the current user C. "this information authorizes notification.
S402, if the authorization confirmation of the current user for the information authorization notification is received, acquiring the basic information of the current user from the blockchain according to the identity identifier of the current user.
Optionally, if the current user confirms the authorization, the basic information of the current user can be directly extracted from the blockchain according to the identity identifier of the current user. It can be understood that, in order to ensure the accuracy of the basic information, after the basic information of the current user is extracted, the information can be displayed in a service page for the current user to confirm.
S403, according to the basic information of the current user, performing business handling on the current user.
Optionally, after extracting the basic information of the current user, relevant services can be directly transacted for the current user according to the basic information of the current user.
In the embodiment, the basic information of the user is stored on the blockchain in advance, so that the user does not need to repeatedly input the basic information when the user performs service processing, and the service processing efficiency and the user experience are improved.
Fig. 5 is a schematic flow chart of a security verification method in another embodiment, and on the basis of the foregoing embodiment, this embodiment provides an alternative example of the security verification method. With reference to fig. 5, the specific implementation procedure is as follows:
S501, acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration.
S502, standard security verification information of the target user is obtained from the blockchain according to the identity identifier of the target user.
S503, acquiring initial security verification information of the current user corresponding to the current operation behavior through the information acquisition equipment.
Optionally, the face information of the current user corresponding to the current operation behavior can be acquired through the image acquisition equipment to obtain first security verification information; collecting fingerprint information of a current user through fingerprint collecting equipment to obtain second security verification information; and obtaining initial security verification information of the current user according to the first security verification information and the second security verification information.
S504, extracting features of the initial security verification information to obtain security verification information to be verified.
S505, a similarity value between the standard security verification information and the security verification information to be verified is determined.
S506, carrying out security verification on the current user according to the similarity value.
Optionally, if the similarity value is greater than the similarity threshold, determining that the security verification of the current user is passed; and if the similarity value is smaller than or equal to the similarity threshold value, determining that the security verification of the current user is not passed.
Further, under the condition that the security verification of the current user is passed, responding to a service handling request of the current user, and sending an information authorization notification to the current user; if the authorization confirmation of the current user for the information authorization notification is received, acquiring the basic information of the current user from the blockchain according to the identity identifier of the current user; and carrying out business handling on the current user according to the basic information of the current user.
The specific process of S501 to S506 may refer to the description of the foregoing method embodiment, and its implementation principle and technical effects are similar, and are not repeated herein.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a security verification device for realizing the security verification method. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in one or more embodiments of the security verification device provided below may be referred to the limitation of the security verification method hereinabove, and will not be repeated here.
In one embodiment, as shown in fig. 6, there is provided a security authentication device 1 including: a first acquisition module 10, a second acquisition module 20, a third acquisition module 30, and a verification module 40, wherein:
the first obtaining module 10 is configured to obtain, when a time interval between a current operation behavior and a previous operation behavior of the service page is greater than a set duration, an identifier of a target user corresponding to the previous operation behavior;
a second obtaining module 20, configured to obtain standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
a third obtaining module 30, configured to obtain security verification information to be verified by performing security verification information collection on a current user corresponding to a current operation behavior through an information collecting device;
The verification module 40 is configured to perform security verification on the current user according to the standard security verification information and the security verification information to be verified.
In one embodiment, as shown in fig. 7, the third acquisition module 30 includes:
an information acquisition unit 31, configured to acquire, by using an information acquisition device, initial security verification information of a current user corresponding to a current operation behavior;
the feature extraction unit 32 is configured to perform feature extraction on the initial security verification information to obtain security verification information to be verified.
In one embodiment, the information acquisition unit 31 is specifically configured to:
acquiring facial information of a current user corresponding to the current operation behavior through image acquisition equipment to obtain first security verification information; collecting fingerprint information of a current user through fingerprint collecting equipment to obtain second security verification information; and obtaining initial security verification information of the current user according to the first security verification information and the second security verification information.
In one embodiment, as shown in FIG. 8, the verification module 40 includes:
a similarity value determining unit 41 for determining a similarity value between the standard security verification information and the security verification information to be verified;
And a verification unit 42, configured to perform security verification on the current user according to the similarity value.
In one embodiment, the verification unit 42 is specifically configured to:
if the similarity value is larger than the similarity threshold value, determining that the security verification of the current user is passed; and if the similarity value is smaller than or equal to the similarity threshold value, determining that the security verification of the current user is not passed.
In one embodiment, the security verification device further includes a service handling module, where the service handling module is specifically configured to:
under the condition that the security verification of the current user is passed, responding to a service handling request of the current user, and sending an information authorization notification to the current user; if the authorization confirmation of the current user for the information authorization notification is received, acquiring the basic information of the current user from the blockchain according to the identity identifier of the current user; and carrying out business handling on the current user according to the basic information of the current user.
The respective modules in the above-described security authentication device may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, and the internal structure of which may be as shown in fig. 9. The computer device includes a processor, a memory, an Input/Output interface (I/O) and a communication interface. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface is connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used for storing data such as security verification information. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a security verification method.
It will be appreciated by those skilled in the art that the structure shown in fig. 9 is merely a block diagram of a portion of the structure associated with the present application and is not limiting of the computer device to which the present application applies, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of:
acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration;
acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
the method comprises the steps that safety verification information acquisition is carried out on a current user corresponding to current operation behaviors through information acquisition equipment, and safety verification information to be verified is obtained;
and carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
In one embodiment, the processor executes logic in the computer program for acquiring security verification information of a current user corresponding to a current operation behavior through the information acquisition device, and when obtaining security verification information to be verified, the following steps are specifically implemented:
acquiring initial security verification information of a current user corresponding to a current operation behavior through information acquisition equipment; and extracting features of the initial security verification information to obtain the security verification information to be verified.
In one embodiment, when the processor executes logic in the computer program for obtaining initial security verification information of a current user corresponding to a current operation behavior through the information collecting device, the following steps are specifically implemented:
acquiring facial information of a current user corresponding to the current operation behavior through image acquisition equipment to obtain first security verification information; collecting fingerprint information of a current user through fingerprint collecting equipment to obtain second security verification information; and obtaining initial security verification information of the current user according to the first security verification information and the second security verification information.
In one embodiment, the processor executes logic in the computer program for performing security verification on a current user according to standard security verification information and security verification information to be verified, and specifically implements the following steps:
Determining a similarity value between standard security verification information and security verification information to be verified; and carrying out security verification on the current user according to the similar value.
In one embodiment, the processor performs logic in the computer program for security verification of a current user based on the similarity values, and specifically implements the following steps:
if the similarity value is larger than the similarity threshold value, determining that the security verification of the current user is passed; and if the similarity value is smaller than or equal to the similarity threshold value, determining that the security verification of the current user is not passed.
In one embodiment, the following steps are embodied when the processor executes logic in a computer program:
under the condition that the security verification of the current user is passed, responding to a service handling request of the current user, and sending an information authorization notification to the current user; if the authorization confirmation of the current user for the information authorization notification is received, acquiring the basic information of the current user from the blockchain according to the identity identifier of the current user; and carrying out business handling on the current user according to the basic information of the current user.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
Acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration;
acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
the method comprises the steps that safety verification information acquisition is carried out on a current user corresponding to current operation behaviors through information acquisition equipment, and safety verification information to be verified is obtained;
and carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
In one embodiment, the code logic for acquiring the security verification information of the current user corresponding to the current operation behavior through the information acquisition device in the computer program is executed by the processor, and specifically implements the following steps:
acquiring initial security verification information of a current user corresponding to a current operation behavior through information acquisition equipment; and extracting features of the initial security verification information to obtain the security verification information to be verified.
In one embodiment, when the code logic for acquiring the initial security verification information of the current user corresponding to the current operation behavior in the computer program through the information acquisition device is executed by the processor, the following steps are specifically implemented:
Acquiring facial information of a current user corresponding to the current operation behavior through image acquisition equipment to obtain first security verification information; collecting fingerprint information of a current user through fingerprint collecting equipment to obtain second security verification information; and obtaining initial security verification information of the current user according to the first security verification information and the second security verification information.
In one embodiment, the code logic for authenticating the security of the current user in the computer program based on the standard security authentication information and the security authentication information to be authenticated, when executed by the processor, performs the steps of:
determining a similarity value between standard security verification information and security verification information to be verified; and carrying out security verification on the current user according to the similar value.
In one embodiment, this code logic for security verification of a current user in a computer program based on similar values, when executed by a processor, performs the steps of:
if the similarity value is larger than the similarity threshold value, determining that the security verification of the current user is passed; and if the similarity value is smaller than or equal to the similarity threshold value, determining that the security verification of the current user is not passed.
In one embodiment, the code logic in the computer program, when executed by the processor, performs the steps of:
under the condition that the security verification of the current user is passed, responding to a service handling request of the current user, and sending an information authorization notification to the current user; if the authorization confirmation of the current user for the information authorization notification is received, acquiring the basic information of the current user from the blockchain according to the identity identifier of the current user; and carrying out business handling on the current user according to the basic information of the current user.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of:
acquiring an identity identifier of a target user corresponding to a last operation action under the condition that the time interval between the current operation action and the last operation action of the service page is longer than a set duration;
acquiring standard security verification information of the target user from the blockchain according to the identity identifier of the target user;
the method comprises the steps that safety verification information acquisition is carried out on a current user corresponding to current operation behaviors through information acquisition equipment, and safety verification information to be verified is obtained;
And carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
In one embodiment, the computer program is executed by the processor to perform security verification information collection on a current user corresponding to a current operation behavior through the information collection device, and when obtaining an operation of security verification information to be verified, the following steps are specifically implemented:
acquiring initial security verification information of a current user corresponding to a current operation behavior through information acquisition equipment; and extracting features of the initial security verification information to obtain the security verification information to be verified.
In one embodiment, when the computer program is executed by the processor to obtain the initial security verification information of the current user corresponding to the current operation behavior through the information acquisition device, the following steps are specifically implemented:
acquiring facial information of a current user corresponding to the current operation behavior through image acquisition equipment to obtain first security verification information; collecting fingerprint information of a current user through fingerprint collecting equipment to obtain second security verification information; and obtaining initial security verification information of the current user according to the first security verification information and the second security verification information.
In one embodiment, the computer program is executed by the processor to perform the following steps when performing a security verification operation on a current user according to standard security verification information and security verification information to be verified:
determining a similarity value between standard security verification information and security verification information to be verified; and carrying out security verification on the current user according to the similar value.
In one embodiment, the computer program is executed by the processor to perform the following steps when performing security verification operations on a current user based on the similarity values:
if the similarity value is larger than the similarity threshold value, determining that the security verification of the current user is passed; and if the similarity value is smaller than or equal to the similarity threshold value, determining that the security verification of the current user is not passed.
In one embodiment, the computer program, when executed by a processor, performs the steps of:
under the condition that the security verification of the current user is passed, responding to a service handling request of the current user, and sending an information authorization notification to the current user; if the authorization confirmation of the current user for the information authorization notification is received, acquiring the basic information of the current user from the blockchain according to the identity identifier of the current user; and carrying out business handling on the current user according to the basic information of the current user.
The information related to the present application (including, but not limited to, the identity identifier of the user, the basic information, the standard security verification information, the security verification information, etc.) is information authorized by the user or sufficiently authorized by each party.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples only represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the present application. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application shall be subject to the appended claims.

Claims (10)

1. A security verification method, the method comprising:
acquiring an identity identifier of a target user corresponding to a last operation behavior under the condition that the time interval between the current operation behavior and the last operation behavior of a service page is longer than a set time length;
acquiring standard security verification information of the target user from a blockchain according to the identity identifier of the target user;
The information acquisition equipment is used for acquiring the security verification information of the current user corresponding to the current operation behavior to obtain the security verification information to be verified;
and carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
2. The method according to claim 1, wherein the step of acquiring, by the information acquisition device, security verification information of the current user corresponding to the current operation behavior to obtain security verification information to be verified includes:
acquiring initial security verification information of a current user corresponding to the current operation behavior through information acquisition equipment;
and extracting the characteristics of the initial security verification information to obtain the security verification information to be verified.
3. The method according to claim 2, wherein the obtaining, by the information collecting device, initial security verification information of the current user corresponding to the current operation behavior includes:
acquiring facial information of a current user corresponding to the current operation behavior through image acquisition equipment to obtain first security verification information;
collecting fingerprint information of the current user through fingerprint collecting equipment to obtain second security verification information;
And obtaining initial security verification information of the current user according to the first security verification information and the second security verification information.
4. The method according to claim 1, wherein said performing security verification on the current user based on the standard security verification information and the security verification information to be verified comprises:
determining a similarity value between the standard security verification information and the security verification information to be verified;
and according to the similarity value, carrying out security verification on the current user.
5. The method of claim 4, wherein said performing security verification on said target user based on said similarity value comprises:
if the similarity value is larger than a similarity threshold value, determining that the security verification of the current user is passed;
and if the similarity value is smaller than or equal to the similarity threshold value, determining that the security verification of the current user is not passed.
6. The method according to claim 1, wherein the method further comprises:
under the condition that the security verification of the current user is passed, responding to a service handling request of the current user, and sending an information authorization notification to the current user;
If the authorization confirmation of the current user for the information authorization notification is received, acquiring basic information of the current user from the blockchain according to the identity identifier of the current user;
and carrying out service handling on the current user according to the basic information of the current user.
7. A security verification apparatus, the apparatus comprising:
the first acquisition module is used for acquiring the identity identifier of the target user corresponding to the last operation behavior under the condition that the time interval between the current operation behavior and the last operation behavior of the service page is longer than the set duration;
the second acquisition module is used for acquiring standard security verification information of the target user from a blockchain according to the identity identifier of the target user;
the third acquisition module is used for acquiring the security verification information of the current user corresponding to the current operation behavior through the information acquisition equipment to obtain the security verification information to be verified;
and the verification module is used for carrying out security verification on the current user according to the standard security verification information and the security verification information to be verified.
8. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 6 when the computer program is executed.
9. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 6.
CN202311049317.XA 2023-08-21 2023-08-21 Security verification method, security verification device, computer equipment and storage medium Pending CN117290827A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311049317.XA CN117290827A (en) 2023-08-21 2023-08-21 Security verification method, security verification device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311049317.XA CN117290827A (en) 2023-08-21 2023-08-21 Security verification method, security verification device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN117290827A true CN117290827A (en) 2023-12-26

Family

ID=89247127

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311049317.XA Pending CN117290827A (en) 2023-08-21 2023-08-21 Security verification method, security verification device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN117290827A (en)

Similar Documents

Publication Publication Date Title
CN109067791B (en) User identity authentication method and device in network
US10032170B2 (en) Multi factor authentication rule-based intelligent bank cards
CN109543447B (en) Block chain-based information processing method, server and computer storage medium
CN105337928B (en) Method for identifying ID, safety protection problem generation method and device
EP3532968A1 (en) Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features
CN107609508A (en) A kind of face identification method, terminal and computer-readable recording medium
CN110729028A (en) Health data processing method and device, electronic equipment and storage medium
CN111652096B (en) Face recognition method, device and system based on block chain
CN113704357A (en) Smart city data sharing method and system based on block chain
CN111737675A (en) Block chain-based electronic signature method and device
CN110032846A (en) The anti-misuse method and device of identity data, electronic equipment
CN112101943A (en) Method and device for intelligently acquiring customer information based on block chain
CN117275138A (en) Identity authentication method, device, equipment and storage medium based on automatic teller machine
CN111950009A (en) Block chain-based affiliation data detection method and device
CN117290827A (en) Security verification method, security verification device, computer equipment and storage medium
CN117436057A (en) Security verification method, security verification device, computer equipment and storage medium
CN110738481B (en) Digital asset hosting risk control method, device and storage medium
CN110738480B (en) Digital asset hosting risk control method, device and storage medium
WO2017016289A1 (en) Screen unlocking method, device and electronic apparatus
CN118096159A (en) Resource processing method, device, computer equipment and storage medium
CN117037295A (en) Identity authentication method, identity authentication device, computer equipment and storage medium
CN117196629A (en) Control method, control device, computer apparatus, storage medium, and program product
CN116957826A (en) Method and device for processing reimbursement data based on meta universe and computer equipment
CN117421709A (en) Function service method, device, computer equipment and storage medium of application program
CN116777460A (en) Resource transfer method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination