TWI786404B - Identity authentication method, method for realizing login-free authorization component, and respective devices - Google Patents

Identity authentication method, method for realizing login-free authorization component, and respective devices Download PDF

Info

Publication number
TWI786404B
TWI786404B TW109116540A TW109116540A TWI786404B TW I786404 B TWI786404 B TW I786404B TW 109116540 A TW109116540 A TW 109116540A TW 109116540 A TW109116540 A TW 109116540A TW I786404 B TWI786404 B TW I786404B
Authority
TW
Taiwan
Prior art keywords
bank card
user
login
bank
free
Prior art date
Application number
TW109116540A
Other languages
Chinese (zh)
Other versions
TW202113715A (en
Inventor
張志浩
宋金生
Original Assignee
大陸商螞蟻財富(上海)金融信息服務有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大陸商螞蟻財富(上海)金融信息服務有限公司 filed Critical 大陸商螞蟻財富(上海)金融信息服務有限公司
Publication of TW202113715A publication Critical patent/TW202113715A/en
Application granted granted Critical
Publication of TWI786404B publication Critical patent/TWI786404B/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor

Abstract

本說明書實施例提供身份認證方法、實現免登錄授權組件的方法及各自裝置,其中該身份認證方法應用於第三方平台提供的第三方應用程式,包括:在需要確認用戶身份時,根據該用戶已經授權銀行卡免登錄,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊,將該銀行卡資訊發送給銀行服務端進行身份認證,由於第三方應用程式可以根據授權從第三方平台內部獲得綁定的銀行卡資訊,發送給銀行服務端進行用戶身份認證,因此,只要用戶已經在第三方應用程式中銀行卡免登錄授權就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,無需輸入銀行卡資訊來進行二次登錄,簡單高效,簡化用戶操作,提高用戶體驗。The embodiment of this specification provides an identity authentication method, a method for implementing a login-free authorization component, and respective devices, wherein the identity authentication method is applied to a third-party application program provided by a third-party platform, including: when it is necessary to confirm the user's identity, according to the user's Authorize the bank card without login, query the bank card information bound by the user on the third-party platform from within the third-party platform, and send the bank card information to the bank server for identity authentication, because the third-party application can be based on Authorize to obtain the bound bank card information from the third-party platform and send it to the bank server for user identity authentication. Therefore, as long as the user has authorized the bank card in the third-party application without login, the identity authentication on the bank server can be completed and Subsequent business logic processing does not need to enter bank card information for secondary login, which is simple and efficient, simplifies user operations, and improves user experience.

Description

身份認證方法、實現免登錄授權組件的方法及各自裝置Identity authentication method, method for realizing login-free authorization component and respective devices

本說明書實施例涉及電腦技術領域,特別涉及一種身份認證方法、實現免登錄授權組件的方法。本說明書一個或者多個實施例同時涉及一種身份認證裝置、實現免登錄授權組件的裝置,一種計算設備,以及一種電腦可讀取儲存媒體。 The embodiments of this specification relate to the field of computer technology, and in particular to an identity authentication method and a method for implementing a login-free authorization component. One or more embodiments of this specification also relate to an identity authentication device, a device for implementing a login-free authorization component, a computing device, and a computer-readable storage medium.

在第三方平台推廣小程式的大背景下,越來越來的商戶願意在第三方平台上開發一個屬於自己的第三方應用程式,而對於金融行業中的各大銀行也紛紛投入其中。 但是由於各個銀行都擁有屬於自己一套的用戶體系,第三方平台用戶在登錄第三方應用程式並使用銀行特色服務的時候,往往會遇到二次身份認證的問題,用戶操作複雜,使得用戶體驗大打折扣。 Against the backdrop of the promotion of small programs on third-party platforms, more and more merchants are willing to develop their own third-party applications on third-party platforms, and major banks in the financial industry are also investing in it. However, since each bank has its own set of user systems, third-party platform users often encounter the problem of secondary identity authentication when logging in to third-party applications and using bank-specific services. User operations are complicated, making user experience difficult. Big discount.

有鑑於此,本說明書施例提供了一種身份認證方法、實現免登錄授權組件的方法。本說明書一個或者多個實施例同時涉及一種身份認證裝置、實現免登錄授權組件的裝置,一種計算設備,以及一種電腦可讀取儲存媒體,以解決現有技術中存在的技術缺陷。 根據本說明書實施例的第一方面,提供了一種身份認證方法,應用於第三方平台提供的第三方應用程式,包括:在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄;在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊;將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,還包括:在該用戶未授權銀行卡免登錄的情況下,取得該用戶對銀行卡免登錄的授權。 可選地,該在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄包括:在需要確認用戶身份時,呼叫銀行卡免登錄授權組件,以便該銀行卡免登錄授權組件回應於該呼叫,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄;該在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊包括:在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊;其中,該銀行卡資訊由該銀行卡免登錄授權組件在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權之後從該第三方平台的內部查詢出來並返回給該第三方應用程式,或者,由該銀行卡免登錄授權組件在判定該用戶已經授權銀行卡免登錄的情況下從該第三方平台的內部查詢出來並返回給該第三方應用程式。 可選地,該在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊包括:在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的加簽加密後的銀行卡資訊。該將該銀行卡資訊發送給銀行服務端包括:將該加簽加密後的銀行卡資訊發送給該銀行服務端,以便該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 可選地,還包括:將業務請求發送給該銀行服務端,以便該服務端在完成用戶身份認證之後,執行該業務請求對應的業務邏輯,向該第三方應用程式返回業務資料;接收該銀行服務端返回的業務資料。 可選地,該將業務請求發送給該銀行服務端包括:將支付請求發送給該銀行服務端。 根據本說明書實施例的第二方面,提供了一種身份認證裝置,配置於第三方平台提供的第三方應用程式,包括:授權判斷第一模組,被配置為在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄。卡查詢第一模組,被配置為在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊。卡發送第一模組,被配置為將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,還包括:授權取得模組,被配置為在該用戶未授權銀行卡免登錄的情況下,取得該用戶對銀行卡免登錄的授權。 可選地,該授權判斷第一模組,被配置為在需要確認用戶身份時,呼叫銀行卡免登錄授權組件,以便該銀行卡免登錄授權組件回應於該呼叫,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄。卡查詢第一模組,被配置為在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊;其中,該銀行卡資訊由該銀行卡免登錄授權組件在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權之後從該第三方平台的內部查詢出來並返回給該第三方應用程式,或者,由該銀行卡免登錄授權組件在判定該用戶已經授權銀行卡免登錄的情況下從該第三方平台的內部查詢出來並返回給該第三方應用程式。 可選地,該卡查詢第一模組,被配置為在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的加簽加密後的銀行卡資訊。該卡發送第一模組,被配置為將該加簽加密後的銀行卡資訊發送給該銀行服務端,以便該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 可選地,還包括:請求發送模組,被配置為將業務請求發送給該銀行服務端,以便該服務端在完成用戶身份認證之後,執行該業務請求對應的業務邏輯,向該第三方應用程式返回業務資料。資料接收模組,被配置為接收該銀行服務端返回的業務資料。 可選地,該請求發送模組,被配置為將支付請求發送給該銀行服務端。 根據本說明書實施例的第三方面,提供了一種實現免登錄授權組件的方法,包括:回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄;在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊;將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,該將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證包括:將加簽加密後的該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該加簽加密後的銀行卡資訊發送給銀行服務端,使該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 可選地,該從該第三方平台的內部查詢出該銀行卡資訊包括:通過開放閘道器從該第三方平台的內部查詢出該銀行卡資訊,其中,該開放閘道器用於對該銀行卡資訊進行加簽加密。 根據本說明書實施例的第四方面,提供了一種實現免登錄授權組件的裝置,包括:授權判斷第二模組,被配置為回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄。卡查詢第二模組,被配置為在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊。卡發送第二模組,被配置為將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,該卡發送第二模組,被配置為將加簽加密後的該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該加簽加密後的銀行卡資訊發送給銀行服務端,使該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 可選地,該卡查詢第二模組,被配置為通過開放閘道器從該第三方平台的內部查詢出該銀行卡資訊,其中,該開放閘道器用於對該銀行卡資訊進行加簽加密。 根據本說明書實施例的第五方面,提供了一種計算設備,包括:記憶體和處理器;該記憶體用於儲存電腦可執行指令,該處理器用於執行該電腦可執行指令:在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄;在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊;將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 根據本說明書實施例的第六方面,提供了一種電腦可讀取儲存媒體,其儲存有電腦指令,該指令被處理器執行時實現本說明書任一實施例該身份認證方法的步驟。 根據本說明書實施例的第七方面,提供了一種計算設備,包括:記憶體和處理器;該記憶體用於儲存電腦可執行指令,該處理器用於執行該電腦可執行指令:回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄;在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊;將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 根據本說明書實施例的第八方面,提供了一種電腦可讀取儲存媒體,其儲存有電腦指令,該指令被處理器執行時實現本說明書任一實施例該實現免登錄授權組件的方法的步驟。 本說明書一方面一個實施例中的身份認證方法應用於第三方平台提供的第三方應用程式,在需要確認用戶身份時,根據該用戶已經授權銀行卡免登錄,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊,將該銀行卡資訊發送給銀行服務端進行身份認證,由於第三方應用程式可以根據授權從第三方平台內部獲得綁定的銀行卡資訊,發送給銀行服務端進行用戶身份認證,因此,只要用戶已經在第三方應用程式中銀行卡免登錄授權就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,無需輸入銀行卡資訊來進行二次登錄,簡單高效,簡化用戶操作,提高用戶體驗。 本說明書另一方面一個實施例中的實現免登錄授權組件的方法,回應於第三方平台中第三方應用程式的呼叫,在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊,將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端進行用戶身份認證,由於實現了可供第三方應用程式呼叫的銀行卡免登錄授權組件,使第三方應用程式可以在用戶授權的情況下通過銀行卡免登錄授權組件獲得第三方平台內部綁定的銀行卡資訊,發送給銀行服務端進行用戶身份認證,從而為第三方應用程式簡化了如餘額查詢、帳單查詢等集中於卡維度的業務場景下的身份認證流程,提供了通用的銀行卡免登錄授權組件,只要用戶已經銀行卡免登錄授權就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,無需輸入銀行卡資訊來進行二次登錄,簡單高效,簡化用戶操作,提高用戶體驗。 In view of this, the embodiment of this specification provides an identity authentication method and a method for implementing a login-free authorization component. One or more embodiments of this specification also relate to an identity authentication device, a device implementing a login-free authorization component, a computing device, and a computer-readable storage medium, so as to solve technical defects in the prior art. According to the first aspect of the embodiment of this specification, there is provided an identity authentication method, which is applied to a third-party application program provided by a third-party platform, including: when it is necessary to confirm the user's identity, according to the user's bank card login-free authorization status information, Determine whether the user has authorized the bank card to be free of login; if the user has authorized the bank card to be free of login, query the bank card information bound to the user on the third-party platform from within the third-party platform; The card information is sent to the bank server so that the bank server can perform user identity authentication based on the bank card information. Optionally, it also includes: obtaining the user's authorization for bank card free login when the user does not authorize bank card free login. Optionally, when the user identity needs to be confirmed, according to the user's bank card free login authorization status information, judging whether the user has authorized the bank card free login includes: calling the bank card free login authorization component when the user identity needs to be confirmed , so that the bank card free login authorization component responds to the call, and judges whether the user has authorized the bank card free login according to the saved bank card free login authorization status information of the user; if the user has authorized the bank card free login In this case, the bank card information bound by the user on the third-party platform is queried from within the third-party platform, including: if the user has authorized the bank card to be free from login, the information returned by the bank card free-login authorization component is obtained Bank card information; wherein, the bank card information is queried from the third-party platform and returned to the bank card after obtaining the authorization of the user in the case that the bank card free login authorization component determines that the user has not authorized the bank card free login The third-party application program, or the bank card free login authorization component inquires from the inside of the third-party platform and returns to the third-party application program when it determines that the user has authorized the bank card free login. Optionally, in the case that the user has authorized the bank card without login, obtaining the bank card information returned by the bank card login-free authorization component includes: obtaining the bank card information in the case that the user has authorized the bank card without login. Signature-encrypted bank card information returned by the card-free login authorization component. Sending the bank card information to the bank server includes: sending the signed and encrypted bank card information to the bank server, so that the bank server can verify and decrypt the signed and encrypted bank card information, according to The decrypted bank card information is used for user identity authentication. Optionally, it also includes: sending the business request to the bank server, so that the server executes the business logic corresponding to the business request after completing the user identity authentication, and returns the business data to the third-party application; The business data returned by the server. Optionally, the sending the service request to the bank server includes: sending the payment request to the bank server. According to the second aspect of the embodiment of this specification, there is provided an identity authentication device configured on a third-party application program provided by a third-party platform, including: a first authorization judgment module configured to, when it is necessary to confirm the user's identity, according to the User's bank card free login authorization status information, to determine whether the user has authorized bank card free login. The card query first module is configured to query the bank card information bound by the user on the third-party platform from within the third-party platform when the user has authorized the bank card to be exempt from login. The card sending first module is configured to send the bank card information to the bank server, so that the bank server can perform user identity authentication based on the bank card information. Optionally, it also includes: an authorization acquisition module configured to obtain the user's authorization for bank card free login if the user has not authorized bank card free login. Optionally, the authorization judging first module is configured to call the bank card login-free authorization component when it is necessary to confirm the user's identity, so that the bank card login-free authorization component responds to the call, according to the saved bank card of the user. Card free login authorization status information to determine whether the user has authorized bank card free login. The first card query module is configured to obtain the bank card information returned by the bank card free login authorization component when the user has authorized the bank card free login; where the bank card information is provided by the bank card free login In the case that the authorization component determines that the user has not authorized the login-free bank card, after obtaining the authorization of the user, it will query it from the inside of the third-party platform and return it to the third-party application, or the bank card login-free authorization component will When it is determined that the user has authorized the bank card to be exempt from login, it is queried from the inside of the third-party platform and returned to the third-party application. Optionally, the card query first module is configured to obtain the signed and encrypted bank card information returned by the bank card free-login authorization component if the user has authorized the bank card to be free of log-in. The card sending first module is configured to send the signed and encrypted bank card information to the bank server, so that the bank server can verify and decrypt the signed and encrypted bank card information. According to the decrypted The bank card information for user identity authentication. Optionally, it also includes: a request sending module configured to send the service request to the bank server, so that the server executes the business logic corresponding to the service request after completing the user identity authentication, and sends the service request to the third-party application The program returns business data. The data receiving module is configured to receive the business data returned by the bank server. Optionally, the request sending module is configured to send the payment request to the bank server. According to the third aspect of the embodiment of this specification, there is provided a method for realizing the login-free authorization component, including: responding to the call of the third-party application program in the third-party platform, for the user involved in the call, according to the stored user's bank Card free login authorization status information to determine whether the user has authorized bank card free login; if the user has authorized bank card free login, query the bank card bound by the user on the third-party platform from within the third-party platform Information; send the bank card information to the third-party application, so that the third-party application sends the bank card information to the bank server, so that the bank server performs user identity authentication based on the bank card information. Optionally, send the bank card information to the third-party application, so that the third-party application sends the bank card information to the bank server, so that the bank server performs user identity authentication based on the bank card information, including : Send the signed-encrypted bank card information to the third-party application, so that the third-party application sends the signed-encrypted bank card information to the bank server, so that the bank server encrypts the signed Signature verification and decryption are performed on the bank card information after decryption, and user identity authentication is performed according to the bank card information after decryption. Optionally, querying the bank card information from the third-party platform includes: querying the bank card information from the third-party platform through an open gateway, wherein the open gateway is used for the bank The card information is signed and encrypted. According to the fourth aspect of the embodiment of this specification, there is provided a device for implementing a login-free authorization component, including: a second module for authorization judgment, configured to respond to a call from a third-party application program in a third-party platform, for the call involving According to the saved user's bank card free login authorization status information, it is judged whether the user has authorized the bank card free login. The second card query module is configured to query the bank card information bound by the user on the third-party platform from inside the third-party platform when the user has authorized the bank card to be exempt from login. The card sending second module is configured to send the bank card information to the third-party application program, so that the third-party application program sends the bank card information to the bank server, so that the bank server can use the bank card information Perform user authentication. Optionally, the card sending second module is configured to send the signed and encrypted bank card information to the third-party application, so that the third-party application can send the signed and encrypted bank card information To the bank server, so that the bank server performs signature verification and decryption on the signed and encrypted bank card information, and performs user identity authentication according to the decrypted bank card information. Optionally, the card query second module is configured to query the bank card information from inside the third-party platform through an open gateway, wherein the open gateway is used to sign the bank card information encryption. According to a fifth aspect of the embodiments of this specification, there is provided a computing device, including: a memory and a processor; the memory is used to store computer-executable instructions, and the processor is used to execute the computer-executable instructions: when it is necessary to confirm the user In case of identity, according to the user's bank card free login authorization status information, it is judged whether the user has authorized the bank card free login; if the user has authorized the bank card free login, the user is queried from the inside of the third-party platform Bank card information bound to the third-party platform; sending the bank card information to the bank server so that the bank server can perform user identity authentication based on the bank card information. According to a sixth aspect of the embodiments of the present specification, there is provided a computer-readable storage medium, which stores computer instructions, and when the instructions are executed by a processor, the steps of the identity authentication method in any embodiment of the present specification are implemented. According to a seventh aspect of the embodiments of this specification, there is provided a computing device, including: a memory and a processor; the memory is used to store computer-executable instructions, and the processor is used to execute the computer-executable instructions: in response to a third party For the call of a third-party application on the platform, for the user involved in the call, judge whether the user has authorized the bank card free login according to the saved authorization status information of the user's bank card; if the user has authorized the bank card free login In this case, query the bank card information bound by the user on the third-party platform from within the third-party platform; send the bank card information to the third-party application so that the third-party application can send the bank card information To the bank server, so that the bank server performs user identity authentication based on the bank card information. According to the eighth aspect of the embodiments of this specification, there is provided a computer-readable storage medium, which stores computer instructions, and when the instructions are executed by a processor, the steps of the method for implementing a login-free authorization component in any embodiment of this specification are implemented. . On the one hand, the identity authentication method in one embodiment of this specification is applied to a third-party application program provided by a third-party platform. When it is necessary to confirm the user's identity, according to the user's authorization of the bank card to avoid login, the user can query from the inside of the third-party platform. The user binds the bank card information on the third-party platform, and sends the bank card information to the bank server for identity authentication. Since the third-party application can obtain the bound bank card information from the third-party platform according to the authorization, send Perform user identity authentication on the bank server. Therefore, as long as the user has authorized the bank card without login in the third-party application, the identity authentication on the bank server and the subsequent business logic processing can be completed without entering bank card information for the second time. Login, simple and efficient, simplify user operations and improve user experience. In another embodiment of the present specification, the method for realizing the login-free authorization component responds to the call of the third-party application program in the third-party platform. Internally query the bank card information bound by the user on the third-party platform, and send the bank card information to the third-party application, so that the third-party application can send the bank card information to the bank server for user identity authentication, Since the bank card login-free authorization component that can be called by a third-party application is implemented, the third-party application can obtain the bank card information bound inside the third-party platform through the bank card login-free authorization component under the authorization of the user, and send Perform user identity authentication for the bank server, thereby simplifying the identity authentication process for third-party applications such as balance inquiry, bill inquiry, etc. The user can complete the identity authentication and subsequent business logic processing on the bank server after the bank card is free of login authorization. There is no need to enter bank card information for secondary login, which is simple and efficient, simplifies user operations, and improves user experience.

在下面的描述中闡述了很多具體細節以便於充分理解本說明書。但是本說明書能夠以很多不同於在此描述的其它方式來實施,本領域技術人員可以在不違背本說明書內涵的情況下做類似推廣,因此本說明書不受下面公開的具體實施的限制。 在本說明書一個或多個實施例中使用的術語是僅僅出於描述特定實施例的目的,而非旨在限制本說明書一個或多個實施例。在本說明書一個或多個實施例和所附申請專利範圍中所使用的單數形式的“一種”、“所述”和“該”也旨在包括多數形式,除非上下文清楚地表示其他含義。還應當理解,本說明書一個或多個實施例中使用的術語“和/或”是指並包含一個或多個相關聯的列出項目的任何或所有可能組合。 應當理解,儘管在本說明書一個或多個實施例中可能採用術語第一、第二等來描述各種資訊,但這些資訊不應限於這些術語。這些術語僅用來將同一類型的資訊彼此區分開。例如,在不脫離本說明書一個或多個實施例範圍的情況下,第一也可以被稱為第二,類似地,第二也可以被稱為第一。取決於語境,如在此所使用的詞語“如果”可以被解釋成為“在……時”或“當……時”或“回應於確定”。 首先,對本說明書一個或多個實施例涉及的名詞術語進行解釋。 在本說明書中,提供了一種身份認證方法、實現免登錄授權組件的方法,本說明書同時涉及一種身份認證裝置、實現免登錄授權組件的裝置,一種計算設備,以及一種電腦可讀取儲存媒體,在下面的實施例中逐一進行詳細說明。 圖1示出了根據本說明書一個實施例提供的應用於第三方平台提供的第三方應用程式的一種身份認證方法的流程圖,包括步驟102至步驟106。 步驟102:在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄。 例如,該銀行卡免登錄授權狀態資訊,可以包括已授權狀態或者未授權狀態。 可選地,還可以在該用戶未授權銀行卡免登錄的情況下,取得該用戶對銀行卡免登錄的授權。例如,可以在第三方應用程式彈出請求授權的對話框,通過該對話框接收用戶輸入的確定授權資訊,並相應更新銀行卡免登錄授權狀態資訊為已授權狀態。通過該實施方式,第三方應用程式可以直接向用戶取得授權,無需用戶額外尋找進入授權的頁面,授權即時、過程簡單高效。 步驟104:在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊。 例如,該銀行卡資訊,可以包括銀行卡私密資訊,如銀行卡卡號、密碼等。其中,該第三方平台如支付寶等第三方支付平台。 可選地,可以提供銀行卡免登錄授權組件,在需要確認用戶身份時,呼叫銀行卡免登錄授權組件,以便該銀行卡免登錄授權組件回應於該呼叫,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄。通過為第三方應用程式提供通用的銀行卡免登錄授權組件,簡化了第三方應用程式的免登錄授權相關邏輯,可以提高第三方應用程式的回應速度,提高了用戶體驗。相應地,第三方應用程式可以在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊。其中,該銀行卡資訊可以由該銀行卡免登錄授權組件在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權之後從該第三方平台的內部查詢出來並返回給該第三方應用程式,或者,由該銀行卡免登錄授權組件在判定該用戶已經授權銀行卡免登錄的情況下從該第三方平台的內部查詢出來並返回給該第三方應用程式。 可選地,為了保證用戶隱私資訊的安全性,第三方應用程式可以在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的加簽加密後的銀行卡資訊,將該加簽加密後的銀行卡資訊發送給該銀行服務端,以便該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。在該實施例中,由於銀行卡資訊在從銀行卡免登錄授權組件到第三方應用程式,再從第三方應用程式到銀行服務端的傳輸過程中,一直處於加密狀態,直到銀行服務端才解密得到明文資訊,從而保障了用戶隱私資訊的安全性。 步驟106:將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,還可以將業務請求例如支付請求發送給該銀行服務端,以便該服務端在完成用戶身份認證之後,執行該業務請求對應的業務邏輯,向該第三方應用程式返回業務資料,接收該銀行服務端返回的業務資料。可見,對於查詢餘額、帳單明細、支付等業務請求的場景中,不需要用戶再次輸入銀行卡資訊,用戶在銀行小程式等第三方應用程式中進行一次銀行卡免登錄授權,就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,簡單高效,簡化用戶操作,提高用戶體驗。 可見,由於本說明書實施例提供的身份認證方法在銀行服務端需要確認用戶身份時,根據用戶的授權,第三方應用程式可以從第三方平台內部獲得綁定的銀行卡資訊,發送給銀行服務端進行用戶身份認證,從而簡化了餘額查詢、帳單查詢等集中於卡維度的業務場景下的二次身份認證流程,只要用戶已經在第三方應用程式中銀行卡免登錄授權就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,無需輸入銀行卡資訊來進行二次登錄,簡單高效,簡化用戶操作,提高用戶體驗。 與上述身份認證方法實施例相對應,本說明書還提供了一種身份認證裝置實施例,圖2示出了本說明書一個實施例提供的一種身份認證裝置的結構示意圖。該身份認證裝置可以配置於第三方平台提供的第三方應用程式。如圖2所示,該裝置包括:授權判斷第一模組202、卡查詢第一模組204、卡發送第一模組206。 該授權判斷第一模組202,可以被配置為在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄。 該卡查詢第一模組204,可以被配置為在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊。 該卡發送第一模組206,可以被配置為將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可見,由於本說明書實施例提供的身份認證方法在銀行服務端需要確認用戶身份時,根據用戶的授權,第三方應用程式可以從第三方平台內部獲得綁定的銀行卡資訊,發送給銀行服務端進行用戶身份認證,從而簡化了餘額查詢、帳單查詢等集中於卡維度的業務場景下的二次身份認證流程,只要用戶已經在第三方應用程式中銀行卡免登錄授權就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,無需輸入銀行卡資訊來進行二次登錄,簡單高效,簡化用戶操作,提高用戶體驗。 圖3示出了本說明書一個或多個實施例提供的一種身份認證裝置的結構示意圖。該身份認證裝置可以配置於第三方平台提供的第三方應用程式。如圖3所示,該裝置還可以包括:授權取得模組208,可以被配置為在該用戶未授權銀行卡免登錄的情況下,取得該用戶對銀行卡免登錄的授權。 通過該實施方式,第三方應用程式可以直接向用戶取得授權,無需用戶額外尋找進入授權的頁面,授權即時、過程簡單高效。 可選地,如圖3所示,該授權判斷第一模組202,可以被配置為在需要確認用戶身份時,呼叫銀行卡免登錄授權組件,以便該銀行卡免登錄授權組件回應於該呼叫,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄。該卡查詢第一模組204,可以被配置為在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊;其中,該銀行卡資訊由該銀行卡免登錄授權組件在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權之後從該第三方平台的內部查詢出來並返回給該第三方應用程式,或者,由該銀行卡免登錄授權組件在判定該用戶已經授權銀行卡免登錄的情況下從該第三方平台的內部查詢出來並返回給該第三方應用程式。通過為第三方應用程式提供通用的銀行卡免登錄授權組件,簡化了第三方應用程式的免登錄授權相關邏輯,可以提高第三方應用程式的回應速度,提高了用戶體驗。 可選地,該卡查詢第一模組204,可以被配置為在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的加簽加密後的銀行卡資訊。該卡發送第一模組206,可以被配置為將該加簽加密後的銀行卡資訊發送給該銀行服務端,以便該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。在該實施例中,由於銀行卡資訊在從銀行卡免登錄授權組件到第三方應用程式,再從第三方應用程式到銀行服務端的傳輸過程中,一直處於加密狀態,直到銀行服務端才解密得到明文資訊,從而保障了用戶隱私資訊的安全性。 如圖3所示,該裝置還可以包括:請求發送模組210,可以被配置為將業務請求發送給該銀行服務端,以便該服務端在完成用戶身份認證之後,執行該業務請求對應的業務邏輯,向該第三方應用程式返回業務資料。資料接收模組212,可以被配置為接收該銀行服務端返回的業務資料。 例如,該請求發送模組210,可以被配置為將支付請求發送給該銀行服務端。 可見,對於查詢餘額、帳單明細、支付等業務請求的場景中,不需要用戶再次輸入銀行卡資訊,用戶在銀行小程式等第三方應用程式中進行一次銀行卡免登錄授權,就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,簡單高效,簡化用戶操作,提高用戶體驗。 上述為本實施例的一種身份認證裝置的示意性方案。需要說明的是,該身份認證裝置的技術方案與上述的身份認證方法的技術方案屬於同一構思,身份認證裝置的技術方案未詳細描述的細節內容,均可以參見上述身份認證方法的技術方案的描述。 圖4示出了根據本說明書一個實施例提供的一種實現免登錄授權組件的方法的流程圖,包括步驟402至步驟406。 步驟402:回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄。 例如,可以通過授權中心判斷用戶是否已經授權銀行卡免登錄。授權中心,可以用於保存用戶的銀行卡免登錄授權狀態資訊,決策是否需要用戶進行授權。 步驟404:在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊。 例如,可以在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權,更新該用戶的銀行卡免登錄授權狀態資訊,從該第三方平台的內部查詢出該銀行卡資訊。在判定該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該銀行卡資訊。 可選地,可以通過開放閘道器從該第三方平台的內部查詢出該銀行卡資訊,其中,該開放閘道器用於對該銀行卡資訊進行加簽加密。例如,可以採用RSA、SHA256等加密演算法。在該實施例中,由於銀行卡資訊從第三平台內部查詢出來之後通過開放閘道器加簽加密,在整個傳輸過程中,一直處於加密狀態,從而保障了用戶隱私資訊的安全性。 步驟406:將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 例如,將加簽加密後的該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該加簽加密後的銀行卡資訊發送給銀行服務端,使該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。在該實施例中,由於銀行卡資訊在從銀行卡免登錄授權組件到第三方應用程式,再從第三方應用程式到銀行服務端的傳輸過程中,一直處於加密狀態,從而保障了用戶隱私資訊的安全性。 可見,由於本說明書實施例提供的實現免登錄授權組件的方法,實現了可供第三方應用程式呼叫的銀行卡免登錄授權組件,使第三方應用程式可以在用戶授權的情況下獲得第三方平台內部綁定的銀行卡資訊,發送給銀行服務端進行用戶身份認證,從而為第三方應用程式簡化餘額查詢、帳單查詢等集中於卡維度的業務場景下的二次身份認證流程提供了通用的銀行卡免登錄授權組件,只要用戶已經在第三方應用程式中銀行卡免登錄授權就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,無需輸入銀行卡資訊來進行二次登錄,簡單高效,簡化用戶操作,提高用戶體驗。 為了使本說明書一個或多個實施例更加易於理解,下面結合圖5所示根據本說明書一個或多個實施例的方案架構示意圖進行說明。如圖5所示,在根據本說明書一個或多個實施例的方案架構中,可以包括五層結構:業務場景502、應用層504、銀行卡免登錄授權組件層506、基礎層508、資料層510。其中,業務場景502可以包括:餘額查詢、帳單明細、還款查詢、帳戶資訊查詢等。應用層504可以包括:銀行小程式、銀行服務端。銀行卡免登錄授權組件506的功能可以包括:通過基礎層508的授權中心進行用戶授權,通過基礎層508的開放閘道器進行銀行卡資訊查詢,通過基礎層508的開放閘道器及加密演算法進行加簽加密。基礎層508可以包括:開放閘道器、授權中心、用於實現銀行小程式的小程式平台、加密演算法。銀行卡免登錄授權組件508是位於開放閘道器、授權中心、加密演算法之上的應用層。資料層510可以包括:例如真實姓名、手機號等用戶資訊、銀行卡資訊、如銀行名稱、銀行簡稱等銀行資訊。其中,根據實施場景需要,銀行服務端可以將用戶資訊與銀行卡資訊、銀行資訊一併返回給銀行小程式。 基於圖5所示方案架構,用戶在使用銀行在第三方平台開發的銀行小程式時,對於餘額查詢、帳單查詢等場景,底層可以依賴開放閘道器、授權中心、加密演算法等基礎功能,使用戶的銀行卡資訊這樣的隱私資料在整個傳輸過程中,通過用戶授權及全程使用非對稱加密演算法進行加密,從而保障了用戶隱私資訊的通用性及安全性。 下面,再結合圖6所示的消息交互示意圖,對基於圖5所示方案架構的本說明書一個或多個實施例的流程進行說明。具體步驟包括步驟602至步驟634。 步驟602:銀行小程式回應於用戶使用某銀行功能,例如,餘額查詢、帳單明細、還款查詢、帳戶資訊查詢等,根據該銀行功能需要銀行卡資訊進行身份認證,呼叫銀行卡免登錄授權組件。 步驟604:銀行卡免登錄授權組件向授權中心發送授權判斷請求。 步驟606:授權中心回應於接收到授權判斷請求,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄。 步驟608:授權中心在判定該用戶未授權銀行卡免登錄的情況下,向該銀行小程式返回用戶未授權資訊。 步驟610:銀行小程式根據該用戶未授權資訊展示請求授權對話框以便讓用戶授權。 步驟612:在用戶確認授權的情況下,向該授權中心發送該用戶的確認授權資訊。 步驟614:授權中心根據該確認授權資訊,更新該用戶的銀行卡免登錄授權狀態資訊。 步驟616:授權中心在該用戶已經授權銀行卡免登錄的情況下,向該開放閘道器發送銀行卡資訊查詢請求。 步驟618:開放閘道器回應於接收到該銀行卡資訊查詢請求,向第三方平台內部的資料服務發送查詢該用戶的銀行卡資訊的查詢請求。 步驟620:開放閘道器從第三方平台的資料服務接收其返回的該用戶的銀行卡資訊。 步驟622:開放閘道器對該銀行卡資訊進行加簽加密。 步驟624:開放閘道器將加簽加密後的銀行卡資訊返回給銀行卡免登錄授權組件。 步驟626:銀行卡免登錄授權組件將加簽加密後的銀行卡資訊返回給銀行小程式。 步驟628:銀行小程式將攜帶有加簽加密後的銀行卡資訊的業務請求發送給銀行服務端。 步驟630:銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證,認證通過後執行該業務請求。 步驟632:銀行服務端向銀行小程式返回該業務請求對應的業務資料。 步驟634:銀行小程式根據接收到的業務資料渲染業務頁面。 通過該實施例可見,本實施例可以在用戶存取銀行小程式一些功能的時候,通過用戶授權,允許例如支付寶等第三方平台將用戶在其上綁定的銀行卡資訊傳遞給銀行小程式使用,用於身份確認以及資訊查詢等業務場景,並且在銀行卡資訊傳遞過程中加入加簽、加密等用戶隱私保護機制,銀行服務端在拿到用戶的銀行卡資訊後再進行驗簽、解密等處理,通過銀行卡資訊識別用戶身份並做後續業務處理,從而免去用戶輸入銀行卡資訊的操作,簡化用戶操作步驟,提高用戶體驗。 與上述實現免登錄授權組件的方法實施例相對應,本說明書還提供了一種實現免登錄授權組件的裝置的實施例,圖7示出了本說明書一個實施例提供的一種實現免登錄授權組件的裝置的結構示意圖。如圖7所示,該裝置包括:授權判斷第二模組702、卡查詢第二模組704及卡發送第二模組706。 該授權判斷第二模組702,可以被配置為回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄。 該卡查詢第二模組704,可以被配置為在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊。 該卡發送第二模組706,可以被配置為將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可見,由於本說明書實施例提供的實現免登錄授權組件的方法,實現了可供第三方應用程式呼叫的銀行卡免登錄授權組件,使第三方應用程式可以在用戶授權的情況下獲得第三方平台內部綁定的銀行卡資訊,發送給銀行服務端進行用戶身份認證,從而為第三方應用程式簡化餘額查詢、帳單查詢等集中於卡維度的業務場景下的二次身份認證流程提供了通用的銀行卡免登錄授權組件,只要用戶已經在第三方應用程式中銀行卡免登錄授權就可以完成在銀行服務端的身份認證以及後續的業務邏輯處理,無需輸入銀行卡資訊來進行二次登錄,簡單高效,簡化用戶操作,提高用戶體驗。 可選地,該卡發送第二模組706,可以被配置為將加簽加密後的該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該加簽加密後的銀行卡資訊發送給銀行服務端,使該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。在該實施例中,由於銀行卡資訊在從銀行卡免登錄授權組件到第三方應用程式,再從第三方應用程式到銀行服務端的傳輸過程中,一直處於加密狀態,從而保障了用戶隱私資訊的安全性。 可選地,該卡查詢第二模組704,可以被配置為通過開放閘道器從該第三方平台的內部查詢出該銀行卡資訊,其中,該開放閘道器用於對該銀行卡資訊進行加簽加密。在該實施例中,由於銀行卡資訊從第三平台內部查詢出來之後通過開放閘道器加簽加密,在整個傳輸過程中,一直處於加密狀態,從而保障了用戶隱私資訊的安全性。 上述為本實施例的一種實現免登錄授權組件的裝置的示意性方案。需要說明的是,該實現免登錄授權組件的裝置的技術方案與上述的實現免登錄授權組件的方法的技術方案屬於同一構思,實現免登錄授權組件的裝置的技術方案未詳細描述的細節內容,均可以參見上述實現免登錄授權組件的方法的技術方案的描述。 圖8示出了根據本說明書一個實施例提供的一種計算設備800的結構方塊圖。該計算設備800的部件包括但不限於記憶體810和處理器820。處理器820與記憶體810通過匯流排830相連接,資料庫850用於保存資料。 計算設備800還包括接入設備840,接入設備840使得計算設備800能夠經由一個或多個網路860通信。這些網路的示例包括公用交換電話網(PSTN)、區域網路(LAN)、廣域網路(WAN)、個人區域網路(PAN)或諸如網際網路的通信網路的組合。接入設備840可以包括有線或無線的任何類型的網路介面(例如,網路介面卡(NIC))中的一個或多個,諸如IEEE802.11無線區域網路(WLAN)無線介面、全球微波互聯接入(Wi-MAX)介面、以太網介面、通用序列匯流排(USB)介面、蜂巢式網路介面、藍牙介面、近場通信(NFC)介面,等等。 在本說明書的一個實施例中,計算設備800的上述部件以及圖8中未示出的其他部件也可以彼此相連接,例如通過匯流排。應當理解,圖8所示的計算設備結構方塊圖僅僅是出於示例的目的,而不是對本說明書範圍的限制。本領域技術人員可以根據需要,增添或替換其他部件。 計算設備800可以是任何類型的靜止或行動計算設備,包括行動電腦或行動計算設備(例如,平板電腦、個人數位助理、筆記型電腦、筆記本電腦、輕省筆電等)、行動電話(例如,智慧型手機)、可佩戴的計算設備(例如,智慧型手錶、智慧型眼鏡等)或其他類型的行動設備,或者諸如台式電腦或PC的靜止計算設備。計算設備800還可以是行動式或靜止式的伺服器。 本說明書一方面的一個或多個實施例中,處理器820可以用於執行如下電腦可執行指令: 在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄; 在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊; 將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,還包括:在該用戶未授權銀行卡免登錄的情況下,取得該用戶對銀行卡免登錄的授權。 可選地,該在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄包括: 在需要確認用戶身份時,呼叫銀行卡免登錄授權組件,以便該銀行卡免登錄授權組件回應於該呼叫,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄; 該在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊包括: 在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊; 其中,該銀行卡資訊由該銀行卡免登錄授權組件在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權之後從該第三方平台的內部查詢出來並返回給該第三方應用程式,或者,由該銀行卡免登錄授權組件在判定該用戶已經授權銀行卡免登錄的情況下從該第三方平台的內部查詢出來並返回給該第三方應用程式。 可選地,該在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊包括: 在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的加簽加密後的銀行卡資訊; 該將該銀行卡資訊發送給銀行服務端包括: 將該加簽加密後的銀行卡資訊發送給該銀行服務端,以便該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 可選地,還包括: 將業務請求發送給該銀行服務端,以便該服務端在完成用戶身份認證之後,執行該業務請求對應的業務邏輯,向該第三方應用程式返回業務資料; 接收該銀行服務端返回的業務資料。 可選地,該將業務請求發送給該銀行服務端包括: 將支付請求發送給該銀行服務端。 上述為本實施例的一種計算設備的示意性方案。需要說明的是,該計算設備的技術方案與上述的身份認證方法的技術方案屬於同一構思,計算設備的技術方案未詳細描述的細節內容,均可以參見上述身份認證方法的技術方案的描述。 本說明書另一方面的一個或多個實施例中,處理器820可以用於執行如下電腦可執行指令: 回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄; 在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊; 將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,該將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證包括: 將加簽加密後的該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該加簽加密後的銀行卡資訊發送給銀行服務端,使該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 可選地,該從該第三方平台的內部查詢出該銀行卡資訊包括: 通過開放閘道器從該第三方平台的內部查詢出該銀行卡資訊,其中,該開放閘道器用於對該銀行卡資訊進行加簽加密。 上述為本實施例的一種計算設備的示意性方案。需要說明的是,該計算設備的技術方案與上述的實現免登錄授權組件的方法的技術方案屬於同一構思,計算設備的技術方案未詳細描述的細節內容,均可以參見上述實現免登錄授權組件的方法的技術方案的描述。 本說明書一方面一實施例還提供一種電腦可讀取儲存媒體,其儲存有電腦指令,該指令被處理器執行時以用於: 在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄; 在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊; 將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,還包括:在該用戶未授權銀行卡免登錄的情況下,取得該用戶對銀行卡免登錄的授權。 可選地,該在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄包括: 在需要確認用戶身份時,呼叫銀行卡免登錄授權組件,以便該銀行卡免登錄授權組件回應於該呼叫,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄; 該在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊包括: 在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊; 其中,該銀行卡資訊由該銀行卡免登錄授權組件在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權之後從該第三方平台的內部查詢出來並返回給該第三方應用程式,或者,由該銀行卡免登錄授權組件在判定該用戶已經授權銀行卡免登錄的情況下從該第三方平台的內部查詢出來並返回給該第三方應用程式。 可選地,該在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊包括: 在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的加簽加密後的銀行卡資訊; 該將該銀行卡資訊發送給銀行服務端包括: 將該加簽加密後的銀行卡資訊發送給該銀行服務端,以便該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 可選地,還包括: 將業務請求發送給該銀行服務端,以便該服務端在完成用戶身份認證之後,執行該業務請求對應的業務邏輯,向該第三方應用程式返回業務資料; 接收該銀行服務端返回的業務資料。 可選地,該將業務請求發送給該銀行服務端包括: 將支付請求發送給該銀行服務端。 上述為本實施例的一種電腦可讀取儲存媒體的示意性方案。需要說明的是,該儲存媒體的技術方案與上述的身份認證方法的技術方案屬於同一構思,儲存媒體的技術方案未詳細描述的細節內容,均可以參見上述身份認證方法的技術方案的描述。 本說明書另一方面一實施例還提供一種電腦可讀取儲存媒體,其儲存有電腦指令,該指令被處理器執行時以用於: 回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄; 在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊; 將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 可選地,該將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證包括: 將加簽加密後的該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該加簽加密後的銀行卡資訊發送給銀行服務端,使該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 可選地,該從該第三方平台的內部查詢出該銀行卡資訊包括: 通過開放閘道器從該第三方平台的內部查詢出該銀行卡資訊,其中,該開放閘道器用於對該銀行卡資訊進行加簽加密。 上述為本實施例的一種電腦可讀取儲存媒體的示意性方案。需要說明的是,該儲存媒體的技術方案與上述的實現免登錄授權組件的方法的技術方案屬於同一構思,儲存媒體的技術方案未詳細描述的細節內容,均可以參見上述實現免登錄授權組件的方法的技術方案的描述。 上述對本說明書特定實施例進行了描述。其它實施例在所附申請專利範圍的範圍內。在一些情況下,在申請專利範圍中記載的動作或步驟可以按照不同於實施例中的順序來執行並且仍然可以實現期望的結果。另外,在圖式中描繪的過程不一定要求示出的特定順序或者連續順序才能實現期望的結果。在某些實施方式中,多任務處理和並行處理也是可以的或者可能是有利的。 該電腦指令包括電腦程式碼,該電腦程式碼可以為原始碼形式、目的碼形式、可執行文件或某些中間形式等。該電腦可讀取媒體可以包括:能夠攜帶該電腦程式碼的任何實體或裝置、記錄媒體、隨身碟、行行動硬碟、磁碟、光碟、電腦記憶體、唯讀記憶體(ROM,Read-Only Memory)、隨機存取記憶體(RAM,Random Access Memory)、電載波信號、電信信號以及軟體分發媒體等。需要說明的是,該電腦可讀取媒體包含的內容可以根據司法管轄區內立法和專利實踐的要求進行適當的增減,例如在某些司法管轄區,根據立法和專利實踐,電腦可讀取媒體不包括電載波信號和電信信號。 需要說明的是,對於前述的各方法實施例,為了簡便描述,故將其都表述為一系列的動作組合,但是本領域技術人員應該知悉,本說明書實施例並不受所描述的動作順序的限制,因為依據本說明書實施例,某些步驟可以採用其它順序或者同時進行。其次,本領域技術人員也應該知悉,說明書中所描述的實施例均屬於優選實施例,所涉及的動作和模組並不一定都是本說明書實施例所必須的。 在上述實施例中,對各個實施例的描述都各有側重,某個實施例中沒有詳述的部分,可以參見其它實施例的相關描述。 以上公開的本說明書優選實施例只是用於幫助闡述本說明書。可選實施例並沒有詳盡敘述所有的細節,也不限制該發明僅為所述的具體實施方式。顯然,根據本說明書實施例的內容,可作很多的修改和變化。本說明書選取並具體描述這些實施例,是為了更好地解釋本說明書實施例的原理和實際應用,從而使所屬技術領域技術人員能很好地理解和利用本說明書。本說明書僅受申請專利範圍及其全部範圍和等效物的限制。 In the following description, numerous specific details are set forth in order to provide a thorough understanding of the specification. However, this specification can be implemented in many other ways different from those described here, and those skilled in the art can make similar extensions without violating the connotation of this specification, so this specification is not limited by the specific implementations disclosed below. Terms used in one or more embodiments of this specification are for the purpose of describing specific embodiments only, and are not intended to limit one or more embodiments of this specification. As used in one or more embodiments of this specification and the appended claims, the singular forms "a", "the", and "the" are also intended to include the plural forms unless the context clearly dictates otherwise. It should also be understood that the term "and/or" used in one or more embodiments of the present specification refers to and includes any or all possible combinations of one or more associated listed items. It should be understood that although the terms first, second, etc. may be used to describe various pieces of information in one or more embodiments of the present specification, these pieces of information should not be limited to these terms. These terms are only used to distinguish information of the same type from one another. For example, the first may also be referred to as the second, and similarly, the second may also be referred to as the first without departing from the scope of one or more embodiments of the present specification. Depending on the context, the word "if" as used herein may be interpreted as "at" or "when" or "in response to a determination." First, terms and terms involved in one or more embodiments of this specification are explained. In this specification, an identity authentication method and a method for implementing a login-free authorization component are provided. This specification also relates to an identity authentication device, a device for implementing a login-free authorization component, a computing device, and a computer-readable storage medium. Each will be described in detail in the following examples. FIG. 1 shows a flow chart of an identity authentication method applied to a third-party application program provided by a third-party platform according to an embodiment of the present specification, including steps 102 to 106 . Step 102: When it is necessary to confirm the user's identity, judge whether the user has authorized the bank card free login according to the user's bank card free login authorization status information. For example, the bank card login-free authorization status information may include an authorized status or an unauthorized status. Optionally, if the user does not authorize bank card free login, the user's authorization for bank card free login may also be obtained. For example, a dialog box requesting authorization can be popped up in a third-party application program, through which the confirmed authorization information input by the user can be received, and the status information of the bank card login-free authorization status can be updated accordingly to the authorized status. Through this implementation mode, the third-party application program can directly obtain the authorization from the user, without requiring the user to search for an additional page to enter the authorization, and the authorization is instant, and the process is simple and efficient. Step 104: In the case that the user has authorized the bank card to be exempt from login, query the information of the bank card bound to the user on the third-party platform from within the third-party platform. For example, the bank card information may include bank card private information, such as bank card number and password. Among them, the third-party platform such as Alipay and other third-party payment platforms. Optionally, a bank card login-free authorization component can be provided. When the user identity needs to be confirmed, the bank card login-free authorization component is called, so that the bank card login-free authorization component responds to the call. The login authorization status information judges whether the user has authorized the bank card to be exempt from login. By providing a common bank card login-free authorization component for third-party applications, the logic related to login-free authorization of third-party applications is simplified, the response speed of third-party applications can be improved, and user experience is improved. Correspondingly, the third-party application program can obtain the bank card information returned by the bank card non-login authorization component when the user has authorized the bank card without login. Wherein, the bank card information can be queried from the third-party platform and returned to the third-party application by the bank card free login authorization component after obtaining the user's authorization in the case that the bank card free login authorization component determines that the user has not authorized the bank card free login program, or, the bank card free login authorization component inquires from the inside of the third-party platform and returns to the third-party application program when it is determined that the user has authorized the bank card free login. Optionally, in order to ensure the security of the user's private information, the third-party application program can obtain the signed and encrypted bank card information returned by the bank card free login authorization component when the user has authorized the bank card without login , sending the signed and encrypted bank card information to the bank server, so that the bank server can verify and decrypt the signed and encrypted bank card information, and perform user identity authentication according to the decrypted bank card information. In this embodiment, since the bank card information is always in an encrypted state during the transmission process from the bank card free login authorization component to the third-party application, and then from the third-party application to the bank server, it is not decrypted until the bank server. Clear text information, thus ensuring the security of user privacy information. Step 106: Send the bank card information to the bank server, so that the bank server performs user identity authentication based on the bank card information. Optionally, a business request such as a payment request can also be sent to the bank server, so that the server executes the business logic corresponding to the business request after completing user identity authentication, returns business data to the third-party application, and receives The business information returned by the bank server. It can be seen that in the scenario of querying balance, billing details, payment and other business requests, the user does not need to enter the bank card information again, and the user can complete the bank card login-free authorization once in the third-party application such as the bank applet The identity authentication of the bank server and the subsequent business logic processing are simple and efficient, simplifying user operations and improving user experience. It can be seen that when the identity authentication method provided by the embodiment of this manual needs to confirm the user's identity at the bank server, according to the authorization of the user, the third-party application can obtain the bound bank card information from the third-party platform and send it to the bank server Perform user identity authentication, thereby simplifying the secondary identity authentication process in card-focused business scenarios such as balance inquiry and bill inquiry. As long as the user has authorized the bank card in the third-party application without login, the bank service can be completed Terminal identity authentication and subsequent business logic processing, no need to enter bank card information for secondary login, simple and efficient, simplify user operations, and improve user experience. Corresponding to the above embodiment of the identity authentication method, this specification also provides an embodiment of an identity authentication device. FIG. 2 shows a schematic structural diagram of an identity authentication device provided by an embodiment of this specification. The identity authentication device can be configured in a third-party application program provided by a third-party platform. As shown in FIG. 2 , the device includes: a first authorization judgment module 202 , a first card query module 204 , and a first card sending module 206 . The authorization judging first module 202 can be configured to judge whether the user has authorized the bank card free login according to the user's bank card free login authorization status information when the user identity needs to be confirmed. The card query first module 204 can be configured to query the bank card information bound by the user on the third-party platform from within the third-party platform when the user has authorized the bank card to be exempt from login. The card sending first module 206 can be configured to send the bank card information to the bank server, so that the bank server can perform user identity authentication according to the bank card information. It can be seen that when the identity authentication method provided by the embodiment of this manual needs to confirm the user's identity at the bank server, according to the authorization of the user, the third-party application can obtain the bound bank card information from the third-party platform and send it to the bank server Perform user identity authentication, thereby simplifying the secondary identity authentication process in card-focused business scenarios such as balance inquiry and bill inquiry. As long as the user has authorized the bank card in the third-party application without login, the bank service can be completed Terminal identity authentication and subsequent business logic processing, no need to enter bank card information for secondary login, simple and efficient, simplify user operations, and improve user experience. Fig. 3 shows a schematic structural diagram of an identity authentication device provided by one or more embodiments of this specification. The identity authentication device can be configured in a third-party application program provided by a third-party platform. As shown in FIG. 3 , the device may further include: an authorization obtaining module 208 , which may be configured to obtain the user's authorization of the bank card free login if the user has not authorized the bank card free login. Through this implementation mode, the third-party application program can directly obtain the authorization from the user, without requiring the user to search for an additional page to enter the authorization, and the authorization is instant, and the process is simple and efficient. Optionally, as shown in FIG. 3 , the authorization judgment first module 202 may be configured to call the bank card login-free authorization component when it is necessary to confirm the user identity, so that the bank card login-free authorization component responds to the call , according to the saved authorization status information of the user's bank card free login, it is judged whether the user has authorized the bank card free login. The card query first module 204 can be configured to obtain the bank card information returned by the bank card free login authorization component when the user has authorized the bank card to be free of login; wherein, the bank card information is provided by the bank When the card free login authorization component determines that the user has not authorized the bank card free login, after obtaining the user's authorization, it will query from the inside of the third-party platform and return it to the third-party application program, or the bank card free login The authorization component inquires from the inside of the third-party platform and returns to the third-party application program when it is determined that the user has authorized the bank card to be exempt from login. By providing a common bank card login-free authorization component for third-party applications, the logic related to login-free authorization of third-party applications is simplified, the response speed of third-party applications can be improved, and user experience is improved. Optionally, the card query first module 204 can be configured to obtain the signed and encrypted bank card information returned by the bank card free-login authorization component when the user has authorized the bank card free-login-free authorization component. The card sending first module 206 can be configured to send the signed and encrypted bank card information to the bank server, so that the bank server can verify and decrypt the signed and encrypted bank card information, according to The decrypted bank card information is used for user identity authentication. In this embodiment, since the bank card information is always in an encrypted state during the transmission process from the bank card free login authorization component to the third-party application, and then from the third-party application to the bank server, it is not decrypted until the bank server. Clear text information, thus ensuring the security of user privacy information. As shown in Figure 3, the device may also include: a request sending module 210, which may be configured to send the service request to the bank service end, so that the service end executes the service corresponding to the service request after completing the user identity authentication logic to return business data to the third-party application. The data receiving module 212 can be configured to receive the business data returned by the bank server. For example, the request sending module 210 may be configured to send the payment request to the bank server. It can be seen that in the scenario of querying balance, billing details, payment and other business requests, the user does not need to enter the bank card information again, and the user can complete the bank card login-free authorization once in the third-party application such as the bank applet The identity authentication of the bank server and the subsequent business logic processing are simple and efficient, simplifying user operations and improving user experience. The foregoing is a schematic solution of an identity authentication device in this embodiment. It should be noted that the technical solution of the identity authentication device and the above-mentioned technical solution of the identity authentication method belong to the same idea, and details of the technical solution of the identity authentication device that are not described in detail can be found in the description of the technical solution of the above-mentioned identity authentication method . FIG. 4 shows a flow chart of a method for implementing a login-free authorization component according to an embodiment of the present specification, including steps 402 to 406 . Step 402: Responding to the call of the third-party application program on the third-party platform, for the user involved in the call, judge whether the user has authorized the bank card free login according to the saved authorization status information of the user's bank card free login. For example, the authorization center can be used to determine whether the user has authorized the bank card to be exempt from login. The authorization center can be used to save the user's bank card login-free authorization status information, and decide whether the user needs to authorize. Step 404: In the case that the user has authorized the bank card to be exempt from login, query the information of the bank card bound to the user on the third-party platform from within the third-party platform. For example, if it is determined that the user has not authorized the free login of the bank card, the authorization of the user can be obtained, the authorization status information of the user's bank card free of login can be updated, and the bank card information can be queried from the inside of the third-party platform. When it is determined that the user has authorized the bank card to be exempt from login, the bank card information is queried from within the third-party platform. Optionally, the bank card information can be queried from inside the third-party platform through an open gateway, wherein the open gateway is used to sign and encrypt the bank card information. For example, encryption algorithms such as RSA and SHA256 can be used. In this embodiment, since the bank card information is signed and encrypted through the open gateway after being queried from the third platform, it is always in an encrypted state during the entire transmission process, thereby ensuring the security of the user's private information. Step 406: Send the bank card information to the third-party application program, so that the third-party application program sends the bank card information to the bank server, so that the bank server performs user identity authentication based on the bank card information. For example, send the bank card information after signing and encrypting to the third-party application program, so that the third-party application program can send the bank card information after signing and encrypting to the bank server, so that the bank server can check the bank card information after signing. The encrypted bank card information is verified and decrypted, and user identity authentication is performed according to the decrypted bank card information. In this embodiment, since the bank card information is always in an encrypted state during the transmission process from the bank card login-free authorization component to the third-party application, and then from the third-party application to the bank server, thereby protecting the privacy of the user. safety. It can be seen that due to the method for realizing the login-free authorization component provided by the embodiment of this manual, the bank card login-free authorization component that can be called by the third-party application is realized, so that the third-party application can obtain the authorization of the third-party platform under the authorization of the user. The internally bound bank card information is sent to the bank server for user identity authentication, thus providing a common way for third-party applications to simplify the secondary identity authentication process in business scenarios such as balance inquiry and bill inquiry that focus on the card dimension The bank card login-free authorization component, as long as the user has authorized the bank card login-free in the third-party application, the identity authentication and subsequent business logic processing on the bank server can be completed, and there is no need to enter bank card information for secondary login, which is simple and efficient , to simplify user operations and improve user experience. In order to make one or more embodiments of this specification easier to understand, the following description will be made in conjunction with a schematic diagram of a solution architecture according to one or more embodiments of this specification shown in FIG. 5 . As shown in Figure 5, the solution architecture according to one or more embodiments of this specification may include five layers: business scenario 502, application layer 504, bank card login-free authorization component layer 506, base layer 508, and data layer 510. Wherein, the business scenario 502 may include: balance inquiry, bill details, repayment inquiry, account information inquiry, and the like. The application layer 504 may include: a bank applet and a bank server. The functions of the bank card login-free authorization component 506 may include: user authorization through the authorization center of the base layer 508, bank card information query through the open gateway of the base layer 508, and encryption calculation through the open gateway of the base layer 508 Signature encryption is not possible. The base layer 508 may include: an open gateway, an authorization center, an applet platform for implementing a bank applet, and an encryption algorithm. The bank card login-free authorization component 508 is an application layer located on an open gateway, an authorization center, and an encryption algorithm. The data layer 510 may include user information such as real name and mobile phone number, bank card information, bank information such as bank name and bank abbreviation. Among them, according to the needs of the implementation scenario, the bank server can return user information, bank card information, and bank information to the bank applet. Based on the solution architecture shown in Figure 5, when users use the bank applet developed by the bank on the third-party platform, for scenarios such as balance inquiry and bill inquiry, the bottom layer can rely on basic functions such as open gateways, authorization centers, and encryption algorithms. , so that private data such as the user's bank card information is encrypted through the user's authorization and the entire process using an asymmetric encryption algorithm during the entire transmission process, thereby ensuring the versatility and security of the user's private information. In the following, the flow of one or more embodiments of this specification based on the solution architecture shown in FIG. 5 will be described in combination with the message interaction schematic diagram shown in FIG. 6 . The specific steps include step 602 to step 634 . Step 602: The bank applet responds to the user's use of a certain banking function, such as balance inquiry, bill details, repayment inquiry, account information inquiry, etc. According to the banking function that requires bank card information for identity authentication, call the bank card for login-free authorization components. Step 604: The bank card login-free authorization component sends an authorization judgment request to the authorization center. Step 606: In response to receiving the authorization judgment request, the authorization center judges whether the user has authorized the bank card free login according to the user's bank card free login authorization status information. Step 608: The authorization center returns the user's unauthorized information to the bank applet if it determines that the user has not authorized the bank card to be exempt from login. Step 610: The bank applet displays an authorization request dialog box according to the user's unauthorized information to allow the user to authorize. Step 612: When the user confirms the authorization, send the user's confirmation authorization information to the authorization center. Step 614: The authorization center updates the user's bank card login-free authorization status information according to the confirmed authorization information. Step 616: The authorization center sends a bank card information query request to the open gateway when the user has authorized the bank card to be exempt from login. Step 618: In response to receiving the bank card information query request, the opening gateway sends a query request to query the user's bank card information to the data service inside the third-party platform. Step 620: The opening gateway receives the user's bank card information returned by the data service of the third-party platform. Step 622: The open gateway performs signature encryption on the bank card information. Step 624: The open gateway returns the signed and encrypted bank card information to the bank card login-free authorization component. Step 626: The bank card login-free authorization component returns the signed and encrypted bank card information to the bank applet. Step 628: The bank applet sends the business request carrying the signed and encrypted bank card information to the bank server. Step 630: The bank server verifies and decrypts the signed and encrypted bank card information, performs user identity authentication according to the decrypted bank card information, and executes the business request after the authentication is passed. Step 632: The bank server returns the business data corresponding to the business request to the bank applet. Step 634: The bank applet renders the business page according to the received business data. It can be seen from this embodiment that this embodiment can allow third-party platforms such as Alipay to pass the bank card information bound by the user to the bank applet through user authorization when the user accesses some functions of the bank applet. , used in business scenarios such as identity confirmation and information query, and user privacy protection mechanisms such as signing and encryption are added in the process of bank card information transmission. The bank server performs signature verification and decryption after receiving the user's bank card information. Processing, identify the user's identity through bank card information and perform follow-up business processing, thereby eliminating the need for the user to input bank card information, simplifying user operation steps, and improving user experience. Corresponding to the above embodiment of the method for implementing the login-free authorization component, this specification also provides an embodiment of a device for implementing the login-free authorization component. Figure 7 shows a device for implementing the login-free authorization component provided by an embodiment of this specification. Schematic diagram of the device structure. As shown in FIG. 7 , the device includes: a second authorization judging module 702 , a second card inquiry module 704 and a second card sending module 706 . The authorization judging second module 702 can be configured to respond to the call of the third-party application program in the third-party platform, and judge whether the user involved in the call is based on the saved bank card login-free authorization status information of the user. The bank card has been authorized to be exempt from login. The card inquiry second module 704 can be configured to inquire about the bank card information bound by the user on the third-party platform from within the third-party platform when the user has authorized the bank card to be exempt from login. The card sending second module 706 can be configured to send the bank card information to the third-party application program, so that the third-party application program sends the bank card information to the bank server, so that the bank server can send the bank card information according to the Bank card information for user identity authentication. It can be seen that due to the method for realizing the login-free authorization component provided by the embodiment of this manual, the bank card login-free authorization component that can be called by the third-party application is realized, so that the third-party application can obtain the authorization of the third-party platform under the authorization of the user. The internally bound bank card information is sent to the bank server for user identity authentication, thus providing a common way for third-party applications to simplify the secondary identity authentication process in business scenarios such as balance inquiry and bill inquiry that focus on the card dimension The bank card login-free authorization component, as long as the user has authorized the bank card login-free in the third-party application, the identity authentication and subsequent business logic processing on the bank server can be completed, and there is no need to enter bank card information for secondary login, which is simple and efficient , to simplify user operations and improve user experience. Optionally, the card sending second module 706 can be configured to send the signed and encrypted bank card information to the third-party application program, so that the third-party application program can use the signed and encrypted bank card information The information is sent to the bank server, so that the bank server verifies and decrypts the signed and encrypted bank card information, and performs user identity authentication based on the decrypted bank card information. In this embodiment, since the bank card information is always in an encrypted state during the transmission process from the bank card login-free authorization component to the third-party application, and then from the third-party application to the bank server, thereby protecting the privacy of the user. safety. Optionally, the card query second module 704 can be configured to query the bank card information from the third-party platform through an open gateway, wherein the open gateway is used to query the bank card information Signature encryption. In this embodiment, since the bank card information is signed and encrypted through the open gateway after being queried from the third platform, it is always in an encrypted state during the entire transmission process, thereby ensuring the security of the user's private information. The foregoing is a schematic solution of a device for implementing a login-free authorization component in this embodiment. It should be noted that the technical solution of the device for realizing the login-free authorization component and the technical solution of the above-mentioned method for realizing the login-free authorization component belong to the same concept, and the details of the technical solution for the device for realizing the login-free authorization component are not described in detail. For details, please refer to the above description of the technical solution of the method for realizing the login-free authorization component. FIG. 8 shows a structural block diagram of a computing device 800 provided according to an embodiment of this specification. Components of the computing device 800 include, but are not limited to, memory 810 and processor 820 . The processor 820 is connected to the memory 810 through the bus 830, and the database 850 is used for storing data. Computing device 800 also includes an access device 840 that enables computing device 800 to communicate via one or more networks 860 . Examples of these networks include the Public Switched Telephone Network (PSTN), Local Area Network (LAN), Wide Area Network (WAN), Personal Area Network (PAN), or a combination of communication networks such as the Internet. Access device 840 may include one or more of any type of network interface (e.g., a network interface card (NIC)), wired or wireless, such as IEEE 802.11 wireless area network (WLAN) wireless interface, global microwave Internet Access (Wi-MAX) interface, Ethernet interface, Universal Serial Bus (USB) interface, cellular network interface, Bluetooth interface, Near Field Communication (NFC) interface, etc. In an embodiment of the present specification, the above-mentioned components of the computing device 800 and other components not shown in FIG. 8 may also be connected to each other, for example, through bus bars. It should be understood that the structural block diagram of the computing device shown in FIG. 8 is for the purpose of illustration only, rather than limiting the scope of this description. Those skilled in the art can add or replace other components as needed. Computing device 800 may be any type of stationary or mobile computing device, including mobile computers or mobile computing devices (e.g., tablets, personal digital assistants, notebooks, notebooks, laptops, etc.), mobile phones (e.g., smartphones), wearable computing devices (eg, smart watches, smart glasses, etc.) or other types of mobile devices, or stationary computing devices such as desktop computers or PCs. Computing device 800 may also be a mobile or stationary server. In one or more embodiments of one aspect of this specification, the processor 820 can be used to execute the following computer-executable instructions: When it is necessary to confirm the user's identity, according to the user's bank card free login authorization status information, determine whether the user has Authorize the bank card without login; In the case that the user has authorized the bank card without login, query the bank card information bound by the user on the third-party platform from the inside of the third-party platform; send the bank card information to the bank server, so that the bank server can perform user identity authentication based on the bank card information. Optionally, it also includes: obtaining the user's authorization for bank card free login when the user does not authorize bank card free login. Optionally, when the user identity needs to be confirmed, according to the user's bank card free login authorization status information, judging whether the user has authorized the bank card free login includes: When the user identity needs to be confirmed, calling the bank card free login authorization component , so that the bank card no-login authorization component responds to the call, and judges whether the user has authorized bank card no-login according to the saved bank card no-login authorization status information of the user; if the user has authorized bank card no-login In this case, the bank card information bound to the user on the third-party platform is queried from within the third-party platform, including: In the case that the user has authorized the bank card to be free of login, obtain the information returned by the bank card free of login authorization component Bank card information; Wherein, the bank card information is queried from the inside of the third-party platform by the bank card free login authorization component after obtaining the authorization of the user and returning it to the The third-party application program, or the bank card free login authorization component inquires from the inside of the third-party platform and returns to the third-party application program when it determines that the user has authorized the bank card free login. Optionally, in the case that the user has authorized the bank card to be free of login, obtaining the bank card information returned by the bank card non-login authorization component includes: The signature-encrypted bank card information returned by the card-free login authorization component; sending the bank card information to the bank server includes: sending the signature-encrypted bank card information to the bank server, so that the bank The server verifies and decrypts the signed and encrypted bank card information, and performs user identity authentication based on the decrypted bank card information. Optionally, it also includes: sending the business request to the bank server, so that the server executes the business logic corresponding to the business request and returns the business data to the third-party application after completing the user identity authentication; The business data returned by the server. Optionally, the sending the service request to the bank server includes: sending the payment request to the bank server. The foregoing is a schematic solution of a computing device in this embodiment. It should be noted that the technical solution of the computing device is of the same concept as the technical solution of the above-mentioned identity authentication method. For details not described in detail in the technical solution of the computing device, refer to the description of the technical solution of the above-mentioned identity authentication method. In one or more embodiments of another aspect of this specification, the processor 820 may be configured to execute the following computer-executable instructions: responding to a call from a third-party application program on a third-party platform, for the user involved in the call, according to the saved The user's bank card free login authorization status information determines whether the user has authorized the bank card free login; in the case that the user has authorized the bank card free login, it can be found from the third-party platform that the user is tied to the third-party platform The specified bank card information; Send the bank card information to the third-party application, so that the third-party application can send the bank card information to the bank server, so that the bank server can perform user identity authentication based on the bank card information . Optionally, send the bank card information to the third-party application, so that the third-party application sends the bank card information to the bank server, so that the bank server performs user identity authentication based on the bank card information, including : Send the signed and encrypted bank card information to the third-party application, so that the third-party application can send the signed and encrypted bank card information to the bank server, so that the bank server can encrypt the signed Signature verification and decryption are performed on the bank card information after decryption, and user identity authentication is performed according to the bank card information after decryption. Optionally, the querying the bank card information from the third-party platform includes: querying the bank card information from the third-party platform through an open gateway, wherein the open gateway is used for the bank The card information is signed and encrypted. The foregoing is a schematic solution of a computing device in this embodiment. It should be noted that the technical solution of the computing device and the technical solution of the above-mentioned method for realizing the login-free authorization component belong to the same concept. For details not described in detail in the technical solution of the computing device, please refer to the above-mentioned realization of the login-free authorization component. Description of the technical solution of the method. On the one hand, an embodiment of this specification also provides a computer-readable storage medium, which stores computer instructions, and when the instructions are executed by the processor, they are used to: When the identity of the user needs to be confirmed, according to the user's bank card, the login-free authorization Status information, to determine whether the user has authorized the bank card to be free of login; if the user has authorized the bank card to be free of login, query the bank card information bound to the user on the third-party platform from within the third-party platform; Send the bank card information to the bank server, so that the bank server can perform user identity authentication based on the bank card information. Optionally, it also includes: obtaining the user's authorization for bank card free login when the user does not authorize bank card free login. Optionally, when the user identity needs to be confirmed, according to the user's bank card free login authorization status information, judging whether the user has authorized the bank card free login includes: When the user identity needs to be confirmed, calling the bank card free login authorization component , so that the bank card no-login authorization component responds to the call, and judges whether the user has authorized bank card no-login according to the saved bank card no-login authorization status information of the user; if the user has authorized bank card no-login In this case, the bank card information bound to the user on the third-party platform is queried from within the third-party platform, including: In the case that the user has authorized the bank card to be free of login, obtain the information returned by the bank card free of login authorization component Bank card information; Wherein, the bank card information is queried from the inside of the third-party platform by the bank card free login authorization component after obtaining the authorization of the user and returning it to the The third-party application program, or the bank card free login authorization component inquires from the inside of the third-party platform and returns to the third-party application program when it determines that the user has authorized the bank card free login. Optionally, in the case that the user has authorized the bank card to be free of login, obtaining the bank card information returned by the bank card non-login authorization component includes: The signature-encrypted bank card information returned by the card-free login authorization component; sending the bank card information to the bank server includes: sending the signature-encrypted bank card information to the bank server, so that the bank The server verifies and decrypts the signed and encrypted bank card information, and performs user identity authentication based on the decrypted bank card information. Optionally, it also includes: sending the business request to the bank server, so that the server executes the business logic corresponding to the business request and returns the business data to the third-party application after completing the user identity authentication; The business data returned by the server. Optionally, the sending the service request to the bank server includes: sending the payment request to the bank server. The foregoing is a schematic solution of a computer-readable storage medium in this embodiment. It should be noted that the technical solution of the storage medium and the technical solution of the above-mentioned identity authentication method belong to the same idea, and details not described in detail in the technical solution of the storage medium can refer to the description of the technical solution of the above-mentioned identity authentication method. Another embodiment of this specification also provides a computer-readable storage medium, which stores computer instructions, and when the instructions are executed by a processor, they are used to: respond to a call from a third-party application program on a third-party platform, for the For the user involved in the call, judge whether the user has authorized the bank card free login according to the saved authorization status information of the user's bank card; if the user has authorized the bank card free login, query from the internal of the third-party platform Get the bank card information bound by the user on the third-party platform; send the bank card information to the third-party application, so that the third-party application can send the bank card information to the bank server, so that the bank server can The bank card information is used for user identity authentication. Optionally, send the bank card information to the third-party application, so that the third-party application sends the bank card information to the bank server, so that the bank server performs user identity authentication based on the bank card information, including : Send the signed and encrypted bank card information to the third-party application, so that the third-party application can send the signed and encrypted bank card information to the bank server, so that the bank server can encrypt the signed Signature verification and decryption are performed on the bank card information after decryption, and user identity authentication is performed according to the bank card information after decryption. Optionally, the querying the bank card information from the third-party platform includes: querying the bank card information from the third-party platform through an open gateway, wherein the open gateway is used for the bank The card information is signed and encrypted. The foregoing is a schematic solution of a computer-readable storage medium in this embodiment. It should be noted that the technical solution of the storage medium and the above-mentioned technical solution of the method for realizing the login-free authorization component belong to the same concept. For details not described in detail in the technical solution of the storage medium, please refer to the above-mentioned realization of the login-free authorization component. Description of the technical solution of the method. The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps recited in the claims can be performed in an order different from that in the examples and still achieve desirable results. In addition, the processes depicted in the figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. Multitasking and parallel processing are also possible or may be advantageous in certain embodiments. The computer instruction includes computer program code, and the computer program code may be in the form of source code, object code, executable file or some intermediate form. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, flash drive, mobile hard drive, magnetic disk, optical disk, computer memory, read-only memory (ROM, Read- Only Memory), Random Access Memory (RAM, Random Access Memory), electrical carrier signal, telecommunication signal, and software distribution media, etc. It should be noted that the computer-readable medium may contain appropriate additions or subtractions as required by legislation and patent practice in the jurisdiction. For example, in some jurisdictions, computer-readable media may Media excludes electrical carrier signals and telecommunication signals. It should be noted that, for the sake of simplicity of description, the above-mentioned method embodiments are expressed as a series of action combinations, but those skilled in the art should know that the embodiments of this specification are not limited by the described action sequence. Because according to the embodiment of the present specification, certain steps may be performed in other orders or simultaneously. Secondly, those skilled in the art should also know that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the embodiments of the specification. In the foregoing embodiments, the descriptions of each embodiment have their own emphases, and for parts not described in detail in a certain embodiment, reference may be made to relevant descriptions of other embodiments. The preferred embodiments of the present specification disclosed above are only for helping to explain the present specification. Alternative embodiments are not exhaustive in all detail, nor are the inventions limited to specific implementations described. Obviously, many modifications and changes can be made according to the contents of the embodiments of this specification. This specification selects and specifically describes these embodiments in order to better explain the principles and practical applications of the embodiments of this specification, so that those skilled in the art can well understand and use this specification. This specification is to be limited only by the claims and their full scope and equivalents.

102~106:步驟 202:授權判斷第一模組 204:卡查詢第一模組 206:卡發送第一模組 208:授權取得模組 210:請求發送模組 212:資料接收模組 402~406:步驟 502:業務場景 504:應用層 506:銀行卡免登錄授權組件 508:基礎層 510:資料層 602~634:步驟 702:授權判斷第二模組 704:卡查詢第二模組 706:卡發送第二模組 800:計算設備 810:記憶體 820:處理器 830:匯流排 840:接入設備 850:資料庫 860:網路102~106: Steps 202: Authorization judgment first module 204: Card query first module 206: The card sends the first module 208: Authorization to obtain the module 210: Request to send the module 212: Data receiving module 402~406: steps 502: Business scenarios 504: Application layer 506: Bank card login-free authorization component 508: Base layer 510: data layer 602~634: steps 702: Authorization judgment second module 704: Card query second module 706: The card sends the second module 800: Computing equipment 810: memory 820: Processor 830: busbar 840: access device 850: database 860: network

[圖1]是本說明書一個實施例提供的一種身份認證方法的流程圖; [圖2]是本說明書一個實施例提供的一種身份認證裝置的結構示意圖; [圖3]是本說明書一個或多個實施例提供的一種身份認證裝置的結構示意圖; [圖4]是本說明書一個實施例提供的一種實現免登錄授權組件的方法的流程圖; [圖5]是本說明書一個或多個實施例的方案架構示意圖; [圖6]是本說明書一個或多個實施例的消息交互示意圖; [圖7]是本說明書一個實施例提供的一種實現免登錄授權組件的裝置的結構示意圖; [圖8]是根據本說明書一個或多個實施例的一種計算設備的結構方塊圖。 [Figure 1] is a flow chart of an identity authentication method provided by an embodiment of this specification; [Fig. 2] is a schematic structural diagram of an identity authentication device provided by an embodiment of this specification; [Figure 3] is a schematic structural diagram of an identity authentication device provided by one or more embodiments of this specification; [Fig. 4] is a flowchart of a method for implementing a login-free authorization component provided by an embodiment of this specification; [Figure 5] is a schematic diagram of the solution architecture of one or more embodiments of this specification; [Figure 6] is a schematic diagram of message interaction in one or more embodiments of this specification; [Figure 7] is a schematic structural diagram of a device for implementing a login-free authorization component provided by an embodiment of this specification; [ Fig. 8 ] is a structural block diagram of a computing device according to one or more embodiments of the present specification.

Claims (22)

一種身份認證方法,應用於第三方平台提供的第三方應用程式,包括:在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄;在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊;將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 An identity authentication method applied to a third-party application program provided by a third-party platform, including: when it is necessary to confirm the user's identity, according to the user's bank card free login authorization status information, determine whether the user has authorized the bank card free login; If the user has authorized the bank card to be free of login, query the bank card information bound by the user on the third-party platform from within the third-party platform; send the bank card information to the bank server so that the bank service The terminal performs user identity authentication based on the bank card information. 根據請求項1所述的方法,還包括:在該用戶未授權銀行卡免登錄的情況下,取得該用戶對銀行卡免登錄的授權。 According to the method described in claim 1, further comprising: obtaining the user's authorization of the bank card free login when the user does not authorize the bank card free login. 根據請求項1所述的方法,其中,該在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄包括:在需要確認用戶身份時,呼叫銀行卡免登錄授權組件,以便該銀行卡免登錄授權組件回應於該呼叫,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄;該在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊包括:在該用戶已經授權銀行卡免登錄的情況下,獲得該銀 行卡免登錄授權組件所返回的銀行卡資訊;其中,該銀行卡資訊由該銀行卡免登錄授權組件在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權之後從該第三方平台的內部查詢出來並返回給該第三方應用程式,或者,由該銀行卡免登錄授權組件在判定該用戶已經授權銀行卡免登錄的情況下從該第三方平台的內部查詢出來並返回給該第三方應用程式。 According to the method described in claim 1, wherein, when the user identity needs to be confirmed, according to the user's bank card free login authorization status information, judging whether the user has authorized the bank card free login includes: when the user identity needs to be confirmed, Call the bank card login-free authorization component, so that the bank card login-free authorization component responds to the call, and judge whether the user has authorized the bank card login-free authorization according to the saved status information of the user's bank card login-free authorization; In the case of authorized bank card without login, querying the bank card information bound by the user on the third-party platform from within the third-party platform includes: The bank card information returned by the bank card login-free authorization component; wherein, the bank card information is obtained from the third party after the bank card login-free authorization component determines that the user has not authorized the bank card login-free authorization. The internal query of the platform and return to the third-party application program, or, the bank card free login authorization component determines that the user has authorized the bank card free login to query from the internal of the third-party platform and returns to the Third Party Applications. 根據請求項3所述的方法,其中,該在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊包括:在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的加簽加密後的銀行卡資訊;該將該銀行卡資訊發送給銀行服務端包括:將該加簽加密後的銀行卡資訊發送給該銀行服務端,以便該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 According to the method described in claim 3, wherein, in the case that the user has authorized the bank card to be free of login, obtaining the bank card information returned by the bank card free of login authorization component includes: after the user has authorized the bank card to be free of login In the case of the bank card, obtain the signed and encrypted bank card information returned by the bank card free login authorization component; sending the bank card information to the bank server includes: sending the signed and encrypted bank card information to the The bank server, so that the bank server can verify and decrypt the signed and encrypted bank card information, and perform user identity authentication according to the decrypted bank card information. 根據請求項1所述的方法,還包括:將業務請求發送給該銀行服務端,以便該服務端在完成用戶身份認證之後,執行該業務請求對應的業務邏輯,向該第三方應用程式返回業務資料;接收該銀行服務端返回的業務資料。 According to the method described in claim item 1, it also includes: sending the service request to the bank server, so that the server executes the business logic corresponding to the service request after completing the user identity authentication, and returns the service to the third-party application program. Data; receive the business data returned by the bank server. 根據請求項5所述的方法,該將業務請求發送給該銀行服務端包括:將支付請求發送給該銀行服務端。 According to the method described in claim item 5, the sending the service request to the bank server includes: sending the payment request to the bank server. 一種身份認證裝置,配置於第三方平台提供的第三方應用程式,包括:授權判斷第一模組,被配置為在需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄;卡查詢第一模組,被配置為在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊;卡發送第一模組,被配置為將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 An identity authentication device configured on a third-party application program provided by a third-party platform, including: a first authorization judgment module configured to judge the user's identity according to the user's bank card login-free authorization status information when it is necessary to confirm the user's identity. Whether the user has authorized the bank card to be free of login; the first card query module is configured to query from the inside of the third-party platform that the user is bound on the third-party platform if the user has authorized the bank card to be free of login The bank card information; the card sending first module is configured to send the bank card information to the bank server, so that the bank server can perform user identity authentication based on the bank card information. 根據請求項7所述的裝置,還包括:授權取得模組,被配置為在該用戶未授權銀行卡免登錄的情況下,取得該用戶對銀行卡免登錄的授權。 The device according to claim 7, further comprising: an authorization obtaining module configured to obtain the user's authorization of the bank card free login if the user does not authorize the bank card free login. 根據請求項7所述的裝置,其中,該授權判斷第一模組,被配置為在需要確認用戶身份時,呼叫銀行卡免登錄授權組件,以便該銀行卡免登錄授權組件回應於該呼叫,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄;卡查詢第一模組,被配置為在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的銀行卡資訊;其中,該銀行卡資訊由該銀行卡免登錄授權組件在判定該用戶未授權銀行卡免登錄的情況下,取得該用戶授權之後從該第三方平台的內部查詢出來並返回給該 第三方應用程式,或者,由該銀行卡免登錄授權組件在判定該用戶已經授權銀行卡免登錄的情況下從該第三方平台的內部查詢出來並返回給該第三方應用程式。 According to the device described in claim 7, wherein, the authorization judging first module is configured to call the bank card login-free authorization component when the identity of the user needs to be confirmed, so that the bank card login-free authorization component responds to the call, Judging whether the user has authorized the bank card free login according to the saved authorization state information of the user's bank card; the first module of card query is configured to obtain the bank The bank card information returned by the card login-free authorization component; wherein, the bank card information is obtained from the third-party platform after the bank card login-free authorization component determines that the user has not authorized the bank card login-free authorization. The inner query comes out and returns to the The third-party application program, or the bank card free login authorization component inquires from the inside of the third-party platform and returns to the third-party application program when it determines that the user has authorized the bank card free login. 根據請求項9所述的裝置,其中,該卡查詢第一模組,被配置為在該用戶已經授權銀行卡免登錄的情況下,獲得該銀行卡免登錄授權組件所返回的加簽加密後的銀行卡資訊;該卡發送第一模組,被配置為將該加簽加密後的銀行卡資訊發送給該銀行服務端,以便該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 According to the device described in claim 9, wherein the card query first module is configured to obtain the signed and encrypted information returned by the bank card free login authorization component when the user has authorized the bank card to be free of login. bank card information; the card sending first module is configured to send the signed and encrypted bank card information to the bank server, so that the bank server can verify the signed and encrypted bank card information Decrypt, and perform user identity authentication according to the decrypted bank card information. 根據請求項7所述的裝置,還包括:請求發送模組,被配置為將業務請求發送給該銀行服務端,以便該服務端在完成用戶身份認證之後,執行該業務請求對應的業務邏輯,向該第三方應用程式返回業務資料;資料接收模組,被配置為接收該銀行服務端返回的業務資料。 The device according to claim 7, further comprising: a request sending module configured to send the service request to the bank server, so that the server executes the service logic corresponding to the service request after completing the user identity authentication, Return business data to the third-party application program; the data receiving module is configured to receive the business data returned by the bank server. 根據請求項11所述的裝置,該請求發送模組,被配置為將支付請求發送給該銀行服務端。 According to the device described in claim 11, the request sending module is configured to send the payment request to the bank server. 一種實現免登錄授權組件的方法,包括:回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權 狀態資訊判斷該用戶是否已經授權銀行卡免登錄;在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊;將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 A method for implementing a login-free authorization component, including: responding to a call of a third-party application program on a third-party platform, and for the user involved in the call, according to the stored user's bank card free login authorization The status information judges whether the user has authorized the bank card to be free of login; if the user has authorized the bank card to be free of login, query the bank card information bound to the user on the third-party platform from the inside of the third-party platform; The bank card information is sent to the third-party application program, so that the third-party application program sends the bank card information to the bank server, so that the bank server performs user identity authentication based on the bank card information. 根據請求項13所述的方法,其中,該將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證包括:將加簽加密後的該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該加簽加密後的銀行卡資訊發送給銀行服務端,使該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 According to the method described in claim 13, wherein, the bank card information is sent to the third-party application program, so that the third-party application program sends the bank card information to the bank server, so that the bank service terminal according to the bank Card information for user identity authentication includes: sending the signed and encrypted bank card information to the third-party application, so that the third-party application can send the signed and encrypted bank card information to the bank server, so that the The bank server verifies and decrypts the signed and encrypted bank card information, and performs user identity authentication based on the decrypted bank card information. 根據請求項14所述的方法,其中,該從該第三方平台的內部查詢出該銀行卡資訊包括:通過開放閘道器從該第三方平台的內部查詢出該銀行卡資訊,其中,該開放閘道器用於對該銀行卡資訊進行加簽加密。 According to the method described in claim 14, wherein the querying the bank card information from the inside of the third-party platform includes: querying the bank card information from the inside of the third-party platform through an open gateway, wherein the open The gateway is used to sign and encrypt the bank card information. 一種實現免登錄授權組件的裝置,包括:授權判斷第二模組,被配置為回應於第三方平台中第 三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄;卡查詢第二模組,被配置為在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊;卡發送第二模組,被配置為將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀行服務端根據該銀行卡資訊進行用戶身份認證。 A device for implementing a login-free authorization component, including: a second authorization judgment module configured to respond to the first module in a third-party platform For the call of the three-party application program, for the user involved in the call, judge whether the user has authorized the bank card free login according to the saved authorization status information of the user's bank card; In the case that the bank card has been authorized to be free of login, query the bank card information bound by the user on the third-party platform from within the third-party platform; the card sending second module is configured to send the bank card information to the third-party platform. A third-party application program, so that the third-party application program sends the bank card information to the bank server, so that the bank server performs user identity authentication based on the bank card information. 根據請求項16所述的裝置,其中,該卡發送第二模組,被配置為將加簽加密後的該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該加簽加密後的銀行卡資訊發送給銀行服務端,使該銀行服務端對加簽加密後的銀行卡資訊進行驗簽解密,根據解密後的該銀行卡資訊進行用戶身份認證。 The device according to claim 16, wherein the card sending second module is configured to send the bank card information encrypted by the signature to the third-party application program, so that the third-party application program will add the signature The encrypted bank card information is sent to the bank server, so that the bank server verifies and decrypts the signed and encrypted bank card information, and performs user identity authentication based on the decrypted bank card information. 根據請求項17所述的裝置,其中,該卡查詢第二模組,被配置為通過開放閘道器從該第三方平台的內部查詢出該銀行卡資訊,其中,該開放閘道器用於對該銀行卡資訊進行加簽加密。 The device according to claim 17, wherein the second card query module is configured to query the bank card information from the third-party platform through an open gateway, wherein the open gateway is used for The bank card information is signed and encrypted. 一種計算設備,包括:記憶體和處理器;該記憶體用於儲存電腦可執行指令,該處理器用於執行該電腦可執行指令: 在第三方平台提供的第三方應用程式需要確認用戶身份時,根據該用戶的銀行卡免登錄授權狀態資訊,判斷該用戶是否已經授權銀行卡免登錄;在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在該第三方平台綁定的銀行卡資訊;該第三方應用程式將該銀行卡資訊發送給銀行服務端,以便該銀行服務端根據該銀行卡資訊進行用戶身份認證。 A computing device, comprising: a memory and a processor; the memory is used to store computer-executable instructions, and the processor is used to execute the computer-executable instructions: When the third-party application program provided by the third-party platform needs to confirm the user's identity, according to the user's bank card free login authorization status information, determine whether the user has authorized the bank card free login; in the case that the user has authorized the bank card free login Next, query the bank card information bound by the user on the third-party platform from within the third-party platform; the third-party application program sends the bank card information to the bank server, so that the bank server can use the bank card Information for user authentication. 一種電腦可讀取儲存媒體,其儲存有電腦指令,該指令被處理器執行時實現如請求項1至6中任一項該身份認證方法的步驟。 A computer-readable storage medium stores computer instructions, and when the instructions are executed by a processor, the steps of the identity authentication method according to any one of claims 1 to 6 are realized. 一種計算設備,包括:記憶體和處理器;該記憶體用於儲存電腦可執行指令,該處理器用於執行該電腦可執行指令:回應於第三方平台中第三方應用程式的呼叫,針對該呼叫涉及的用戶,根據保存的該用戶的銀行卡免登錄授權狀態資訊判斷該用戶是否已經授權銀行卡免登錄;在該用戶已經授權銀行卡免登錄的情況下,從該第三方平台的內部查詢出該用戶在第三方平台綁定的銀行卡資訊;將該銀行卡資訊發送給該第三方應用程式,以便該第三方應用程式將該銀行卡資訊發送給銀行服務端,使該銀 行服務端根據該銀行卡資訊進行用戶身份認證。 A computing device, including: a memory and a processor; the memory is used to store computer-executable instructions, and the processor is used to execute the computer-executable instructions: in response to a call from a third-party application program in a third-party platform, for the call The user involved judges whether the user has authorized the bank card free login according to the stored information of the user's bank card free login authorization status; The bank card information bound by the user on the third-party platform; send the bank card information to the third-party application, so that the third-party application can send the bank card information to the bank server, so that the bank The bank server performs user identity authentication according to the bank card information. 一種電腦可讀取儲存媒體,其儲存有電腦指令,該指令被處理器執行時實現如請求項13至15中任一項該實現免登錄授權組件的方法的步驟。 A computer-readable storage medium stores computer instructions, and when the instructions are executed by a processor, the steps of the method for realizing the login-free authorization component according to any one of claims 13 to 15 are realized.
TW109116540A 2019-09-17 2020-05-19 Identity authentication method, method for realizing login-free authorization component, and respective devices TWI786404B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910877524.1 2019-09-17
CN201910877524.1A CN110705989B (en) 2019-09-17 2019-09-17 Identity authentication method, method for realizing login-free authorization component and respective devices

Publications (2)

Publication Number Publication Date
TW202113715A TW202113715A (en) 2021-04-01
TWI786404B true TWI786404B (en) 2022-12-11

Family

ID=69194785

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109116540A TWI786404B (en) 2019-09-17 2020-05-19 Identity authentication method, method for realizing login-free authorization component, and respective devices

Country Status (3)

Country Link
CN (2) CN113034154A (en)
TW (1) TWI786404B (en)
WO (1) WO2021051884A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113034154A (en) * 2019-09-17 2021-06-25 创新先进技术有限公司 Identity authentication method, method for realizing login-free authorization component and respective devices
CN111770084A (en) * 2020-06-28 2020-10-13 福建健康之路信息技术有限公司 Method and device for providing service for user without login
CN112347437A (en) * 2020-10-30 2021-02-09 银盛支付服务股份有限公司 Third-party application login-free authorization method and system
CN113190724B (en) * 2021-05-31 2024-02-27 中国银行股份有限公司 User bank information query method, mobile terminal and server
CN114519360B (en) * 2022-01-29 2024-03-08 金蝶软件(中国)有限公司 Data read-write method, login method and device of service system and computer equipment
CN115150177B (en) * 2022-07-08 2024-03-19 中国银行股份有限公司 Application authorization method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107590662A (en) * 2017-11-03 2018-01-16 中国银行股份有限公司 A kind of authentication method and certificate server, system for calling internet banking system
US20180253727A1 (en) * 2016-07-02 2018-09-06 Royal Bank Of Canada Secure funding of electronic payments

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8634796B2 (en) * 2008-03-14 2014-01-21 William J. Johnson System and method for location based exchanges of data facilitating distributed location applications
US20130054457A1 (en) * 2011-08-23 2013-02-28 Thomas E. Strickland System and method for use in making financial transactions when charging an electrically powered vehicle
KR101934293B1 (en) * 2012-08-03 2019-01-02 엘지전자 주식회사 Mobile terminal and nfc payment method thereof
CN103023894B (en) * 2012-11-30 2016-01-06 北京奇虎科技有限公司 A kind of method and browser carrying out Web bank's login
CN103944737B (en) * 2014-05-06 2018-11-02 中国联合网络通信集团有限公司 Method for authenticating user identity, Third Party Authentication platform, carrier authorization platform
EP3284025B1 (en) * 2015-04-14 2022-09-21 Capital One Services, LLC A system, method, and apparatus for a dynamic transaction card
CN105069619A (en) * 2015-07-17 2015-11-18 上海众人网络安全技术有限公司 On-line fast payment system and payment method thereof
KR101766303B1 (en) * 2016-04-19 2017-08-08 주식회사 코인플러그 Method for creating, registering, revoking certificate information and server using the same
CN108170688B (en) * 2016-12-06 2023-10-31 北京奇虎科技有限公司 Method and device for automatically inputting data
CN106779705B (en) * 2016-12-08 2021-06-01 上海众人网络安全技术有限公司 Dynamic payment method and system
CN108053236A (en) * 2017-12-08 2018-05-18 广州原码信息科技有限公司 A kind of method that credit card credit pattern combination advertising subsidy realizes free express delivery
CN108280643A (en) * 2018-01-17 2018-07-13 深圳喆行科技有限公司 A kind of recharge method and system of stored value card
CN108898385A (en) * 2018-06-29 2018-11-27 深圳市金溢科技股份有限公司 A kind of IC card load device, method and system
CN109063461B (en) * 2018-09-26 2020-09-22 苏州浪潮智能科技有限公司 Third-party password-free login method and system
CN109544135B (en) * 2018-10-25 2022-08-30 北京三快在线科技有限公司 Bank card binding method and device, storage medium and mobile terminal
CN109754240A (en) * 2018-12-06 2019-05-14 北京三快在线科技有限公司 Method and system, payment platform and the bank's platform of payment platform binding bank card
CN109598271B (en) * 2018-12-10 2021-02-09 北京奇艺世纪科技有限公司 Character segmentation method and device
CN109949027A (en) * 2019-03-18 2019-06-28 江苏常熟农村商业银行股份有限公司 A kind of marketing of bank management method based on wechat small routine
CN110069909B (en) * 2019-04-29 2020-10-13 上海上湖信息技术有限公司 Method and device for login of third-party system without secret
CN113034154A (en) * 2019-09-17 2021-06-25 创新先进技术有限公司 Identity authentication method, method for realizing login-free authorization component and respective devices

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180253727A1 (en) * 2016-07-02 2018-09-06 Royal Bank Of Canada Secure funding of electronic payments
CN107590662A (en) * 2017-11-03 2018-01-16 中国银行股份有限公司 A kind of authentication method and certificate server, system for calling internet banking system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
網路文獻 聯合信用卡處理中心," 聯合信⽤卡處理中⼼提供綁定卡號「Üny」服務上線",https://www.nccc.com.tw/wps/wcm/connect/zh/home/AboutN^&rn^CCC/News/CNT_01_005_20171204143011,2017/12/05。 聯合信用卡處理中心提供綁定卡號「 Üny 」服務上線 https://www.nccc.com.tw/wps/wcm/connect/zh/home/AboutNCCC/News/CNT_01_005_20171204143011 2017/12/05 https://www.nccc.com.tw/wps/wcm/connect/zh/home/AboutNCCC/News/CNT_01_005_20171204143011,2017/12/05
網路文獻 聯合信用卡處理中心," 聯合信⽤卡處理中⼼提供綁定卡號「Üny」服務上線",https://www.nccc.com.tw/wps/wcm/connect/zh/home/AboutN^&rn^CCC/News/CNT_01_005_20171204143011,2017/12/05。 聯合信用卡處理中心提供綁定卡號「 Üny 」服務上線 https://www.nccc.com.tw/wps/wcm/connect/zh/home/AboutNCCC/News/CNT_01_005_20171204143011 2017/12/05 https://www.nccc.com.tw/wps/wcm/connect/zh/home/AboutNCCC/News/CNT_01_005_20171204143011,2017/12/05 *

Also Published As

Publication number Publication date
CN110705989B (en) 2021-03-16
TW202113715A (en) 2021-04-01
CN110705989A (en) 2020-01-17
WO2021051884A1 (en) 2021-03-25
CN113034154A (en) 2021-06-25

Similar Documents

Publication Publication Date Title
TWI786404B (en) Identity authentication method, method for realizing login-free authorization component, and respective devices
JP7403020B2 (en) System and method for second factor authentication of customer support calls
Ramana et al. A three-level gateway protocol for secure M-commerce transactions using encrypted OTP
EP3207464B1 (en) Method, device, terminal, and server for verifying security of service operation
US9867043B2 (en) Secure device service enrollment
US10819520B2 (en) Identity proofing offering for customers and non-customers
JP2019145141A (en) System and method for initially establishing and periodically confirming trust in software application
US11470158B2 (en) Systems and methods for asynchronous API-driven external application services for a blockchain
US11658963B2 (en) Cooperative communication validation
US20140279115A1 (en) Mobile payment using cloud computing
JP7300799B2 (en) Computing device, method of protecting data, and computer program
CN111178840A (en) Service processing method, device, system, electronic equipment and storage medium
Pal et al. Mobile payments in global markets using biometrics and cloud
CN116992458A (en) Programmable data processing method and system based on trusted execution environment
CN105574720A (en) Secure information processing method and secure information processing apparatus
US11126993B1 (en) Carrier assisted mobile phone on-line payment
JP7300800B2 (en) Computing device, method of protecting data, and computer program
CN109801423A (en) A kind of control method for vehicle and system based on bluetooth
CN106534047B (en) A kind of information transferring method and device based on Trust application
US20180103032A1 (en) Authorization of Computing Devices Using Cryptographic Action Tokens
KR101192304B1 (en) Method and system of mobile secure payment
US20210182846A1 (en) Validation and storage of transaction data for a blockchain
Mohammadpour et al. M-commerce: The state of the art, challenges, and cloud-based solutions
US11695561B2 (en) Decentralized authorization of user access requests in a multi-tenant distributed service architecture
CN113435898B (en) Data processing method and system